ževraj virus?

[Crosby.WX]

zdravim, dnes ked som šiel na fb tak mi tam vypsalo "Bohužial vas pocitac bol asi napadeny virem"
mam 3ročny notebook, pred 3 tyzdnami som dam reinstal windows xp sp3... nemam ani antivir, firewall vypnuty
dovod je že všetko mam na minimum kedže som taky zavodny hrač cs1.6

tu je log...

Logfile of random's system information tool 1.08 (written by random/random)
Run by Tajovsky at 2011-05-27 14:46:15
Microsoft Windows XP Professional Service Pack 3
System drive C: has 58 GB (75%) free of 76 GB
Total RAM: 447 MB (26% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:46:17, on 27. 5. 2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Atheros\ACU.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Tajovsky\Desktop\RSIT.exe
C:\Program Files\trend micro\Tajovsky.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [Wireless Console 2] "C:\Program Files\Wireless Console 2\wcourier.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: Antiwpa - antiwpa.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Atheros Configuration Service (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

--
End of file - 4515 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Game_Booster_Startup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-01-16 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ACU"=C:\Program Files\Atheros\ACU.exe [2007-10-23 376921]
"Wireless Console 2"=C:\Program Files\Wireless Console 2\wcourier.exe [2007-07-05 1040384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACMON]
C:\Program Files\ASUS\Splendid\ACMON.exe [2007-07-10 851968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcWzrd]
C:\WINDOWS\ALCWZRD.EXE [2006-05-04 2808832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
C:\WINDOWS\ASScrProlog.exe [2011-04-24 37232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Live Update]
C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-11-30 51768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKHOTKEY]
C:\Program Files\ATK Hotkey\Hcontrol.exe [2007-08-23 229376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ESL Wire]
C:\Program Files\EslWire\wire.exe [2011-05-16 2759680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.5\ICQ.exe silent loginmode=4 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2006-10-30 16269312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
C:\WINDOWS\SOUNDMAN.EXE [2006-07-21 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-05-25 786521]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2011-03-17 74752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Antiwpa]
C:\WINDOWS\system32\antiwpa.dll [2009-01-07 60416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-07-04 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Garena\Garena.exe"="C:\Program Files\Garena\Garena.exe:*:Enabled:Garena"
"C:\Program Files\EA Sports\NHL 09\nhl2009.exe"="C:\Program Files\EA Sports\NHL 09\nhl2009.exe:*:Enabled:nhl2009"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Valve\Steam\SteamApps\skill16\counter-strike\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\skill16\counter-strike\hl.exe:*:Enabled:Counter-Strike"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\Program Files\EslWire\wire.exe"="C:\Program Files\EslWire\wire.exe:*:Enabled:ESL Wire Client"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Valve\Steam\SteamApps\jokerbane\counter-strike\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\jokerbane\counter-strike\hl.exe:*:Enabled:Counter-Strike"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2011-05-27 14:42:56 ----D---- C:\Program Files\trend micro
2011-05-27 14:42:55 ----D---- C:\rsit
2011-05-27 14:35:56 ----D---- C:\WINDOWS\system32\appmgmt
2011-05-27 12:45:49 ----D---- C:\WINDOWS\Sun
2011-05-27 12:45:35 ----D---- C:\Documents and Settings\All Users\Application Data\Sun
2011-05-27 12:45:06 ----A---- C:\WINDOWS\system32\deployJava1.dll
2011-05-27 12:43:15 ----D---- C:\Documents and Settings\Tajovsky\Application Data\Sun
2011-05-26 18:59:08 ----A---- C:\WINDOWS\system32\drivers\ESLWireACD.sys
2011-05-26 18:58:58 ----D---- C:\Documents and Settings\All Users\Application Data\ESL Wire
2011-05-26 18:58:58 ----A---- C:\WINDOWS\system32\drivers\ESLvnic.sys
2011-05-26 18:58:57 ----D---- C:\Program Files\EslWire
2011-05-26 18:44:57 ----D---- C:\WINDOWS\system32\XPSViewer
2011-05-26 18:44:06 ----D---- C:\Program Files\Reference Assemblies
2011-05-26 18:43:54 ----N---- C:\WINDOWS\system32\spmsg2.dll
2011-05-26 18:43:47 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2011-05-24 08:49:12 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2011-05-24 08:20:00 ----D---- C:\Program Files\City Interactive
2011-05-23 18:50:37 ----N---- C:\WINDOWS\system32\vxblock.dll
2011-05-23 18:50:37 ----N---- C:\WINDOWS\system32\pxwma.dll
2011-05-23 18:50:37 ----N---- C:\WINDOWS\system32\pxwave.dll
