Facebook vír!!!
Napsal: 15 lis 2010 20:39
Vedel by mi niekto poradiť ako odstránim vír na facebooku? Stále mi posiela spamovú správu " hxxp://facebook-appz.com/pages/Pic038.jpg.exe " toto je odkaz...možno aj viacerí ste sa s tým už stretli! Prosím ak viete tak mi poraďte 
Bola by som veľmi vďačná
Edit Rudy: Z bezpečnostních důvodů znefunkčněn link na výše uvedený web.
Logfile of random's system information tool 1.08 (written by random/random)
Run by administrátor at 2010-11-15 20:48:42
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 1 GB (5%) free of 25 GB
Total RAM: 958 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:48:48, on 15. 11. 2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17091)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Ares\Ares.exe
C:\WINDOWS\nvsvc32.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\lsass.exe
D:\OpenOffice.org 3\program\soffice.exe
D:\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\svchost.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\4770256.exe
C:\Documents and Settings\administrátor\Data aplikací\Microsoft\sovoulooja.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\administrátor\Dokumenty\Preberanie\RSIT.exe
C:\Program Files\trend micro\administrátor.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://open-articles.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://search.centrum.cz/index.php?tool ... trum-1.0.0
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/?utm_source=tbr_centrum
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.centrum.cz/index.php?tool ... trum-1.0.0
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://browseusers.myspace.com/Browse/Browse.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\4.bin\MWSSRCAS.DLL (file missing)
R3 - URLSearchHook: (no name) - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O3 - Toolbar: Babylon - {965B54B0-71E0-4611-8DE7-F73FA0B20E26} - (no file)
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\4.bin\MWSBAR.DLL (file missing)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O3 - Toolbar: (no name) - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - (no file)
O3 - Toolbar: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
O4 - HKLM\..\Run: [Samsung Common SM] "C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" /autorun
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\4.bin\M3PLUGIN.DLL,UPF
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\4.bin\mwsoemon.exe
O4 - HKLM\..\Run: [Media Codec Update Service] C:\Program Files\Essentials Codec Pack\update.exe -silent
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\4.bin\m3SrchMn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NVIDIA driver monitor] C:\WINDOWS\nvsvc32.exe
O4 - HKLM\..\Run: [poocyfuh] C:\WINDOWS\system32\sovoulooja.exe
O4 - HKLM\..\Run: [Windows Firewall] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\lsass.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [NVIDIA driver monitor] C:\WINDOWS\nvsvc32.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [poocyfuh] C:\Documents and Settings\administrátor\Data aplikací\Microsoft\sovoulooja.exe
O4 - HKCU\..\Run: [MSConfig] C:\Documents and Settings\administrátor\ynbxr.exe \u
O4 - HKCU\..\Run: [Windows Firewall] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\lsass.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Startup: 03m0ndj.exe
O4 - Startup: 081whid.exe
O4 - Startup: 0brx66o.exe
O4 - Startup: 0pu86g8.exe
O4 - Startup: 0qqgw0x.exe
O4 - Startup: 1almhxy.exe
O4 - Startup: 1cnojza.exe
O4 - Startup: 1cyyt2v.exe
O4 - Startup: 1euva81.exe
O4 - Startup: 1grsnde.exe
O4 - Startup: 1m9i1ea.exe
O4 - Startup: 2noj081.exe
O4 - Startup: 3i0ekfl.exe
O4 - Startup: 60bw0dj.exe
O4 - Startup: 6q81cno.exe
O4 - Startup: 81cnojz.exe
O4 - Startup: 86w81it.exe
O4 - Startup: a5w1mny81e.exe
O4 - Startup: aqg0hxd66u.exe
O4 - Startup: aqrw81itup.exe
O4 - Startup: avwr03i1eu.exe
O4 - Startup: bb2nii6uu.exe
O4 - Startup: bxsty86k8.exe
O4 - Startup: c6s81epql.exe
O4 - Startup: cdi86u81gr.exe
O4 - Startup: cste81k3wx.exe
O4 - Startup: csty9ufq.exe
O4 - Startup: dj66a86m.exe
O4 - Startup: dozavb60d.exe
O4 - Startup: dtupfgbcx0.exe
O4 - Startup: fqbcxnojz.exe
