VIRY.CZ

Ahoj, nějaký Vir mi způsobuje tohle: Zamrzání celého počítače, nedovolí mi to nic vypalovat na CD-DVD, Padání programů na plochu, Pokud Počítač zamrzne je třeba restart, ale to neznamená že se příště spustí musím resetovat několikrát za sebou, nedovolí mi to spustit ani můj Anti-Vir! používám AVG Free. Nedovolí mi to něco instalovat.
Logfile of random's system information tool 1.06 (written by random/random)
Run by olin at 2008-05-10 01:27:36
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 32 GB (10%) free of 305 GB
Total RAM: 2046 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:27:37, on 10.5.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\agent.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Gigabyte\ET5\GUI.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\TO2SSM\McciTrayApp.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\OETRN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Program Files\Internet Explorer\Iexplore.exe
C:\Documents and Settings\olin\Dokumenty\RSIT.exe
C:\Program Files\trend micro\olin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\System32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [EasyTuneV] C:\Program Files\Gigabyte\ET5\ETcall.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Comrade.exe] C:\Program Files\GameSpy\Comrade\Comrade.exe
O4 - HKCU\..\Run: [OEXPRESS] C:\WINDOWS\OETRN.EXE
O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe -silent
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [agent.exe] C:\Documents and Settings\olin\Data aplikací\PC\agent.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [richtx64.exe] C:\DOCUME~1\olin\LOCALS~1\Temp\richtx64.exe
O4 - HKCU\..\Run: [Malware Defense] "C:\Program Files\Malware Defense\mdefense.exe" -noscan
O4 - HKCU\..\Run: [TO2SAM.Activation] "E:\ServiceActivationManager\McciInitializer.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit prekladac - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložit &oznacený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/da2/PCPitStop2.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (file missing)
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\WINDOWS\System32\appdrvrem01.exe
O23 - Service: Dragon Age: Prameny - aktualizace obsahu (DAUpdaterSvc) - BioWare - C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\F-Secure\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\F-Secure\ORSP Client\fsorsp.exe
O23 - Service: Služba Google Update (gupdate1c86d0b81587eec) (gupdate1c86d0b81587eec) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 10639 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 54248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\WINDOWS\WebIE.dll [2008-01-03 491520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-02-12 329312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\WINDOWS\WebIE.dll [2008-01-03 491520]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-11-24 953800]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-12-09 958200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-04-12 16132608]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"JMB36X IDE Setup"=C:\WINDOWS\JM\JMInsIDE.exe [2006-10-30 36864]
"36X Raid Configurer"=C:\WINDOWS\System32\JMRaidSetup.exe [2007-02-06 1953792]
"EasyTuneV"=C:\Program Files\Gigabyte\ET5\ETcall.exe [2007-04-26 24576]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2006-05-16 213936]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2006-05-16 86960]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768]
"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2006-05-16 213936]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-02-12 198160]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-09-23 1657448]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-09-27 13918208]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-09-27 86016]
"TO2SSM_McciTrayApp"=C:\Program Files\TO2SSM\McciTrayApp.exe [2008-08-15 1473536]
"F-Secure Manager"=C:\Program Files\F-Secure\Common\FSM32.EXE [2008-12-04 182936]
"F-Secure TNB"=C:\Program Files\F-Secure\FSGUI\TNBUtil.exe [2008-12-04 957024]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-12-23 143360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"Comrade.exe"=C:\Program Files\GameSpy\Comrade\Comrade.exe []
"OEXPRESS"=C:\WINDOWS\OETRN.EXE [2008-01-03 26624]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2007-11-06 306088]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ICQ"=C:\Program Files\ICQ6.5\ICQ.exe [2009-03-01 172792]
"agent.exe"=C:\Documents and Settings\olin\Data aplikací\PC\agent.exe []
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"richtx64.exe"=C:\DOCUME~1\olin\LOCALS~1\Temp\richtx64.exe []
"Malware Defense"=C:\Program Files\Malware Defense\mdefense.exe -noscan []
"TO2SAM.Activation"=E:\ServiceActivationManager\McciInitializer.exe []

C:\Documents and Settings\olin\Nabídka Start\Programy\Po spuštení
Registration Prince of Persia T2T.LNK - C:\Program Files\Ubisoft\Prince of Persia T2T\Support\Register\RegistrationReminder.exe
Výrezy obrazovky a spuštení aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=91000000

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe"="C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)"
"C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe"="C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)"
"C:\Documents and Settings\olin\Data aplikací\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword.exe"="C:\Documents and Settings\olin\Data aplikací\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword.exe:*:Enabled:Sid Meier's Civilization 4 Beyond the Sword"
"C:\Documents and Settings\olin\Data aplikací\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword_PitBoss.exe"="C:\Documents and Settings\olin\Data aplikací\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword_PitBoss.exe:*:Enabled:Sid Meier's Civilization 4 Beyond the Sword Pitboss"
"C:\Program Files\left 4 dead\left4dead.exe"="C:\Program Files\left 4 dead\left4dead.exe:*:Enabled:left4dead"
"C:\Program Files\Microsoft Games\Age of Empires III\age3.exe"="C:\Program Files\Microsoft Games\Age of Empires III\age3.exe:*:Enabled:Age of Empires 3"
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe"="C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"C:\Documents and Settings\olin\Plocha\wow-burningcrusade-enus-installer-downloader.exe"="C:\Documents and Settings\olin\Plocha\wow-burningcrusade-enus-installer-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\ND Games\Dark Sector\DS.exe"="C:\Program Files\ND Games\Dark Sector\DS.exe:*:Enabled:Dark Sector"
"C:\Program Files\Activision\Prototype\prototypef.exe"="C:\Program Files\Activision\Prototype\prototypef.exe:*:Enabled:Prototype(TM)"
"C:\Program Files\EA Games\Ultima Online Mondain's Legacy\client.exe"="C:\Program Files\EA Games\Ultima Online Mondain's Legacy\client.exe:*:Enabled:client"
"C:\Program Files\Codemasters\Overlord II\Overlord2.exe"="C:\Program Files\Codemasters\Overlord II\Overlord2.exe:*:Enabled:Overlord II"
"C:\Program Files\LucasArts\Star Wars Galactic Battlegrounds Saga\Game\battlegrounds_x1.exe"="C:\Program Files\LucasArts\Star Wars Galactic Battlegrounds Saga\Game\battlegrounds_x1.exe:*:Disabled:Star Wars Galactic Battlegrounds: Clone Campaigns"
"C:\Program Files\LucasArts\Star Wars Galactic Battlegrounds Saga\Game\Battlegrounds.exe"="C:\Program Files\LucasArts\Star Wars Galactic Battlegrounds Saga\Game\Battlegrounds.exe:*:Disabled:Star Wars Galactic Battlegrounds"
"C:\Program Files\Volition Inc\Red Faction Guerrilla\rfg.exe"="C:\Program Files\Volition Inc\Red Faction Guerrilla\rfg.exe:*:Enabled:Red Faction: Guerrilla"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Dragon Age\bin_ship\daorigins.exe"="C:\Program Files\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Prameny Hra"
"C:\Program Files\Dragon Age\DAOriginsLauncher.exe"="C:\Program Files\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Prameny Spustit"
"C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe"="C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Prameny Aktualizovat"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe"="C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (CLI)"
"C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe"="C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (SRV)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{074bc096-d25d-11dc-8c8b-001a4d503735}]
shell\AutoRun\command - H:\Menu.exe


