VIRY.CZ

Dobry, mam take podozrenie ze mam nieco v PC... Mozte sa nato pozriet ?


Logfile of random's system information tool 1.08 (written by random/random)
Run by mato at 2010-09-26 09:42:45
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 81 GB (27%) free of 305 GB
Total RAM: 3071 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:42:54, on 26. 9. 2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\hry\Counter-Strike Source\UnDead.Injector.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Users\mato\AppData\Local\Temp\Ump.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\NetLimiter 2 Pro\NLClient.exe
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Common Files\Nokia\NoA\nokiaaserver.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Windows\system32\conime.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Users\mato\AppData\Local\Temp\Umq.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIVTBTSrv.exe
C:\Users\mato\AppData\Local\Google\Update\1.2.183.29\GoogleCrashHandler.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\mato\Desktop\RSIT.exe
C:\Program Files\trend micro\mato.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,,C:\hry\Counter-Strike Source\UnDead.Injector.exe
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Program Files\PC Translator 2010\WebIE.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: WINXML2 Class - {314A5833-8490-4a3b-904A-110444F25E50} - (no file)
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files\PC Translator 2010\WebIE.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BtTray] "C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [3FWHZQA3LT] C:\Users\mato\AppData\Local\Temp\Umq.exe
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send by Bluetooth - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
O8 - Extra context menu item: Send via &Message... - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Program Files\PC Translator 2010\WebIE.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Program Files\PC Translator 2010\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Program Files\PC Translator 2010\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\PC Translator 2010\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\PC Translator 2010\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\PC Translator 2010\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\PC Translator 2010\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\PC Translator 2010\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\PC Translator 2010\WebIE.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\system32\skype4com.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ABBYY FineReader 10 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.10.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: BsMobileCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe

--
End of file - 9621 bytes

======Scheduled tasks folder======

C:\Windows\tasks\1-Click Maintenance.job
C:\Windows\tasks\AWC Startup.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-190942252-359916794-3278992379-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-190942252-359916794-3278992379-1000UA.job
C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Program Files\PC Translator 2010\WebIE.dll [2010-08-31 503808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-06-24 341600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{314A5833-8490-4a3b-904A-110444F25E50}]
WINXML2 Class

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-21 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2010-06-13 1438520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Program Files\PC Translator 2010\WebIE.dll [2010-08-31 503808]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2010-06-13 1438520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-11-16 2054360]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-06-24 202256]
"BtTray"=C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe [2008-07-09 229888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"3FWHZQA3LT"=C:\Users\mato\AppData\Local\Temp\Umq.exe [2010-09-25 251904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel File Shell Monitor]
C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe [2008-01-15 16200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus SX400 Series]
C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE [2007-12-17 188928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\mato\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-02 135664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia FastStart]
C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe /command:faststart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2010-09-02 672632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-05-14 1479680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2010-05-13 26192168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

C:\Users\mato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Yahoo! Widgets.lnk - C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=0
"HonorAutoRunSetting"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=0
"HonorAutoRunSetting"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2010-09-25 20:12:11 ----A---- C:\Windows\system32\SHORTCUT.INI
2010-09-25 15:39:46 ----A---- C:\Windows\system32\REMOTEDEVICE.INI
2010-09-25 15:14:53 ----A---- C:\Windows\system32\LOCALSERVICE.INI
2010-09-25 15:14:47 ----A---- C:\Windows\system32\BSPRINT.INI
2010-09-25 15:14:39 ----A---- C:\Windows\system32\LOCALDEVICE.INI
2010-09-25 14:14:48 ----D---- C:\Program Files\IVT Corporation
2010-09-25 14:13:32 ----A---- C:\im.ini
2010-09-25 14:13:09 ----SHD---- C:\Config.Msi
2010-09-24 17:53:02 ----D---- C:\Program Files\Remote Professional
2010-09-24 17:31:43 ----D---- C:\Users\mato\AppData\Roaming\W
2010-09-24 14:13:57 ----D---- C:\Users\mato\AppData\Roaming\wargaming.net
2010-09-24 13:51:19 ----HD---- C:\Windows\PIF
2010-09-21 06:59:29 ----A---- C:\Windows\system32\GEARAspi.dll
2010-09-21 06:59:29 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2010-09-21 06:58:53 ----D---- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-09-21 06:58:53 ----D---- C:\Program Files\iTunes
2010-09-21 06:58:53 ----D---- C:\Program Files\iPod
2010-09-21 06:57:31 ----D---- C:\Program Files\Apple Software Update
2010-09-21 06:55:56 ----D---- C:\Program Files\Bonjour
2010-09-20 17:56:30 ----D---- C:\Program Files\Game_Maker8
2010-09-20 17:46:59 ----D---- C:\Program Files\Game_Maker6
2010-09-17 21:48:24 ----D---- C:\Program Files\Xilisoft
2010-09-17 21:48:22 ----D---- C:\Program Files\QuickTime
2010-09-15 18:17:58 ----A---- C:\Windows\system32\spoolsv.exe
2010-09-15 18:17:57 ----A---- C:\Windows\system32\usp10.dll
2010-09-15 18:17:54 ----A---- C:\Windows\system32\MP4SDECD.DLL
2010-09-15 18:17:51 ----A---- C:\Windows\system32\inetcomm.dll
2010-09-12 15:16:34 ----D---- C:\Program Files\Cestovné poriadky
2010-09-11 21:01:48 ----A---- C:\Windows\system32\BASSMOD.dll
2010-09-11 21:01:36 ----D---- C:\Program Files\MagicISO
2010-09-07 14:42:47 ----A---- C:\Windows\system32\drivers\pccsmcfd.sys
2010-09-07 14:42:18 ----D---- C:\Program Files\PC Connectivity Solution
2010-09-04 15:43:15 ----D---- C:\Program Files\EA Games
2010-09-04 08:07:14 ----D---- C:\ProgramData\Microsoft Games
2010-09-04 08:06:54 ----D---- C:\Users\mato\AppData\Roaming\Microsoft Game Studios
2010-09-01 15:36:36 ----RHD---- C:\Users\mato\AppData\Roaming\SecuROM
2010-08-31 18:27:56 ----D---- C:\Program Files\PC Translator 2010
2010-08-31 11:10:01 ----SH---- C:\Trainer.dll

======List of files/folders modified in the last 1 months======

2010-09-26 09:42:47 ----D---- C:\Windows\temp
2010-09-26 09:42:46 ----D---- C:\Program Files\trend micro
2010-09-26 09:40:29 ----D---- C:\Users\mato\AppData\Roaming\uTorrent
2010-09-26 09:33:05 ----A---- C:\Windows\system32\bscs.ini
2010-09-26 09:32:53 ----D---- C:\Users\mato\AppData\Roaming\Skype
2010-09-26 09:32:52 ----D---- C:\Users\mato\AppData\Roaming\skypePM
2010-09-25 22:57:40 ----D---- C:\Windows\system32\Tasks
2010-09-25 22:57:39 ----D---- C:\Windows\Tasks
2010-09-25 21:33:05 ----D---- C:\Windows\Prefetch
2010-09-25 20:21:26 ----SHD---- C:\System Volume Information
2010-09-25 20:12:34 ----A---- C:\Windows\BsMobileModel.ini
2010-09-25 20:12:11 ----D---- C:\Windows\System32
2010-09-25 15:49:35 ----D---- C:\Windows\inf
2010-09-25 15:49:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-09-25 15:43:46 ----D---- C:\ProgramData\NVIDIA
2010-09-25 15:42:57 ----D---- C:\Windows
2010-09-25 15:24:58 ----D---- C:\Program Files\Phone Remote Control
2010-09-25 15:24:18 ----D---- C:\Windows\system32\catroot
2010-09-25 15:14:56 ----SHD---- C:\Windows\Installer
2010-09-25 15:14:16 ----D---- C:\Windows\system32\drivers
2010-09-25 14:55:26 ----AD---- C:\ProgramData\TEMP
2010-09-25 14:32:13 ----D---- C:\Users\mato\AppData\Roaming\PhoneRemoteControl
2010-09-25 14:15:09 ----D---- C:\Windows\system32\catroot2
2010-09-25 14:14:48 ----RD---- C:\Program Files
2010-09-25 14:14:33 ----D---- C:\ProgramData\Installations
2010-09-24 17:44:47 ----D---- C:\Users\mato\AppData\Roaming\.purple
2010-09-24 13:53:33 ----RSD---- C:\Windows\assembly
2010-09-24 13:44:47 ----D---- C:\hry
2010-09-24 12:06:56 ----D---- C:\Program Files\Google
2010-09-23 21:18:27 ----D---- C:\Program Files\Pidgin
2010-09-22 18:34:15 ----D---- C:\Windows\system32\WDI
2010-09-21 07:15:21 ----D---- C:\Users\mato\AppData\Roaming\Apple Computer
2010-09-21 06:59:29 ----DC---- C:\Windows\system32\DRVSTORE
2010-09-21 06:58:53 ----D---- C:\ProgramData\Apple Computer
2010-09-21 06:58:53 ----D---- C:\ProgramData
2010-09-21 06:58:53 ----D---- C:\Program Files\Common Files\Apple
2010-09-20 22:24:18 ----D---- C:\Users\mato\AppData\Roaming\vlc
2010-09-20 22:24:12 ----D---- C:\Users\mato\AppData\Roaming\dvdcss
2010-09-20 21:48:08 ----A---- C:\Users\mato\AppData\Roaming\myMPQ.ini
2010-09-20 18:21:12 ----D---- C:\Windows\Globalization
2010-09-20 18:21:06 ----D---- C:\Program Files\Nokia
2010-09-20 18:20:30 ----RSD---- C:\Windows\Fonts
2010-09-18 13:01:04 ----D---- C:\Program Files\Steam
2010-09-17 07:12:38 ----D---- C:\Program Files\JDownloader
2010-09-16 15:30:38 ----D---- C:\Program Files\Microsoft Silverlight
2010-09-15 18:59:08 ----D---- C:\Windows\winsxs
2010-09-15 18:23:25 ----D---- C:\ProgramData\Microsoft Help
2010-09-15 18:18:47 ----A---- C:\Windows\system32\mrt.exe
2010-09-15 18:18:32 ----D---- C:\Program Files\Windows Mail
2010-09-07 14:46:22 ----D---- C:\Windows\system32\drivers\UMDF
2010-09-07 14:43:53 ----D---- C:\Program Files\Common Files\Nokia
2010-09-06 13:44:20 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2010-09-05 21:24:37 ----SHD---- C:\$RECYCLE.BIN
2010-09-05 09:51:33 ----D---- C:\ProgramData\Blizzard Entertainment
2010-09-05 09:38:25 ----D---- C:\Program Files\StarCraft II
2010-09-04 20:41:30 ----D---- C:\Program Files\SystemRequirementsLab
2010-09-04 17:48:03 ----D---- C:\Program Files\ICQ7.0
2010-09-04 15:44:56 ----HD---- C:\Program Files\InstallShield Installation Information
2010-09-04 08:08:02 ----D---- C:\Program Files\Microsoft Games
2010-09-04 08:07:20 ----SD---- C:\ProgramData\Microsoft
2010-09-01 18:13:47 ----D---- C:\Program Files\ABBYY FineReader 10
2010-08-31 18:31:18 ----D---- C:\Users\mato\AppData\Roaming\LangSoft
2010-08-31 18:29:19 ----D---- C:\ProgramData\LangSoft
2010-08-31 18:29:08 ----A---- C:\Windows\TRNCOM.INI
2010-08-31 16:05:10 ----D---- C:\Users\mato\AppData\Roaming\IrfanView
2010-08-30 18:33:40 ----D---- C:\Program Files\LogMeIn Hamachi

