Malware - Blokovanie stránok? Ďakujem.

[armita]

Dobrý deň ,
som tu prvýkrát a veľmi dúfam, že som trafila správnu časť fóra.

Minulý mesiac som mala problém s malware v: system32/etc/hosts. Prejavovalo sa to tak, že mi vypadával internet a hlavne mi blokoval stránky gmail.com a google.com (viem, že sa to automaticky presmeruje na google.sk, ale on - google.com fakt nešiel) a yahoo.com. Opravovala som to podľa pár rád - viem, že podobný problém tu už bol. Urobila som naozaj všetko, ale miestami mi znova nechce načítať ani google.com, gmail.com. Zmazala som blokované stránky v "hosts", ale nie som si istá, či som to urobila správne, pretože sa do takýchto vecí moc nevyznám .
Ďakujem veľmi pekne za Váš čas, nesmierne si to vážim!
Možno som niečo nepochopila správne z predošlých diskusií, naozaj nie som technický typ (čo nie je výhovorka). Poprosím o trpezlivosť .
Ďakujem, ďakujem...

Môj log:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2011-09-29 12:08:05
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 7 GB (24%) free of 30 GB
Total RAM: 959 MB (22% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:08:17, on 29. 9. 2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\Google\Update\1.3.21.69\GoogleCrashHandler.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFWSvc.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\Spybot - Search & Destroy 2\SDMonSvc.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\1.3.21.69\GoogleCrashHandler.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Dokumenty\Preberanie\RSIT(2).exe
C:\Program Files\trend micro\Administrator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: Shareware.Pro-EN Toolbar - {da21bd13-ca22-42e3-a071-98f08f1ca1e7} - C:\Program Files\Peer2Peer-EN\prxtbPee2.dll
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
R3 - URLSearchHook: YouTubeUploaderLib.YouTubeUploaderLib - - (no file)
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll
O2 - BHO: XTTBPos00 Class - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file)
O2 - BHO: Podpora odkazu pre aplikáciu Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll
O2 - BHO: Shareware.Pro-EN - {da21bd13-ca22-42e3-a071-98f08f1ca1e7} - C:\Program Files\Peer2Peer-EN\prxtbPee2.dll
O2 - BHO: BS Player - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Shareware.Pro-EN Toolbar - {da21bd13-ca22-42e3-a071-98f08f1ca1e7} - C:\Program Files\Peer2Peer-EN\prxtbPee2.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F} (PCMaticVer Class) - http://utilities.pcpitstop.com/Nirvana/ ... cmatic.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{56508328-7E84-43EB-9C13-D82B700509BC}: NameServer = 80.87.208.29 80.87.208.166
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate1c9e7511995a6d8) (gupdate1c9e7511995a6d8) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spybot-S&D 2 Firewall Service (SDFirewallService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFWSvc.exe
O23 - Service: Spybot-S&D 2 Monitoring Service (SDMonitorService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDMonSvc.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe

--
End of file - 12039 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\AWC AutoSweep.job
C:\WINDOWS\tasks\AWC Update.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1123561945-1788223648-1801674531-500Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1123561945-1788223648-1801674531-500UA.job
C:\WINDOWS\tasks\SmartDefrag_Startup.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\3xih4y4j.default

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pack.google.com/Google Updater;version=14]
"Description"=Google Updater
"Path"=C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1]
"Description"=Yahoo! activeX Plug-in Bridge
"Path"=C:\Program Files\Yahoo!\Common\npyaxmpb.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
FlashGet3.xpi

C:\Program Files\Mozilla Firefox\plugins\
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pre aplikáciu Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2008-07-16 1266992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2011-09-19 761840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\prxtbuTo0.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{da21bd13-ca22-42e3-a071-98f08f1ca1e7}]
Shareware.Pro-EN Toolbar - C:\Program Files\Peer2Peer-EN\prxtbPee2.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
BS Player Toolbar - C:\Program Files\BS_Player\prxtbBS_0.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} -
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2008-07-16 1266992]
{da21bd13-ca22-42e3-a071-98f08f1ca1e7} - Shareware.Pro-EN Toolbar - C:\Program Files\Peer2Peer-EN\prxtbPee2.dll [2011-01-17 175912]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - BS Player Toolbar - C:\Program Files\BS_Player\prxtbBS_0.dll [2011-01-17 175912]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\prxtbuTo0.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-31 7634944]
"googletalk"=C:\Program Files\Google\Google Talk\googletalk.exe [2007-01-01 3739648]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2008-08-04 36352]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-11-04 2219184]
"SDTray"=C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [2011-05-10 5607080]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2009-04-17 133104]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-06-07 39408]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Advanced SystemCare 3"=C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2010-08-10 2349776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2006-10-31 7634944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2006-10-31 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2007-07-05 16380416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2008-08-04 36352]