O4 - Startup: gbrsndezav.exe
O4 - Startup: hdyze86q8.exe
O4 - Startup: hm81jefk.exe
O4 - Startup: hn60pv87.exe
O4 - Startup: hxd66kfbb2h.exe
O4 - Startup: j70qqgw1n7.exe
O4 - Startup: jufgbrsnd.exe
O4 - Startup: k0bw0dyz.exe
O4 - Startup: kvvwr08ty.exe
O4 - Startup: lmhxytup081.exe
O4 - Startup: mh081oza.exe
O4 - Startup: mmcdi86u.exe
O4 - Startup: nn2tup081wh.exe
O4 - Startup: ns86e81gwx.exe
O4 - Startup: ns88e3vlr2.exe
O4 - Startup: o3avlmhxyt.exe
O4 - Startup: o5k1abg81s.exe
O4 - Startup: oefk81whid.exe
O4 - Startup: oeu0vlr66i.exe
O4 - Startup: OpenOffice.org 3.2.lnk = D:\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: otjp60rxhd.exe
O4 - Startup: pfgbrsno.exe
O4 - Startup: pqlmh081.exe
O4 - Startup: pu81grsn.exe
O4 - Startup: pu81grsnde.exe
O4 - Startup: qbcxnojzav.exe
O4 - Startup: r0c6oo6aa.exe
O4 - Startup: rnddz2vq.exe
O4 - Startup: s81epg1wxc8.exe
O4 - Startup: sndezpql.exe
O4 - Startup: ufgbrsndez.exe
O4 - Startup: uka0brx6.exe
O4 - Startup: va81mxyt.exe
O4 - Startup: vl9cs0dozu0.exe
O4 - Startup: vv2bcx081ep.exe
O4 - Startup: vvlb5ii6j.exe
O4 - Startup: w1n703zv.exe
O4 - Startup: wrhidtup.exe
O4 - Startup: xytup08rwss.exe
O4 - Startup: zjfabg86s8.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://D:\KOVACOVA\Office12\EXCEL.EXE/3000
O9 - Extra button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm (file missing)
O9 - Extra 'Tools' menuitem: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm (file missing)
O9 - Extra button: Eurotran XP - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files\Eurotran XP\etnxp.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Eurotran XP\etnxp.dll
O9 - Extra 'Tools' menuitem: Eurotran XP... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Eurotran XP\etnxp.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Filter hijack: text/html - {574940E0-1B7A-4881-8FA3-1E809714B156} - C:\Documents and Settings\Kovácová\AppData\LocalLow\Microńoft\redir.dll
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: My Web Search Service (MyWebSearchService) - Unknown owner - C:\PROGRA~1\MYWEBS~1\bar\4.bin\mwssvc.exe (file missing)
O23 - Service: Winferno Subscription Service (neauu0xyeuxiik) - Unknown owner - C:\Documents and Settings\administrátor\Data aplikací\Microsoft\houwafouvy.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
--
End of file - 11094 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\BearShareNAG.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{965B54B0-71E0-4611-8DE7-F73FA0B20E26} -
{07B18EA9-A523-4961-B6BB-170DE4475CCA} - My Web Search - C:\Program Files\MyWebSearch\bar\4.bin\MWSBAR.DLL []
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{D5D47440-0750-463D-BAEF-A47D02414806}
{038cb5c7-48ea-4af9-94e0-a1646542e62b}
{30F9B915-B755-4826-820B-08FBA6BD249D}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Samsung Common SM"=C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe [2005-07-03 372736]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-03-26 16859136]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"MyWebSearch Plugin"=rundll32 C:\PROGRA~1\MYWEBS~1\bar\4.bin\M3PLUGIN.DLL,UPF []
"MyWebSearch Email Plugin"=C:\PROGRA~1\MYWEBS~1\bar\4.bin\mwsoemon.exe []
"Media Codec Update Service"=C:\Program Files\Essentials Codec Pack\update.exe -silent []
"My Web Search Bar Search Scope Monitor"=C:\PROGRA~1\MYWEBS~1\bar\4.bin\m3SrchMn.exe /m=2 /w /h []
"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe [2009-04-17 54576]
"Adobe Reader Speed Launcher"=D:\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]
"NVIDIA driver monitor"=C:\WINDOWS\nvsvc32.exe [2010-10-28 90112]
"poocyfuh"=C:\WINDOWS\system32\sovoulooja.exe []
"Windows Firewall"=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\lsass.exe [2010-11-15 57344]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2009-04-17 95536]
"NVIDIA driver monitor"=C:\WINDOWS\nvsvc32.exe [2010-10-28 90112]
"ares"=C:\Program Files\Ares\Ares.exe [2010-10-27 1015808]
"poocyfuh"=C:\Documents and Settings\administrátor\Data aplikací\Microsoft\sovoulooja.exe [2010-11-10 201216]
"MSConfig"=C:\Documents and Settings\administrátor\ynbxr.exe [2010-11-11 19456]