======List of files/folders created in the last 1 months======

2009-09-27 18:20:06 ----A---- C:\WINDOWS\system32\nvcpluir.dll
2009-09-27 18:20:04 ----A---- C:\WINDOWS\system32\nvcplui.exe
2009-09-27 18:20:02 ----A---- C:\WINDOWS\system32\nvrszht.dll
2009-09-27 18:20:02 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2009-09-27 18:20:02 ----A---- C:\WINDOWS\system32\nvrstr.dll
2009-09-27 18:20:02 ----A---- C:\WINDOWS\system32\nvrsth.dll
2009-09-27 18:20:02 ----A---- C:\WINDOWS\system32\nvrssv.dll
2009-09-27 18:20:02 ----A---- C:\WINDOWS\system32\nvrssl.dll
2009-09-27 18:20:02 ----A---- C:\WINDOWS\system32\nvrssk.dll
2009-09-27 18:20:02 ----A---- C:\WINDOWS\system32\nvrsru.dll
2009-09-27 18:20:02 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2009-09-27 18:20:02 ----A---- C:\WINDOWS\system32\nvrspt.dll
2009-09-27 18:20:02 ----A---- C:\WINDOWS\system32\nvrspl.dll
2009-09-27 18:20:02 ----A---- C:\WINDOWS\system32\nvrsno.dll
2009-09-27 18:20:00 ----A---- C:\WINDOWS\system32\nvwddi.dll
2009-09-27 18:20:00 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2009-09-27 18:20:00 ----A---- C:\WINDOWS\system32\nvrsko.dll
2009-09-27 18:20:00 ----A---- C:\WINDOWS\system32\nvrsja.dll
2009-09-27 18:20:00 ----A---- C:\WINDOWS\system32\nvrsit.dll
2009-09-27 18:20:00 ----A---- C:\WINDOWS\system32\nvrshu.dll
2009-09-27 18:20:00 ----A---- C:\WINDOWS\system32\nvrshe.dll
2009-09-27 18:20:00 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2009-09-27 18:20:00 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2009-09-27 18:20:00 ----A---- C:\WINDOWS\system32\nvrsesm.dll
2009-09-27 18:20:00 ----A---- C:\WINDOWS\system32\nvrses.dll
2009-09-27 18:20:00 ----A---- C:\WINDOWS\system32\nvrseng.dll
2009-09-27 18:20:00 ----A---- C:\WINDOWS\system32\nvrsel.dll
2009-09-27 18:20:00 ----A---- C:\WINDOWS\system32\nvrsde.dll
2009-09-27 18:20:00 ----A---- C:\WINDOWS\system32\nvrsda.dll
2009-09-27 18:20:00 ----A---- C:\WINDOWS\system32\nvrscs.dll
2009-09-27 18:20:00 ----A---- C:\WINDOWS\system32\nvrsar.dll
2009-09-27 18:19:52 ----A---- C:\WINDOWS\system32\nvwssr.dll
2009-09-27 18:19:52 ----A---- C:\WINDOWS\system32\nvwss.dll
2009-09-27 18:19:50 ----A---- C:\WINDOWS\system32\nvvitvsr.dll
2009-09-27 18:19:50 ----A---- C:\WINDOWS\system32\nvvitvs.dll
2009-09-27 18:19:48 ----A---- C:\WINDOWS\system32\nvmoblsr.dll
2009-09-27 18:19:48 ----A---- C:\WINDOWS\system32\nvmobls.dll
2009-09-27 18:19:48 ----A---- C:\WINDOWS\system32\nvmccssr.dll
2009-09-27 18:19:48 ----A---- C:\WINDOWS\system32\nvmccss.dll
2009-09-27 18:19:48 ----A---- C:\WINDOWS\system32\nvgamesr.dll
2009-09-27 18:19:48 ----A---- C:\WINDOWS\system32\nvgames.dll
2009-09-27 18:19:46 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2009-09-27 18:19:46 ----A---- C:\WINDOWS\system32\nvmctray.dll
2009-09-27 18:19:46 ----A---- C:\WINDOWS\system32\nvdispsr.dll
2009-09-27 18:19:46 ----A---- C:\WINDOWS\system32\nvdisps.dll
2009-09-27 18:19:46 ----A---- C:\WINDOWS\system32\nvcpl.dll
2009-09-27 18:19:46 ----A---- C:\WINDOWS\system32\nvcolor.exe
2009-09-27 18:19:40 ----A---- C:\WINDOWS\system32\nvmccs.dll
2009-09-27 17:12:22 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2009-09-27 17:12:22 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2009-08-14 14:36:18 ----A---- C:\WINDOWS\system32\PhysXLoader.dll
2009-08-07 20:51:54 ----A---- C:\WINDOWS\system32\xlivefnt.dll
2009-08-07 20:51:54 ----A---- C:\WINDOWS\system32\xlive.dll
2009-08-07 20:51:34 ----A---- C:\WINDOWS\system32\xlive.dll.cat
2009-08-03 01:21:54 ----A---- C:\WINDOWS\system32\PhysXDevice.dll
2009-01-30 19:38:01 ----A---- C:\WINDOWS\ijl11.dll
2009-01-30 19:38:01 ----A---- C:\WINDOWS\EZTW32.DLL
2009-01-30 19:38:00 ----A---- C:\WINDOWS\system32\zlib1.dll
2009-01-30 12:58:15 ----D---- C:\Documents and Settings\olin\Data aplikací\ZOO Digital Publishing
2009-01-26 21:45:32 ----D---- C:\WINDOWS\Prefetch
2009-01-26 21:41:08 ----N---- C:\WINDOWS\system32\smtpapi.dll
2009-01-26 21:41:08 ----N---- C:\WINDOWS\system32\rwnh.dll
2009-01-26 21:41:06 ----N---- C:\WINDOWS\system32\credssp.dll
2009-01-26 21:41:06 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2009-01-26 21:41:06 ----N---- C:\WINDOWS\system32\azroles.dll
2009-01-26 21:41:06 ----N---- C:\WINDOWS\system32\aaclient.dll
2009-01-26 21:41:05 ----N---- C:\WINDOWS\system32\mmcperf.exe
2009-01-26 21:41:05 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2009-01-26 21:41:05 ----N---- C:\WINDOWS\system32\mmcex.dll
2009-01-26 21:41:05 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2009-01-26 21:41:05 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2009-01-26 21:41:05 ----N---- C:\WINDOWS\system32\kmsvc.dll
2009-01-26 21:41:05 ----N---- C:\WINDOWS\system32\kbdpash.dll
2009-01-26 21:41:05 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2009-01-26 21:41:05 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2009-01-26 21:41:05 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2009-01-26 21:41:05 ----N---- C:\WINDOWS\system32\eapsvc.dll
2009-01-26 21:41:05 ----N---- C:\WINDOWS\system32\eapqec.dll
2009-01-26 21:41:05 ----N---- C:\WINDOWS\system32\eappprxy.dll
2009-01-26 21:41:05 ----N---- C:\WINDOWS\system32\eapphost.dll
2009-01-26 21:41:05 ----N---- C:\WINDOWS\system32\eappgnui.dll
2009-01-26 21:41:05 ----N---- C:\WINDOWS\system32\eappcfg.dll
2009-01-26 21:41:05 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2009-01-26 21:41:05 ----N---- C:\WINDOWS\system32\eapolqec.dll
2009-01-26 21:41:05 ----N---- C:\WINDOWS\system32\dot3ui.dll
2009-01-26 21:41:05 ----N---- C:\WINDOWS\system32\dot3svc.dll
2009-01-26 21:41:05 ----N---- C:\WINDOWS\system32\dot3msm.dll
2009-01-26 21:41:05 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2009-01-26 21:41:05 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2009-01-26 21:41:05 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2009-01-26 21:41:05 ----N---- C:\WINDOWS\system32\dot3api.dll
2009-01-26 21:41:05 ----N---- C:\WINDOWS\system32\dimsroam.dll
2009-01-26 21:41:05 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2009-01-26 21:41:05 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2009-01-26 21:41:04 ----N---- C:\WINDOWS\system32\napstat.exe
2009-01-26 21:41:04 ----N---- C:\WINDOWS\system32\napmontr.dll
2009-01-26 21:41:04 ----N---- C:\WINDOWS\system32\napipsec.dll
2009-01-26 21:41:04 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2009-01-26 21:41:04 ----N---- C:\WINDOWS\system32\mssha.dll
2009-01-26 21:41:03 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2009-01-26 21:41:03 ----N---- C:\WINDOWS\system32\verclsid.exe
2009-01-26 21:41:03 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-01-26 21:41:03 ----N---- C:\WINDOWS\system32\tspkg.dll
2009-01-26 21:41:03 ----N---- C:\WINDOWS\system32\tsgqec.dll
2009-01-26 21:41:03 ----N---- C:\WINDOWS\system32\setupn.exe
2009-01-26 21:41:03 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2009-01-26 21:41:03 ----N---- C:\WINDOWS\system32\rasqec.dll
2009-01-26 21:41:03 ----N---- C:\WINDOWS\system32\qutil.dll
2009-01-26 21:41:03 ----N---- C:\WINDOWS\system32\qcliprov.dll
2009-01-26 21:41:03 ----N---- C:\WINDOWS\system32\qagentrt.dll
2009-01-26 21:41:03 ----N---- C:\WINDOWS\system32\qagent.dll
2009-01-26 21:41:03 ----N---- C:\WINDOWS\system32\onex.dll
2009-01-26 21:41:02 ----N---- C:\WINDOWS\system32\wlanapi.dll
2009-01-26 21:41:00 ----N---- C:\WINDOWS\system32\xmllite.dll
2009-01-26 21:41:00 ----D---- C:\WINDOWS\system32\cs-cz
2009-01-26 21:41:00 ----D---- C:\WINDOWS\system32\cs
2009-01-26 21:41:00 ----D---- C:\WINDOWS\system32\bits
2009-01-26 21:41:00 ----D---- C:\WINDOWS\l2schemas
2009-01-26 21:38:07 ----D---- C:\WINDOWS\network diagnostic
2009-01-26 21:37:09 ----A---- C:\WINDOWS\005478_.tmp
2009-01-26 19:22:30 ----D---- C:\Program Files\Rockstar Games
2009-01-26 01:43:56 ----D---- C:\Program Files\GamePark
2009-01-07 12:33:08 ----D---- C:\Documents and Settings\olin\Data aplikací\Ashampoo
2009-01-07 12:31:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\ashampoo
2008-12-30 11:16:27 ----A---- C:\WINDOWS\nwn.ini
2008-12-29 17:29:43 ----D---- C:\Program Files\WMV9_VCM