C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění
OpenOffice.org 3.2.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\EFS]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon]
SDWinLogon.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Google\Google Talk\googletalk.exe"="C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe"="C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Disabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files\Spybot - Search & Destroy 2\SDFWSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDFWSvc.exe:*:Enabled:Spybot-S&D 2 Firewall service"
"C:\Program Files\Spybot - Search & Destroy 2\SDMonSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDMonSvc.exe:*:Enabled:Spybot-S&D 2 On-Access monitor service"
"C:\Program Files\Spybot - Search & Destroy 2\SDSODSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDSODSvc.exe:*:Enabled:Spybot-S&D 2 Scan On Demand service"
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.CFHD"=CFHD.dll

======List of files/folders created in the last 1 month======

2011-09-29 11:26:23 ----D---- C:\Program Files\Yamicsoft
2011-09-29 10:51:40 ----D---- C:\rsit
2011-09-29 10:51:40 ----D---- C:\Program Files\trend micro
2011-09-28 11:09:14 ----A---- C:\WINDOWS\system32\sdnclean.exe
2011-09-28 11:08:52 ----A---- C:\WINDOWS\system32\msvcr100.dll
2011-09-28 11:08:52 ----A---- C:\WINDOWS\system32\msvcp100.dll
2011-09-28 11:08:51 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2011-09-15 14:24:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2616676$
2011-09-15 14:23:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$
2011-09-08 00:17:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2607712$
2011-09-04 19:56:02 ----A---- C:\WINDOWS\system32\rp_stats.dat
2011-09-04 19:56:02 ----A---- C:\WINDOWS\system32\rp_rules.dat
2011-09-02 14:35:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\IObit
2011-09-02 11:11:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2492386$
2011-09-02 11:10:36 ----D---- C:\WINDOWS\system32\WindowsPowerShell
2011-09-02 11:10:35 ----D---- C:\WINDOWS\system32\winrm
2011-09-02 11:10:35 ----D---- C:\WINDOWS\system32\GroupPolicy
2011-09-02 11:10:29 ----HDC---- C:\WINDOWS\$968930Uinstall_KB968930$
2011-09-02 11:10:28 ----D---- C:\WINDOWS\$NtUninstallKB968930$
2011-09-02 11:10:16 ----HDC---- C:\WINDOWS\$NtUninstallKB971513$
2011-09-02 11:10:06 ----HDC---- C:\WINDOWS\$NtUninstallbasecsp$
2011-09-02 11:09:55 ----HDC---- C:\WINDOWS\$NtUninstallKB902344$
2011-09-02 10:37:47 ----A---- C:\WINDOWS\system32\SmartDefragBootTime.exe
2011-09-02 10:37:47 ----A---- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys
2011-09-01 22:33:45 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-09-01 22:33:40 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-09-01 21:57:07 ----A---- C:\WINDOWS\system32\lsdelete.exe
2011-09-01 19:57:54 ----A---- C:\WINDOWS\system32\drivers\SBREDrv.sys
2011-09-01 19:48:51 ----A---- C:\WINDOWS\system32\drivers\Lbd.sys
2011-09-01 19:48:25 ----D---- C:\Program Files\Lavasoft
2011-08-30 22:28:36 ----D---- C:\Program Files\QIP