"Windows Firewall"=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\lsass.exe [2010-11-15 57344]
C:\Documents and Settings\administrátor\Nabídka Start\Programy\Po spuštění
03m0ndj.exe
081whid.exe
0brx66o.exe
0pu86g8.exe
0qqgw0x.exe
1almhxy.exe
1cnojza.exe
1cyyt2v.exe
1euva81.exe
1grsnde.exe
1m9i1ea.exe
2noj081.exe
3i0ekfl.exe
60bw0dj.exe
6q81cno.exe
81cnojz.exe
86w81it.exe
a5w1mny81e.exe
aqg0hxd66u.exe
aqrw81itup.exe
avwr03i1eu.exe
bb2nii6uu.exe
bxsty86k8.exe
c6s81epql.exe
cdi86u81gr.exe
cste81k3wx.exe
csty9ufq.exe
dj66a86m.exe
dozavb60d.exe
dtupfgbcx0.exe
fqbcxnojz.exe
gbrsndezav.exe
hdyze86q8.exe
hm81jefk.exe
hn60pv87.exe
hxd66kfbb2h.exe
j70qqgw1n7.exe
jufgbrsnd.exe
k0bw0dyz.exe
kvvwr08ty.exe
lmhxytup081.exe
mh081oza.exe
mmcdi86u.exe
nn2tup081wh.exe
ns86e81gwx.exe
ns88e3vlr2.exe
o3avlmhxyt.exe
o5k1abg81s.exe
oefk81whid.exe
oeu0vlr66i.exe
OpenOffice.org 3.2.lnk - D:\OpenOffice.org 3\program\quickstart.exe
otjp60rxhd.exe
pfgbrsno.exe
pqlmh081.exe
pu81grsn.exe
pu81grsnde.exe
qbcxnojzav.exe
r0c6oo6aa.exe
rnddz2vq.exe
s81epg1wxc8.exe
sndezpql.exe
ufgbrsndez.exe
uka0brx6.exe
va81mxyt.exe
vl9cs0dozu0.exe
vv2bcx081ep.exe
vvlb5ii6j.exe
w1n703zv.exe
wrhidtup.exe
xytup08rwss.exe
zjfabg86s8.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lttibqvb.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\lttibqvb.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Disabled:Ares p2p for windows"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Disabled:Průvodce přenesením souborů a nastavení"
"C:\Documents and Settings\KOVACOVA\Plocha\Ares.exe"="C:\Documents and Settings\KOVACOVA\Plocha\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\Documents and Settings\Kováčová\Plocha\Ares.exe"="C:\Documents and Settings\Kováčová\Plocha\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\Program Files\Opera\Opera.exe"="C:\Program Files\Opera\Opera.exe:*:Enabled:Opera Internet Browser"
"C:\Documents and Settings\henuska\Plocha\Ares.exe"="C:\Documents and Settings\henuska\Plocha\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
"C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"C:\Documents and Settings\liverpool fc\Plocha\CSv1.6v19_by_8andrej8\CSv1.6v19_by_8andrej8\Counter-Strike 1.6\cstrike.exe"="C:\Documents and Settings\liverpool fc\Plocha\CSv1.6v19_by_8andrej8\CSv1.6v19_by_8andrej8\Counter-Strike 1.6\cstrike.exe:*:Enabled:Counter-Strike Launcher"
"C:\Documents and Settings\Kovácová\Local Settings\Temp\~osF25.tmp\ossproxy.exe"="C:\Documents and Settings\Kovácová\Local Settings\Temp\~osF25.tmp\ossproxy.exe:*:Enabled:ossproxy.exe"
"C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\Documents and Settings\Kovácová\Local Settings\Temp\Nero Web\SetupXu.exe"="C:\Documents and Settings\Kovácová\Local Settings\Temp\Nero Web\SetupXu.exe:*:Enabled:Nero ProductSetup"
"c:\program files\relevantknowledge\rlvknlg.exe"="c:\program files\relevantknowledge\rlvknlg.exe:*:Enabled:rlvknlg.exe"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"
"C:\Program Files\IncrediMail\Bin\IncMail.exe"="C:\Program Files\IncrediMail\Bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\Bin\ImApp.exe"="C:\Program Files\IncrediMail\Bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\Bin\ImpCnt.exe"="C:\Program Files\IncrediMail\Bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Documents and Settings\Kovácová\Plocha\utorrent.exe"="C:\Documents and Settings\Kovácová\Plocha\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe"="C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh"
"C:\Documents and Settings\Kovácová\Plocha\SweetImSetup.exe"="C:\Documents and Settings\Kovácová\Plocha\SweetImSetup.exe:*:Enabled:SweetIM Installer"
"C:\Documents and Settings\administrátor\Dokumenty\Preberanie\P17535732.JPG-www.facebook.exe"="C:\WINDOWS\nvsvc32.exe:*:Enabled:NVIDIA driver monitor"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe"="C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
======List of files/folders created in the last 1 months======
2010-11-15 20:46:33 ----D---- C:\Program Files\trend micro
2010-11-15 20:46:32 ----D---- C:\rsit
2010-11-13 16:22:33 ----A---- C:\t6.exe
2010-11-13 12:41:42 ----D---- C:\Program Files\ICQ6Toolbar
2010-11-13 12:40:43 ----D---- C:\Program Files\ICQ7.2