2008-12-20 22:12:36 ----D---- C:\Documents and Settings\olin\Data aplikací\The Creative Assembly
2008-12-20 22:09:46 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2008-12-20 22:09:46 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2008-12-20 22:09:46 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2008-12-20 22:09:45 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2008-12-20 22:09:45 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2008-12-20 22:09:45 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2008-12-20 22:09:44 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2008-12-17 09:43:23 ----A---- C:\WINDOWS\ipuninst.exe
2008-12-03 13:03:32 ----D---- C:\RESCUE
2008-12-02 10:19:08 ----A---- C:\WINDOWS\system32\unace.dll
2008-12-01 18:21:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2008-12-01 18:20:46 ----D---- C:\Documents and Settings\olin\Data aplikací\DAEMON Tools Lite
2008-11-26 09:55:02 ----A---- C:\WINDOWS\system32\PhysXCplUI.exe
2008-11-25 09:38:10 ----A---- C:\WINDOWS\system32\PhysXCompatCplUI.exe
2008-11-24 20:59:06 ----D---- C:\Program Files\EGOSOFT
2008-11-24 03:40:03 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$
2008-11-24 03:39:59 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-11-24 03:39:57 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2008-11-24 03:39:35 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2008-11-24 03:38:49 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE
2008-11-22 22:43:00 ----D---- C:\Program Files\EACom
2008-11-22 10:38:12 ----A---- C:\WINDOWS\AviSplitter.INI
2008-10-23 19:33:39 ----A---- C:\WINDOWS\game.ini
2008-10-21 08:21:23 ----D---- C:\Documents and Settings\olin\Data aplikací\Zoner
2008-10-16 15:09:44 ----A---- C:\WINDOWS\system32\wups2.dll
2008-10-16 15:08:56 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-10-16 15:07:48 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-10-16 15:07:14 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-10-07 16:40:19 ----D---- C:\Program Files\Activision
2008-10-07 09:13:30 ----A---- C:\WINDOWS\system32\physxcudart_20.dll
2008-10-07 09:13:22 ----A---- C:\WINDOWS\system32\AgCPanelTraditionalChinese.dll
2008-10-07 09:13:20 ----A---- C:\WINDOWS\system32\AgCPanelSwedish.dll
2008-10-07 09:13:20 ----A---- C:\WINDOWS\system32\AgCPanelSpanish.dll
2008-10-07 09:13:20 ----A---- C:\WINDOWS\system32\AgCPanelSimplifiedChinese.dll
2008-10-07 09:13:20 ----A---- C:\WINDOWS\system32\AgCPanelPortugese.dll
2008-10-07 09:13:20 ----A---- C:\WINDOWS\system32\AgCPanelKorean.dll
2008-10-07 09:13:20 ----A---- C:\WINDOWS\system32\AgCPanelJapanese.dll
2008-10-07 09:13:20 ----A---- C:\WINDOWS\system32\AgCPanelGerman.dll
2008-10-07 09:13:20 ----A---- C:\WINDOWS\system32\AgCPanelFrench.dll
2008-09-28 20:22:47 ----D---- C:\WINDOWS\95FC26FB19FD4A96BBB1B1062E8648F5.TMP
2008-09-21 02:34:33 ----D---- C:\WINDOWS\NV27402736.TMP
2008-09-08 02:16:57 ----D---- C:\Program Files\Common Files\lightning group shared files
2008-08-13 18:23:15 ----D---- C:\WINDOWS\system32\XPSViewer
2008-08-13 18:23:14 ----D---- C:\WINDOWS\system32\en-us
2008-08-13 18:22:44 ----D---- C:\Program Files\Reference Assemblies
2008-08-13 18:22:25 ----N---- C:\WINDOWS\system32\spmsg2.dll
2008-08-13 18:22:07 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2008-08-10 21:53:56 ----D---- C:\Documents and Settings\olin\Data aplikací\Leadertech
2008-08-07 16:37:54 ----D---- C:\temp
2008-08-06 20:50:24 ----D---- C:\Program Files\DAEMON Tools Pro
2008-08-06 20:50:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Pro
2008-08-06 20:50:16 ----D---- C:\Documents and Settings\olin\Data aplikací\DAEMON Tools Pro
2008-08-03 17:30:19 ----D---- C:\Program Files\7-Zip
2008-07-29 22:10:04 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2008-07-29 22:10:04 ----A---- C:\WINDOWS\system32\evr.dll
2008-07-29 22:10:04 ----A---- C:\WINDOWS\system32\dxva2.dll
2008-07-29 21:35:46 ----A---- C:\WINDOWS\system32\PresentationHost.exe
2008-07-29 20:59:58 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2008-07-29 20:59:58 ----A---- C:\WINDOWS\system32\PresentationNative_v0300.dll
2008-07-29 20:59:58 ----A---- C:\WINDOWS\system32\PresentationHostProxy.dll
2008-07-29 20:59:58 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2008-07-29 20:24:50 ----A---- C:\WINDOWS\system32\infocardapi.dll
2008-07-29 20:24:50 ----A---- C:\WINDOWS\system32\icardres.dll
2008-07-29 20:24:50 ----A---- C:\WINDOWS\system32\icardagt.exe
2008-07-29 06:49:58 ----A---- C:\WINDOWS\system32\icardres.dll.mui
2008-07-25 18:49:59 ----D---- C:\Program Files\Vampire World
2008-07-25 12:16:58 ----A---- C:\WINDOWS\system32\mscories.dll
2008-07-25 12:16:58 ----A---- C:\WINDOWS\system32\mscorier.dll
2008-07-25 12:16:58 ----A---- C:\WINDOWS\system32\mscoree.dll
2008-07-25 12:16:46 ----A---- C:\WINDOWS\system32\dfshim.dll
2008-07-04 14:51:33 ----A---- C:\WINDOWS\I_VIEW32.INI
2008-06-29 13:55:42 ----D---- C:\ProgramData
2008-06-29 13:15:32 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2008-06-29 13:15:32 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2008-06-29 13:15:31 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2008-06-29 13:15:31 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2008-06-29 13:15:31 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2008-06-29 13:15:31 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2008-06-29 13:15:30 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2008-06-29 13:15:30 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2008-06-29 13:15:30 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2008-06-29 13:15:30 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2008-06-29 13:15:30 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2008-06-29 13:15:30 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2008-06-29 13:15:29 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2008-06-29 13:14:21 ----D---- C:\WINDOWS\Logs
2008-06-29 13:13:52 ----A---- C:\WINDOWS\disney.ini
2008-06-29 13:02:41 ----D---- C:\Program Files\DAEMON Tools Toolbar
2008-06-29 13:02:38 ----D---- C:\Program Files\DAEMON Tools Lite
2008-06-14 16:26:58 ----D---- C:\Program Files\BlackAngel Software
2008-06-13 18:52:44 ----D---- C:\Program Files\VideoLAN
2008-06-06 22:31:47 ----A---- C:\WINDOWS\uninst.exe
2008-06-06 18:11:09 ----AD---- C:\Program Files\ico
2008-05-15 18:00:24 ----A---- C:\WINDOWS\bnetunin.exe
2008-05-14 20:13:34 ----D---- C:\SIERRA
2008-05-14 20:11:25 ----D---- C:\Documents and Settings\olin\Data aplikací\Help
2008-05-14 20:07:27 ----A---- C:\WINDOWS\~GLH0000.TMP
2008-05-14 20:07:27 ----A---- C:\WINDOWS\~GLC0000.TMP
2008-05-10 01:21:58 ----D---- C:\rsit
2008-05-10 01:21:58 ----D---- C:\Program Files\trend micro
2008-05-08 04:39:03 ----D---- C:\Documents and Settings\olin\Data aplikací\AVG8
2008-05-08 03:22:19 ----D---- C:\Program Files\ESET
2008-05-08 02:30:12 ----D---- C:\Program Files\F-Secure
2008-05-08 02:25:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\fssg
2008-05-08 02:24:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\f-secure
2008-05-08 02:21:36 ----D---- C:\Program Files\TO2SSM
2008-05-08 02:17:39 ----D---- C:\Documents and Settings\olin\Data aplikací\Motive
2008-05-08 02:17:33 ----D---- C:\Program Files\TO2SAM
2008-05-08 02:17:27 ----D---- C:\Program Files\Common Files\Motive
2008-05-08 02:16:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\Motive
2008-05-06 04:35:13 ----A---- C:\WINDOWS\system32\krl32mainweq.dll
2008-05-06 04:33:41 ----A---- C:\Documents and Settings\All Users\Data aplikací\sysReserve.ini
2008-05-02 20:48:10 ----A---- C:\WINDOWS\system32\CmdLineExt03.dll
2008-04-30 23:31:25 ----D---- C:\Program Files\Common Files\DirectX
2008-04-22 21:14:25 ----D---- C:\Documents and Settings\olin\Data aplikací\PC
2008-04-21 05:22:01 ----D---- C:\WINDOWS\Empire Total War v1.4 Update
2008-04-21 05:21:56 ----A---- C:\WINDOWS\Empire Total War v1.4 Update Setup Log.txt
2008-04-14 08:06:39 ----A---- C:\WINDOWS\system32\appdrvrem01.exe
2008-04-14 06:06:50 ----D---- C:\Documents and Settings\olin\Data aplikací\XRay Engine
2008-04-14 05:26:59 ----D---- C:\Program Files\Deep Silver