======List of files/folders modified in the last 1 month======

2011-09-29 12:08:07 ----D---- C:\WINDOWS\Temp
2011-09-29 12:07:56 ----D---- C:\WINDOWS\Prefetch
2011-09-29 11:56:48 ----D---- C:\Program Files\uTorrentBar
2011-09-29 11:56:06 ----D---- C:\Documents and Settings\Administrator\Data aplikací\PriceGong
2011-09-29 11:30:51 ----A---- C:\WINDOWS\wincmd.ini
2011-09-29 11:30:33 ----D---- C:\WINDOWS\system32\drivers\etc
2011-09-29 11:29:49 ----SD---- C:\WINDOWS\Tasks
2011-09-29 11:29:17 ----D---- C:\WINDOWS\system32\CatRoot2
2011-09-29 11:29:13 ----D---- C:\WINDOWS
2011-09-29 11:26:59 ----D---- C:\WINDOWS\system32\config
2011-09-29 11:26:36 ----D---- C:\WINDOWS\system32\wbem
2011-09-29 11:26:35 ----D---- C:\WINDOWS\Registration
2011-09-29 11:26:23 ----D---- C:\Config.Msi
2011-09-29 11:26:20 ----SHD---- C:\WINDOWS\Installer
2011-09-29 11:26:11 ----D---- C:\Documents and Settings\Administrator\Data aplikací\uTorrent
2011-09-29 11:25:46 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-09-29 10:59:17 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-09-29 10:59:17 ----D---- C:\WINDOWS\system32
2011-09-29 10:51:40 ----RD---- C:\Program Files
2011-09-28 13:44:01 ----D---- C:\Documents and Settings\Administrator\Data aplikací\vlc
2011-09-28 11:56:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2011-09-28 11:17:47 ----SD---- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
2011-09-28 11:17:05 ----D---- C:\Program Files\Passware
2011-09-28 11:09:14 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-09-22 13:50:59 ----A---- C:\WINDOWS\NeroDigital.ini
2011-09-19 13:12:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google Updater
2011-09-18 18:57:14 ----HD---- C:\WINDOWS\inf
2011-09-15 14:23:50 ----HD---- C:\WINDOWS\$hf_mig$
2011-09-11 21:46:39 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Skype
2011-09-11 21:22:40 ----D---- C:\Documents and Settings\Administrator\Data aplikací\skypePM
2011-09-09 11:12:04 ----A---- C:\WINDOWS\system32\crypt32.dll
2011-09-07 20:22:01 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Winamp
2011-09-07 07:53:14 ----D---- C:\Program Files\Mozilla Firefox
2011-09-02 17:28:42 ----D---- C:\WINDOWS\system32\drivers
2011-09-02 16:16:42 ----D---- C:\Program Files\Spybot - Search & Destroy
2011-09-02 16:08:39 ----D---- C:\Downloads
2011-09-02 15:54:24 ----RD---- C:\WINDOWS\Web
2011-09-02 15:53:50 ----A---- C:\WINDOWS\ODBCINST.INI
2011-09-02 15:53:47 ----D---- C:\WINDOWS\system32\CatRoot
2011-09-02 15:52:41 ----D---- C:\WINDOWS\system32\ias
2011-09-02 15:52:38 ----ASH---- C:\WINDOWS\fonts\desktop.ini
2011-09-02 15:41:29 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-09-02 14:59:09 ----D---- C:\Documents and Settings\Administrator\Data aplikací\IObit
2011-09-02 14:35:35 ----D---- C:\Program Files\IObit
2011-09-02 11:16:57 ----D---- C:\WINDOWS\security
2011-09-02 11:11:53 ----RSD---- C:\WINDOWS\assembly
2011-09-02 11:11:53 ----D---- C:\WINDOWS\Microsoft.NET
2011-09-02 11:11:51 ----D---- C:\WINDOWS\AppPatch
2011-09-02 11:11:36 ----D---- C:\Program Files\Internet Explorer
2011-09-02 11:11:30 ----D---- C:\WINDOWS\ie8updates
2011-09-02 11:10:41 ----D---- C:\WINDOWS\Help
2011-09-02 11:08:46 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Media Player Classic
2011-09-01 23:30:00 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-09-01 19:48:35 ----D---- C:\WINDOWS\WinSxS
2011-09-01 19:48:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2011-08-18 64512]
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-10-18 105472]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-11-20 43872]
R0 SmartDefragDriver;SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [2010-11-26 14776]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-07-19 26944]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-08-03 95896]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-08-04 140752]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-07-18 4547584]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-31 3964256]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-11-27 58368]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-11-27 19968]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-11-11 47360]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2004-04-01 10368]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-11-04 810144]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
R2 IMFservice;IMF Service; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [2011-07-20 820568]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-31 155715]
R2 SDFirewallService;Spybot-S&D 2 Firewall Service; C:\Program Files\Spybot - Search & Destroy 2\SDFWSvc.exe [2011-05-10 3585696]
R2 SDMonitorService;Spybot-S&D 2 Monitoring Service; C:\Program Files\Spybot - Search & Destroy 2\SDMonSvc.exe [2011-05-10 3834456]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [2011-05-10 3515656]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2011-05-10 3769048]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S2 gupdate1c9e7511995a6d8;Služba Google Update (gupdate1c9e7511995a6d8); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-07 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-19 194104]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2011-09-01 2151640]
S2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2011-05-11 167040]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-12-29 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-11-04 33584]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-03-25 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-07 133104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[JaRon]

menej je niekedy viac
odinstaluj Advanced SystemCare 3 + SpyBot + Ad-aware
potom vycisti PC s CCleanerom a napis ci problemy pretrvavaju

[armita]

Ďakujem JaRon !
Advanced SystemCare 3 a Ad-aware sú úspešne odinštalované, ale pri Spybot mi stále vypisuje toto:
"Soubor "C:\Program Files\Spybot - Search & Destroy 2\unin000.dat" nelze otevřít. Produkt nelze odinstalovat..."