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BtHidBus;Bluetooth HID Bus Service; C:\Windows\System32\Drivers\BtHidBus.sys [2008-01-21 21512]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\Windows\System32\Drivers\BTHidMgr.sys [2005-04-30 28271]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2009-02-03 59000]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2007-02-08 83320]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-08-17 691696]
R1 ASPI32;ASPI32; C:\Windows\system32\drivers\ASPI32.sys [1999-09-10 25244]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-12-18 26024]
R1 epfwtdi;epfwtdi; C:\Windows\system32\DRIVERS\epfwtdi.sys [2009-11-16 55768]
R1 nltdi;nltdi; \??\C:\Windows\system32\drivers\nltdi.sys [2007-04-23 82200]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-04-13 165376]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-11-16 116520]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-12-18 135048]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-04-13 18048]
R3 bbcap;bbcap; C:\Windows\system32\DRIVERS\bbcap.sys [2010-05-28 4096]
R3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys [2008-01-21 14600]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2008-03-06 38920]
R3 BTNetFilter;Bluetooth Network Filter; \??\C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys [2006-11-22 22416]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-01-08 33096]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys [2008-01-21 26248]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-07-10 11008040]
R3 PAC7302;PAC7302 VGA USB Camera; C:\Windows\system32\DRIVERS\PAC7302.SYS [2007-06-14 457856]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-07-22 123904]
R3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-08-09 29696]
R3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys [2008-01-21 14856]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys [2008-01-21 29960]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2008-01-24 19336]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2008-01-24 48904]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
S3 am06suq6;am06suq6; C:\Windows\system32\drivers\am06suq6.sys []
S3 aud7q0cx;aud7q0cx; C:\Windows\system32\drivers\aud7q0cx.sys []
S3 BlueletAudio;Bluetooth Audio Service; C:\Windows\system32\DRIVERS\blueletaudio.sys [2008-03-06 33800]
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys [2008-03-06 27528]
S3 BTCOM;Bluetooth Serial port driver; C:\Windows\system32\DRIVERS\btcomport.sys []
S3 BTCOMBUS;Bluetooth Serial Port Bus Service; C:\Windows\System32\Drivers\btcombus.sys []
S3 BthAudioHF;BthAudioHF Service; C:\Windows\system32\DRIVERS\BthAudioHF.sys [2010-02-05 48024]
S3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2010-02-05 28048]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BTHidEnum;Bluetooth HID Enumerator; C:\Windows\system32\DRIVERS\vbtenum.sys [2005-04-30 11860]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\Windows\System32\Drivers\btnetBus.sys [2008-12-07 30088]
S3 csr_a2dp;Bluetooth AV Profile; C:\Windows\system32\drivers\bthav.sys [2010-02-05 66952]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-19 8192]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-11 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2008-01-24 28168]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\Windows\system32\drivers\WmHidLo.sys [2008-01-24 29192]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2008-01-24 14728]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Professional.10.0;ABBYY FineReader 10 PE Licensing Service; C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [2009-12-10 814344]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [2008-07-09 775168]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-07-27 345376]
R2 BsMobileCS;BsMobileCS; C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe [2008-06-04 143467]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-11-16 735960]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [2007-12-17 143872]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [2007-01-11 113664]
R2 nlsvc;NetLimiter; C:\Program Files\NetLimiter 2 Pro\nlsvc.exe [2007-03-21 516096]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 129640]
R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\system32\PSIService.exe [2007-06-05 177704]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-07-09 248936]
R2 TuneUp.ProgramStatisticsSvc;@%SystemRoot%\System32\TUProgSt.exe,-1; C:\Windows\System32\TUProgSt.exe [2010-03-11 603904]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 BsHelpCS;BsHelpCS; C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe [2008-06-04 69735]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-09-01 820008]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-07 135664]
S2 HFGService;Handsfree Headset Service; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-11-16 20680]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-08-20 407336]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2010-03-11 360192]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]

-----------------EOF-----------------

Zdravim a pekny den preji

Mate pravdu, havet tam je - a ne jedna

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Vložte do PC vsechny USB klice (flash disky, ext.disky apod.)
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

Takze tu je LOG :


ComboFix 10-09-25.06 - mato . 09. 2010 11:19:40.5.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.421.1051.18.3071.1750 [GMT 2:00]
Running from: c:\users\mato\Desktop\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
SP: ESET Smart Security 4.0 *enabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Created a new restore point
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\mato\pidgin-facebookchat-1.65.exe
c:\users\mato\SC2ALLin1_setup1033.exe
c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job

.
((((((((((((((((((((((((( Files Created from 2010-08-26 to 2010-09-26 )))))))))))))))))))))))))))))))
.