2011-05-23 18:50:37 ----N---- C:\WINDOWS\system32\pxsfs.dll
2011-05-23 18:50:37 ----N---- C:\WINDOWS\system32\pxmas.dll
2011-05-23 18:50:37 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2011-05-23 18:50:37 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2011-05-23 18:50:37 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2011-05-23 18:50:37 ----N---- C:\WINDOWS\system32\pxdrv.dll
2011-05-23 18:50:37 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2011-05-23 18:50:37 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2011-05-23 18:50:37 ----N---- C:\WINDOWS\system32\pxafs.dll
2011-05-23 18:50:37 ----N---- C:\WINDOWS\system32\drivers\PxHelp20.sys
2011-05-23 18:50:37 ----N---- C:\WINDOWS\system32\drivers\cdralw2k.sys
2011-05-23 18:50:37 ----N---- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2011-05-23 18:50:36 ----N---- C:\WINDOWS\system32\px.dll
2011-05-23 18:50:34 ----D---- C:\Program Files\Winamp
2011-05-23 18:50:34 ----D---- C:\Documents and Settings\Tajovsky\Application Data\Winamp
2011-05-20 19:04:51 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-05-18 17:06:04 ----D---- C:\Documents and Settings\Tajovsky\Application Data\skypePM
2011-05-18 17:05:59 ----D---- C:\Documents and Settings\All Users\Application Data\Skype Extras
2011-05-18 17:04:55 ----D---- C:\Documents and Settings\Tajovsky\Application Data\Skype
2011-05-18 17:03:55 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2011-05-18 15:42:03 ----D---- C:\Documents and Settings\All Users\Application Data\ICQ
2011-05-17 21:09:08 ----A---- C:\WINDOWS\system32\antiwpa.dll
2011-05-15 18:44:03 ----D---- C:\Program Files\Common Files\DESIGNER
2011-05-15 18:43:50 ----D---- C:\Program Files\MSBuild
2011-05-15 18:42:18 ----D---- C:\Program Files\Microsoft.NET
2011-05-15 18:42:18 ----D---- C:\Program Files\Microsoft Sync Framework
2011-05-15 18:41:03 ----D---- C:\Program Files\Microsoft Visual Studio 8
2011-05-15 18:39:28 ----D---- C:\Program Files\Microsoft Analysis Services
2011-05-15 18:39:09 ----D---- C:\WINDOWS\SHELLNEW
2011-05-15 18:38:07 ----D---- C:\Program Files\Microsoft Office
2011-05-15 18:38:02 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2011-05-15 18:37:39 ----RHD---- C:\MSOCache
2011-05-06 09:49:02 ----D---- C:\Documents and Settings\Tajovsky\Application Data\Hamachi
2011-05-06 09:48:30 ----A---- C:\WINDOWS\system32\drivers\hamachi.sys
2011-05-05 06:56:03 ----D---- C:\Documents and Settings\Tajovsky\Application Data\Leadertech
2011-05-05 06:43:52 ----D---- C:\Program Files\EA Sports
2011-05-03 19:27:31 ----A---- C:\WINDOWS\system32\drivers\dtsoftbus01.sys
2011-05-03 19:27:06 ----D---- C:\Program Files\DAEMON Tools Lite
2011-05-03 19:26:30 ----D---- C:\Documents and Settings\Tajovsky\Application Data\DAEMON Tools Lite
2011-05-03 19:26:30 ----D---- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
2011-04-29 17:56:01 ----D---- C:\Program Files\Garena
2011-04-29 17:53:51 ----D---- C:\Program Files\Warcraft III
2011-04-29 13:30:27 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2011-04-29 13:30:27 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2011-04-29 13:30:26 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2011-04-29 13:30:26 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2011-04-29 13:30:26 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2011-04-29 13:30:25 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2011-04-29 13:30:25 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2011-04-29 13:30:25 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2011-04-29 13:30:24 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2011-04-29 13:30:24 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2011-04-29 13:30:24 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2011-04-29 13:30:23 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2011-04-29 13:30:23 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2011-04-29 13:30:23 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2011-04-29 13:30:22 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2011-04-29 13:30:22 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2011-04-29 13:30:21 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2011-04-29 13:30:21 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2011-04-29 13:30:20 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2011-04-29 13:30:20 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2011-04-29 13:30:20 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2011-04-29 13:30:19 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2011-04-29 13:30:19 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2011-04-29 13:30:19 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2011-04-29 13:30:18 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2011-04-29 13:30:18 