Môžem použiť napr. Unlocker alebo Revo uninstaller free? Teda ja sa vôbec nevyznám, iba som googlila či je nejaký spôsob, ale nič nazvyš nerobím .

[JaRon]

skus to odstranit cez Revo, ak by bol problem vloz log RSIT a zajtra to nejak znicime

[armita]

Okej , ďakujem veľmi krásne. Myslím si, že som to odinštalovala správne, ale len pre moje kľudné svedomie, ak by si mohol, radšej sa mi prosím pozri na log O:).
Si mojim ajti hrdinom !
Ďakujem!

Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2011-09-29 19:23:42
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 8 GB (27%) free of 30 GB
Total RAM: 959 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:23:52, on 29. 9. 2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Update\1.3.21.69\GoogleCrashHandler.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Administrator\Dokumenty\Preberanie\RSIT(3).exe
C:\Program Files\trend micro\Administrator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: Shareware.Pro-EN Toolbar - {da21bd13-ca22-42e3-a071-98f08f1ca1e7} - C:\Program Files\Peer2Peer-EN\prxtbPee2.dll
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
R3 - URLSearchHook: YouTubeUploaderLib.YouTubeUploaderLib - - (no file)
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll
O2 - BHO: XTTBPos00 Class - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file)
O2 - BHO: Podpora odkazu pre aplikáciu Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll
O2 - BHO: Shareware.Pro-EN - {da21bd13-ca22-42e3-a071-98f08f1ca1e7} - C:\Program Files\Peer2Peer-EN\prxtbPee2.dll
O2 - BHO: BS Player - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Shareware.Pro-EN Toolbar - {da21bd13-ca22-42e3-a071-98f08f1ca1e7} - C:\Program Files\Peer2Peer-EN\prxtbPee2.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F} (PCMaticVer Class) - http://utilities.pcpitstop.com/Nirvana/ ... cmatic.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{56508328-7E84-43EB-9C13-D82B700509BC}: NameServer = 80.87.208.29 80.87.208.166
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate1c9e7511995a6d8) (gupdate1c9e7511995a6d8) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spybot-S&D 2 Firewall Service (SDFirewallService) - Unknown owner - C:\Program Files\Spybot - Search & Destroy 2\SDFWSvc.exe (file missing)
O23 - Service: Spybot-S&D 2 Monitoring Service (SDMonitorService) - Unknown owner - C:\Program Files\Spybot - Search & Destroy 2\SDMonSvc.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Unknown owner - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (file missing)
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Unknown owner - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (file missing)
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Unknown owner - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (file missing)

--
End of file - 11016 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1123561945-1788223648-1801674531-500Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1123561945-1788223648-1801674531-500UA.job
C:\WINDOWS\tasks\SmartDefrag_Startup.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\3xih4y4j.default

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pack.google.com/Google Updater;version=14]
"Description"=Google Updater
"Path"=C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1]
"Description"=Yahoo! activeX Plug-in Bridge
"Path"=C:\Program Files\Yahoo!\Common\npyaxmpb.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
FlashGet3.xpi

C:\Program Files\Mozilla Firefox\plugins\
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pre aplikáciu Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2008-07-16 1266992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2011-09-19 761840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\prxtbuTo0.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{da21bd13-ca22-42e3-a071-98f08f1ca1e7}]
Shareware.Pro-EN Toolbar - C:\Program Files\Peer2Peer-EN\prxtbPee2.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
BS Player Toolbar - C:\Program Files\BS_Player\prxtbBS_0.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} -
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2008-07-16 1266992]
{da21bd13-ca22-42e3-a071-98f08f1ca1e7} - Shareware.Pro-EN Toolbar - C:\Program Files\Peer2Peer-EN\prxtbPee2.dll [2011-01-17 175912]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - BS Player Toolbar - C:\Program Files\BS_Player\prxtbBS_0.dll [2011-01-17 175912]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\prxtbuTo0.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-31 7634944]
"googletalk"=C:\Program Files\Google\Google Talk\googletalk.exe [2007-01-01 3739648]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2008-08-04 36352]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-11-04 2219184]
"SDTray"=C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe /c []
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-06-07 39408]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2006-10-31 7634944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2006-10-31 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2007-07-05 16380416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2008-08-04 36352]