2010-09-26 09:12 . 2010-09-26 09:13 -------- d-----w- C:\32788R22FWJFW
2010-09-25 13:33 . 2010-09-25 13:33 -------- d-----w- c:\users\mato\BlueSoleil6.2.227.10RM
2010-09-25 13:25 . 2010-09-25 13:25 -------- d-----w- c:\users\mato\AppData\Local\bluesoleil
2010-09-25 12:14 . 2010-09-25 12:14 -------- d-----w- c:\program files\IVT Corporation
2010-09-24 16:13 . 2010-09-24 16:13 3520510 ----a-w- c:\users\mato\phoneremotecontrol.zip
2010-09-24 16:04 . 2010-09-24 16:04 -------- d-----w- c:\users\mato\Bluetooth_Remote_Control_v.4.0
2010-09-24 15:53 . 2010-09-24 15:53 -------- d-----w- c:\program files\Remote Professional
2010-09-24 15:52 . 2010-09-24 15:52 -------- d-----w- c:\users\mato\MobilewaysRemoteS60Professiona
2010-09-24 15:39 . 2010-09-24 15:39 1201 ----a-w- c:\users\mato\AppData\Roaming\.purple\certificates\x509\tls_peers\login.facebook.com
2010-09-24 15:31 . 2010-09-24 15:31 -------- d-----w- c:\users\mato\AppData\Roaming\W
2010-09-24 12:13 . 2010-09-24 12:13 -------- d-----w- c:\users\mato\AppData\Roaming\wargaming.net
2010-09-24 11:51 . 2010-09-24 11:51 2855 ----a-w- c:\programdata\Microsoft\Windows\Start Menu\Programs\World of Tanks closed Beta\World of Tanks closed Beta on the Web.pif
2010-09-24 11:51 . 2010-09-24 11:51 -------- d--h--w- c:\windows\PIF
2010-09-24 04:56 . 2010-09-24 06:29 1176673434 ----a-w- c:\users\mato\WoT_beta.0.4.5_eng_full_setup.exe
2010-09-23 19:16 . 2010-09-23 19:17 9263238 ----a-w- c:\users\mato\pidgin-2.7.3.exe
2010-09-21 17:05 . 2010-09-21 17:05 4554439 ----a-w- c:\users\mato\starcraft2cz.zip
2010-09-21 04:59 . 2009-05-18 11:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-09-21 04:59 . 2008-04-17 10:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2010-09-21 04:58 . 2010-09-21 04:59 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-09-21 04:58 . 2010-09-21 04:59 -------- d-----w- c:\program files\iTunes
2010-09-21 04:58 . 2010-09-21 04:58 -------- d-----w- c:\program files\iPod
2010-09-21 04:57 . 2010-09-21 04:57 -------- d-----w- c:\program files\Apple Software Update
2010-09-21 04:55 . 2010-09-21 04:55 -------- d-----w- c:\program files\Bonjour
2010-09-21 04:49 . 2010-09-21 04:54 74840872 ----a-w- c:\users\mato\iTunesSetup.exe
2010-09-20 19:40 . 2010-09-20 19:40 -------- d-----w- c:\users\mato\SC2Allin1
2010-09-20 15:59 . 2010-09-20 15:59 530482 ----a-w- c:\users\mato\goodgame (1).zip
2010-09-20 15:59 . 2010-09-20 15:59 530482 ----a-w- c:\users\mato\goodgame.zip
2010-09-20 15:56 . 2010-09-20 15:56 -------- d-----w- c:\program files\Game_Maker8
2010-09-20 15:55 . 2010-09-20 15:56 10857464 ----a-w- c:\users\mato\gmaker80.exe
2010-09-20 15:46 . 2010-09-20 15:47 -------- d-----w- c:\program files\Game_Maker6
2010-09-20 15:35 . 2010-09-20 15:37 -------- d-----w- c:\users\mato\Gmaker61
2010-09-20 15:34 . 2010-09-20 15:34 3730558 ----a-w- c:\users\mato\Gmaker61.zip
2010-09-19 16:02 . 2010-09-19 16:02 551624 ----a-w- c:\users\mato\Handy_Converter_2.11CZ_5th.zip
2010-09-19 15:42 . 2010-09-19 15:42 43438 ----a-w- c:\users\mato\SuperScreenshot 1.05 cz.zip
2010-09-17 19:48 . 2010-09-17 19:48 -------- d-----w- c:\program files\Xilisoft
2010-09-17 19:48 . 2010-09-21 04:58 -------- d-----w- c:\program files\QuickTime
2010-09-17 19:13 . 2010-09-17 19:13 -------- d-----w- c:\users\mato\waka.wingone.esp
2010-09-15 16:17 . 2010-08-17 14:11 128000 ----a-w- c:\windows\system32\spoolsv.exe
2010-09-15 16:17 . 2010-04-16 16:46 502272 ----a-w- c:\windows\system32\usp10.dll
2010-09-15 16:17 . 2010-04-05 17:02 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2010-09-15 16:17 . 2010-05-27 20:08 739328 ----a-w- c:\windows\system32\inetcomm.dll
2010-09-12 13:16 . 2010-09-12 13:20 -------- d-----w- c:\program files\Cestovné poriadky
2010-09-11 19:01 . 2010-09-11 19:02 -------- d-----w- c:\program files\MagicISO
2010-09-07 12:42 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-09-07 12:42 . 2010-09-07 12:42 -------- d-----w- c:\program files\PC Connectivity Solution
2010-09-05 07:14 . 2010-09-05 07:14 46852 ----a-w- c:\programdata\Blizzard Entertainment\Battle.net\Cache\Download\Scan.dll
2010-09-04 18:41 . 2010-09-04 18:41 -------- d-----w- c:\users\mato\SystemRequirementsLab
2010-09-04 13:43 . 2010-09-04 13:43 -------- d-----w- c:\program files\EA Games
2010-09-04 06:07 . 2010-09-17 17:36 -------- d-----w- c:\users\mato\AppData\Local\Microsoft Game Studios
2010-09-04 06:07 . 2010-09-17 17:36 -------- d-----w- c:\programdata\Microsoft Games
2010-09-04 06:06 . 2010-09-17 17:36 -------- d-----w- c:\users\mato\AppData\Roaming\Microsoft Game Studios
2010-09-01 18:24 . 2010-09-01 18:24 -------- d-----w- c:\users\mato\mobile_forces
2010-09-01 13:36 . 2010-09-01 13:36 -------- d--h--r- c:\users\mato\AppData\Roaming\SecuROM
2010-09-01 07:12 . 2010-09-01 07:12 73000 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 10.0.0.68\SetupAdmin.exe
2010-08-31 16:30 . 2007-09-21 20:17 135226 ----a-w- c:\users\mato\AppData\Roaming\Mozilla\Firefox\Profiles\o0nu3p77.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}\components\nsWebFF15.dll
2010-08-31 16:30 . 2007-09-21 19:50 131128 ----a-w- c:\users\mato\AppData\Roaming\Mozilla\Firefox\Profiles\o0nu3p77.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}\components\nsWebFF.dll
2010-08-31 16:29 . 2010-08-31 16:29 303104 ----a-w- c:\users\mato\AppData\Roaming\LangSoft\TrnWord.dll
2010-08-31 16:29 . 2010-08-31 16:29 356352 ----a-w- c:\users\mato\AppData\Roaming\LangSoft\TrnOutl.dll
2010-08-31 16:27 . 2010-08-31 16:32 -------- d-----w- c:\program files\PC Translator 2010
2010-08-31 09:10 . 2010-08-31 09:10 114176 --sh--w- C:\Trainer.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-26 09:23 . 2010-04-19 13:22 45816 ----a-w- c:\windows\system32\perfh01B.dat
2010-09-26 09:23 . 2010-04-19 13:22 13934 ----a-w- c:\windows\system32\perfc01B.dat
2010-09-26 09:15 . 2010-04-24 07:02 -------- d-----w- c:\programdata\NVIDIA
2010-09-26 09:13 . 2010-03-04 17:38 -------- d-----w- c:\users\mato\AppData\Roaming\uTorrent
2010-09-26 09:13 . 2010-03-02 07:22 -------- d-----w- c:\users\mato\AppData\Roaming\Skype
2010-09-26 09:10 . 2010-04-24 07:02 36821 ----a-w- c:\programdata\nvModes.dat
2010-09-26 07:42 . 2010-03-20 20:31 -------- d-----w- c:\program files\trend micro
2010-09-26 07:32 . 2010-03-02 07:23 -------- d-----w- c:\users\mato\AppData\Roaming\skypePM
2010-09-25 13:24 . 2010-06-23 14:28 -------- d-----w- c:\program files\Phone Remote Control
2010-09-25 13:24 . 2010-03-02 06:06 5259 ----a-w- c:\windows\bthservsdp.dat
2010-09-25 12:32 . 2010-06-23 14:28 -------- d-----w- c:\users\mato\AppData\Roaming\PhoneRemoteControl
2010-09-25 12:14 . 2010-03-02 15:08 -------- d-----w- c:\programdata\Installations
2010-09-24 15:44 . 2010-05-10 19:55 -------- d-----w- c:\users\mato\AppData\Roaming\.purple
2010-09-24 10:06 . 2010-03-07 10:11 -------- d-----w- c:\program files\Google
2010-09-23 19:18 . 2010-05-10 19:51 -------- d-----w- c:\program files\Pidgin
2010-09-21 05:15 . 2010-03-19 12:52 -------- d-----w- c:\users\mato\AppData\Roaming\Apple Computer
2010-09-21 04:58 . 2010-08-05 13:26 -------- d-----w- c:\programdata\Apple Computer
2010-09-21 04:58 . 2010-03-19 12:51 -------- d-----w- c:\program files\Common Files\Apple
2010-09-20 20:24 . 2010-03-04 08:30 -------- d-----w- c:\users\mato\AppData\Roaming\vlc
2010-09-20 20:24 . 2010-03-24 14:27 -------- d-----w- c:\users\mato\AppData\Roaming\dvdcss
2010-09-20 19:40 . 2010-03-02 06:14 66128 ----a-w- c:\users\mato\AppData\Local\GDIPFONTCACHEV1.DAT
2010-09-20 16:21 . 2010-09-20 16:21 52948 ----a-w- c:\windows\inf\Ovi Player\001B\tmpF3A1.tmp
2010-09-20 16:21 . 2010-09-20 16:21 52948 ----a-w- c:\windows\inf\Ovi Player\0009\tmpF3A1.tmp
2010-09-20 16:21 . 2010-09-20 16:21 52948 ----a-w- c:\windows\inf\Ovi Player\0000\tmpF3A1.tmp
2010-09-20 16:21 . 2010-09-20 16:21 1657 ----a-w- c:\windows\inf\Ovi Player\tmpF3A2.tmp
2010-09-20 16:21 . 2010-06-02 04:32 -------- d-----w- c:\program files\Nokia
2010-09-18 11:01 . 2010-08-10 14:59 -------- d-----w- c:\program files\Steam
2010-09-17 05:12 . 2010-08-08 22:00 -------- d-----w- c:\program files\JDownloader
2010-09-16 13:30 . 2010-04-18 21:01 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-15 16:50 . 2010-03-02 06:13 680 ----a-w- c:\users\mato\AppData\Local\d3d9caps.dat
2010-09-15 16:23 . 2010-03-02 07:31 -------- d-----w- c:\programdata\Microsoft Help
2010-09-15 16:18 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-09-12 13:20 . 2010-09-12 13:16 -------- d-----w- c:\program files\Cestovné poriadky
2010-09-07 12:43 . 2010-03-02 15:18 -------- d-----w- c:\program files\Common Files\Nokia
2010-09-07 12:41 . 2010-07-25 17:16 12212040 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe
2010-09-07 12:41 . 2010-07-25 17:16 13930312 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X64-ENU.exe
2010-09-07 12:41 . 2010-07-25 17:16 77824 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\Run_XML6_SP1.exe
2010-09-07 12:41 . 2010-07-25 17:16 38912 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMF11Runx86.exe
2010-09-07 12:41 . 2010-07-25 17:16 38912 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMF11Runx64.exe
2010-09-07 12:41 . 2010-07-25 17:16 50000 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\pcswpc.exe
2010-09-06 11:44 . 2010-03-05 17:02 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-09-05 07:51 . 2010-07-30 15:17 -------- d-----w- c:\programdata\Blizzard Entertainment
2010-09-05 07:38 . 2010-08-04 06:25 -------- d-----w- c:\program files\StarCraft II
2010-09-04 18:41 . 2010-03-02 06:21 -------- d-----w- c:\program files\SystemRequirementsLab
2010-09-04 15:48 . 2010-03-02 07:18 -------- d-----w- c:\program files\ICQ7.0
2010-09-04 13:44 . 2010-03-02 06:18 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-09-04 13:44 . 2010-03-13 17:49 983 ----a-w- c:\windows\eReg.dat
2010-09-04 06:08 . 2006-11-02 12:37 -------- d-----w- c:\program files\Microsoft Games
2010-09-03 15:33 . 2010-07-25 17:16 102914512 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer.exe
2010-09-01 16:13 . 2010-05-14 05:51 -------- d-----w- c:\program files\ABBYY FineReader 10
2010-08-31 16:31 . 2010-03-06 19:06 -------- d-----w- c:\users\mato\AppData\Roaming\LangSoft
2010-08-31 16:29 . 2010-03-06 19:06 -------- d-----w- c:\programdata\LangSoft
2010-08-31 14:05 . 2010-03-03 05:50 -------- d-----w- c:\users\mato\AppData\Roaming\IrfanView
2010-08-30 16:33 . 2010-08-14 20:04 -------- d-----w- c:\program files\LogMeIn Hamachi
2010-08-23 14:48 . 2010-08-10 14:59 -------- d-----w- c:\program files\Common Files\Steam
2010-08-22 15:50 . 2010-08-20 20:36 -------- d-----w- c:\program files\EVEREST Corporate Edition
2010-08-19 13:57 . 2010-08-19 13:57 1 ----a-w- C:\DXOkay.bin
2010-08-17 14:41 . 2010-08-17 14:41 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-08-17 14:41 . 2010-03-02 07:06 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-08-16 17:23 . 2010-08-16 17:23 108144 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-08-14 09:24 . 2010-03-02 06:34 -------- d-----w- c:\program files\NVIDIA Corporation
2010-08-14 09:23 . 2010-08-14 09:23 -------- d-----w- c:\programdata\NVIDIA Corporation
2010-08-14 09:04 . 2010-03-02 07:34 -------- d-----w- c:\program files\Microsoft.NET
2010-08-13 21:16 . 2010-03-02 07:19 -------- d-----w- c:\users\mato\AppData\Roaming\ICQ
2010-08-13 11:30 . 2010-08-13 11:30 36864 ----a-w- c:\programdata\Installations\{4ECA710C-B818-4751-A3B8-42C2D93922A8}\Installer\CommonCustomActions\Sleep.exe
2010-08-13 11:30 . 2010-08-13 11:30 3351812 ----a-w- c:\programdata\Installations\{4ECA710C-B818-4751-A3B8-42C2D93922A8}\Installer\CommonCustomActions\msxml6Exec.exe
2010-08-13 11:30 . 2010-08-13 11:30 3203453 ----a-w- c:\programdata\Installations\{4ECA710C-B818-4751-A3B8-42C2D93922A8}\Installer\CommonCustomActions\vcredistExec.exe
2010-08-13 11:30 . 2010-08-13 11:30 36598408 ----a-w- c:\programdata\Installations\{4ECA710C-B818-4751-A3B8-42C2D93922A8}\NokiaSoftwareUpdaterSetup_2.5.8SK.exe
2010-08-10 16:46 . 2010-08-10 16:46 -------- d-----w- c:\users\mato\AppData\Roaming\NVIDIA
2010-08-10 16:33 . 2010-03-06 08:11 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-08-06 16:00 . 2010-08-06 16:00 -------- d-----w- c:\program files\SweetIM
2010-08-06 16:00 . 2010-08-06 16:00 -------- d-----w- c:\programdata\SweetIM
2010-08-05 13:26 . 2010-03-19 12:51 -------- d-----w- c:\program files\Safari
2010-08-04 16:18 . 2010-08-04 16:18 8 --sh--r- c:\windows\system32\9CA8217D90.sys
2010-08-04 16:18 . 2010-04-14 16:02 2516 --sha-w- c:\windows\system32\KGyGaAvL.sys
2010-08-03 07:06 . 2010-03-21 15:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-28 17:46 . 2010-07-28 16:39 -------- d-----w- c:\programdata\NFS Underground
2010-07-27 16:44 . 2010-07-27 16:44 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-07-27 16:44 . 2010-07-27 16:44 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2010-07-27 16:44 . 2010-07-27 16:44 197920 ----a-w- c:\windows\system32\dnssdX.dll
2010-07-27 16:44 . 2010-07-27 16:44 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-07-23 04:13 . 2010-07-23 04:13 72488 ----a-w- c:\programdata\Apple Computer\Installer Cache\Safari 5.33.17.8\SetupAdmin.exe
2010-07-09 22:37 . 2010-08-14 09:22 56936 ----a-w- c:\windows\system32\OpenCL.dll
2010-07-09 22:37 . 2010-08-14 09:22 5107816 ----a-w- c:\windows\system32\nvwgf2um.dll
2010-07-09 22:37 . 2010-08-14 09:22 14092904 ----a-w- c:\windows\system32\nvoglv32.dll
2010-07-09 22:37 . 2010-08-14 09:22 11008040 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2010-07-09 22:37 . 2010-08-14 09:22 4553832 ----a-w- c:\windows\system32\nvcuda.dll
2010-07-09 22:37 . 2010-08-14 09:22 2892904 ----a-w- c:\windows\system32\nvcuvid.dll
2010-07-09 22:37 . 2010-08-14 09:22 2506344 ----a-w- c:\windows\system32\nvcuvenc.dll
2010-07-09 22:37 . 2010-08-14 09:22 236136 ----a-w- c:\windows\system32\nvcod1922.dll
2010-07-09 22:37 . 2010-08-14 09:22 236136 ----a-w- c:\windows\system32\nvcod.dll
2010-07-09 22:37 . 2010-08-14 09:22 10267240 ----a-w- c:\windows\system32\nvcompiler.dll
2010-07-09 22:37 . 2010-04-03 20:55 1625192 ----a-w- c:\windows\system32\nvapi.dll
2010-07-09 22:37 . 2010-03-02 06:34 9818728 ----a-w- c:\windows\system32\nvd3dum.dll
2010-07-09 14:20 . 2010-07-09 14:20 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-07-09 14:20 . 2010-07-09 14:20 1881704 ----a-w- c:\windows\system32\nvsvcr.dll
2010-07-09 14:20 . 2010-07-09 14:20 1469544 ----a-w- c:\windows\system32\nvsvc.dll
2010-07-09 14:20 . 2010-07-09 14:20 13939816 ----a-w- c:\windows\system32\nvcpl.dll
2010-07-09 14:20 . 2010-07-09 14:20 129640 ----a-w- c:\windows\system32\nvvsvc.exe
2010-07-05 18:00 . 2010-07-05 18:02 720896 ----a-w- c:\windows\iun6002.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2010-06-13 138552]

