Prosím o kontrolu
Napsal: 06 bře 2011 00:24
Logfile of random's system information tool 1.08 (written by random/random)
Run by Met at 2011-03-06 00:17:27
Microsoft® Windows Vista™ Ultimate
System drive C: has 4 GB (11%) free of 38 GB
Total RAM: 2047 MB (38% free)
======Scheduled tasks folder======
C:\Windows\tasks\1-Click Maintenance.job
C:\Windows\tasks\Epson Printer Software Downloader.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Norton Security Scan for Met.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2006-12-25 701952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}]
mwsBar BHO - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL [2007-12-04 405588]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25B8D58C-B0CB-46b0-BA64-05B3804E4E86}]
Media Access Startup
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86}]
NP Helper Class
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CDBFB47B-58A8-4111-BF95-06178DCE326D}]
System Search Dispatcher
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D187A56B-A33F-4CBE-9D77-459FC0BAE012}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-15 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{07B18EA9-A523-4961-B6BB-170DE4475CCA} - My Web Search - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL [2007-12-04 405588]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-06-02 1018616]
{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}
{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-09-25 1006264]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-10-01 4702208]
"Arovax AntiSpyware"=C:\Program Files\Arovax AntiSpyware\arovaxantispyware.exe [2006-09-22 1847296]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2008-02-02 949376]
"snpstd"=C:\Windows\vsnpstd.exe [2005-10-11 339968]
"EEventManager"=C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe [2009-01-12 669520]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2010-03-15 149280]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Net Agent"=C:\Program Files\DAEMON Tools Net\DTAgent.exe [2010-07-29 431424]
"OscarEditor"=C:\Program Files\Anti-Vibrate Oscar Editor\OscarEditor.exe [2009-12-22 2647040]
"Octoshape Streaming Services"=C:\Users\Met\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [2009-01-08 70936]
"ICQ"=C:\Program Files\ICQ7.2\ICQ.exe [2011-01-05 133432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\system32\wpdshserviceobj.dll [2006-11-02 131072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"DisableCurrentUserRun"=1
"NoToolbarCustomize"=0
"NoBandCustomize"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2011-03-06 00:09:22 ----A---- C:\RootkitReveal.txt
2011-03-06 00:02:19 ----D---- C:\rsit
2011-03-06 00:02:19 ----D---- C:\Program Files\trend micro
2011-03-05 23:46:30 ----D---- C:\Program Files\CCleaner
2011-02-26 21:49:50 ----RHD---- C:\AHCache
2011-02-24 22:57:43 ----D---- C:\CrystalMark00704339
======List of files/folders modified in the last 1 months======
2011-03-06 00:17:32 ----D---- C:\Windows\Temp
2011-03-06 00:02:19 ----RD---- C:\Program Files
2011-03-06 00:00:06 ----D---- C:\Windows\System32
2011-03-05 23:58:44 ----D---- C:\Windows\system32\drivers
2011-03-05 23:51:27 ----D---- C:\Windows\Debug
2011-03-05 23:51:27 ----D---- C:\Windows
2011-03-05 23:31:11 ----D---- C:\Program Files\Garena1
2011-03-05 22:30:00 ----D---- C:\Program Files\Warcraft III
2011-03-05 22:08:13 ----D---- C:\Windows\Prefetch
2011-03-05 22:05:49 ----D---- C:\Windows\system32\Tasks
2011-03-04 21:35:10 ----SHD---- C:\System Volume Information
2011-03-04 18:28:35 ----D---- C:\Users\Met\AppData\Roaming\ICQ
2011-03-04 16:02:12 ----SHD---- C:\Windows\Installer
2011-03-04 16:02:12 ----SHD---- C:\Config.Msi
2011-03-04 16:02:12 ----RSD---- C:\Windows\assembly
2011-03-04 16:02:11 ----D---- C:\Program Files\MSBuild
2011-03-04 10:47:43 ----D---- C:\ProgramData\Microsoft Help
2011-02-28 22:48:03 ----D---- C:\Users\Met\AppData\Roaming\uTorrent
2011-02-25 07:36:30 ----D---- C:\Windows\system32\catroot2
2011-02-24 23:19:28 ----D---- C:\Windows\Minidump
2011-02-24 23:18:25 ----SD---- C:\Windows\Downloaded Program Files
2011-02-24 20:40:19 ----D---- C:\Users\Met\AppData\Roaming\Skype
2011-02-24 20:40:08 ----D---- C:\Users\Met\AppData\Roaming\skypePM
2011-02-22 18:38:19 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-02-09 06:48:42 ----A---- C:\Windows\system32\mrt.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 fvevol;BitLocker Drive Encryption Filter Driver; C:\Windows\System32\DRIVERS\fvevol.sys [2006-11-02 121960]