======List of files/folders modified in the last 1 months======

2009-09-27 17:12:22 ----A---- C:\WINDOWS\system32\nvudisp.exe
2009-09-27 16:12:22 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2009-09-27 16:12:22 ----A---- C:\WINDOWS\system32\nvcuda.dll
2009-09-27 16:12:22 ----A---- C:\WINDOWS\system32\nvcodins.dll
2009-09-27 16:12:22 ----A---- C:\WINDOWS\system32\nvcod.dll
2009-09-27 16:12:22 ----A---- C:\WINDOWS\system32\nvapi.dll
2009-09-27 16:12:22 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2009-09-24 10:24:18 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2009-08-06 20:24:18 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-08-06 20:24:18 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-08-06 20:24:10 ----A---- C:\WINDOWS\system32\wups.dll
2009-08-06 20:24:06 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-08-06 20:24:04 ----A---- C:\WINDOWS\system32\cdm.dll
2009-08-06 20:23:54 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-08-06 20:23:46 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-04-09 16:59:42 ----RA---- C:\WINDOWS\system32\tmp36.tmp
2009-04-09 16:59:42 ----RA---- C:\WINDOWS\system32\tmp35.tmp
2009-01-26 21:46:36 ----A---- C:\WINDOWS\OEWABLog.txt
2009-01-26 21:46:16 ----A---- C:\WINDOWS\setuplog.txt
2009-01-26 21:45:10 ----D---- C:\WINDOWS\system32\Setup
2009-01-26 21:45:10 ----D---- C:\WINDOWS\AppPatch
2009-01-26 21:45:10 ----D---- C:\Program Files\Messenger
2009-01-26 21:45:09 ----D---- C:\WINDOWS\system32\wbem
2009-01-26 21:44:24 ----D---- C:\WINDOWS\security
2009-01-26 21:41:09 ----D---- C:\WINDOWS\EHome
2009-01-26 21:41:08 ----D---- C:\WINDOWS\system32\inetsrv
2009-01-26 21:41:08 ----D---- C:\WINDOWS\ime
2009-01-26 21:41:00 ----D---- C:\WINDOWS\system32\usmt
2009-01-26 21:41:00 ----D---- C:\WINDOWS\peernet
2009-01-26 21:40:59 ----D---- C:\Program Files\Movie Maker
2009-01-26 21:39:33 ----D---- C:\WINDOWS\system32\Restore
2009-01-26 21:39:33 ----D---- C:\WINDOWS\system32\npp
2009-01-26 21:39:33 ----D---- C:\WINDOWS\msagent
2009-01-26 21:39:32 ----D---- C:\WINDOWS\srchasst
2009-01-26 21:39:31 ----D---- C:\WINDOWS\system32\Com
2009-01-26 21:39:31 ----D---- C:\Program Files\NetMeeting
2009-01-26 21:39:29 ----D---- C:\Program Files\Windows NT
2009-01-26 21:39:29 ----D---- C:\Program Files\Outlook Express
2009-01-26 21:39:25 ----D---- C:\Program Files\Common Files\System
2009-01-26 21:39:12 ----D---- C:\WINDOWS\system32\oobe
2009-01-26 21:39:11 ----D---- C:\WINDOWS\system
2009-01-26 21:37:01 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-01-26 21:33:15 ----D---- C:\WINDOWS\Debug
2009-01-20 00:13:10 ----D---- C:\Documents and Settings\olin\Data aplikací\Bioshock
2009-01-11 00:12:48 ----D---- C:\Documents and Settings\olin\Data aplikací\Games
2008-12-02 10:09:09 ----D---- C:\cestina
2008-12-01 18:21:45 ----D---- C:\Documents and Settings\olin\Data aplikací\DAEMON Tools
2008-11-24 03:40:05 ----A---- C:\WINDOWS\imsins.BAK
2008-11-24 03:40:00 ----D---- C:\WINDOWS\system32\LogFiles
2008-11-24 03:38:49 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2008-11-23 21:19:14 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2008-11-23 20:41:34 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2008-11-23 20:41:34 ----A---- C:\WINDOWS\system32\pbsvc.exe
2008-09-29 02:00:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2008-09-26 02:38:40 ----A---- C:\WINDOWS\BlendSettings.ini
2008-09-21 02:16:20 ----D---- C:\Documents and Settings\olin\Data aplikací\My Games
2008-09-11 21:19:42 ----A---- C:\WINDOWS\TRNCOM.INI
2008-09-11 21:19:13 ----A---- C:\WINDOWS\Wdict32.INI
2008-08-17 22:26:47 ----D---- C:\WINDOWS\Minidump
2008-08-13 18:25:07 ----D---- C:\Program Files\MSBuild
2008-08-13 18:22:33 ----D---- C:\WINDOWS\system32\spool
2008-08-10 21:56:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\Codemasters
2008-08-07 15:41:25 ----D---- C:\Documents and Settings\olin\Data aplikací\Adobe
2008-08-04 03:53:41 ----D---- C:\WINDOWS\Cursors
2008-07-06 14:06:10 ----A---- C:\WINDOWS\system32\xpssvcs.dll
2008-07-06 14:06:10 ----A---- C:\WINDOWS\system32\xpsshhdr.dll
2008-07-06 14:06:10 ----A---- C:\WINDOWS\system32\prntvpt.dll
2008-06-22 21:30:47 ----D---- C:\Program Files\THQ
2008-06-11 18:29:19 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2008-06-06 18:11:13 ----D---- C:\Program Files\WinRAR
2008-05-15 00:43:00 ----A---- C:\WINDOWS\system32\nvnt4cpl.dll
2008-05-15 00:43:00 ----A---- C:\WINDOWS\system32\nvmccsrs.dll
2008-05-15 00:43:00 ----A---- C:\WINDOWS\system32\nvexpbar.dll
2008-05-10 01:27:27 ----D---- C:\WINDOWS
2008-05-10 01:27:27 ----A---- C:\WINDOWS\MAILTRAN.INI
2008-05-10 01:26:18 ----D---- C:\Documents and Settings\olin\Data aplikací\vlc
2008-05-10 01:21:58 ----D---- C:\Program Files
2008-05-10 01:13:57 ----D---- C:\Program Files\Mozilla Firefox
2008-05-10 00:55:30 ----D---- C:\WINDOWS\Temp
2008-05-10 00:55:30 ----D---- C:\WINDOWS\system32
2008-05-10 00:54:29 ----SHD---- C:\WINDOWS\CSC
2008-05-08 20:56:36 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-05-08 04:45:17 ----SHD---- C:\WINDOWS\Installer
2008-05-08 04:45:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\avg9
2008-05-08 04:44:20 ----D---- C:\WINDOWS\system32\drivers
2008-05-08 02:30:51 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-05-08 02:19:14 ----D---- C:\WINDOWS\system32\CatRoot2
2008-05-08 02:17:27 ----D---- C:\Program Files\Common Files
2008-05-06 02:55:40 ----D---- C:\Documents and Settings\olin\Data aplikací\dvdcss
2008-05-04 00:49:00 ----A---- C:\WINDOWS\WTRAN32.INI
2008-04-29 21:21:25 ----D---- C:\Documents and Settings\olin\Data aplikací\uTorrent
2008-04-28 15:53:40 ----RA---- C:\WINDOWS\system32\tmp62.tmp
2008-04-28 15:53:40 ----RA---- C:\WINDOWS\system32\tmp61.tmp
2008-04-21 06:20:47 ----D---- C:\Program Files\The Creative Assembly
2008-04-20 00:23:58 ----D---- C:\Documents and Settings\olin\Data aplikací\InstallShield Installation Information
2008-04-19 04:06:37 ----A---- C:\WINDOWS\NeroDigital.ini
2008-04-14 09:57:22 ----A---- C:\WINDOWS\system32\netsetup.exe
2008-04-14 09:53:30 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-04-14 09:53:30 ----A---- C:\WINDOWS\system32\rdpdd.dll
2008-04-14 09:53:28 ----A---- C:\WINDOWS\system32\tsddd.dll
2008-04-14 09:52:58 ----A---- C:\WINDOWS\system32\tree.com
2008-04-14 09:52:58 ----A---- C:\WINDOWS\system32\more.com
2008-04-14 09:52:58 ----A---- C:\WINDOWS\system32\format.com
2008-04-14 09:52:56 ----N---- C:\WINDOWS\system32\wuauclt1.exe
2008-04-14 09:52:56 ----A---- C:\WINDOWS\system32\xcopy.exe
2008-04-14 09:52:56 ----A---- C:\WINDOWS\system32\wscript.exe
2008-04-14 09:52:56 ----A---- C:\WINDOWS\system32\wscntfy.exe
2008-04-14 09:52:56 ----A---- C:\WINDOWS\system32\wpnpinst.exe
2008-04-14 09:52:56 ----A---- C:\WINDOWS\system32\wpabaln.exe
2008-04-14 09:52:54 ----A---- C:\WINDOWS\winhlp32.exe
2008-04-14 09:52:54 ----A---- C:\WINDOWS\system32\winver.exe
2008-04-14 09:52:54 ----A---- C:\WINDOWS\system32\winlogon.exe
2008-04-14 09:52:54 ----A---- C:\WINDOWS\system32\wiaacmgr.exe
2008-04-14 09:52:52 ----A---- C:\WINDOWS\system32\wextract.exe
2008-04-14 09:52:52 ----A---- C:\WINDOWS\system32\vssvc.exe
2008-04-14 09:52:52 ----A---- C:\WINDOWS\system32\utilman.exe
2008-04-14 09:52:52 ----A---- C:\WINDOWS\system32\userinit.exe
2008-04-14 09:52:52 ----A---- C:\WINDOWS\system32\ups.exe
2008-04-14 09:52:52 ----A---- C:\WINDOWS\system32\upnpcont.exe
2008-04-14 09:52:52 ----A---- C:\WINDOWS\system32\tracert.exe
2008-04-14 09:52:52 ----A---- C:\WINDOWS\system32\tracerpt.exe
2008-04-14 09:52:50 ----N---- C:\WINDOWS\system32\spupdwxp.exe
2008-04-14 09:52:50 ----N---- C:\WINDOWS\system32\spnpinst.exe
2008-04-14 09:52:50 ----A---- C:\WINDOWS\system32\tourstart.exe
2008-04-14 09:52:50 ----A---- C:\WINDOWS\system32\tlntsvr.exe
2008-04-14 09:52:50 ----A---- C:\WINDOWS\system32\tlntsess.exe
2008-04-14 09:52:50 ----A---- C:\WINDOWS\system32\tlntadmn.exe
2008-04-14 09:52:50 ----A---- C:\WINDOWS\system32\telnet.exe
2008-04-14 09:52:50 ----A---- C:\WINDOWS\system32\taskmgr.exe
2008-04-14 09:52:50 ----A---- C:\WINDOWS\system32\tasklist.exe
2008-04-14 09:52:50 ----A---- C:\WINDOWS\system32\taskkill.exe
2008-04-14 09:52:50 ----A---- C:\WINDOWS\system32\systeminfo.exe
2008-04-14 09:52:50 ----A---- C:\WINDOWS\system32\sysocmgr.exe
2008-04-14 09:52:50 ----A---- C:\WINDOWS\system32\svchost.exe
2008-04-14 09:52:50 ----A---- C:\WINDOWS\system32\stimon.exe
2008-04-14 09:52:50 ----A---- C:\WINDOWS\system32\spoolsv.exe
2008-04-14 09:52:50 ----A---- C:\WINDOWS\system32\spider.exe
2008-04-14 09:52:48 ----N---- C:\WINDOWS\system32\smbinst.exe
2008-04-14 09:52:48 ----N---- C:\WINDOWS\system32\slserv.exe
2008-04-14 09:52:48 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-04-14 09:52:48 ----N---- C:\WINDOWS\slrundll.exe
2008-04-14 09:52:48 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2008-04-14 09:52:48 ----A---- C:\WINDOWS\system32\sort.exe
2008-04-14 09:52:48 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-04-14 09:52:48 ----A---- C:\WINDOWS\system32\smss.exe
2008-04-14 09:52:48 ----A---- C:\WINDOWS\system32\smlogsvc.exe
2008-04-14 09:52:48 ----A---- C:\WINDOWS\system32\skeys.exe
2008-04-14 09:52:48 ----A---- C:\WINDOWS\system32\sigverif.exe
2008-04-14 09:52:48 ----A---- C:\WINDOWS\system32\shutdown.exe
2008-04-14 09:52:48 ----A---- C:\WINDOWS\system32\shrpubw.exe
2008-04-14 09:52:48 ----A---- C:\WINDOWS\system32\shmgrate.exe
2008-04-14 09:52:46 ----A---- C:\WINDOWS\system32\schtasks.exe
2008-04-14 09:52:46 ----A---- C:\WINDOWS\system32\setup.exe
2008-04-14 09:52:46 ----A---- C:\WINDOWS\system32\sethc.exe
2008-04-14 09:52:46 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-04-14 09:52:46 ----A---- C:\WINDOWS\system32\services.exe
2008-04-14 09:52:46 ----A---- C:\WINDOWS\system32\secedit.exe
2008-04-14 09:52:46 ----A---- C:\WINDOWS\system32\sdbinst.exe
2008-04-14 09:52:46 ----A---- C:\WINDOWS\system32\scardsvr.exe
2008-04-14 09:52:46 ----A---- C:\WINDOWS\system32\savedump.exe
2008-04-14 09:52:44 ----A---- C:\WINDOWS\system32\runonce.exe
2008-04-14 09:52:44 ----A---- C:\WINDOWS\system32\rundll32.exe
2008-04-14 09:52:44 ----A---- C:\WINDOWS\system32\rtcshare.exe
2008-04-14 09:52:44 ----A---- C:\WINDOWS\system32\rsnotify.exe
2008-04-14 09:52:44 ----A---- C:\WINDOWS\system32\rsh.exe
2008-04-14 09:52:44 ----A---- C:\WINDOWS\system32\rexec.exe
2008-04-14 09:52:44 ----A---- C:\WINDOWS\system32\regsvr32.exe
2008-04-14 09:52:44 ----A---- C:\WINDOWS\system32\reg.exe
2008-04-14 09:52:44 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-04-14 09:52:44 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-04-14 09:52:44 ----A---- C:\WINDOWS\regedit.exe
2008-04-14 09:52:42 ----N---- C:\WINDOWS\system32\powercfg.exe
2008-04-14 09:52:42 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-04-14 09:52:42 ----A---- C:\WINDOWS\system32\rcp.exe
2008-04-14 09:52:42 ----A---- C:\WINDOWS\system32\rcimlby.exe
2008-04-14 09:52:42 ----A---- C:\WINDOWS\system32\rasphone.exe
2008-04-14 09:52:42 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-04-14 09:52:42 ----A---- C:\WINDOWS\system32\proxycfg.exe
2008-04-14 09:52:42 ----A---- C:\WINDOWS\system32\proquota.exe
2008-04-14 09:52:42 ----A---- C:\WINDOWS\system32\progman.exe
2008-04-14 09:52:42 ----A---- C:\WINDOWS\system32\ping.exe
2008-04-14 09:52:42 ----A---- C:\WINDOWS\system32\perfmon.exe
2008-04-14 09:52:42 ----A---- C:\WINDOWS\system32\packager.exe
2008-04-14 09:52:42 ----A---- C:\WINDOWS\system32\osk.exe
2008-04-14 09:52:42 ----A---- C:\WINDOWS\system32\openfiles.exe
2008-04-14 09:52:42 ----A---- C:\WINDOWS\system32\odbcconf.exe
2008-04-14 09:52:42 ----A---- C:\WINDOWS\system32\odbcad32.exe
2008-04-14 09:52:40 ----A---- C:\WINDOWS\system32\ntvdm.exe
2008-04-14 09:52:40 ----A---- C:\WINDOWS\system32\ntbackup.exe
2008-04-14 09:52:40 ----A---- C:\WINDOWS\system32\nslookup.exe
2008-04-14 09:52:40 ----A---- C:\WINDOWS\system32\notepad.exe
2008-04-14 09:52:40 ----A---- C:\WINDOWS\system32\netstat.exe
2008-04-14 09:52:40 ----A---- C:\WINDOWS\system32\netsh.exe
2008-04-14 09:52:40 ----A---- C:\WINDOWS\system32\netdde.exe
2008-04-14 09:52:40 ----A---- C:\WINDOWS\notepad.exe
2008-04-14 09:52:38 ----A---- C:\WINDOWS\system32\net1.exe
2008-04-14 09:52:38 ----A---- C:\WINDOWS\system32\net.exe
2008-04-14 09:52:38 ----A---- C:\WINDOWS\system32\nddeapir.exe
2008-04-14 09:52:38 ----A---- C:\WINDOWS\system32\narrator.exe
2008-04-14 09:52:38 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-04-14 09:52:38 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-04-14 09:52:36 ----A---- C:\WINDOWS\system32\msiexec.exe
2008-04-14 09:52:36 ----A---- C:\WINDOWS\system32\mshta.exe
2008-04-14 09:52:36 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-04-14 09:52:36 ----A---- C:\WINDOWS\system32\mqtgsvc.exe
2008-04-14 09:52:36 ----A---- C:\WINDOWS\system32\mqsvc.exe
2008-04-14 09:52:36 ----A---- C:\WINDOWS\system32\mqbkup.exe
2008-04-14 09:52:36 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-04-14 09:52:32 ----A---- C:\WINDOWS\system32\mobsync.exe
2008-04-14 09:52:32 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-04-14 09:52:32 ----A---- C:\WINDOWS\system32\mmc.exe
2008-04-14 09:52:30 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-04-14 09:52:30 ----A---- C:\WINDOWS\system32\makecab.exe
2008-04-14 09:52:30 ----A---- C:\WINDOWS\system32\magnify.exe
2008-04-14 09:52:30 ----A---- C:\WINDOWS\system32\lsass.exe
2008-04-14 09:52:30 ----A---- C:\WINDOWS\system32\logonui.exe
2008-04-14 09:52:30 ----A---- C:\WINDOWS\system32\logman.exe
2008-04-14 09:52:30 ----A---- C:\WINDOWS\system32\locator.exe
2008-04-14 09:52:28 ----A---- C:\WINDOWS\system32\ipxroute.exe
2008-04-14 09:52:28 ----A---- C:\WINDOWS\system32\ipv6.exe
2008-04-14 09:52:28 ----A---- C:\WINDOWS\system32\ipconfig.exe
2008-04-14 09:52:28 ----A---- C:\WINDOWS\system32\imapi.exe
2008-04-14 09:52:28 ----A---- C:\WINDOWS\system32\iexpress.exe
2008-04-14 09:52:28 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2008-04-14 09:52:26 ----A---- C:\WINDOWS\system32\help.exe
2008-04-14 09:52:26 ----A---- C:\WINDOWS\system32\grpconv.exe
2008-04-14 09:52:26 ----A---- C:\WINDOWS\system32\gpresult.exe
2008-04-14 09:52:26 ----A---- C:\WINDOWS\system32\getmac.exe
2008-04-14 09:52:26 ----A---- C:\WINDOWS\hh.exe
2008-04-14 09:52:24 ----N---- C:\WINDOWS\system32\fsquirt.exe
2008-04-14 09:52:24 ----N---- C:\WINDOWS\system32\fltmc.exe