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2011-04-29 13:30:17 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2011-04-29 13:30:17 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2011-04-29 13:30:17 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2011-04-29 13:30:16 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2011-04-29 13:30:16 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2011-04-29 13:30:16 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2011-04-29 13:30:15 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2011-04-29 13:30:15 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2011-04-29 13:30:15 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2011-04-29 13:30:14 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2011-04-29 13:30:14 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2011-04-29 13:30:14 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2011-04-29 13:30:13 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2011-04-29 13:30:13 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2011-04-29 13:30:13 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2011-04-29 13:30:12 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2011-04-29 13:30:12 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2011-04-29 13:30:12 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2011-04-29 13:30:12 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2011-04-29 13:30:11 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2011-04-29 13:30:11 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2011-04-29 13:30:10 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2011-04-29 13:30:10 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2011-04-29 13:30:09 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2011-04-29 13:30:09 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2011-04-29 13:30:09 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2011-04-29 13:30:08 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2011-04-29 13:30:07 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2011-04-29 13:30:07 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2011-04-29 13:30:07 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2011-04-29 13:30:06 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2011-04-29 13:30:06 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2011-04-29 13:30:06 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2011-04-29 13:30:05 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2011-04-29 13:30:05 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2011-04-29 13:30:05 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2011-04-29 13:30:04 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2011-04-29 13:30:04 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2011-04-29 13:30:03 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2011-04-29 13:30:02 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2011-04-29 13:30:02 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2011-04-29 13:30:01 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2011-04-29 13:30:01 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2011-04-29 13:30:00 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2011-04-29 13:29:59 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2011-04-29 13:29:59 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2011-04-29 13:29:59 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2011-04-29 13:29:58 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2011-04-29 13:29:58 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2011-04-29 13:29:58 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2011-04-29 13:29:58 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2011-04-29 13:29:57 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2011-04-29 13:29:57 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2011-04-29 13:29:57 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2011-04-29 13:29:57 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2011-04-29 13:29:55 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2011-04-29 13:29:54 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2011-04-29 13:29:54 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2011-04-29 13:29:54 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2011-04-29 13:29:53 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2011-04-29 13:29:53 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2011-04-29 13:29:53 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2011-04-29 13:29:52 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2011-04-29 13:29:52 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2011-04-29 13:29:50 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2011-04-29 13:26:28 ----HD---- C:\WINDOWS\msdownld.tmp
2011-04-29 13:26:24 ----D---- C:\WINDOWS\Logs