R0 Pnp680r;Silicon Image SiI 0680 Medley Raid Controller; C:\Windows\system32\DRIVERS\pnp680r.sys [2007-07-19 110120]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\Windows\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-08-07 445936]
R1 nod32drv;nod32drv; C:\Windows\system32\drivers\nod32drv.sys [2008-02-02 15424]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2009-03-15 56268]
R2 AMON;AMON; C:\Windows\system32\drivers\amon.sys [2008-02-02 512096]
R3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena1\safedrv.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-10-02 1967576]
R3 Moufiltr;Mouse Test Driver; C:\Windows\system32\DRIVERS\Moufiltr.sys [2005-08-06 9661]
R3 MouseCap;MouseCapture Driver; C:\Windows\System32\Drivers\MouseCap.sys [2005-08-08 6640]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-09-11 7623968]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]
S0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2005-08-10 50688]
S0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2005-11-03 63488]
S3 a3ho4lwg;a3ho4lwg; C:\Windows\system32\drivers\a3ho4lwg.sys []
S3 ahuc9026;ahuc9026; C:\Windows\system32\drivers\ahuc9026.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 GarenaPEngine;GarenaPEngine; \??\C:\Users\Met\AppData\Local\Temp\RHI9EB4.tmp []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2007-12-15 17480]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\nmwcd.sys [2007-06-28 137216]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\nmwcdc.sys [2007-06-28 8320]
S3 nmwcdcj;Nokia USB Port; C:\Windows\system32\drivers\nmwcdcj.sys [2007-06-28 12288]
S3 nmwcdcm;Nokia USB Modem; C:\Windows\system32\drivers\nmwcdcm.sys [2007-06-28 12288]
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2007-11-06 34064]
S3 s116bus;Sony Ericsson Device 116 driver (WDM); C:\Windows\system32\DRIVERS\s116bus.sys [2007-04-03 83336]
S3 s116mdfl;Sony Ericsson Device 116 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s116mdfl.sys [2007-04-03 15112]
S3 s116mdm;Sony Ericsson Device 116 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s116mdm.sys [2007-04-03 108680]
S3 s116mgmt;Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s116mgmt.sys [2007-04-03 100488]
S3 s116nd5;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS); C:\Windows\system32\DRIVERS\s116nd5.sys [2007-04-03 23176]
S3 s116obex;Sony Ericsson Device 116 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s116obex.sys [2007-04-03 98696]
S3 s116unic;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM); C:\Windows\system32\DRIVERS\s116unic.sys [2007-04-03 99080]
S3 s616bus;Sony Ericsson Device 616 driver (WDM); C:\Windows\system32\DRIVERS\s616bus.sys [2007-04-03 83208]
S3 s616mdfl;Sony Ericsson Device 616 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s616mdfl.sys [2007-04-03 15112]
S3 s616mdm;Sony Ericsson Device 616 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s616mdm.sys [2007-04-03 108680]
S3 s616mgmt;Sony Ericsson Device 616 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s616mgmt.sys [2007-04-03 100360]
S3 s616nd5;Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (NDIS); C:\Windows\system32\DRIVERS\s616nd5.sys [2007-04-03 23176]
S3 s616obex;Sony Ericsson Device 616 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s616obex.sys [2007-04-03 98568]
S3 s616unic;Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (WDM); C:\Windows\system32\DRIVERS\s616unic.sys [2007-04-03 99080]
S3 snpstd;Trust Webcam 14823; C:\Windows\system32\DRIVERS\snpstd.sys [2006-05-03 390784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2006-11-02 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2008-02-02 587096]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 MyWebSearchService;My Web Search Service; C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe [2007-12-04 28728]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2008-02-02 552064]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-11-20 75136]
R2 StarWindServiceAE;StarWind AE Service; E:\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2006-11-02 22016]
S2 DTNetService;DTNetService; C:\Program Files\DAEMON Tools Net\DTNetSrv.exe [2010-07-29 394560]
S2 gupdate1c9f4d3d777fa44;Služba Google Update (gupdate1c9f4d3d777fa44); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-24 133104]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NPWYJWLICSYG;NPWYJWLICSYG; C:\Users\Met\AppData\Local\Temp\NPWYJWLICSYG.exe [2011-03-05 359296]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792]
S3 YLKZAY;YLKZAY; C:\Users\Met\AppData\Local\Temp\YLKZAY.exe [2011-03-05 584576]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []
-----------------EOF-----------------
Run by Met at 2011-03-06 00:17:27