Zdravim,

log neni cely,ale nevadi.

Pripojte vsechny flash disky,ktere pouzivate,do pc.

CTETE POZORNE NAVOD,TENTO SOFT NETOLERUJE CHYBY V POSTUPU APLIKOVANI!

Klidne si nasledujici radky vytisknete,at vite,co se bude na obrazovce odehravat.

Budte prihlasen na pc s administratorskymi pravy.

stahnete a ulozte nejlepe na plochu ComboFix

v pripade,ze nepujde stranka nacist-stahnete odtud download , popr. nepujde ComboFix spustit - prejmenujte jej na grinder.com a postupujte dale dle instrukci.

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano:



Souhlasit s instalaci Recovery console(Konzola pro zotaveni)-nutno funkcni internet

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: upozorneni: Vypnete rezidentni stit u antiviru a antispywaru a zakazte docasne firewall-ComboFix by nemusel fungovat korektne-pokud budete mit stity vypnute a Combofix zahlasi,ze nejsou,pokracujte dal a potvrdte.

po restartu aplikace vytvori log, ulozeny na C:/Combofix.txt (pri opakovanem pouziti jsou logy oznaceny Combofix2.txt atd.), jeho obsah vlozte sem

earl píše:Zdravim,

log neni cely,ale nevadi.

Pripojte vsechny flash disky,ktere pouzivate,do pc.

CTETE POZORNE NAVOD,TENTO SOFT NETOLERUJE CHYBY V POSTUPU APLIKOVANI!

Klidne si nasledujici radky vytisknete,at vite,co se bude na obrazovce odehravat.

Budte prihlasen na pc s administratorskymi pravy.

stahnete a ulozte nejlepe na plochu ComboFix

v pripade,ze nepujde stranka nacist-stahnete odtud download , popr. nepujde ComboFix spustit - prejmenujte jej na grinder.com a postupujte dale dle instrukci.

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano:



Souhlasit s instalaci Recovery console(Konzola pro zotaveni)-nutno funkcni internet

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: upozorneni: Vypnete rezidentni stit u antiviru a antispywaru a zakazte docasne firewall-ComboFix by nemusel fungovat korektne-pokud budete mit stity vypnute a Combofix zahlasi,ze nejsou,pokracujte dal a potvrdte.

po restartu aplikace vytvori log, ulozeny na C:/Combofix.txt (pri opakovanem pouziti jsou logy oznaceny Combofix2.txt atd.), jeho obsah vlozte sem

ComboFix 09-12-26.01 - olin 11.05.2008 2:29:23.1.4 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1252.44.1029.18.2046.1700 [GMT 2:00]
Running from: C:\Documents and Settings\olin\Plocha\grinder.com.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\DOCUME~1\olin\LOCALS~1\Temp\tmp2.tmp
C:\WINDOWS\system32\drivers\H8SRTmkmpyvvopj.sys
C:\WINDOWS\system32\H8SRTlvtkdsklpx.dat
C:\WINDOWS\system32\H8SRToyxtqrviut.dll
C:\WINDOWS\system32\H8SRTudpuirgimm.dll
C:\WINDOWS\system32\ieuinit.inf
C:\WINDOWS\system32\krl32mainweq.dll
C:\WINDOWS\system32\srcr.dat
C:\WINDOWS\system32\tmp35.tmp
C:\WINDOWS\system32\tmp36.tmp
C:\WINDOWS\system32\tmp61.tmp
C:\WINDOWS\system32\tmp62.tmp

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_H8SRTd.sys
-------\Legacy_H8SRTd.sys


((((((((((((((((((((((((( Files Created from 2008-04-11 to 2008-05-11 )))))))))))))))))))))))))))))))
.

Nebyla nainstalovana Recovery Console.

Doslo k vymazu nekterych infiltraci.

Log neni cely,chybi dalsi dve tretiny.

earl píše:Nebyla nainstalovana Recovery Console.

Doslo k vymazu nekterych infiltraci.

Log neni cely,chybi dalsi dve tretiny.

V každém případě, díky............ted mi jde Kompáč dobře, i když mi nějak nejde stále vypalovat.
No já sem skopíroval z toho logu co tam bylo...........no rači na to ještě juknu.
Díky na tisíckráté

Zatim nemate zac.
Rad bych ten zbytek videl,je mozne,ze tam neco zustalo a bude treba to docistit.

earl píše:Zatim nemate zac.