[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2010-06-13 15:25 1438520 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2010-06-13 1438520]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2010-06-13 1438520]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-11-16 2054360]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-06-24 202256]
"BtTray"="c:\program files\IVT Corporation\BlueSoleil\BtTray.exe" [2008-07-09 229888]

c:\users\mato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Yahoo! Widgets.lnk - c:\program files\Yahoo!\Widgets\YahooWidgets.exe [2008-3-19 4742184]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel File Shell Monitor]
2008-01-15 13:18 16200 ----a-r- c:\program files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus SX400 Series]
2007-12-17 15:00 188928 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\E_FATIEGE.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-03-02 06:23 135664 ----atw- c:\users\mato\AppData\Local\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 14:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
2010-09-02 08:26 672632 ----a-w- c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2010-05-14 08:32 1479680 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-05-13 14:12 26192168 ----a-r- c:\program files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
"EPSON Stylus SX400 Series"=c:\windows\system32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE /FU "c:\users\mato\AppData\Local\Temp\E_SCAC7.tmp" /EF "HKCU"
"Google Update"="c:\users\mato\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
"PAC7302_Monitor"=c:\windows\PixArt\PAC7302\Monitor.exe

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-07 135664]
R2 HFGService;Handsfree Headset Service;c:\windows\system32\svchost.exe [2008-01-19 21504]
R3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys [x]
R3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys [x]
R3 BthAudioHF;BthAudioHF Service;c:\windows\system32\DRIVERS\BthAudioHF.sys [2010-02-05 48024]
R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2010-02-05 28048]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2008-12-07 30088]
R3 csr_a2dp;Bluetooth AV Profile;c:\windows\system32\drivers\bthav.sys [2010-02-05 66952]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-08-17 691696]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2008-01-21 21512]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
S1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [2007-04-23 82200]
S2 ABBYY.Licensing.FineReader.Professional.10.0;ABBYY FineReader 10 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [2009-12-10 814344]
S2 BsMobileCS;BsMobileCS;c:\program files\IVT Corporation\BlueSoleil\BsMobileCS.exe [2008-06-04 143467]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2009-11-16 735960]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-07-09 248936]
S3 bbcap;bbcap;c:\windows\system32\DRIVERS\bbcap.sys [2010-05-28 4096]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2008-01-21 26248]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
bthaudiosvc REG_MULTI_SZ HFGService

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2010-09-26 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]

2010-09-26 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2010-05-23 13:10]

2010-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-07 10:11]

2010-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-07 10:11]

2010-09-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-190942252-359916794-3278992379-1000Core.job
- c:\users\mato\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-02 06:23]

2010-09-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-190942252-359916794-3278992379-1000UA.job
- c:\users\mato\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-02 06:23]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uInternet Settings,ProxyOverride = *.local
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send by Bluetooth - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
IE: Send via &Message... - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\program files\PC Translator 2010\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\program files\PC Translator 2010\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\program files\PC Translator 2010\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\program files\PC Translator 2010\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\program files\PC Translator 2010\WebIE.dll
FF - ProfilePath - c:\users\mato\AppData\Roaming\Mozilla\Firefox\Profiles\o0nu3p77.default\
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - component: c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\components\FirefoxExtension.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - component: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: c:\users\mato\AppData\Roaming\Mozilla\Firefox\Profiles\o0nu3p77.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}\components\nsWebFF15.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll
FF - plugin: c:\program files\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: c:\program files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: c:\program files\Opera\program\plugins\nppl3260.dll
FF - plugin: c:\program files\Opera\program\plugins\nppl3260.dll
FF - plugin: c:\program files\Opera\program\plugins\nprjplug.dll
FF - plugin: c:\program files\Opera\program\plugins\nprjplug.dll
FF - plugin: c:\program files\Opera\program\plugins\nprpjplug.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: c:\users\mato\AppData\Local\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\users\mato\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.
- - - - ORPHANS REMOVED - - - -

SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-Nokia FastStart - c:\program files\Nokia\Nokia Music\NokiaMusic.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-26 11:28
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-190942252-359916794-3278992379-1000\Software\SecuROM\License information*]
"datasecu"=hex:d5,da,4f,89,2e,fe,9d,54,7b,b9,cf,09,14,31,d1,3d,4a,10,9c,20,af,
53,51,ac,a4,d0,6c,16,bb,8d,38,ba,66,38,08,f2,5a,8d,b3,f5,e7,84,39,d1,18,71,\
"rkeysecu"=hex:64,d7,1c,1d,9d,c6,ba,45,60,08,96,05,5e,94,a0,24

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0018\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0019\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0020\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0021\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2010-09-26 11:30:12
ComboFix-quarantined-files.txt 2010-09-26 09:30

Pre-Run: 84 295 299 072 bytes free
Post-Run: 84 319 518 720 bytes free

- - End Of File - - 0089A2AE537C2FCC212436D1132BBDB9

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  File::
  c:\windows\inf\Ovi Player\001B\tmpF3A1.tmp
  c:\windows\inf\Ovi Player\0009\tmpF3A1.tmp
  c:\windows\inf\Ovi Player\0000\tmpF3A1.tmp
  c:\windows\inf\Ovi Player\tmpF3A2.tmp
  c:\users\mato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Yahoo! Widgets.lnk
  c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-190942252-359916794-3278992379-1000Core.job
  c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-190942252-359916794-3278992379-1000UA.jobc:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-190942252-359916794-3278992379-1000UA.job
  
  Folder::
  c:\program files\SweetIM
  c:\programdata\SweetIM
  
  Registry::
  [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
  "{EEE6C35D-6118-11DC-9C72-001320C79847}"=-
  [-HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
  [-HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
  [-HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
  [-HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
  [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
  "{EEE6C35B-6118-11DC-9C72-001320C79847}"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
  "{EEE6C35B-6118-11DC-9C72-001320C79847}"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "TkBellExe"=-
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel File Shell Monitor]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
  [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
  "DAEMON Tools Lite"=-
  "Google Update"=-
  "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=-
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
  "NeroFilterCheck"=-
  
  FireFox::
  FF - ProfilePath - c:\users\mato\AppData\Roaming\Mozilla\Firefox\Profiles\o0nu3p77.default\
  FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
  
  RegLock::
  [HKEY_USERS\S-1-5-21-190942252-359916794-3278992379-1000\Software\SecuROM\License information*]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0018\AllUserSettings]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0019\AllUserSettings]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0020\AllUserSettings]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0021\AllUserSettings]

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Tu je log :


ComboFix 10-09-25.06 - mato . 09. 2010 16:59:40.6.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.421.1051.18.3071.1867 [GMT 2:00]
Running from: c:\users\mato\Desktop\ComboFix.exe
Command switches used :: c:\users\mato\Desktop\CFScript.txt
AV: ESET Smart Security 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
SP: ESET Smart Security 4.0 *enabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Resident AV is active