2010-11-12 15:11:28 ----A---- C:\QuickTime1.exe
2010-11-11 19:56:43 ----A---- C:\winscxs.exe
2010-11-11 19:41:48 ----A---- C:\6164.exe
2010-11-11 15:47:46 ----A---- C:\21.exe
2010-11-11 14:40:16 ----A---- C:\WINDOWS\system32\drivers\lttibqvb.sys
2010-11-10 16:27:17 ----A---- C:\27.exe
2010-11-10 07:53:56 ----RSH---- C:\Documents and Settings\administrátor\Data aplikací\juzjf.exe
2010-11-10 07:53:42 ----A---- C:\jshd.exe
2010-11-09 16:22:17 ----A---- C:\2xhs.exe
2010-11-03 16:50:56 ----D---- C:\Program Files\Conduit
2010-11-03 16:50:53 ----D---- C:\Program Files\ConduitEngine
2010-11-03 16:50:50 ----D---- C:\Program Files\ToggleEN
2010-11-03 16:50:45 ----D---- C:\Program Files\Ares
2010-10-31 22:59:06 ----D---- C:\Documents and Settings\administrátor\Data aplikací\Media Player Classic
2010-10-31 22:50:31 ----A---- C:\WINDOWS\system32\unrar.dll
2010-10-29 11:12:10 ----D---- C:\Program Files\Wondershare
2010-10-29 10:50:03 ----D---- C:\Documents and Settings\administrátor\Data aplikací\GetRightToGo
2010-10-28 16:57:20 ----RSH---- C:\WINDOWS\nvsvc32.exe
2010-10-16 14:18:13 ----D---- C:\Documents and Settings\administrátor\Data aplikací\FudaTech
======List of files/folders modified in the last 1 months======
2010-11-15 20:47:29 ----AD---- C:\WINDOWS\Temp
2010-11-15 20:46:33 ----RD---- C:\Program Files
2010-11-15 20:31:44 ----D---- C:\WINDOWS\system32
2010-11-15 18:28:38 ----D---- C:\Program Files\Mozilla Firefox
2010-11-15 15:30:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-11-15 15:29:34 ----SD---- C:\Documents and Settings\administrátor\Data aplikací\Microsoft
2010-11-15 14:37:46 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-11-15 07:27:42 ----RSHD---- C:\RECYCLER
2010-11-15 07:26:25 ----D---- C:\WINDOWS
2010-11-14 20:50:37 ----HD---- C:\WINDOWS\inf
2010-11-14 20:50:32 ----RSD---- C:\WINDOWS\assembly
2010-11-14 20:50:18 ----D---- C:\WINDOWS\system32\CatRoot2
2010-11-14 20:50:02 ----D---- C:\WINDOWS\system32\DirectX
2010-11-14 20:49:55 ----SHD---- C:\WINDOWS\Installer
2010-11-13 12:51:08 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-11-13 12:41:33 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-13 12:41:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2010-11-13 12:06:37 ----D---- C:\Documents and Settings\administrátor\Data aplikací\ICQ
2010-11-12 11:13:02 ----D---- C:\WINDOWS\Prefetch
2010-11-11 14:40:16 ----D---- C:\WINDOWS\system32\drivers
2010-11-01 09:09:05 ----D---- C:\Program Files\DivX
2010-10-31 20:23:04 ----SHD---- C:\Config.Msi
2010-10-31 20:23:03 ----D---- C:\WINDOWS\WinSxS
2010-10-29 11:12:16 ----RSD---- C:\WINDOWS\Fonts
2010-10-21 16:48:02 ----D---- C:\Omega
2010-10-20 20:51:21 ----D---- C:\Program Files\EA SPORTS
2010-10-17 19:45:23 ----A---- C:\WINDOWS\iun6002.exe
2010-10-16 18:41:13 ----D---- C:\Program Files\totalcmd
2010-10-16 18:39:16 ----D---- C:\Documents and Settings\administrátor\Data aplikací\Samsung
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 lttibqvb;lttibqvb; C:\WINDOWS\System32\Drivers\lttibqvb.sys [2010-11-11 40128]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-11-20 43872]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 36864]
R1 FileDisk;FileDisk; C:\WINDOWS\system32\drivers\FileDisk.sys [2005-10-16 12928]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 DgiVecp;Team MFP Comm Driver; C:\WINDOWS\System32\Drivers\DgiVecp.sys [2005-03-14 41984]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-03-26 4713472]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2007-11-20 104320]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-01-02 47360]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Port II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-28 135664]
S2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
S2 MyWebSearchService;My Web Search Service; C:\PROGRA~1\MYWEBS~1\bar\4.bin\mwssvc.exe []
S2 neauu0xyeuxiik;Winferno Subscription Service; C:\Documents and Settings\administrátor\Data aplikací\Microsoft\houwafouvy.exe [2010-11-10 201216]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-11 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Bola by som veľmi vďačná Edit Rudy: Z bezpečnostních důvodů znefunkčněn link na výše uvedený web.