Kód: Vybrat vše

log, ulozeny na C:/Combofix.txt (pri opakovanem pouziti jsou logy oznaceny Combofix2.txt atd.)

Rad bych ten zbytek videl,je mozne,ze tam neco zustalo a bude treba to docistit.

Tak tady to je, díky:
ComboFix 10-01-04.01 - olin 20.05.2008 6:30.2.4 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1252.44.1029.18.2046.1487 [GMT 2:00]
Running from: c:\documents and settings\olin\Plocha\grinder.com.exe
FW: F-Secure Profi Antivirus 8.01 *disabled* {D4747503-0346-49EB-9262-997542F79BF4}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\docume~1\olin\LOCALS~1\Temp\tmp2.tmp
c:\windows\system32\drivers\H8SRTmkmpyvvopj.sys
c:\windows\system32\H8SRTlvtkdsklpx.dat
c:\windows\system32\H8SRToyxtqrviut.dll
c:\windows\system32\H8SRTudpuirgimm.dll
c:\windows\system32\ieuinit.inf
c:\windows\system32\krl32mainweq.dll
c:\windows\system32\srcr.dat
c:\windows\system32\tmp35.tmp
c:\windows\system32\tmp36.tmp
c:\windows\system32\tmp61.tmp
c:\windows\system32\tmp62.tmp

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_H8SRTd.sys
-------\Legacy_H8SRTd.sys


((((((((((((((((((((((((( Files Created from 2008-04-20 to 2008-05-20 )))))))))))))))))))))))))))))))
.

2009-09-27 16:19 . 2009-09-27 16:19 3674112 ----a-w- c:\windows\system32\nvwssr.dll
2009-09-27 15:12 . 2009-09-27 14:12 2194024 ----a-w- c:\windows\system32\nvcuvid.dll
2009-09-27 15:12 . 2009-09-27 14:12 1714792 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-09-27 15:12 . 2009-09-27 14:12 1604482 ----a-w- c:\windows\system32\nvdata.bin
2009-08-14 12:36 . 2009-08-14 12:36 70936 ----a-w- c:\windows\system32\PhysXLoader.dll
2009-08-07 18:51 . 2009-08-07 18:51 15308424 ----a-w- c:\windows\system32\xlive.dll
2009-08-07 18:51 . 2009-08-07 18:51 13642888 ----a-w- c:\windows\system32\xlivefnt.dll
2009-08-02 23:21 . 2009-08-02 23:21 23320 ----a-w- c:\windows\system32\PhysXDevice.dll
2009-01-30 17:38 . 2006-01-27 02:47 180224 ----a-w- c:\windows\ijl11.dll
2009-01-30 17:38 . 2006-01-27 02:47 110080 ----a-w- c:\windows\EZTW32.DLL
2009-01-30 17:38 . 2006-08-08 18:34 69632 ----a-w- c:\windows\system32\JetPhoto.scr
2009-01-30 17:38 . 2005-07-20 10:48 59904 ----a-w- c:\windows\system32\zlib1.dll
2009-01-26 19:39 . 2008-04-14 07:51 33792 -c----w- c:\windows\system32\dllcache\custsat.dll
2009-01-26 19:38 . 2008-04-13 23:10 10240 ------w- c:\windows\system32\drivers\sffp_mmc.sys
2009-01-26 17:22 . 2008-04-19 22:23 -------- d-----w- c:\program files\Rockstar Games
2009-01-25 23:43 . 2007-11-25 21:03 -------- d-----w- c:\program files\GamePark
2008-12-29 15:29 . 2008-12-29 15:29 -------- d-----w- c:\program files\WMV9_VCM
2008-12-20 20:09 . 2008-10-10 03:52 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2008-12-20 20:09 . 2008-10-10 03:52 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2008-12-20 20:09 . 2008-10-10 03:52 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2008-12-20 20:09 . 2008-10-27 09:04 514384 ----a-w- c:\windows\system32\XAudio2_3.dll
2008-12-20 20:09 . 2008-10-27 09:04 235856 ----a-w- c:\windows\system32\xactengine3_3.dll
2008-12-20 20:09 . 2008-10-27 09:04 70992 ----a-w- c:\windows\system32\XAPOFX1_2.dll
2008-12-20 20:09 . 2008-10-27 09:04 23376 ----a-w- c:\windows\system32\X3DAudio1_5.dll
2008-12-17 07:43 . 2008-05-18 04:33 52736 ----a-w- c:\windows\ipuninst.exe
2008-12-03 11:03 . 2008-12-03 11:04 -------- d-----w- C:\RESCUE
2008-12-02 08:19 . 2001-02-03 17:20 45056 ----a-w- c:\windows\system32\unace.dll
2008-11-26 07:55 . 2008-11-26 07:55 288024 ----a-w- c:\windows\system32\PhysXCplUI.exe
2008-11-25 07:38 . 2008-11-25 07:38 288024 ----a-w- c:\windows\system32\PhysXCompatCplUI.exe
2008-11-24 18:59 . 2008-11-24 18:59 -------- d-----w- c:\program files\EGOSOFT
2008-11-24 01:39 . 2008-11-24 01:40 -------- d-----w- c:\windows\system32\drivers\umdf
2008-11-24 01:38 . 2008-03-06 21:59 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2008-11-22 20:43 . 2008-11-22 20:43 -------- d-----w- c:\program files\EACom
2008-11-10 19:53 . 2008-11-10 19:53 2306113 ----a-w- c:\windows\system32\GPhotos.scr
2008-10-16 13:09 . 2009-08-06 18:24 44768 ----a-w- c:\windows\system32\wups2.dll
2008-10-07 14:40 . 2007-12-11 02:05 -------- d-----w- c:\program files\Activision
2008-10-07 07:13 . 2008-10-07 07:13 197912 ----a-w- c:\windows\system32\physxcudart_20.dll
2008-10-07 07:13 . 2008-10-07 07:13 58648 ----a-w- c:\windows\system32\AgCPanelTraditionalChinese.dll
2008-10-07 07:13 . 2008-10-07 07:13 58648 ----a-w- c:\windows\system32\AgCPanelSwedish.dll
2008-10-07 07:13 . 2008-10-07 07:13 58648 ----a-w- c:\windows\system32\AgCPanelSpanish.dll
2008-10-07 07:13 . 2008-10-07 07:13 58648 ----a-w- c:\windows\system32\AgCPanelSimplifiedChinese.dll
2008-10-07 07:13 . 2008-10-07 07:13 58648 ----a-w- c:\windows\system32\AgCPanelPortugese.dll
2008-10-07 07:13 . 2008-10-07 07:13 58648 ----a-w- c:\windows\system32\AgCPanelKorean.dll
2008-10-07 07:13 . 2008-10-07 07:13 58648 ----a-w- c:\windows\system32\AgCPanelJapanese.dll
2008-10-07 07:13 . 2008-10-07 07:13 58648 ----a-w- c:\windows\system32\AgCPanelGerman.dll
2008-10-07 07:13 . 2008-10-07 07:13 58648 ----a-w- c:\windows\system32\AgCPanelFrench.dll
2008-09-28 18:22 . 2008-09-28 18:22 -------- d-----w- c:\windows\95FC26FB19FD4A96BBB1B1062E8648F5.TMP
2008-09-21 00:34 . 2008-09-21 00:38 -------- d-----w- c:\windows\NV27402736.TMP
2008-09-08 00:16 . 2008-09-08 00:16 -------- d-----w- c:\program files\Common Files\lightning group shared files
2008-08-13 16:23 . 2008-03-06 22:03 -------- d-----w- c:\windows\system32\XPSViewer
2008-08-13 16:22 . 2008-08-13 16:22 -------- d-----w- c:\program files\Reference Assemblies
2008-08-13 16:22 . 2006-10-14 14:43 27648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2008-08-13 16:22 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll
2008-08-07 14:37 . 2008-08-14 18:09 -------- d-----w- C:\temp
2008-08-06 18:50 . 2008-08-06 18:52 -------- d-----w- c:\program files\DAEMON Tools Pro
2008-08-03 15:30 . 2008-02-06 22:23 -------- d-----w- c:\program files\7-Zip
2008-07-29 20:10 . 2008-07-29 20:10 73720 ----a-w- c:\windows\system32\dxva2.dll
2008-07-29 20:10 . 2008-07-29 20:10 493048 ----a-w- c:\windows\system32\evr.dll
2008-07-29 20:10 . 2008-07-29 20:10 26112 ----a-w- c:\windows\system32\TsWpfWrp.exe
2008-07-29 19:35 . 2008-07-29 19:35 326160 ----a-w- c:\windows\system32\PresentationHost.exe
2008-07-29 18:59 . 2008-07-29 18:59 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2008-07-29 18:59 . 2008-07-29 18:59 43544 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2008-07-29 18:59 . 2008-07-29 18:59 161296 ----a-w- c:\windows\system32\UIAutomationCore.dll
2008-07-29 18:59 . 2008-07-29 18:59 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2008-07-29 18:24 . 2008-07-29 18:24 97800 ----a-w- c:\windows\system32\infocardapi.dll
2008-07-29 18:24 . 2008-07-29 18:24 622080 ----a-w- c:\windows\system32\icardagt.exe
2008-07-29 18:24 . 2008-07-29 18:24 11264 ----a-w- c:\windows\system32\icardres.dll
2008-07-25 16:49 . 2007-11-02 02:12 -------- d-----w- c:\program files\Vampire World
2008-07-25 10:16 . 2008-07-25 10:16 83968 ----a-w- c:\windows\system32\mscories.dll
2008-07-25 10:16 . 2008-07-25 10:16 282112 ----a-w- c:\windows\system32\mscoree.dll
2008-07-25 10:16 . 2008-07-25 10:16 158720 ----a-w- c:\windows\system32\mscorier.dll
2008-07-25 10:16 . 2008-07-25 10:16 96760 ----a-w- c:\windows\system32\dfshim.dll
2008-06-29 11:55 . 2008-06-29 11:55 -------- d-----w- C:\ProgramData
2008-06-29 11:52 . 2008-06-29 11:52 2554 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2008-06-29 11:14 . 2008-06-29 11:14 -------- d-----w- c:\windows\Logs
2008-06-29 11:02 . 2008-05-11 02:06 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2008-06-29 11:02 . 2008-05-11 22:44 -------- d-----w- c:\program files\DAEMON Tools Lite
2008-06-14 14:26 . 2008-06-14 14:26 -------- d-----w- c:\program files\BlackAngel Software
2008-06-13 16:52 . 2008-06-13 16:52 -------- d-----w- c:\program files\VideoLAN
2008-06-06 20:31 . 1997-05-12 15:53 314368 ----a-w- c:\windows\uninst.exe
2008-06-06 16:11 . 2007-11-05 21:34 -------- d---a-w- c:\program files\ico
2008-05-20 04:25 . 2008-05-20 04:28 -------- d-----w- C:\grinder.com
2008-05-19 01:32 . 2008-05-19 01:32 -------- d-----w- c:\program files\Common Files\Nero
2008-05-19 01:32 . 2008-05-19 01:32 -------- d-----w- c:\program files\Ask.com
2008-05-18 04:32 . 2008-05-18 04:32 -------- d-----w- c:\program files\Tantrum
2008-05-15 16:16 . 2008-05-18 01:51 66936 --sha-w- c:\windows\hrinfo_0.drv
2008-05-15 16:00 . 2008-05-15 16:00 86528 ----a-w- c:\windows\bnetunin.exe
2008-05-14 18:13 . 2008-05-14 18:20 -------- d-----w- C:\SIERRA
2008-05-14 18:10 . 2008-05-14 18:10 -------- d-----w- c:\documents and settings\olin\WINDOWS
2008-05-09 23:21 . 2008-05-09 23:27 -------- d-----w- c:\program files\trend micro
2008-05-09 23:21 . 2008-05-09 23:23 -------- d-----w- C:\rsit
2008-05-08 01:22 . 2008-05-08 01:22 -------- d-----w- c:\program files\ESET
2008-05-08 00:30 . 2008-12-04 13:57 79872 ----a-w- c:\windows\system32\drivers\fsdfw.sys
2008-05-08 00:30 . 2008-05-11 00:39 -------- d-----w- c:\program files\F-Secure
2008-05-08 00:21 . 2008-05-08 00:24 -------- d-----w- c:\program files\TO2SSM
2008-05-08 00:17 . 2008-05-08 00:17 -------- d-----w- c:\program files\TO2SAM
2008-05-08 00:17 . 2008-05-08 00:23 -------- d-----w- c:\program files\Common Files\Motive
2008-05-02 18:48 . 2008-07-23 18:32 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2008-04-30 21:31 . 2008-04-30 21:31 -------- d-----w- c:\program files\Common Files\DirectX
2008-04-21 03:22 . 2008-04-21 03:22 -------- d-----w- c:\windows\Empire Total War v1.4 Update