======List of files/folders modified in the last 1 months======

2011-05-27 14:43:16 ----D---- C:\WINDOWS\Prefetch
2011-05-27 14:42:56 ----RD---- C:\Program Files
2011-05-27 14:40:45 ----D---- C:\WINDOWS
2011-05-27 14:39:12 ----D---- C:\WINDOWS\system32\CatRoot2
2011-05-27 14:38:19 ----SHD---- C:\WINDOWS\Installer
2011-05-27 14:37:52 ----D---- C:\Program Files\Common Files
2011-05-27 14:35:56 ----D---- C:\WINDOWS\system32
2011-05-27 13:41:01 ----A---- C:\moduleName.txt
2011-05-27 13:36:02 ----D---- C:\Documents and Settings\Tajovsky\Application Data\TS3Client
2011-05-27 08:03:58 ----RSD---- C:\WINDOWS\assembly
2011-05-27 08:03:58 ----D---- C:\WINDOWS\Microsoft.NET
2011-05-27 06:59:56 ----D---- C:\Program Files\Mozilla Firefox
2011-05-26 18:59:23 ----HD---- C:\WINDOWS\inf
2011-05-26 18:59:20 ----D---- C:\WINDOWS\system32\drivers
2011-05-26 18:51:50 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-05-26 18:44:56 ----D---- C:\WINDOWS\system32\en-US
2011-05-26 18:44:52 ----RSD---- C:\WINDOWS\Fonts
2011-05-26 18:43:57 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-05-23 07:21:41 ----D---- C:\Documents and Settings
2011-05-18 15:42:07 ----HD---- C:\Program Files\InstallShield Installation Information
2011-05-18 06:46:14 ----D---- C:\Documents and Settings\Tajovsky\Application Data\XnView
2011-05-17 19:10:08 ----SD---- C:\Documents and Settings\Tajovsky\Application Data\Microsoft
2011-05-17 14:04:13 ----D---- C:\WINDOWS\system32\wbem
2011-05-15 19:49:39 ----D---- C:\Documents and Settings\Tajovsky\Application Data\Ventrilo
2011-05-15 18:45:38 ----D---- C:\WINDOWS\system32\config
2011-05-15 18:44:04 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-05-15 18:43:29 ----D---- C:\WINDOWS\WinSxS
2011-05-15 18:42:18 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2011-05-15 18:40:16 ----A---- C:\WINDOWS\win.ini
2011-05-15 18:40:12 ----D---- C:\Program Files\Common Files\System
2011-05-06 16:17:11 ----D---- C:\Documents and Settings\Tajovsky\Application Data\U3
2011-05-06 09:47:28 ----D---- C:\temp
2011-05-05 06:43:52 ----D---- C:\WINDOWS\system32\DirectX

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 risdptsk;risdptsk; C:\WINDOWS\system32\DRIVERS\risdptsk.sys [2005-07-14 27904]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-05-03 218688]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R2 ESLWireAC;ESLWireAC; \??\C:\WINDOWS\system32\drivers\ESLWireACD.sys []
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-10-26 549184]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-07-04 2304000]
R3 ESLvnic1;ESLvnic Virtual Network 32 Bit; C:\WINDOWS\system32\DRIVERS\ESLvnic.sys [2011-04-14 24504]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-11-03 4394496]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-18 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2007-08-24 5760]
R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-07-12 51328]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-12-14 85120]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-05-25 193088]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2007-07-03 57344]
S3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\PROGRA~1\ATKHOT~1\ASNDIS5.SYS []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2011-05-06 25280]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACS;Atheros Configuration Service; C:\WINDOWS\system32\acs.exe [2007-10-23 364629]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-07-04 483328]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------

[JaRon]

mam nejaky silny pocit ze Windows je nelegalny ,,,
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Antiwpa]
C:\WINDOWS\system32\antiwpa.dll [2009-01-07 60416]

[Crosby.WX]

v tom je problem? aj kolegovia z prace a celkovo ja asi nepoznam odtialto človeka čo ma legalny. a je tam nejaky virus? alebo koli tomu že mam nelegalny sa mi nemože pomocť

[vyosek]

Zdravim a pekny den preji

Zaskocim za kolegu s jednim maly dotazem - tyhle pravidla fora jste cetl http://www.viry.cz/forum/viewtopic.php?f=12&t=5601

[Crosby.WX]

Zdravím, no teraz som si to prečital
Tak jednoducho, cely deň sa babrem s notebookom, boli ma hlava tak prepačte. A prosim Vas mohli by ste mi to skontrolovať a nejako poradiť?

[vyosek]

Nemohli, nelegalnim OS se tu nezabyvame, to snad z pravidel jasne vyplyva...