Logfile of random's system information tool 1.08 (written by random/random)
Run by administrátor at 2010-11-15 20:48:42
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 1 GB (5%) free of 25 GB
Total RAM: 958 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:48:48, on 15. 11. 2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17091)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Ares\Ares.exe
C:\WINDOWS\nvsvc32.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\lsass.exe
D:\OpenOffice.org 3\program\soffice.exe
D:\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\svchost.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\4770256.exe
C:\Documents and Settings\administrátor\Data aplikací\Microsoft\sovoulooja.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\administrátor\Dokumenty\Preberanie\RSIT.exe
C:\Program Files\trend micro\administrátor.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://open-articles.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://search.centrum.cz/index.php?tool ... trum-1.0.0
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/?utm_source=tbr_centrum
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.centrum.cz/index.php?tool ... trum-1.0.0
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://browseusers.myspace.com/Browse/Browse.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\4.bin\MWSSRCAS.DLL (file missing)
R3 - URLSearchHook: (no name) - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O3 - Toolbar: Babylon - {965B54B0-71E0-4611-8DE7-F73FA0B20E26} - (no file)
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\4.bin\MWSBAR.DLL (file missing)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O3 - Toolbar: (no name) - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - (no file)
O3 - Toolbar: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
O4 - HKLM\..\Run: [Samsung Common SM] "C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" /autorun
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\4.bin\M3PLUGIN.DLL,UPF
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\4.bin\mwsoemon.exe
O4 - HKLM\..\Run: [Media Codec Update Service] C:\Program Files\Essentials Codec Pack\update.exe -silent
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\4.bin\m3SrchMn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NVIDIA driver monitor] C:\WINDOWS\nvsvc32.exe
O4 - HKLM\..\Run: [poocyfuh] C:\WINDOWS\system32\sovoulooja.exe
O4 - HKLM\..\Run: [Windows Firewall] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\lsass.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [NVIDIA driver monitor] C:\WINDOWS\nvsvc32.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [poocyfuh] C:\Documents and Settings\administrátor\Data aplikací\Microsoft\sovoulooja.exe
O4 - HKCU\..\Run: [MSConfig] C:\Documents and Settings\administrátor\ynbxr.exe \u
O4 - HKCU\..\Run: [Windows Firewall] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\lsass.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Startup: 03m0ndj.exe
O4 - Startup: 081whid.exe
O4 - Startup: 0brx66o.exe
O4 - Startup: 0pu86g8.exe
O4 - Startup: 0qqgw0x.exe
O4 - Startup: 1almhxy.exe
O4 - Startup: 1cnojza.exe
O4 - Startup: 1cyyt2v.exe
O4 - Startup: 1euva81.exe
O4 - Startup: 1grsnde.exe
O4 - Startup: 1m9i1ea.exe
O4 - Startup: 2noj081.exe
O4 - Startup: 3i0ekfl.exe
O4 - Startup: 60bw0dj.exe
O4 - Startup: 6q81cno.exe
O4 - Startup: 81cnojz.exe
O4 - Startup: 86w81it.exe
O4 - Startup: a5w1mny81e.exe
O4 - Startup: aqg0hxd66u.exe
O4 - Startup: aqrw81itup.exe
O4 - Startup: avwr03i1eu.exe
O4 - Startup: bb2nii6uu.exe
O4 - Startup: bxsty86k8.exe
O4 - Startup: c6s81epql.exe
O4 - Startup: cdi86u81gr.exe
O4 - Startup: cste81k3wx.exe
O4 - Startup: csty9ufq.exe
O4 - Startup: dj66a86m.exe
O4 - Startup: dozavb60d.exe
O4 - Startup: dtupfgbcx0.exe
O4 - Startup: fqbcxnojz.exe
O4 - Startup: gbrsndezav.exe
O4 - Startup: hdyze86q8.exe
O4 - Startup: hm81jefk.exe
O4 - Startup: hn60pv87.exe
O4 - Startup: hxd66kfbb2h.exe
O4 - Startup: j70qqgw1n7.exe
O4 - Startup: jufgbrsnd.exe
O4 - Startup: k0bw0dyz.exe
O4 - Startup: kvvwr08ty.exe
O4 - Startup: lmhxytup081.exe
O4 - Startup: mh081oza.exe