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-27 16:19 . 2009-09-27 16:19 3166208 ----a-w- c:\windows\system32\nvwss.dll
2009-09-27 15:12 . 2007-10-31 10:34 490088 ----a-w- c:\windows\system32\nvudisp.exe
2009-09-27 14:12 . 2008-04-01 03:13 10756096 ----a-w- c:\windows\system32\nvoglnt.dll
2009-09-27 14:12 . 2008-04-01 03:13 2007040 ----a-w- c:\windows\system32\nvcuda.dll
2009-09-27 14:12 . 2008-04-01 03:13 888832 ----a-w- c:\windows\system32\nvapi.dll
2009-09-27 14:12 . 2008-04-01 03:13 170600 ----a-w- c:\windows\system32\nvcodins.dll
2009-09-27 14:12 . 2008-04-01 03:13 170600 ----a-w- c:\windows\system32\nvcod.dll
2009-09-27 14:12 . 2007-02-23 03:25 7655872 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2009-09-27 14:12 . 2007-02-23 03:25 5900416 ----a-w- c:\windows\system32\nv4_disp.dll
2009-09-24 08:24 . 2007-10-31 10:22 490088 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-08-06 18:24 . 2008-01-01 17:12 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-06 18:24 . 2008-01-01 17:12 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-06 18:24 . 2008-01-01 17:12 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-06 18:24 . 2007-10-31 09:52 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-08-06 18:24 . 2002-09-20 16:03 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-06 18:23 . 2008-01-01 17:12 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-06 18:23 . 2007-10-31 09:52 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-01-26 19:42 . 2007-10-31 09:54 86327 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2009-01-26 19:42 . 2007-10-31 09:54 3038 ----a-w- c:\windows\PCHealth\HelpCtr\PackageStore\SkuStore.bin
2008-11-23 19:19 . 2007-12-19 18:32 138464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2008-11-23 19:19 . 2007-12-19 18:32 111928 ----a-w- c:\windows\system32\PnkBstrB.exe
2008-11-23 18:41 . 2007-12-19 18:32 682280 ----a-w- c:\windows\system32\pbsvc.exe
2008-11-23 18:41 . 2007-12-19 18:32 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2008-08-13 16:25 . 2008-01-02 19:13 -------- d-----w- c:\program files\MSBuild
2008-08-03 15:58 . 2007-10-31 20:45 279712 ----a-w- c:\windows\system32\drivers\atksgt.sys
2008-08-03 15:58 . 2007-10-31 20:45 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2008-07-31 09:41 . 2008-06-29 11:15 238088 ----a-w- c:\windows\system32\xactengine3_2.dll
2008-07-31 09:41 . 2008-06-29 11:15 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2008-07-31 09:40 . 2008-06-29 11:15 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2008-07-12 07:18 . 2008-06-29 11:15 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2008-07-12 07:18 . 2008-06-29 11:15 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2008-07-12 07:18 . 2008-06-29 11:15 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2008-07-06 12:06 . 2006-10-14 18:22 1676288 ----a-w- c:\windows\system32\xpssvcs.dll
2008-07-06 12:06 . 2006-10-14 18:21 575488 ----a-w- c:\windows\system32\xpsshhdr.dll
2008-07-06 12:06 . 2006-10-14 14:43 117760 ----a-w- c:\windows\system32\prntvpt.dll
2008-06-22 19:30 . 2007-11-01 17:05 -------- d-----w- c:\program files\THQ
2008-06-11 16:29 . 2007-11-24 13:51 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2008-05-30 13:19 . 2008-06-29 11:15 507400 ----a-w- c:\windows\system32\XAudio2_1.dll
2008-05-30 13:18 . 2008-06-29 11:15 238088 ----a-w- c:\windows\system32\xactengine3_1.dll
2008-05-30 13:17 . 2008-06-29 11:15 65032 ----a-w- c:\windows\system32\XAPOFX1_0.dll
2008-05-30 13:17 . 2008-06-29 11:15 25608 ----a-w- c:\windows\system32\X3DAudio1_4.dll
2008-05-30 13:11 . 2008-06-29 11:15 467984 ----a-w- c:\windows\system32\d3dx10_38.dll
2008-05-30 13:11 . 2008-06-29 11:15 1491992 ----a-w- c:\windows\system32\D3DCompiler_38.dll
2008-05-30 13:11 . 2008-06-29 11:15 3850760 ----a-w- c:\windows\system32\D3DX9_38.dll
2008-05-19 01:33 . 2007-10-31 10:39 -------- d-----w- c:\program files\Nero
2008-05-14 22:43 . 2008-04-01 03:13 286720 ----a-w- c:\windows\system32\nvnt4cpl.dll
2008-05-14 22:43 . 2008-04-01 03:13 45056 ----a-w- c:\windows\system32\nvmccsrs.dll
2008-05-14 22:43 . 2008-04-01 03:13 313888 ----a-w- c:\windows\system32\nvexpbar.dll
2008-05-14 18:07 . 2008-05-14 18:07 5607 ----a-w- c:\windows\~GLH0000.TMP
2008-05-14 18:07 . 2008-05-14 18:07 104688 ----a-w- c:\windows\~GLC0000.TMP
2008-05-13 21:59 . 2007-11-07 23:05 -------- d-----w- c:\program files\ICQ6.5
2008-05-11 02:06 . 2008-01-01 18:15 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2008-05-08 00:30 . 2001-10-25 12:00 84916 ----a-w- c:\windows\system32\perfc005.dat
2008-05-08 00:30 . 2001-10-25 12:00 443544 ----a-w- c:\windows\system32\perfh005.dat
2008-04-21 04:20 . 2008-03-07 21:55 -------- d-----w- c:\program files\The Creative Assembly
2008-04-14 08:16 . 2002-09-20 16:19 1804 ----a-w- c:\windows\system32\dcache.bin
2008-04-14 07:57 . 2002-09-20 16:08 331776 ----a-w- c:\windows\system32\netsetup.exe
2008-04-14 07:52 . 2002-09-20 16:06 393216 ----a-w- c:\windows\system32\ssflwbox.scr
2008-04-14 07:51 . 2002-09-20 16:04 75264 ----a-w- c:\windows\system32\spoolss.dll
2008-04-14 07:50 . 2001-10-25 12:00 5632 ----a-w- c:\windows\system32\wmi.dll
2008-04-14 07:50 . 2001-10-25 12:00 1442816 ----a-w- c:\windows\system32\winntbbu.dll
2008-04-14 07:49 . 2002-09-20 15:55 102912 ----a-w- c:\windows\system32\dpcdll.dll
2008-04-14 07:49 . 2001-10-25 12:00 57375 ----a-w- c:\windows\system32\odbcji32.dll
2008-04-14 07:46 . 2001-10-25 12:00 3584 ----a-w- c:\windows\system32\icmp.dll
2008-04-14 07:44 . 2002-09-20 16:03 9344 ----a-w- c:\windows\system32\framebuf.dll
2008-04-14 07:41 . 2002-08-28 23:08 24064 ----a-w- c:\windows\system32\pidgen.dll
2008-04-14 07:41 . 2007-10-31 10:09 3072 ----a-w- c:\windows\system32\dpnlobby.dll
2008-04-14 07:41 . 2007-10-31 10:09 3072 ----a-w- c:\windows\system32\dpnaddr.dll
2008-04-14 07:38 . 2007-10-31 09:52 539648 ----a-w- c:\windows\system32\comuid.dll
2008-04-14 07:38 . 2001-10-25 12:00 16896 ----a-w- c:\windows\system32\cfgmgr32.dll
2008-04-14 07:37 . 2001-10-25 12:00 285696 ----a-w- c:\windows\system32\atmfd.dll
2008-04-14 07:11 . 2007-10-31 09:53 73344 ----a-w- c:\windows\system32\drivers\sr.sys
2008-04-14 07:10 . 2002-09-20 15:15 120064 ----a-w- c:\windows\system32\drivers\pcmcia.sys
2008-04-14 07:10 . 2007-10-31 10:02 68736 ----a-w- c:\windows\system32\drivers\pci.sys
2008-04-14 07:10 . 2002-09-20 17:15 80000 ----a-w- c:\windows\system32\drivers\parport.sys
2008-04-14 07:10 . 2002-09-20 17:15 46592 ----a-w- c:\windows\system32\drivers\p3.sys
2008-04-14 07:06 . 2002-09-20 17:12 2025984 ----a-w- c:\windows\system32\ntkrnlpa.exe
2008-04-14 07:06 . 2002-09-20 15:12 2147328 ----a-w- c:\windows\system32\ntoskrnl.exe
2008-04-14 07:03 . 2002-09-20 15:28 4096 ----a-w- c:\windows\system32\dsprpres.dll
2008-04-14 07:01 . 2001-10-25 12:00 153856 ----a-w- c:\windows\system32\drivers\dmio.sys
2008-04-14 07:00 . 2006-07-19 08:55 80896 ----a-w- c:\windows\system32\msxml6r.dll
2008-04-14 07:00 . 2001-10-25 12:00 800000 ----a-w- c:\windows\system32\drivers\dmboot.sys
2008-04-14 06:59 . 2002-09-20 15:40 24576 ----a-w- c:\windows\system32\drivers\kbdclass.sys
2008-04-14 06:59 . 2001-10-25 12:00 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2008-04-14 06:58 . 2009-01-26 19:41 78848 ------w- c:\windows\system32\msshavmsg.dll
2008-04-14 06:57 . 2001-10-25 12:00 37248 ----a-w- c:\windows\system32\drivers\isapnp.sys
2008-04-14 06:56 . 2002-09-20 17:21 40576 ----a-w- c:\windows\system32\drivers\crusoe.sys
2008-04-14 06:55 . 2008-01-01 17:12 40192 ------w- c:\windows\system32\drivers\intelppm.sys
2008-04-14 06:55 . 2002-09-20 16:00 2957312 ----a-w- c:\windows\system32\wmploc.dll
2008-04-14 06:54 . 2007-10-31 09:53 47616 ----a-w- c:\windows\system32\inetres.dll
2008-04-14 06:53 . 2001-10-25 12:00 556544 ----a-w- c:\windows\system32\shdoclc.dll
2008-04-14 06:51 . 2007-10-31 10:48 52096 ----a-w- c:\windows\system32\drivers\i8042prt.sys
2008-04-14 06:51 . 2002-09-20 15:21 64256 ----a-w- c:\windows\system32\drivers\serial.sys
2008-04-14 06:49 . 2007-10-31 09:52 6656 ----a-w- c:\windows\system32\wbem\wmiapres.dll
2008-04-14 06:49 . 2008-01-01 17:12 173056 ------w- c:\windows\system32\wmerror.dll
2008-04-14 06:49 . 2008-01-01 17:12 25600 ------w- c:\windows\system32\drivers\hidbth.sys
2008-04-14 06:47 . 2001-10-25 12:00 9728 ----a-w- c:\windows\system32\gpkrsrc.dll
2008-04-14 06:45 . 2002-09-20 15:41 1845632 ----a-w- c:\windows\system32\win32k.sys
2008-04-14 06:45 . 2008-01-01 17:12 272896 ------w- c:\windows\system32\drivers\bthport.sys
2008-04-14 06:44 . 2007-10-31 10:49 58496 ----a-w- c:\windows\system32\drivers\redbook.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-09-30 1182088]