Microsoft® Windows Vista™ Ultimate
System drive C: has 4 GB (11%) free of 38 GB
Total RAM: 2047 MB (38% free)
======Scheduled tasks folder======
C:\Windows\tasks\1-Click Maintenance.job
C:\Windows\tasks\Epson Printer Software Downloader.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Norton Security Scan for Met.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2006-12-25 701952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}]
mwsBar BHO - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL [2007-12-04 405588]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25B8D58C-B0CB-46b0-BA64-05B3804E4E86}]
Media Access Startup
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86}]
NP Helper Class
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CDBFB47B-58A8-4111-BF95-06178DCE326D}]
System Search Dispatcher
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D187A56B-A33F-4CBE-9D77-459FC0BAE012}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-15 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{07B18EA9-A523-4961-B6BB-170DE4475CCA} - My Web Search - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL [2007-12-04 405588]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-06-02 1018616]
{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}
{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-09-25 1006264]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-10-01 4702208]
"Arovax AntiSpyware"=C:\Program Files\Arovax AntiSpyware\arovaxantispyware.exe [2006-09-22 1847296]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2008-02-02 949376]
"snpstd"=C:\Windows\vsnpstd.exe [2005-10-11 339968]
"EEventManager"=C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe [2009-01-12 669520]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2010-03-15 149280]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Net Agent"=C:\Program Files\DAEMON Tools Net\DTAgent.exe [2010-07-29 431424]
"OscarEditor"=C:\Program Files\Anti-Vibrate Oscar Editor\OscarEditor.exe [2009-12-22 2647040]
"Octoshape Streaming Services"=C:\Users\Met\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [2009-01-08 70936]
"ICQ"=C:\Program Files\ICQ7.2\ICQ.exe [2011-01-05 133432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\system32\wpdshserviceobj.dll [2006-11-02 131072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"DisableCurrentUserRun"=1
"NoToolbarCustomize"=0
"NoBandCustomize"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2011-03-06 00:09:22 ----A---- C:\RootkitReveal.txt
2011-03-06 00:02:19 ----D---- C:\rsit
2011-03-06 00:02:19 ----D---- C:\Program Files\trend micro
2011-03-05 23:46:30 ----D---- C:\Program Files\CCleaner
2011-02-26 21:49:50 ----RHD---- C:\AHCache
2011-02-24 22:57:43 ----D---- C:\CrystalMark00704339
======List of files/folders modified in the last 1 months======
2011-03-06 00:17:32 ----D---- C:\Windows\Temp
2011-03-06 00:02:19 ----RD---- C:\Program Files
2011-03-06 00:00:06 ----D---- C:\Windows\System32
2011-03-05 23:58:44 ----D---- C:\Windows\system32\drivers
2011-03-05 23:51:27 ----D---- C:\Windows\Debug
2011-03-05 23:51:27 ----D---- C:\Windows
2011-03-05 23:31:11 ----D---- C:\Program Files\Garena1
2011-03-05 22:30:00 ----D---- C:\Program Files\Warcraft III
2011-03-05 22:08:13 ----D---- C:\Windows\Prefetch
2011-03-05 22:05:49 ----D---- C:\Windows\system32\Tasks
2011-03-04 21:35:10 ----SHD---- C:\System Volume Information
2011-03-04 18:28:35 ----D---- C:\Users\Met\AppData\Roaming\ICQ
2011-03-04 16:02:12 ----SHD---- C:\Windows\Installer
2011-03-04 16:02:12 ----SHD---- C:\Config.Msi
2011-03-04 16:02:12 ----RSD---- C:\Windows\assembly
2011-03-04 16:02:11 ----D---- C:\Program Files\MSBuild
2011-03-04 10:47:43 ----D---- C:\ProgramData\Microsoft Help
2011-02-28 22:48:03 ----D---- C:\Users\Met\AppData\Roaming\uTorrent
2011-02-25 07:36:30 ----D---- C:\Windows\system32\catroot2
2011-02-24 23:19:28 ----D---- C:\Windows\Minidump
2011-02-24 23:18:25 ----SD---- C:\Windows\Downloaded Program Files
2011-02-24 20:40:19 ----D---- C:\Users\Met\AppData\Roaming\Skype
2011-02-24 20:40:08 ----D---- C:\Users\Met\AppData\Roaming\skypePM
2011-02-22 18:38:19 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-02-09 06:48:42 ----A---- C:\Windows\system32\mrt.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 fvevol;BitLocker Drive Encryption Filter Driver; C:\Windows\System32\DRIVERS\fvevol.sys [2006-11-02 121960]
R0 Pnp680r;Silicon Image SiI 0680 Medley Raid Controller; C:\Windows\system32\DRIVERS\pnp680r.sys [2007-07-19 110120]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\Windows\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-08-07 445936]