O4 - Startup: mmcdi86u.exe
O4 - Startup: nn2tup081wh.exe
O4 - Startup: ns86e81gwx.exe
O4 - Startup: ns88e3vlr2.exe
O4 - Startup: o3avlmhxyt.exe
O4 - Startup: o5k1abg81s.exe
O4 - Startup: oefk81whid.exe
O4 - Startup: oeu0vlr66i.exe
O4 - Startup: OpenOffice.org 3.2.lnk = D:\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: otjp60rxhd.exe
O4 - Startup: pfgbrsno.exe
O4 - Startup: pqlmh081.exe
O4 - Startup: pu81grsn.exe
O4 - Startup: pu81grsnde.exe
O4 - Startup: qbcxnojzav.exe
O4 - Startup: r0c6oo6aa.exe
O4 - Startup: rnddz2vq.exe
O4 - Startup: s81epg1wxc8.exe
O4 - Startup: sndezpql.exe
O4 - Startup: ufgbrsndez.exe
O4 - Startup: uka0brx6.exe
O4 - Startup: va81mxyt.exe
O4 - Startup: vl9cs0dozu0.exe
O4 - Startup: vv2bcx081ep.exe
O4 - Startup: vvlb5ii6j.exe
O4 - Startup: w1n703zv.exe
O4 - Startup: wrhidtup.exe
O4 - Startup: xytup08rwss.exe
O4 - Startup: zjfabg86s8.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://D:\KOVACOVA\Office12\EXCEL.EXE/3000
O9 - Extra button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm (file missing)
O9 - Extra 'Tools' menuitem: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm (file missing)
O9 - Extra button: Eurotran XP - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files\Eurotran XP\etnxp.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Eurotran XP\etnxp.dll
O9 - Extra 'Tools' menuitem: Eurotran XP... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Eurotran XP\etnxp.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Filter hijack: text/html - {574940E0-1B7A-4881-8FA3-1E809714B156} - C:\Documents and Settings\Kovácová\AppData\LocalLow\Microńoft\redir.dll
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: My Web Search Service (MyWebSearchService) - Unknown owner - C:\PROGRA~1\MYWEBS~1\bar\4.bin\mwssvc.exe (file missing)
O23 - Service: Winferno Subscription Service (neauu0xyeuxiik) - Unknown owner - C:\Documents and Settings\administrátor\Data aplikací\Microsoft\houwafouvy.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
--
End of file - 11094 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\BearShareNAG.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{965B54B0-71E0-4611-8DE7-F73FA0B20E26} -
{07B18EA9-A523-4961-B6BB-170DE4475CCA} - My Web Search - C:\Program Files\MyWebSearch\bar\4.bin\MWSBAR.DLL []
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{D5D47440-0750-463D-BAEF-A47D02414806}
{038cb5c7-48ea-4af9-94e0-a1646542e62b}
{30F9B915-B755-4826-820B-08FBA6BD249D}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Samsung Common SM"=C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe [2005-07-03 372736]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-03-26 16859136]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"MyWebSearch Plugin"=rundll32 C:\PROGRA~1\MYWEBS~1\bar\4.bin\M3PLUGIN.DLL,UPF []
"MyWebSearch Email Plugin"=C:\PROGRA~1\MYWEBS~1\bar\4.bin\mwsoemon.exe []
"Media Codec Update Service"=C:\Program Files\Essentials Codec Pack\update.exe -silent []
"My Web Search Bar Search Scope Monitor"=C:\PROGRA~1\MYWEBS~1\bar\4.bin\m3SrchMn.exe /m=2 /w /h []
"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe [2009-04-17 54576]
"Adobe Reader Speed Launcher"=D:\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]
"NVIDIA driver monitor"=C:\WINDOWS\nvsvc32.exe [2010-10-28 90112]
"poocyfuh"=C:\WINDOWS\system32\sovoulooja.exe []
"Windows Firewall"=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\lsass.exe [2010-11-15 57344]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2009-04-17 95536]
"NVIDIA driver monitor"=C:\WINDOWS\nvsvc32.exe [2010-10-28 90112]
"ares"=C:\Program Files\Ares\Ares.exe [2010-10-27 1015808]
"poocyfuh"=C:\Documents and Settings\administrátor\Data aplikací\Microsoft\sovoulooja.exe [2010-11-10 201216]
"MSConfig"=C:\Documents and Settings\administrátor\ynbxr.exe [2010-11-11 19456]
"Windows Firewall"=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\lsass.exe [2010-11-15 57344]
C:\Documents and Settings\administrátor\Nabídka Start\Programy\Po spuštění
03m0ndj.exe
081whid.exe
0brx66o.exe
0pu86g8.exe
0qqgw0x.exe
1almhxy.exe
1cnojza.exe
1cyyt2v.exe
1euva81.exe