C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění
OpenOffice.org 3.2.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\EFS]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon]
SDWinLogon.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Google\Google Talk\googletalk.exe"="C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe"="C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Disabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files\Spybot - Search & Destroy 2\SDFWSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDFWSvc.exe:*:Enabled:Spybot-S&D 2 Firewall service"
"C:\Program Files\Spybot - Search & Destroy 2\SDMonSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDMonSvc.exe:*:Enabled:Spybot-S&D 2 On-Access monitor service"
"C:\Program Files\Spybot - Search & Destroy 2\SDSODSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDSODSvc.exe:*:Enabled:Spybot-S&D 2 Scan On Demand service"
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.CFHD"=CFHD.dll

======List of files/folders created in the last 1 month======

2011-09-29 18:50:59 ----D---- C:\Program Files\VS Revo Group
2011-09-29 17:49:38 ----HD---- C:\WINDOWS\PIF
2011-09-29 14:21:17 ----A---- C:\WINDOWS\wininit.ini
2011-09-29 11:26:23 ----D---- C:\Program Files\Yamicsoft
2011-09-29 10:51:40 ----D---- C:\rsit
2011-09-29 10:51:40 ----D---- C:\Program Files\trend micro
2011-09-28 11:09:14 ----A---- C:\WINDOWS\system32\sdnclean.exe
2011-09-28 11:08:52 ----A---- C:\WINDOWS\system32\msvcr100.dll
2011-09-28 11:08:52 ----A---- C:\WINDOWS\system32\msvcp100.dll
2011-09-15 14:24:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2616676$
2011-09-15 14:23:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$
2011-09-08 00:17:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2607712$
2011-09-04 19:56:02 ----A---- C:\WINDOWS\system32\rp_stats.dat
2011-09-04 19:56:02 ----A---- C:\WINDOWS\system32\rp_rules.dat
2011-09-02 14:35:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\IObit
2011-09-02 11:11:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2492386$
2011-09-02 11:10:36 ----D---- C:\WINDOWS\system32\WindowsPowerShell
2011-09-02 11:10:35 ----D---- C:\WINDOWS\system32\winrm
2011-09-02 11:10:35 ----D---- C:\WINDOWS\system32\GroupPolicy
2011-09-02 11:10:29 ----HDC---- C:\WINDOWS\$968930Uinstall_KB968930$
2011-09-02 11:10:28 ----D---- C:\WINDOWS\$NtUninstallKB968930$
2011-09-02 11:10:16 ----HDC---- C:\WINDOWS\$NtUninstallKB971513$
2011-09-02 11:10:06 ----HDC---- C:\WINDOWS\$NtUninstallbasecsp$
2011-09-02 11:09:55 ----HDC---- C:\WINDOWS\$NtUninstallKB902344$
2011-09-01 22:33:45 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-09-01 22:33:40 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-09-01 19:57:54 ----A---- C:\WINDOWS\system32\drivers\SBREDrv.sys
2011-08-30 22:28:36 ----D---- C:\Program Files\QIP