R1 nod32drv;nod32drv; C:\Windows\system32\drivers\nod32drv.sys [2008-02-02 15424]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2009-03-15 56268]
R2 AMON;AMON; C:\Windows\system32\drivers\amon.sys [2008-02-02 512096]
R3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena1\safedrv.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-10-02 1967576]
R3 Moufiltr;Mouse Test Driver; C:\Windows\system32\DRIVERS\Moufiltr.sys [2005-08-06 9661]
R3 MouseCap;MouseCapture Driver; C:\Windows\System32\Drivers\MouseCap.sys [2005-08-08 6640]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-09-11 7623968]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]
S0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2005-08-10 50688]
S0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2005-11-03 63488]
S3 a3ho4lwg;a3ho4lwg; C:\Windows\system32\drivers\a3ho4lwg.sys []
S3 ahuc9026;ahuc9026; C:\Windows\system32\drivers\ahuc9026.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 GarenaPEngine;GarenaPEngine; \??\C:\Users\Met\AppData\Local\Temp\RHI9EB4.tmp []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2007-12-15 17480]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\nmwcd.sys [2007-06-28 137216]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\nmwcdc.sys [2007-06-28 8320]
S3 nmwcdcj;Nokia USB Port; C:\Windows\system32\drivers\nmwcdcj.sys [2007-06-28 12288]
S3 nmwcdcm;Nokia USB Modem; C:\Windows\system32\drivers\nmwcdcm.sys [2007-06-28 12288]
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2007-11-06 34064]
S3 s116bus;Sony Ericsson Device 116 driver (WDM); C:\Windows\system32\DRIVERS\s116bus.sys [2007-04-03 83336]
S3 s116mdfl;Sony Ericsson Device 116 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s116mdfl.sys [2007-04-03 15112]
S3 s116mdm;Sony Ericsson Device 116 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s116mdm.sys [2007-04-03 108680]
S3 s116mgmt;Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s116mgmt.sys [2007-04-03 100488]
S3 s116nd5;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS); C:\Windows\system32\DRIVERS\s116nd5.sys [2007-04-03 23176]
S3 s116obex;Sony Ericsson Device 116 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s116obex.sys [2007-04-03 98696]
S3 s116unic;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM); C:\Windows\system32\DRIVERS\s116unic.sys [2007-04-03 99080]
S3 s616bus;Sony Ericsson Device 616 driver (WDM); C:\Windows\system32\DRIVERS\s616bus.sys [2007-04-03 83208]
S3 s616mdfl;Sony Ericsson Device 616 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s616mdfl.sys [2007-04-03 15112]
S3 s616mdm;Sony Ericsson Device 616 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s616mdm.sys [2007-04-03 108680]
S3 s616mgmt;Sony Ericsson Device 616 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s616mgmt.sys [2007-04-03 100360]
S3 s616nd5;Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (NDIS); C:\Windows\system32\DRIVERS\s616nd5.sys [2007-04-03 23176]
S3 s616obex;Sony Ericsson Device 616 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s616obex.sys [2007-04-03 98568]
S3 s616unic;Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (WDM); C:\Windows\system32\DRIVERS\s616unic.sys [2007-04-03 99080]
S3 snpstd;Trust Webcam 14823; C:\Windows\system32\DRIVERS\snpstd.sys [2006-05-03 390784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2006-11-02 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2008-02-02 587096]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 MyWebSearchService;My Web Search Service; C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe [2007-12-04 28728]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2008-02-02 552064]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-11-20 75136]
R2 StarWindServiceAE;StarWind AE Service; E:\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2006-11-02 22016]
S2 DTNetService;DTNetService; C:\Program Files\DAEMON Tools Net\DTNetSrv.exe [2010-07-29 394560]
S2 gupdate1c9f4d3d777fa44;Služba Google Update (gupdate1c9f4d3d777fa44); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-24 133104]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NPWYJWLICSYG;NPWYJWLICSYG; C:\Users\Met\AppData\Local\Temp\NPWYJWLICSYG.exe [2011-03-05 359296]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792]
S3 YLKZAY;YLKZAY; C:\Users\Met\AppData\Local\Temp\YLKZAY.exe [2011-03-05 584576]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []
-----------------EOF-----------------
Stahnete HJT 
, pachate trestny cin a ten jako takovy nebude nasim forem podporovan. Uvedomte si, ze jste na bezpecnostnim foru - podpora warezu (zvlaste bezpecnostnich programu) by byla zcela proti logice fora 