1grsnde.exe
1m9i1ea.exe
2noj081.exe
3i0ekfl.exe
60bw0dj.exe
6q81cno.exe
81cnojz.exe
86w81it.exe
a5w1mny81e.exe
aqg0hxd66u.exe
aqrw81itup.exe
avwr03i1eu.exe
bb2nii6uu.exe
bxsty86k8.exe
c6s81epql.exe
cdi86u81gr.exe
cste81k3wx.exe
csty9ufq.exe
dj66a86m.exe
dozavb60d.exe
dtupfgbcx0.exe
fqbcxnojz.exe
gbrsndezav.exe
hdyze86q8.exe
hm81jefk.exe
hn60pv87.exe
hxd66kfbb2h.exe
j70qqgw1n7.exe
jufgbrsnd.exe
k0bw0dyz.exe
kvvwr08ty.exe
lmhxytup081.exe
mh081oza.exe
mmcdi86u.exe
nn2tup081wh.exe
ns86e81gwx.exe
ns88e3vlr2.exe
o3avlmhxyt.exe
o5k1abg81s.exe
oefk81whid.exe
oeu0vlr66i.exe
OpenOffice.org 3.2.lnk - D:\OpenOffice.org 3\program\quickstart.exe
otjp60rxhd.exe
pfgbrsno.exe
pqlmh081.exe
pu81grsn.exe
pu81grsnde.exe
qbcxnojzav.exe
r0c6oo6aa.exe
rnddz2vq.exe
s81epg1wxc8.exe
sndezpql.exe
ufgbrsndez.exe
uka0brx6.exe
va81mxyt.exe
vl9cs0dozu0.exe
vv2bcx081ep.exe
vvlb5ii6j.exe
w1n703zv.exe
wrhidtup.exe
xytup08rwss.exe
zjfabg86s8.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lttibqvb.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\lttibqvb.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Disabled:Ares p2p for windows"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Disabled:Průvodce přenesením souborů a nastavení"
"C:\Documents and Settings\KOVACOVA\Plocha\Ares.exe"="C:\Documents and Settings\KOVACOVA\Plocha\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\Documents and Settings\Kováčová\Plocha\Ares.exe"="C:\Documents and Settings\Kováčová\Plocha\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\Program Files\Opera\Opera.exe"="C:\Program Files\Opera\Opera.exe:*:Enabled:Opera Internet Browser"
"C:\Documents and Settings\henuska\Plocha\Ares.exe"="C:\Documents and Settings\henuska\Plocha\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
"C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"C:\Documents and Settings\liverpool fc\Plocha\CSv1.6v19_by_8andrej8\CSv1.6v19_by_8andrej8\Counter-Strike 1.6\cstrike.exe"="C:\Documents and Settings\liverpool fc\Plocha\CSv1.6v19_by_8andrej8\CSv1.6v19_by_8andrej8\Counter-Strike 1.6\cstrike.exe:*:Enabled:Counter-Strike Launcher"
"C:\Documents and Settings\Kovácová\Local Settings\Temp\~osF25.tmp\ossproxy.exe"="C:\Documents and Settings\Kovácová\Local Settings\Temp\~osF25.tmp\ossproxy.exe:*:Enabled:ossproxy.exe"
"C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\Documents and Settings\Kovácová\Local Settings\Temp\Nero Web\SetupXu.exe"="C:\Documents and Settings\Kovácová\Local Settings\Temp\Nero Web\SetupXu.exe:*:Enabled:Nero ProductSetup"
"c:\program files\relevantknowledge\rlvknlg.exe"="c:\program files\relevantknowledge\rlvknlg.exe:*:Enabled:rlvknlg.exe"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"
"C:\Program Files\IncrediMail\Bin\IncMail.exe"="C:\Program Files\IncrediMail\Bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\Bin\ImApp.exe"="C:\Program Files\IncrediMail\Bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\Bin\ImpCnt.exe"="C:\Program Files\IncrediMail\Bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Documents and Settings\Kovácová\Plocha\utorrent.exe"="C:\Documents and Settings\Kovácová\Plocha\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe"="C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh"
"C:\Documents and Settings\Kovácová\Plocha\SweetImSetup.exe"="C:\Documents and Settings\Kovácová\Plocha\SweetImSetup.exe:*:Enabled:SweetIM Installer"
"C:\Documents and Settings\administrátor\Dokumenty\Preberanie\P17535732.JPG-www.facebook.exe"="C:\WINDOWS\nvsvc32.exe:*:Enabled:NVIDIA driver monitor"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe"="C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
======List of files/folders created in the last 1 months======
2010-11-15 20:46:33 ----D---- C:\Program Files\trend micro
2010-11-15 20:46:32 ----D---- C:\rsit
2010-11-13 16:22:33 ----A---- C:\t6.exe
2010-11-13 12:41:42 ----D---- C:\Program Files\ICQ6Toolbar
2010-11-13 12:40:43 ----D---- C:\Program Files\ICQ7.2
2010-11-12 15:11:28 ----A---- C:\QuickTime1.exe
2010-11-11 19:56:43 ----A---- C:\winscxs.exe
2010-11-11 19:41:48 ----A---- C:\6164.exe
2010-11-11 15:47:46 ----A---- C:\21.exe