FILE ::
"c:\users\mato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Yahoo! Widgets.lnk"
"c:\windows\inf\Ovi Player\0000\tmpF3A1.tmp"
"c:\windows\inf\Ovi Player\0009\tmpF3A1.tmp"
"c:\windows\inf\Ovi Player\001B\tmpF3A1.tmp"
"c:\windows\inf\Ovi Player\tmpF3A2.tmp"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-190942252-359916794-3278992379-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-190942252-359916794-3278992379-1000UA.jobc:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-190942252-359916794-3278992379-1000UA.job"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\SweetIM
c:\program files\SweetIM\Messenger\default.xml
c:\program files\SweetIM\Messenger\mgAdaptersProxy.dll
c:\program files\SweetIM\Messenger\mgAIMAuto.dll
c:\program files\SweetIM\Messenger\mgAIMMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mgArchive.dll
c:\program files\SweetIM\Messenger\mgcommon.dll
c:\program files\SweetIM\Messenger\mgcommunication.dll
c:\program files\SweetIM\Messenger\mgconfig.dll
c:\program files\SweetIM\Messenger\mgFlashPlayer.dll
c:\program files\SweetIM\Messenger\mghooking.dll
c:\program files\SweetIM\Messenger\mgICQAuto.dll
c:\program files\SweetIM\Messenger\mgICQMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mgIEPlayer.dll
c:\program files\SweetIM\Messenger\mglogger.dll
c:\program files\SweetIM\Messenger\mgMediaPlayer.dll
c:\program files\SweetIM\Messenger\mgMsnAuto.dll
c:\program files\SweetIM\Messenger\mgMsnMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mgsimcommon.dll
c:\program files\SweetIM\Messenger\mgSweetIM.dll
c:\program files\SweetIM\Messenger\mgUpdateSupport.dll
c:\program files\SweetIM\Messenger\mgxml_wrapper.dll
c:\program files\SweetIM\Messenger\mgYahooAuto.dll
c:\program files\SweetIM\Messenger\mgYahooMessengerAdapter.dll
c:\program files\SweetIM\Messenger\msvcp71.dll
c:\program files\SweetIM\Messenger\msvcr71.dll
c:\program files\SweetIM\Messenger\resources\images\AudibleButton.png
c:\program files\SweetIM\Messenger\resources\images\DisplayPicturesButton.png
c:\program files\SweetIM\Messenger\resources\images\EmoticonButton.png
c:\program files\SweetIM\Messenger\resources\images\GamesButton.png
c:\program files\SweetIM\Messenger\resources\images\KeyboardButton.png
c:\program files\SweetIM\Messenger\resources\images\NudgeButton.png
c:\program files\SweetIM\Messenger\resources\images\SoundFxButton.png
c:\program files\SweetIM\Messenger\resources\images\WinksButton.png
c:\program files\SweetIM\Messenger\SweetIM.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\ClearHist.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\conf\logger.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\default.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\mgcommon.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgconfig.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\mghooking.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mglogger.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest
c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcm90.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcp90.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcr90.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\about.html
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\affid.dat
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\basis.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\bing.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\dating.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\find.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\games.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\glitter.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\google.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\help.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\highlight.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\locales.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\music.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\news.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\options.html
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\photos.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\shopping.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\version.txt
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\video.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\web-search.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\web-toolbar.js
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png
c:\programdata\SweetIM
c:\programdata\SweetIM\Messenger\conf\adapter.xml
c:\programdata\SweetIM\Messenger\conf\autoupdate.xml
c:\programdata\SweetIM\Messenger\conf\logger.xml
c:\programdata\SweetIM\Messenger\conf\messages.xml
c:\programdata\SweetIM\Messenger\conf\sweetim.xml
c:\programdata\SweetIM\Messenger\conf\sweetimapp.xml
c:\programdata\SweetIM\Messenger\conf\users\437020630\content_update_notification.xml
c:\programdata\SweetIM\Messenger\conf\users\437020630\emoticons_shortcut.xml
c:\programdata\SweetIM\Messenger\conf\users\437020630\lastuse_Emoticons.xml
c:\programdata\SweetIM\Messenger\conf\users\437020630\user_config.xml
c:\programdata\SweetIM\Messenger\conf\users\499829056\content_update_notification.xml
c:\programdata\SweetIM\Messenger\conf\users\499829056\emoticons_shortcut.xml
c:\programdata\SweetIM\Messenger\conf\users\499829056\user_config.xml
c:\programdata\SweetIM\Messenger\conf\users\main_user_config.xml
c:\programdata\SweetIM\Messenger\data\contentdb\000203FB.dat
c:\programdata\SweetIM\Messenger\data\contentdb\cache_indx.dat
c:\programdata\SweetIM\Messenger\data\contentdb\installcontentvalidation.xml
c:\users\mato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Yahoo! Widgets.lnk
c:\windows\inf\Ovi Player\0000\tmpF3A1.tmp
c:\windows\inf\Ovi Player\0009\tmpF3A1.tmp
c:\windows\inf\Ovi Player\001B\tmpF3A1.tmp
c:\windows\inf\Ovi Player\tmpF3A2.tmp
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-190942252-359916794-3278992379-1000Core.job

.
((((((((((((((((((((((((( Files Created from 2010-08-26 to 2010-09-26 )))))))))))))))))))))))))))))))
.