======List of files/folders modified in the last 1 month======

2011-09-29 19:23:34 ----D---- C:\WINDOWS\Temp
2011-09-29 19:19:47 ----D---- C:\WINDOWS
2011-09-29 19:19:37 ----RD---- C:\Program Files
2011-09-29 19:19:18 ----D---- C:\WINDOWS\Prefetch
2011-09-29 19:14:18 ----D---- C:\WINDOWS\system32
2011-09-29 18:00:29 ----A---- C:\WINDOWS\NeroDigital.ini
2011-09-29 17:39:07 ----D---- C:\Documents and Settings\Administrator\Data aplikací\vlc
2011-09-29 14:43:13 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-09-29 14:38:32 ----D---- C:\Documents and Settings\Administrator\Data aplikací\uTorrent
2011-09-29 14:35:04 ----SD---- C:\WINDOWS\Tasks
2011-09-29 14:33:59 ----SHD---- C:\WINDOWS\Installer
2011-09-29 14:33:59 ----D---- C:\WINDOWS\WinSxS
2011-09-29 14:33:59 ----D---- C:\WINDOWS\SxsCaPendDel
2011-09-29 14:33:40 ----D---- C:\Config.Msi
2011-09-29 14:33:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2011-09-29 14:33:37 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-09-29 14:33:37 ----D---- C:\WINDOWS\system32\drivers
2011-09-29 11:56:48 ----D---- C:\Program Files\uTorrentBar
2011-09-29 11:56:06 ----D---- C:\Documents and Settings\Administrator\Data aplikací\PriceGong
2011-09-29 11:30:51 ----A---- C:\WINDOWS\wincmd.ini
2011-09-29 11:30:33 ----D---- C:\WINDOWS\system32\drivers\etc
2011-09-29 11:29:17 ----D---- C:\WINDOWS\system32\CatRoot2
2011-09-29 11:26:59 ----D---- C:\WINDOWS\system32\config
2011-09-29 11:26:36 ----D---- C:\WINDOWS\system32\wbem
2011-09-29 11:26:35 ----D---- C:\WINDOWS\Registration
2011-09-29 10:59:17 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-09-28 11:56:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2011-09-28 11:17:47 ----SD---- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
2011-09-28 11:17:05 ----D---- C:\Program Files\Passware
2011-09-28 11:09:14 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-09-19 13:12:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google Updater
2011-09-18 18:57:14 ----HD---- C:\WINDOWS\inf
2011-09-15 14:23:50 ----HD---- C:\WINDOWS\$hf_mig$
2011-09-11 21:46:39 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Skype
2011-09-11 21:22:40 ----D---- C:\Documents and Settings\Administrator\Data aplikací\skypePM
2011-09-09 11:12:04 ----A---- C:\WINDOWS\system32\crypt32.dll
2011-09-07 20:22:01 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Winamp
2011-09-07 07:53:14 ----D---- C:\Program Files\Mozilla Firefox
2011-09-02 16:08:39 ----D---- C:\Downloads
2011-09-02 15:54:24 ----RD---- C:\WINDOWS\Web
2011-09-02 15:53:50 ----A---- C:\WINDOWS\ODBCINST.INI
2011-09-02 15:53:47 ----D---- C:\WINDOWS\system32\CatRoot
2011-09-02 15:52:41 ----D---- C:\WINDOWS\system32\ias
2011-09-02 15:52:38 ----ASH---- C:\WINDOWS\fonts\desktop.ini
2011-09-02 15:41:29 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-09-02 14:59:09 ----D---- C:\Documents and Settings\Administrator\Data aplikací\IObit
2011-09-02 14:35:35 ----D---- C:\Program Files\IObit
2011-09-02 11:16:57 ----D---- C:\WINDOWS\security
2011-09-02 11:11:53 ----RSD---- C:\WINDOWS\assembly
2011-09-02 11:11:53 ----D---- C:\WINDOWS\Microsoft.NET
2011-09-02 11:11:51 ----D---- C:\WINDOWS\AppPatch
2011-09-02 11:11:36 ----D---- C:\Program Files\Internet Explorer
2011-09-02 11:11:30 ----D---- C:\WINDOWS\ie8updates
2011-09-02 11:10:41 ----D---- C:\WINDOWS\Help
2011-09-02 11:08:46 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Media Player Classic

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-10-18 105472]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-11-20 43872]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-07-19 26944]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-08-03 95896]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-08-04 140752]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-07-18 4547584]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-31 3964256]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-11-27 58368]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-11-27 19968]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-11-11 47360]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2004-04-01 10368]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-11-04 810144]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S2 gupdate1c9e7511995a6d8;Služba Google Update (gupdate1c9e7511995a6d8); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-07 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-19 194104]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-31 155715]
S2 SDFirewallService;Spybot-S&D 2 Firewall Service; C:\Program Files\Spybot - Search & Destroy 2\SDFWSvc.exe []
S2 SDMonitorService;Spybot-S&D 2 Monitoring Service; C:\Program Files\Spybot - Search & Destroy 2\SDMonSvc.exe []
S2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe []
S2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe []
S2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe []
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-12-29 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-11-04 33584]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-03-25 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-07 133104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[JaRon]

diiik za mile slova
ostali tam stale pozastatky SD - ideme cistit
Presun ComboFix
na plochu (ak tam este nie je)

otvor si Poznamkovy blok - notepad

do neho zkopiruj skript z nasledujiceho okna:

Kód: Vybrat vše

Driver::
SDFirewallService
SDMonitorService
SDScannerService
SDUpdateService
SDWSCService

Folder::
C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
C:\Program Files\Spybot - Search & Destroy 2


Registry::
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SDTray"=-

uloz vytvoreny textovy soubor ako CFScript.txt na plochu

po ulozeni uchop vytvoreny skript lavym tlacitkom mysi a presun ho nad ikonu Combofixu, nad nim skript upust:



po aplikacii by mal vzniknut dalsi log, ten vloz sem

[armita]

Ďakujem . Veľmi si to vážim.
Neviem ako sa mám spýtať jednu vec , to si už nemôžem nikdy nainštalovať Ad-aware? Prečo je niekedy menej viac?
Ak by bola odpoveď veľmi vyčerpávajúca, považuj to za bezpredmetné .