2010-11-11 14:40:16 ----A---- C:\WINDOWS\system32\drivers\lttibqvb.sys
2010-11-10 16:27:17 ----A---- C:\27.exe
2010-11-10 07:53:56 ----RSH---- C:\Documents and Settings\administrátor\Data aplikací\juzjf.exe
2010-11-10 07:53:42 ----A---- C:\jshd.exe
2010-11-09 16:22:17 ----A---- C:\2xhs.exe
2010-11-03 16:50:56 ----D---- C:\Program Files\Conduit
2010-11-03 16:50:53 ----D---- C:\Program Files\ConduitEngine
2010-11-03 16:50:50 ----D---- C:\Program Files\ToggleEN
2010-11-03 16:50:45 ----D---- C:\Program Files\Ares
2010-10-31 22:59:06 ----D---- C:\Documents and Settings\administrátor\Data aplikací\Media Player Classic
2010-10-31 22:50:31 ----A---- C:\WINDOWS\system32\unrar.dll
2010-10-29 11:12:10 ----D---- C:\Program Files\Wondershare
2010-10-29 10:50:03 ----D---- C:\Documents and Settings\administrátor\Data aplikací\GetRightToGo
2010-10-28 16:57:20 ----RSH---- C:\WINDOWS\nvsvc32.exe
2010-10-16 14:18:13 ----D---- C:\Documents and Settings\administrátor\Data aplikací\FudaTech
======List of files/folders modified in the last 1 months======
2010-11-15 20:47:29 ----AD---- C:\WINDOWS\Temp
2010-11-15 20:46:33 ----RD---- C:\Program Files
2010-11-15 20:31:44 ----D---- C:\WINDOWS\system32
2010-11-15 18:28:38 ----D---- C:\Program Files\Mozilla Firefox
2010-11-15 15:30:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-11-15 15:29:34 ----SD---- C:\Documents and Settings\administrátor\Data aplikací\Microsoft
2010-11-15 14:37:46 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-11-15 07:27:42 ----RSHD---- C:\RECYCLER
2010-11-15 07:26:25 ----D---- C:\WINDOWS
2010-11-14 20:50:37 ----HD---- C:\WINDOWS\inf
2010-11-14 20:50:32 ----RSD---- C:\WINDOWS\assembly
2010-11-14 20:50:18 ----D---- C:\WINDOWS\system32\CatRoot2
2010-11-14 20:50:02 ----D---- C:\WINDOWS\system32\DirectX
2010-11-14 20:49:55 ----SHD---- C:\WINDOWS\Installer
2010-11-13 12:51:08 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-11-13 12:41:33 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-13 12:41:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2010-11-13 12:06:37 ----D---- C:\Documents and Settings\administrátor\Data aplikací\ICQ
2010-11-12 11:13:02 ----D---- C:\WINDOWS\Prefetch
2010-11-11 14:40:16 ----D---- C:\WINDOWS\system32\drivers
2010-11-01 09:09:05 ----D---- C:\Program Files\DivX
2010-10-31 20:23:04 ----SHD---- C:\Config.Msi
2010-10-31 20:23:03 ----D---- C:\WINDOWS\WinSxS
2010-10-29 11:12:16 ----RSD---- C:\WINDOWS\Fonts
2010-10-21 16:48:02 ----D---- C:\Omega
2010-10-20 20:51:21 ----D---- C:\Program Files\EA SPORTS
2010-10-17 19:45:23 ----A---- C:\WINDOWS\iun6002.exe
2010-10-16 18:41:13 ----D---- C:\Program Files\totalcmd
2010-10-16 18:39:16 ----D---- C:\Documents and Settings\administrátor\Data aplikací\Samsung
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 lttibqvb;lttibqvb; C:\WINDOWS\System32\Drivers\lttibqvb.sys [2010-11-11 40128]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-11-20 43872]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 36864]
R1 FileDisk;FileDisk; C:\WINDOWS\system32\drivers\FileDisk.sys [2005-10-16 12928]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 DgiVecp;Team MFP Comm Driver; C:\WINDOWS\System32\Drivers\DgiVecp.sys [2005-03-14 41984]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-03-26 4713472]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2007-11-20 104320]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-01-02 47360]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Port II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-28 135664]
S2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
S2 MyWebSearchService;My Web Search Service; C:\PROGRA~1\MYWEBS~1\bar\4.bin\mwssvc.exe []
S2 neauu0xyeuxiik;Winferno Subscription Service; C:\Documents and Settings\administrátor\Data aplikací\Microsoft\houwafouvy.exe [2010-11-10 201216]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-11 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Jelikoz nevime o Vasem PC nic a z kristalove koule se spatne vesti, navic je noc a tak neni nic videt 
Kliknete do meho podpisu na 
Pripadne jsem online na icq, kdyby byl nejaky problem...
Vy jste se dala na chov konicku trojskych 