2010-09-26 15:08 . 2010-09-26 15:08 -------- d-----w- c:\users\mato\AppData\Local\temp
2010-09-26 15:08 . 2010-09-26 15:08 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-09-26 15:08 . 2010-09-26 15:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-09-26 14:57 . 2010-09-26 14:58 -------- d-----w- C:\32788R22FWJFW
2010-09-26 12:54 . 2010-09-26 12:58 -------- d-----w- c:\users\mato\wourld of tank
2010-09-25 13:33 . 2010-09-25 13:33 -------- d-----w- c:\users\mato\BlueSoleil6.2.227.10RM
2010-09-25 13:25 . 2010-09-25 13:25 -------- d-----w- c:\users\mato\AppData\Local\bluesoleil
2010-09-25 12:14 . 2010-09-25 12:14 -------- d-----w- c:\program files\IVT Corporation
2010-09-24 16:13 . 2010-09-24 16:13 3520510 ----a-w- c:\users\mato\phoneremotecontrol.zip
2010-09-24 16:04 . 2010-09-24 16:04 -------- d-----w- c:\users\mato\Bluetooth_Remote_Control_v.4.0
2010-09-24 15:53 . 2010-09-24 15:53 -------- d-----w- c:\program files\Remote Professional
2010-09-24 15:52 . 2010-09-24 15:52 -------- d-----w- c:\users\mato\MobilewaysRemoteS60Professiona
2010-09-24 15:39 . 2010-09-24 15:39 1201 ----a-w- c:\users\mato\AppData\Roaming\.purple\certificates\x509\tls_peers\login.facebook.com
2010-09-24 15:31 . 2010-09-24 15:31 -------- d-----w- c:\users\mato\AppData\Roaming\W
2010-09-24 12:13 . 2010-09-24 12:13 -------- d-----w- c:\users\mato\AppData\Roaming\wargaming.net
2010-09-24 11:51 . 2010-09-24 11:51 -------- d--h--w- c:\windows\PIF
2010-09-24 04:56 . 2010-09-24 06:29 1176673434 ----a-w- c:\users\mato\WoT_beta.0.4.5_eng_full_setup.exe
2010-09-23 19:16 . 2010-09-23 19:17 9263238 ----a-w- c:\users\mato\pidgin-2.7.3.exe
2010-09-21 17:05 . 2010-09-21 17:05 4554439 ----a-w- c:\users\mato\starcraft2cz.zip
2010-09-21 04:59 . 2009-05-18 11:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-09-21 04:59 . 2008-04-17 10:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2010-09-21 04:58 . 2010-09-21 04:59 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-09-21 04:58 . 2010-09-21 04:59 -------- d-----w- c:\program files\iTunes
2010-09-21 04:58 . 2010-09-21 04:58 -------- d-----w- c:\program files\iPod
2010-09-21 04:57 . 2010-09-21 04:57 -------- d-----w- c:\program files\Apple Software Update
2010-09-21 04:55 . 2010-09-21 04:55 -------- d-----w- c:\program files\Bonjour
2010-09-21 04:49 . 2010-09-21 04:54 74840872 ----a-w- c:\users\mato\iTunesSetup.exe
2010-09-20 19:40 . 2010-09-20 19:40 -------- d-----w- c:\users\mato\SC2Allin1
2010-09-20 15:59 . 2010-09-20 15:59 530482 ----a-w- c:\users\mato\goodgame (1).zip
2010-09-20 15:59 . 2010-09-20 15:59 530482 ----a-w- c:\users\mato\goodgame.zip
2010-09-20 15:56 . 2010-09-20 15:56 -------- d-----w- c:\program files\Game_Maker8
2010-09-20 15:55 . 2010-09-20 15:56 10857464 ----a-w- c:\users\mato\gmaker80.exe
2010-09-20 15:46 . 2010-09-20 15:47 -------- d-----w- c:\program files\Game_Maker6
2010-09-20 15:35 . 2010-09-20 15:37 -------- d-----w- c:\users\mato\Gmaker61
2010-09-20 15:34 . 2010-09-20 15:34 3730558 ----a-w- c:\users\mato\Gmaker61.zip
2010-09-19 16:02 . 2010-09-19 16:02 551624 ----a-w- c:\users\mato\Handy_Converter_2.11CZ_5th.zip
2010-09-19 15:42 . 2010-09-19 15:42 43438 ----a-w- c:\users\mato\SuperScreenshot 1.05 cz.zip
2010-09-17 19:48 . 2010-09-17 19:48 -------- d-----w- c:\program files\Xilisoft
2010-09-17 19:48 . 2010-09-21 04:58 -------- d-----w- c:\program files\QuickTime
2010-09-17 19:13 . 2010-09-17 19:13 -------- d-----w- c:\users\mato\waka.wingone.esp
2010-09-15 16:17 . 2010-08-17 14:11 128000 ----a-w- c:\windows\system32\spoolsv.exe
2010-09-15 16:17 . 2010-04-16 16:46 502272 ----a-w- c:\windows\system32\usp10.dll
2010-09-15 16:17 . 2010-04-05 17:02 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL
2010-09-15 16:17 . 2010-05-27 20:08 739328 ----a-w- c:\windows\system32\inetcomm.dll
2010-09-12 13:16 . 2010-09-12 13:20 -------- d-----w- c:\program files\Cestovné poriadky
2010-09-11 19:01 . 2010-09-11 19:02 -------- d-----w- c:\program files\MagicISO
2010-09-07 12:42 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-09-07 12:42 . 2010-09-07 12:42 -------- d-----w- c:\program files\PC Connectivity Solution
2010-09-05 07:14 . 2010-09-05 07:14 46852 ----a-w- c:\programdata\Blizzard Entertainment\Battle.net\Cache\Download\Scan.dll
2010-09-04 18:41 . 2010-09-04 18:41 -------- d-----w- c:\users\mato\SystemRequirementsLab
2010-09-04 13:43 . 2010-09-04 13:43 -------- d-----w- c:\program files\EA Games
2010-09-04 06:07 . 2010-09-17 17:36 -------- d-----w- c:\users\mato\AppData\Local\Microsoft Game Studios
2010-09-04 06:07 . 2010-09-17 17:36 -------- d-----w- c:\programdata\Microsoft Games
2010-09-04 06:06 . 2010-09-17 17:36 -------- d-----w- c:\users\mato\AppData\Roaming\Microsoft Game Studios
2010-09-01 18:24 . 2010-09-01 18:24 -------- d-----w- c:\users\mato\mobile_forces
2010-09-01 13:36 . 2010-09-01 13:36 -------- d--h--r- c:\users\mato\AppData\Roaming\SecuROM
2010-09-01 07:12 . 2010-09-01 07:12 73000 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 10.0.0.68\SetupAdmin.exe
2010-08-31 16:30 . 2007-09-21 20:17 135226 ----a-w- c:\users\mato\AppData\Roaming\Mozilla\Firefox\Profiles\o0nu3p77.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}\components\nsWebFF15.dll
2010-08-31 16:30 . 2007-09-21 19:50 131128 ----a-w- c:\users\mato\AppData\Roaming\Mozilla\Firefox\Profiles\o0nu3p77.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}\components\nsWebFF.dll
2010-08-31 16:29 . 2010-08-31 16:29 303104 ----a-w- c:\users\mato\AppData\Roaming\LangSoft\TrnWord.dll
2010-08-31 16:29 . 2010-08-31 16:29 356352 ----a-w- c:\users\mato\AppData\Roaming\LangSoft\TrnOutl.dll
2010-08-31 16:27 . 2010-08-31 16:32 -------- d-----w- c:\program files\PC Translator 2010
2010-08-31 09:10 . 2010-08-31 09:10 114176 --sh--w- C:\Trainer.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-26 15:09 . 2010-03-04 17:38 -------- d-----w- c:\users\mato\AppData\Roaming\uTorrent
2010-09-26 11:33 . 2010-04-24 07:02 36821 ----a-w- c:\programdata\nvModes.dat
2010-09-26 09:39 . 2010-04-19 13:22 45816 ----a-w- c:\windows\system32\perfh01B.dat
2010-09-26 09:39 . 2010-04-19 13:22 13934 ----a-w- c:\windows\system32\perfc01B.dat
2010-09-26 09:32 . 2010-04-24 07:02 -------- d-----w- c:\programdata\NVIDIA
2010-09-26 09:13 . 2010-03-02 07:22 -------- d-----w- c:\users\mato\AppData\Roaming\Skype
2010-09-26 07:42 . 2010-03-20 20:31 -------- d-----w- c:\program files\trend micro
2010-09-26 07:32 . 2010-03-02 07:23 -------- d-----w- c:\users\mato\AppData\Roaming\skypePM
2010-09-25 13:24 . 2010-06-23 14:28 -------- d-----w- c:\program files\Phone Remote Control
2010-09-25 13:24 . 2010-03-02 06:06 5259 ----a-w- c:\windows\bthservsdp.dat
2010-09-25 12:32 . 2010-06-23 14:28 -------- d-----w- c:\users\mato\AppData\Roaming\PhoneRemoteControl
2010-09-25 12:14 . 2010-03-02 15:08 -------- d-----w- c:\programdata\Installations
2010-09-24 15:44 . 2010-05-10 19:55 -------- d-----w- c:\users\mato\AppData\Roaming\.purple
2010-09-24 10:06 . 2010-03-07 10:11 -------- d-----w- c:\program files\Google
2010-09-23 19:18 . 2010-05-10 19:51 -------- d-----w- c:\program files\Pidgin
2010-09-21 05:15 . 2010-03-19 12:52 -------- d-----w- c:\users\mato\AppData\Roaming\Apple Computer
2010-09-21 04:58 . 2010-08-05 13:26 -------- d-----w- c:\programdata\Apple Computer
2010-09-21 04:58 . 2010-03-19 12:51 -------- d-----w- c:\program files\Common Files\Apple
2010-09-20 20:24 . 2010-03-04 08:30 -------- d-----w- c:\users\mato\AppData\Roaming\vlc
2010-09-20 20:24 . 2010-03-24 14:27 -------- d-----w- c:\users\mato\AppData\Roaming\dvdcss
2010-09-20 19:40 . 2010-03-02 06:14 66128 ----a-w- c:\users\mato\AppData\Local\GDIPFONTCACHEV1.DAT
2010-09-20 16:21 . 2010-06-02 04:32 -------- d-----w- c:\program files\Nokia
2010-09-18 11:01 . 2010-08-10 14:59 -------- d-----w- c:\program files\Steam
2010-09-17 05:12 . 2010-08-08 22:00 -------- d-----w- c:\program files\JDownloader
2010-09-16 13:30 . 2010-04-18 21:01 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-15 16:50 . 2010-03-02 06:13 680 ----a-w- c:\users\mato\AppData\Local\d3d9caps.dat
2010-09-15 16:23 . 2010-03-02 07:31 -------- d-----w- c:\programdata\Microsoft Help
2010-09-15 16:18 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-09-12 13:20 . 2010-09-12 13:16 -------- d-----w- c:\program files\Cestovné poriadky
2010-09-07 12:43 . 2010-03-02 15:18 -------- d-----w- c:\program files\Common Files\Nokia
2010-09-07 12:41 . 2010-07-25 17:16 12212040 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe
2010-09-07 12:41 . 2010-07-25 17:16 13930312 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X64-ENU.exe
2010-09-07 12:41 . 2010-07-25 17:16 77824 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\Run_XML6_SP1.exe
2010-09-07 12:41 . 2010-07-25 17:16 38912 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMF11Runx86.exe
2010-09-07 12:41 . 2010-07-25 17:16 38912 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMF11Runx64.exe
2010-09-07 12:41 . 2010-07-25 17:16 50000 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\pcswpc.exe
2010-09-06 11:44 . 2010-03-05 17:02 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-09-05 07:51 . 2010-07-30 15:17 -------- d-----w- c:\programdata\Blizzard Entertainment
2010-09-05 07:38 . 2010-08-04 06:25 -------- d-----w- c:\program files\StarCraft II
2010-09-04 18:41 . 2010-03-02 06:21 -------- d-----w- c:\program files\SystemRequirementsLab
2010-09-04 15:48 . 2010-03-02 07:18 -------- d-----w- c:\program files\ICQ7.0
2010-09-04 13:44 . 2010-03-02 06:18 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-09-04 13:44 . 2010-03-13 17:49 983 ----a-w- c:\windows\eReg.dat
2010-09-04 06:08 . 2006-11-02 12:37 -------- d-----w- c:\program files\Microsoft Games
2010-09-03 15:33 . 2010-07-25 17:16 102914512 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer.exe
2010-09-01 16:13 . 2010-05-14 05:51 -------- d-----w- c:\program files\ABBYY FineReader 10
2010-08-31 16:31 . 2010-03-06 19:06 -------- d-----w- c:\users\mato\AppData\Roaming\LangSoft
2010-08-31 16:29 . 2010-03-06 19:06 -------- d-----w- c:\programdata\LangSoft
2010-08-31 14:05 . 2010-03-03 05:50 -------- d-----w- c:\users\mato\AppData\Roaming\IrfanView
2010-08-30 16:33 . 2010-08-14 20:04 -------- d-----w- c:\program files\LogMeIn Hamachi
2010-08-23 14:48 . 2010-08-10 14:59 -------- d-----w- c:\program files\Common Files\Steam
2010-08-22 15:50 . 2010-08-20 20:36 -------- d-----w- c:\program files\EVEREST Corporate Edition
2010-08-19 13:57 . 2010-08-19 13:57 1 ----a-w- C:\DXOkay.bin
2010-08-17 14:41 . 2010-08-17 14:41 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-08-17 14:41 . 2010-03-02 07:06 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-08-16 17:23 . 2010-08-16 17:23 108144 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-08-14 09:24 . 2010-03-02 06:34 -------- d-----w- c:\program files\NVIDIA Corporation
2010-08-14 09:23 . 2010-08-14 09:23 -------- d-----w- c:\programdata\NVIDIA Corporation
2010-08-14 09:04 . 2010-03-02 07:34 -------- d-----w- c:\program files\Microsoft.NET
2010-08-13 21:16 . 2010-03-02 07:19 -------- d-----w- c:\users\mato\AppData\Roaming\ICQ
2010-08-13 11:30 . 2010-08-13 11:30 36864 ----a-w- c:\programdata\Installations\{4ECA710C-B818-4751-A3B8-42C2D93922A8}\Installer\CommonCustomActions\Sleep.exe
2010-08-13 11:30 . 2010-08-13 11:30 3351812 ----a-w- c:\programdata\Installations\{4ECA710C-B818-4751-A3B8-42C2D93922A8}\Installer\CommonCustomActions\msxml6Exec.exe
2010-08-13 11:30 . 2010-08-13 11:30 3203453 ----a-w- c:\programdata\Installations\{4ECA710C-B818-4751-A3B8-42C2D93922A8}\Installer\CommonCustomActions\vcredistExec.exe
2010-08-13 11:30 . 2010-08-13 11:30 36598408 ----a-w- c:\programdata\Installations\{4ECA710C-B818-4751-A3B8-42C2D93922A8}\NokiaSoftwareUpdaterSetup_2.5.8SK.exe
2010-08-10 16:46 . 2010-08-10 16:46 -------- d-----w- c:\users\mato\AppData\Roaming\NVIDIA
2010-08-10 16:33 . 2010-03-06 08:11 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-08-05 13:26 . 2010-03-19 12:51 -------- d-----w- c:\program files\Safari
2010-08-04 16:18 . 2010-08-04 16:18 8 --sh--r- c:\windows\system32\9CA8217D90.sys
2010-08-04 16:18 . 2010-04-14 16:02 2516 --sha-w- c:\windows\system32\KGyGaAvL.sys
2010-08-03 07:06 . 2010-03-21 15:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-28 17:46 . 2010-07-28 16:39 -------- d-----w- c:\programdata\NFS Underground
2010-07-27 16:44 . 2010-07-27 16:44 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-07-27 16:44 . 2010-07-27 16:44 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2010-07-27 16:44 . 2010-07-27 16:44 197920 ----a-w- c:\windows\system32\dnssdX.dll
2010-07-27 16:44 . 2010-07-27 16:44 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-07-23 04:13 . 2010-07-23 04:13 72488 ----a-w- c:\programdata\Apple Computer\Installer Cache\Safari 5.33.17.8\SetupAdmin.exe
2010-07-09 22:37 . 2010-08-14 09:22 56936 ----a-w- c:\windows\system32\OpenCL.dll
2010-07-09 22:37 . 2010-08-14 09:22 5107816 ----a-w- c:\windows\system32\nvwgf2um.dll
2010-07-09 22:37 . 2010-08-14 09:22 14092904 ----a-w- c:\windows\system32\nvoglv32.dll
2010-07-09 22:37 . 2010-08-14 09:22 11008040 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2010-07-09 22:37 . 2010-08-14 09:22 4553832 ----a-w- c:\windows\system32\nvcuda.dll
2010-07-09 22:37 . 2010-08-14 09:22 2892904 ----a-w- c:\windows\system32\nvcuvid.dll
2010-07-09 22:37 . 2010-08-14 09:22 2506344 ----a-w- c:\windows\system32\nvcuvenc.dll
2010-07-09 22:37 . 2010-08-14 09:22 236136 ----a-w- c:\windows\system32\nvcod1922.dll
2010-07-09 22:37 . 2010-08-14 09:22 236136 ----a-w- c:\windows\system32\nvcod.dll
2010-07-09 22:37 . 2010-08-14 09:22 10267240 ----a-w- c:\windows\system32\nvcompiler.dll
2010-07-09 22:37 . 2010-04-03 20:55 1625192 ----a-w- c:\windows\system32\nvapi.dll
2010-07-09 22:37 . 2010-03-02 06:34 9818728 ----a-w- c:\windows\system32\nvd3dum.dll
2010-07-09 14:20 . 2010-07-09 14:20 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-07-09 14:20 . 2010-07-09 14:20 1881704 ----a-w- c:\windows\system32\nvsvcr.dll
2010-07-09 14:20 . 2010-07-09 14:20 1469544 ----a-w- c:\windows\system32\nvsvc.dll
2010-07-09 14:20 . 2010-07-09 14:20 13939816 ----a-w- c:\windows\system32\nvcpl.dll
2010-07-09 14:20 . 2010-07-09 14:20 129640 ----a-w- c:\windows\system32\nvvsvc.exe
2010-07-05 18:00 . 2010-07-05 18:02 720896 ----a-w- c:\windows\iun6002.exe
.