Tu je log.

ComboFix 11-09-30.01 - Administrator . 09. 2011 10:26:23.6.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1029.18.959.403 [GMT 2:00]
Running from: c:\documents and settings\Administrator\Plocha\ComboFix.exe
Command switches used :: c:\documents and settings\Administrator\Plocha\CFScript.txt
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SDFIREWALLSERVICE
-------\Legacy_SDMONITORSERVICE
-------\Legacy_SDSCANNERSERVICE
-------\Legacy_SDUPDATESERVICE
-------\Legacy_SDWSCSERVICE
-------\Service_SDFirewallService
-------\Service_SDMonitorService
-------\Service_SDScannerService
-------\Service_SDUpdateService
-------\Service_SDWSCService
.
.
((((((((((((((((((((((((( Files Created from 2011-08-28 to 2011-09-30 )))))))))))))))))))))))))))))))
.
.
2011-09-30 08:01 . 2011-09-30 08:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESET
2011-09-29 16:50 . 2011-09-29 16:50 -------- d-----w- c:\program files\VS Revo Group
2011-09-29 15:49 . 2011-09-29 15:49 -------- d--h--w- c:\windows\PIF
2011-09-29 09:26 . 2011-09-29 09:26 -------- d-----w- c:\windows\system32\wbem\Repository
2011-09-29 09:26 . 2011-09-29 09:26 -------- d-----w- c:\program files\Yamicsoft
2011-09-29 08:51 . 2011-09-29 17:23 -------- d-----w- c:\program files\trend micro
2011-09-29 08:51 . 2011-09-29 08:52 -------- d-----w- C:\rsit
2011-09-28 10:33 . 2011-09-30 08:10 -------- d-----w- c:\windows\system32\drivers\etc\hosts
2011-09-28 09:09 . 2009-01-25 11:14 15224 ----a-w- c:\windows\system32\sdnclean.exe
2011-09-28 09:08 . 2011-05-10 18:19 770384 ----a-w- c:\windows\system32\msvcr100.dll
2011-09-28 09:08 . 2011-01-07 13:39 421200 ----a-w- c:\windows\system32\msvcp100.dll
2011-09-02 17:22 . 2011-09-02 17:22 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\ESET
2011-09-02 12:35 . 2011-09-02 12:40 -------- d-----w- c:\documents and settings\All Users\Data aplikací\IObit
2011-09-02 09:10 . 2011-09-02 09:10 -------- d-----w- c:\windows\system32\winrm
2011-09-02 09:10 . 2011-09-02 09:10 -------- d-----w- c:\windows\system32\GroupPolicy
2011-09-02 09:10 . 2011-09-02 09:10 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$
2011-09-01 21:37 . 2011-09-01 21:37 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\GHISLER
2011-09-01 20:33 . 2011-07-08 05:55 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-09-01 20:33 . 2011-07-08 05:55 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-01 17:58 . 2011-09-01 17:58 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2011-09-01 17:57 . 2011-09-01 17:57 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-09 09:12 . 2008-04-14 06:51 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-07-15 13:29 . 2008-04-13 22:47 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2008-04-13 22:27 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-09-07 05:53 . 2011-09-01 17:36 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-05-17 . E3B22F050F840306FD522227F68046C5 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2008-07-16 1266992]
"{da21bd13-ca22-42e3-a071-98f08f1ca1e7}"= "c:\program files\Peer2Peer-EN\prxtbPee2.dll" [2011-01-17 175912]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\prxtbBS_0.dll" [2011-01-17 175912]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\prxtbuTo0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]
.
[HKEY_CLASSES_ROOT\clsid\{da21bd13-ca22-42e3-a071-98f08f1ca1e7}]
.
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2011-05-09 09:49 176936 ----a-w- c:\program files\uTorrentBar\prxtbuTo0.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{da21bd13-ca22-42e3-a071-98f08f1ca1e7}]
2011-01-17 14:54 175912 ----a-w- c:\program files\Peer2Peer-EN\prxtbPee2.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
2011-01-17 14:54 175912 ----a-w- c:\program files\BS_Player\prxtbBS_0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{da21bd13-ca22-42e3-a071-98f08f1ca1e7}"= "c:\program files\Peer2Peer-EN\prxtbPee2.dll" [2011-01-17 175912]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\prxtbBS_0.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\prxtbuTo0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{da21bd13-ca22-42e3-a071-98f08f1ca1e7}]
.
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{DA21BD13-CA22-42E3-A071-98F08F1CA1E7}"= "c:\program files\Peer2Peer-EN\prxtbPee2.dll" [2011-01-17 175912]
"{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}"= "c:\program files\BS_Player\prxtbBS_0.dll" [2011-01-17 175912]
"{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}"= "c:\program files\uTorrentBar\prxtbuTo0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{da21bd13-ca22-42e3-a071-98f08f1ca1e7}]
.
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-06-07 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-31 7634944]
"googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-08-03 36352]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-11-04 2219184]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2009-03-08 128512]