((((((((((((((((((((((((((((( SnapShot@2010-09-26_09.28.25 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-03-02 06:51 . 2010-09-26 09:34 49844 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:05 . 2010-09-26 09:34 71938 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:02 . 2010-09-26 14:56 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2006-11-02 13:02 . 2010-09-26 07:43 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2006-11-02 13:02 . 2010-09-26 14:56 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2006-11-02 13:02 . 2010-09-26 07:43 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2006-11-02 13:02 . 2010-09-26 07:43 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2006-11-02 13:02 . 2010-09-26 14:56 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-03-02 14:53 . 2010-09-26 09:33 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-03-02 14:53 . 2010-09-25 13:44 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-03-02 14:53 . 2010-09-26 09:33 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-03-02 14:53 . 2010-09-25 13:44 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-03-02 14:53 . 2010-09-26 09:33 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-03-02 14:53 . 2010-09-25 13:44 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2006-11-02 10:25 . 2010-09-26 14:56 51200 c:\windows\inf\infpub.dat
- 2006-11-02 10:25 . 2010-09-25 18:13 51200 c:\windows\inf\infpub.dat
- 2010-03-02 06:15 . 2010-09-26 09:17 8270 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-190942252-359916794-3278992379-1000_UserData.bin
+ 2010-03-02 06:15 . 2010-09-26 09:34 8270 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-190942252-359916794-3278992379-1000_UserData.bin
- 2010-09-26 09:15 . 2010-09-26 09:15 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2010-09-26 09:32 . 2010-09-26 09:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-09-26 09:15 . 2010-09-26 09:15 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-09-26 09:32 . 2010-09-26 09:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2006-11-02 10:33 . 2010-09-26 09:23 604124 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2010-09-26 09:39 604124 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2010-09-26 09:23 107262 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2010-09-26 09:39 107262 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:25 . 2010-09-26 14:56 143360 c:\windows\inf\infstrng.dat
- 2006-11-02 10:25 . 2010-09-25 18:13 143360 c:\windows\inf\infstrng.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-11-16 2054360]
"BtTray"="c:\program files\IVT Corporation\BlueSoleil\BtTray.exe" [2008-07-09 229888]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus SX400 Series]
2007-12-17 15:00 188928 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\E_FATIEGE.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
2010-09-02 08:26 672632 ----a-w- c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2010-05-14 08:32 1479680 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-05-13 14:12 26192168 ----a-r- c:\program files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"EPSON Stylus SX400 Series"=c:\windows\system32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE /FU "c:\users\mato\AppData\Local\Temp\E_SCAC7.tmp" /EF "HKCU"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"PAC7302_Monitor"=c:\windows\PixArt\PAC7302\Monitor.exe

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-07 135664]
R2 HFGService;Handsfree Headset Service;c:\windows\system32\svchost.exe [2008-01-19 21504]
R3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys [x]
R3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys [x]
R3 BthAudioHF;BthAudioHF Service;c:\windows\system32\DRIVERS\BthAudioHF.sys [2010-02-05 48024]
R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2010-02-05 28048]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2008-12-07 30088]
R3 csr_a2dp;Bluetooth AV Profile;c:\windows\system32\drivers\bthav.sys [2010-02-05 66952]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-08-17 691696]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2008-01-21 21512]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
S1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [2007-04-23 82200]
S2 ABBYY.Licensing.FineReader.Professional.10.0;ABBYY FineReader 10 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [2009-12-10 814344]
S2 BsMobileCS;BsMobileCS;c:\program files\IVT Corporation\BlueSoleil\BsMobileCS.exe [2008-06-04 143467]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2009-11-16 735960]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-07-09 248936]
S3 bbcap;bbcap;c:\windows\system32\DRIVERS\bbcap.sys [2010-05-28 4096]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2008-01-21 26248]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
bthaudiosvc REG_MULTI_SZ HFGService

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2010-09-26 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]

2010-09-26 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2010-05-23 13:10]

2010-09-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-190942252-359916794-3278992379-1000UA.job
- c:\users\mato\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-02 06:23]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uInternet Settings,ProxyOverride = *.local
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send by Bluetooth - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
IE: Send via &Message... - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\program files\PC Translator 2010\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\program files\PC Translator 2010\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\program files\PC Translator 2010\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\program files\PC Translator 2010\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\program files\PC Translator 2010\WebIE.dll
FF - ProfilePath - c:\users\mato\AppData\Roaming\Mozilla\Firefox\Profiles\o0nu3p77.default\
FF - component: c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\components\FirefoxExtension.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - component: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: c:\users\mato\AppData\Roaming\Mozilla\Firefox\Profiles\o0nu3p77.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}\components\nsWebFF15.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll
FF - plugin: c:\program files\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: c:\program files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: c:\program files\Opera\program\plugins\nppl3260.dll
FF - plugin: c:\program files\Opera\program\plugins\nppl3260.dll
FF - plugin: c:\program files\Opera\program\plugins\nprjplug.dll
FF - plugin: c:\program files\Opera\program\plugins\nprjplug.dll
FF - plugin: c:\program files\Opera\program\plugins\nprpjplug.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: c:\users\mato\AppData\Local\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\users\mato\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-26 17:08
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-190942252-359916794-3278992379-1000\Software\SecuROM\License information*]
"datasecu"=hex:d5,da,4f,89,2e,fe,9d,54,7b,b9,cf,09,14,31,d1,3d,4a,10,9c,20,af,
53,51,ac,a4,d0,6c,16,bb,8d,38,ba,66,38,08,f2,5a,8d,b3,f5,e7,84,39,d1,18,71,\
"rkeysecu"=hex:64,d7,1c,1d,9d,c6,ba,45,60,08,96,05,5e,94,a0,24
.
Completion time: 2010-09-26 17:10:45
ComboFix-quarantined-files.txt 2010-09-26 15:10
ComboFix2.txt 2010-09-26 09:30

Pre-Run: 86 200 905 728 bytes free
Post-Run: 86 165 188 608 bytes free

- - End Of File - - 560992BAB20B341F66F5E3F1576DF802

Jak se chova PC

Vypnete si Windows Defender - muze dochazet ke kolizi s balickem ESETu

PC ide OK. Ako vypnut ten Windows Defender ?? Lebo som to nejako nenasiel.

Start - Ovladaci panely - Windows Defender - Nastroje - Moznosti - Ochrana v realnem case - Vykliknout Pouzit ochranu v realnem case

Odinstalujte Combofix

• Start - Spustit (nebo pouzijte klavesobou zkratku Win+R)
• Napiste ComboFix /Uninstall
• Stisknete Enter
• Tohle smaze Combofix a jeho slozky

T-Cleaner http://sweb.cz/Marinus/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis), pri instalaci dejte fajfku pryc u yahoo toolbaru
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

Dejte novy log ze RSITu

Vsetko spravene. Tu je log :


Logfile of random's system information tool 1.08 (written by random/random)
Run by mato at 2010-09-26 18:18:42
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 77 GB (25%) free of 305 GB
Total RAM: 3071 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:20:19, on 26. 9. 2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\NetLimiter 2 Pro\NLClient.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mato\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mato\Desktop\RSIT.exe
C:\Program Files\trend micro\mato.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Program Files\PC Translator 2010\WebIE.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files\PC Translator 2010\WebIE.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [BtTray] "C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send by Bluetooth - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
O8 - Extra context menu item: Send via &Message... - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Program Files\PC Translator 2010\WebIE.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Program Files\PC Translator 2010\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Program Files\PC Translator 2010\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\PC Translator 2010\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\PC Translator 2010\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\PC Translator 2010\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\PC Translator 2010\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\PC Translator 2010\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\PC Translator 2010\WebIE.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\system32\skype4com.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ABBYY FineReader 10 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.10.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: BsMobileCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe

--
End of file - 9356 bytes

======Scheduled tasks folder======

C:\Windows\tasks\1-Click Maintenance.job
C:\Windows\tasks\AWC Startup.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-190942252-359916794-3278992379-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Program Files\PC Translator 2010\WebIE.dll [2010-08-31 503808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-06-24 341600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-21 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Program Files\PC Translator 2010\WebIE.dll [2010-08-31 503808]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-11-16 2054360]
"BtTray"=C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe [2008-07-09 229888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus SX400 Series]
C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE [2007-12-17 188928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2010-09-02 672632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-05-14 1479680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2010-05-13 26192168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=0
"HonorAutoRunSetting"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=0
"HonorAutoRunSetting"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2010-09-26 18:18:42 ----D---- C:\rsit
2010-09-26 17:10:50 ----SHD---- C:\$RECYCLE.BIN
2010-09-26 17:10:47 ----D---- C:\Windows\temp
2010-09-26 11:15:58 ----D---- C:\Windows\ERDNT
2010-09-25 20:12:11 ----A---- C:\Windows\system32\SHORTCUT.INI
2010-09-25 15:39:46 ----A---- C:\Windows\system32\REMOTEDEVICE.INI
2010-09-25 15:14:53 ----A---- C:\Windows\system32\LOCALSERVICE.INI
2010-09-25 15:14:47 ----A---- C:\Windows\system32\BSPRINT.INI
2010-09-25 15:14:39 ----A---- C:\Windows\system32\LOCALDEVICE.INI
2010-09-25 14:14:48 ----D---- C:\Program Files\IVT Corporation
2010-09-25 14:13:32 ----A---- C:\im.ini
2010-09-24 17:53:02 ----D---- C:\Program Files\Remote Professional
2010-09-24 17:31:43 ----D---- C:\Users\mato\AppData\Roaming\W
2010-09-24 14:13:57 ----D---- C:\Users\mato\AppData\Roaming\wargaming.net
2010-09-24 13:51:19 ----HD---- C:\Windows\PIF
2010-09-21 06:59:29 ----A---- C:\Windows\system32\GEARAspi.dll
2010-09-21 06:59:29 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2010-09-21 06:58:53 ----D---- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-09-21 06:58:53 ----D---- C:\Program Files\iTunes
2010-09-21 06:58:53 ----D---- C:\Program Files\iPod
2010-09-21 06:57:31 ----D---- C:\Program Files\Apple Software Update
2010-09-21 06:55:56 ----D---- C:\Program Files\Bonjour
2010-09-20 17:56:30 ----D---- C:\Program Files\Game_Maker8
2010-09-20 17:46:59 ----D---- C:\Program Files\Game_Maker6
2010-09-17 21:48:24 ----D---- C:\Program Files\Xilisoft
2010-09-17 21:48:22 ----D---- C:\Program Files\QuickTime
2010-09-15 18:17:58 ----A---- C:\Windows\system32\spoolsv.exe
2010-09-15 18:17:57 ----A---- C:\Windows\system32\usp10.dll
2010-09-15 18:17:54 ----A---- C:\Windows\system32\MP4SDECD.DLL
2010-09-15 18:17:51 ----A---- C:\Windows\system32\inetcomm.dll
2010-09-12 15:16:34 ----D---- C:\Program Files\Cestovné poriadky
2010-09-11 21:01:48 ----A---- C:\Windows\system32\BASSMOD.dll
2010-09-11 21:01:36 ----D---- C:\Program Files\MagicISO
2010-09-07 14:42:47 ----A---- C:\Windows\system32\drivers\pccsmcfd.sys
2010-09-07 14:42:18 ----D---- C:\Program Files\PC Connectivity Solution
2010-09-04 15:43:15 ----D---- C:\Program Files\EA Games
2010-09-04 08:07:14 ----D---- C:\ProgramData\Microsoft Games
2010-09-04 08:06:54 ----D---- C:\Users\mato\AppData\Roaming\Microsoft Game Studios
2010-09-01 15:36:36 ----RHD---- C:\Users\mato\AppData\Roaming\SecuROM
2010-08-31 18:27:56 ----D---- C:\Program Files\PC Translator 2010
2010-08-31 11:10:01 ----SH---- C:\Trainer.dll

======List of files/folders modified in the last 1 months======

2010-09-26 18:20:09 ----D---- C:\Windows\System32
2010-09-26 18:20:08 ----D---- C:\Windows\inf
2010-09-26 18:20:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-09-26 18:18:46 ----D---- C:\Program Files\trend micro
2010-09-26 18:16:26 ----D---- C:\Windows\Debug
2010-09-26 18:16:26 ----D---- C:\Windows
2010-09-26 18:13:34 ----D---- C:\ProgramData\NVIDIA
2010-09-26 18:13:33 ----A---- C:\Windows\system32\bscs.ini
2010-09-26 18:00:56 ----D---- C:\Users\mato\AppData\Roaming\uTorrent
2010-09-26 17:40:07 ----D---- C:\Windows\Prefetch
2010-09-26 17:30:17 ----SHD---- C:\Windows\Installer
2010-09-26 17:29:42 ----RSD---- C:\Windows\assembly
2010-09-26 17:29:03 ----SHD---- C:\System Volume Information
2010-09-26 17:22:36 ----D---- C:\hry
2010-09-26 17:08:40 ----A---- C:\Windows\system.ini
2010-09-26 17:08:32 ----D---- C:\Windows\system32\drivers\etc
2010-09-26 17:08:00 ----RD---- C:\Program Files
2010-09-26 17:08:00 ----D---- C:\Windows\Tasks
2010-09-26 17:08:00 ----D---- C:\ProgramData
2010-09-26 17:05:32 ----D---- C:\Windows\system32\drivers
2010-09-26 17:05:32 ----D---- C:\Windows\AppPatch
2010-09-26 17:05:31 ----D---- C:\Program Files\Common Files
2010-09-26 15:41:35 ----AD---- C:\ProgramData\TEMP
2010-09-26 11:15:30 ----D---- C:\Windows\system32\Tasks
2010-09-26 11:13:44 ----D---- C:\Users\mato\AppData\Roaming\Skype
2010-09-26 09:32:52 ----D---- C:\Users\mato\AppData\Roaming\skypePM
2010-09-25 20:12:34 ----A---- C:\Windows\BsMobileModel.ini
2010-09-25 15:24:58 ----D---- C:\Program Files\Phone Remote Control
2010-09-25 15:24:18 ----D---- C:\Windows\system32\catroot
2010-09-25 14:32:13 ----D---- C:\Users\mato\AppData\Roaming\PhoneRemoteControl
2010-09-25 14:15:09 ----D---- C:\Windows\system32\catroot2
2010-09-25 14:14:33 ----D---- C:\ProgramData\Installations
2010-09-24 17:44:47 ----D---- C:\Users\mato\AppData\Roaming\.purple
2010-09-24 12:06:56 ----D---- C:\Program Files\Google
2010-09-23 21:18:27 ----D---- C:\Program Files\Pidgin
2010-09-22 18:34:15 ----D---- C:\Windows\system32\WDI
2010-09-21 07:15:21 ----D---- C:\Users\mato\AppData\Roaming\Apple Computer
2010-09-21 06:59:29 ----DC---- C:\Windows\system32\DRVSTORE
2010-09-21 06:58:53 ----D---- C:\ProgramData\Apple Computer
2010-09-21 06:58:53 ----D---- C:\Program Files\Common Files\Apple
2010-09-20 22:24:18 ----D---- C:\Users\mato\AppData\Roaming\vlc
2010-09-20 22:24:12 ----D---- C:\Users\mato\AppData\Roaming\dvdcss
2010-09-20 21:48:08 ----A---- C:\Users\mato\AppData\Roaming\myMPQ.ini
2010-09-20 18:21:12 ----D---- C:\Windows\Globalization
2010-09-20 18:21:06 ----D---- C:\Program Files\Nokia
2010-09-20 18:20:30 ----RSD---- C:\Windows\Fonts
2010-09-18 13:01:04 ----D---- C:\Program Files\Steam
2010-09-17 07:12:38 ----D---- C:\Program Files\JDownloader
2010-09-16 15:30:38 ----D---- C:\Program Files\Microsoft Silverlight
2010-09-15 18:59:08 ----D---- C:\Windows\winsxs
2010-09-15 18:23:25 ----D---- C:\ProgramData\Microsoft Help
2010-09-15 18:18:47 ----A---- C:\Windows\system32\mrt.exe
2010-09-15 18:18:32 ----D---- C:\Program Files\Windows Mail
2010-09-07 14:46:22 ----D---- C:\Windows\system32\drivers\UMDF
2010-09-07 14:43:53 ----D---- C:\Program Files\Common Files\Nokia
2010-09-06 13:44:20 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2010-09-05 09:51:33 ----D---- C:\ProgramData\Blizzard Entertainment
2010-09-05 09:38:25 ----D---- C:\Program Files\StarCraft II
2010-09-04 20:41:30 ----D---- C:\Program Files\SystemRequirementsLab
2010-09-04 17:48:03 ----D---- C:\Program Files\ICQ7.0
2010-09-04 15:44:56 ----HD---- C:\Program Files\InstallShield Installation Information
2010-09-04 08:08:02 ----D---- C:\Program Files\Microsoft Games
2010-09-04 08:07:20 ----SD---- C:\ProgramData\Microsoft
2010-09-01 18:13:47 ----D---- C:\Program Files\ABBYY FineReader 10
2010-08-31 18:31:18 ----D---- C:\Users\mato\AppData\Roaming\LangSoft
2010-08-31 18:29:19 ----D---- C:\ProgramData\LangSoft
2010-08-31 18:29:08 ----A---- C:\Windows\TRNCOM.INI
2010-08-31 16:05:10 ----D---- C:\Users\mato\AppData\Roaming\IrfanView
2010-08-30 18:33:40 ----D---- C:\Program Files\LogMeIn Hamachi

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BtHidBus;Bluetooth HID Bus Service; C:\Windows\System32\Drivers\BtHidBus.sys [2008-01-21 21512]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\Windows\System32\Drivers\BTHidMgr.sys [2005-04-30 28271]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2009-02-03 59000]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2007-02-08 83320]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-08-17 691696]
R1 ASPI32;ASPI32; C:\Windows\system32\drivers\ASPI32.sys [1999-09-10 25244]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-12-18 26024]
R1 epfwtdi;epfwtdi; C:\Windows\system32\DRIVERS\epfwtdi.sys [2009-11-16 55768]
R1 nltdi;nltdi; \??\C:\Windows\system32\drivers\nltdi.sys [2007-04-23 82200]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-04-13 165376]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-11-16 116520]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-12-18 135048]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-04-13 18048]
R3 bbcap;bbcap; C:\Windows\system32\DRIVERS\bbcap.sys [2010-05-28 4096]
R3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys [2008-01-21 14600]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2008-03-06 38920]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-01-08 33096]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys [2008-01-21 26248]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-07-10 11008040]
R3 PAC7302;PAC7302 VGA USB Camera; C:\Windows\system32\DRIVERS\PAC7302.SYS [2007-06-14 457856]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-07-22 123904]
R3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-08-09 29696]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys [2008-01-21 29960]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2008-01-24 19336]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2008-01-24 48904]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
S3 afjjk8vb;afjjk8vb; C:\Windows\system32\drivers\afjjk8vb.sys []
S3 amqhj150;amqhj150; C:\Windows\system32\drivers\amqhj150.sys []
S3 BlueletAudio;Bluetooth Audio Service; C:\Windows\system32\DRIVERS\blueletaudio.sys [2008-03-06 33800]
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys [2008-03-06 27528]
S3 BTCOM;Bluetooth Serial port driver; C:\Windows\system32\DRIVERS\btcomport.sys []
S3 BTCOMBUS;Bluetooth Serial Port Bus Service; C:\Windows\System32\Drivers\btcombus.sys []
S3 BthAudioHF;BthAudioHF Service; C:\Windows\system32\DRIVERS\BthAudioHF.sys [2010-02-05 48024]
S3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2010-02-05 28048]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BTHidEnum;Bluetooth HID Enumerator; C:\Windows\system32\DRIVERS\vbtenum.sys [2005-04-30 11860]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\Windows\System32\Drivers\btnetBus.sys [2008-12-07 30088]
S3 BTNetFilter;Bluetooth Network Filter; \??\C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys [2006-11-22 22416]
S3 csr_a2dp;Bluetooth AV Profile; C:\Windows\system32\drivers\bthav.sys [2010-02-05 66952]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-19 8192]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-11 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys [2008-01-21 14856]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2008-01-24 28168]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\Windows\system32\drivers\WmHidLo.sys [2008-01-24 29192]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2008-01-24 14728]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Professional.10.0;ABBYY FineReader 10 PE Licensing Service; C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [2009-12-10 814344]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [2008-07-09 775168]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-07-27 345376]
R2 BsMobileCS;BsMobileCS; C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe [2008-06-04 143467]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-11-16 735960]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [2007-12-17 143872]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [2007-01-11 113664]
R2 nlsvc;NetLimiter; C:\Program Files\NetLimiter 2 Pro\nlsvc.exe [2007-03-21 516096]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 129640]
R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\system32\PSIService.exe [2007-06-05 177704]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-07-09 248936]
R2 TuneUp.ProgramStatisticsSvc;@%SystemRoot%\System32\TUProgSt.exe,-1; C:\Windows\System32\TUProgSt.exe [2010-03-11 603904]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 BsHelpCS;BsHelpCS; C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe [2008-06-04 69735]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-07 135664]
S2 HFGService;Handsfree Headset Service; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-11-16 20680]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-09-01 820008]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-08-20 407336]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2010-03-11 360192]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]

-----------------EOF-----------------

Log vypada cisty

OK dakujem za kontroly. Treba este nieco spravit ??

Pokud nejsou problemy a ani dotazy, je to z me strany vse

Nemate zac, rad jsem pomohl