.
c:\documents and settings\Administrator\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-6-7 1195520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 10:43 69632 ------r- c:\windows\Alcmtr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 06:52 15360 ------w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 06:52 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2006-10-31 06:35 7634944 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2006-10-31 06:35 86016 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2006-10-31 06:35 1622016 ----a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-11-02 18:24 32768 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2007-07-05 08:08 16380416 ------r- c:\windows\RTHDCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2008-06-10 02:27 144784 ----a-w- c:\program files\Java\jre1.6.0_07\bin\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2008-08-03 23:02 36352 ----a-w- c:\program files\Winamp\winampa.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Documents and Settings\\Administrator\\Local Settings\\Data aplikací\\Google\\Chrome\\Application\\chrome.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [29. 7. 2010 12:31 115008]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [3. 8. 2010 12:28 95896]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [4. 11. 2010 17:15 810144]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [7. 8. 2009 18:34 222968]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [24. 10. 2008 20:09 47360]
S2 gupdate1c9e7511995a6d8;Služba Google Update (gupdate1c9e7511995a6d8);c:\program files\Google\Update\GoogleUpdate.exe [7. 6. 2009 11:19 133104]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [7. 6. 2009 11:19 133104]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [14. 4. 2008 8:52 14336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Contents of the 'Scheduled Tasks' folder
.
2011-09-05 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
2011-09-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-07 09:19]
.
2011-09-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-07 09:19]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: &Winamp Search - c:\documents and settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: ????3?? - c:\documents and settings\Administrator\Data aplikací\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\documents and settings\Administrator\Data aplikací\FlashGetBHO\GetAllUrl.htm
TCP: DhcpNameServer = 192.168.137.1
DPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
FF - ProfilePath - c:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\3xih4y4j.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-30 10:31
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1123561945-1788223648-1801674531-500\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@="c:\\Documents and Settings\\Administrator\\Data aplikací\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022
.
[HKEY_USERS\S-1-5-21-1123561945-1788223648-1801674531-500\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@="c:\\Documents and Settings\\Administrator\\Data aplikací\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3
.
[HKEY_USERS\S-1-5-21-1123561945-1788223648-1801674531-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,7a,64,84,42,60,92,12,44,87,51,74,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b6,4f,4e,01,dc,e3,86,4a,86,1b,ed,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(2928)
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Google\Update\1.3.21.69\GoogleCrashHandler.exe
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\program files\OpenOffice.org 3\program\soffice.bin
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wdfmgr.exe
.
**************************************************************************
.
Completion time: 2011-09-30 10:33:52 - machine was rebooted
ComboFix-quarantined-files.txt 2011-09-30 08:33
ComboFix2.txt 2011-09-30 08:13
ComboFix3.txt 2010-02-23 16:15
ComboFix4.txt 2010-02-19 17:11
ComboFix5.txt 2011-09-30 08:22
.
Pre-Run: 9 085 259 776
Post-Run: 8 959 021 056
.
- - End Of File - - 84DE7716B83D38CD2537264A4FED48CE

[JaRon]

fajn, teraz je to OK
Ad-aware aj SpyBot su uz zastarale produkty - samozrejme ak Ti bude za niektorym z nich smutno kludne si ich mozes nainstalovat
skor vsak doporucujem obcasnu kontrolu PC s MBAM a pokial nieco najde dat skontrolovat log na fore
paaaa

[armita]

Slová sú nedokonalé, takže naozaj nedokážu vyjadriť moju vďaku. Keby nebolo Teba, ajti hrdina , tak môj comp by bol na tom veľmi zle. Je fakt super pocit zveriť problém s compom Niekomu kto tomu rozumie a pomôže.
Ďakujem, ďakujem, ďakujem nekonečne veľakrát !!!
Prajem ti krásne dni!
Hneď je svet krajší. Buuiii!

pa

[JaRon]

rad som pomohol - si zlata