[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-09-30 08:40 1182088 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-09-30 1182088]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-09-30 1182088]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 143360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"OEXPRESS"="c:\windows\OETRN.EXE" [2008-01-03 26624]
"RGSC"="c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2007-11-06 306088]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"ICQ"="c:\program files\ICQ6.5\ICQ.exe" [2009-11-16 172792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 16132608]
"JMB36X IDE Setup"="c:\windows\JM\JMInsIDE.exe" [2006-10-30 36864]
"36X Raid Configurer"="c:\windows\System32\JMRaidSetup.exe" [2007-02-06 1953792]
"EasyTuneV"="c:\program files\Gigabyte\ET5\ETcall.exe" [2007-04-26 24576]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2006-05-16 213936]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-05-16 86960]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2006-05-16 213936]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-02-12 198160]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2009-09-23 1657448]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-27 13918208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-09-27 86016]
"TO2SSM_McciTrayApp"="c:\program files\TO2SSM\McciTrayApp.exe" [2008-08-15 1473536]
"F-Secure Manager"="c:\program files\F-Secure\Common\FSM32.EXE" [2008-12-04 182936]
"F-Secure TNB"="c:\program files\F-Secure\FSGUI\TNBUtil.exe" [2008-12-04 957024]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Activision\\Prototype\\prototypef.exe"=
"c:\\Program Files\\Codemasters\\Overlord II\\Overlord2.exe"=
"c:\\Program Files\\LucasArts\\Star Wars Galactic Battlegrounds Saga\\Game\\battlegrounds_x1.exe"=
"c:\\Program Files\\LucasArts\\Star Wars Galactic Battlegrounds Saga\\Game\\Battlegrounds.exe"=
"c:\\Program Files\\Volition Inc\\Red Faction Guerrilla\\rfg.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Dragon Age\\bin_ship\\daorigins.exe"=
"c:\\Program Files\\Dragon Age\\DAOriginsLauncher.exe"=
"c:\\Program Files\\Dragon Age\\bin_ship\\daupdatersvc.service.exe"=
"c:\\Program Files\\Deep Silver\\S.T.A.L.K.E.R. - Clear Sky\\bin\\xrEngine.exe"=
"c:\\Program Files\\Deep Silver\\S.T.A.L.K.E.R. - Clear Sky\\bin\\dedicated\\xrEngine.exe"=

R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [8.5.2008 2:30 79872]
R1 appdrv01;Application Driver (01);c:\windows\system32\drivers\appdrv01.sys [14.4.2008 8:06 2915944]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [8.11.2007 1:06 222456]
R3 FSORSPClient;F-Secure ORSP Client;c:\program files\F-Secure\ORSP Client\fsorsp.exe [8.5.2008 2:30 55904]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [1.1.2008 20:15 691696]
S2 appdrvrem01;Application Driver Auto Removal Service (01);c:\windows\System32\appdrvrem01.exe svc --> c:\windows\System32\appdrvrem01.exe svc [?]
S2 gupdate1c86d0b81587eec;Služba Google Update (gupdate1c86d0b81587eec);c:\program files\Google\Update\GoogleUpdate.exe [12.2.2008 2:09 133104]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu;c:\program files\Dragon Age\bin_ship\daupdatersvc.service.exe [22.3.2008 5:28 25832]
S3 lac97inf;lac97inf;\??\c:\docume~1\olin\LOCALS~1\Temp\lac97inf.sys --> c:\docume~1\olin\LOCALS~1\Temp\lac97inf.sys [?]
.
Contents of the 'Scheduled Tasks' folder

2008-05-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2008-02-12 00:09]

2008-05-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2008-02-12 00:09]

2008-05-20 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2009-09-30 08:40]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
LSP: c:\program files\F-Secure\FSPS\program\FSLSP.DLL
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\olin\Data aplikací\Mozilla\Firefox\Profiles\0ja1qx9b.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://supertoolbar.ask.com/redirect?client=ff&src=kw&tb=NRO2&o=15422&locale=en_EU&q=
FF - component: c:\documents and settings\olin\Data aplikací\Mozilla\Firefox\Profiles\0ja1qx9b.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - ORPHANS REMOVED - - - -

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKCU-Run-Comrade.exe - c:\program files\GameSpy\Comrade\Comrade.exe
HKCU-Run-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
HKCU-Run-agent.exe - c:\documents and settings\olin\Data aplikací\PC\agent.exe
HKCU-Run-Malware Defense - c:\program files\Malware Defense\mdefense.exe
HKCU-Run-TO2SAM.Activation - e:\serviceactivationmanager\McciInitializer.exe
AddRemove-BattlEye - c:\program files\Bohemia Interactive\ArmA\BattlEye\UnInstallBE.exe
AddRemove-Bloodline demo 1_is1 - c:\program files\Bloodline_demo_1\unins000.exe
AddRemove-Graphical Enhancement Textures - c:\program files\Mount&Blade\Modules\uninstall_texture_pack.exe
AddRemove-LucasArts' Star Wars Rebellion - c:\program files\LucasArts\Star Wars Rebellion\DeIsL1.isu
AddRemove-Need For Speed - Porsche Unleashed - c:\progra~1\ELECTR~1\NEEDFO~1\uninst.log
AddRemove-Sierra Utilities - c:\program files\Sierra On-Line\sutil32.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-20 06:36
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-790525478-1788223648-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-790525478-1788223648-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:8b,18,84,be,9d,e0,82,e4,4c,36,95,7b,d1,c6,e7,a6,98,d7,d6,86,ab,a7,ae,
fa,1e,d2,34,d2,ab,b4,78,a8,e3,d7,ee,2f,33,97,3e,a9,e0,de,00,2a,89,45,f1,21,\
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50

[HKEY_USERS\S-1-5-21-790525478-1788223648-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:c0,11,50,fb,fd,b3,57,3e,e9,e2,2e,7f,26,2a,26,eb,9f,b4,34,58,31,
e2,fc,a7,ac,7b,4e,e6,89,09,5a,47,bb,13,8b,17,92,50,7a,36,6e,d1,6b,eb,1f,63,\
"rkeysecu"=hex:65,18,48,8e,28,49,90,6b,b5,75,cc,af,3d,1e,4d,fa
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(792)
c:\program files\F-Secure\FSPS\program\FSLSP.DLL

- - - - - - - > 'explorer.exe'(624)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2008-05-20 06:37:13
ComboFix-quarantined-files.txt 2008-05-20 04:37

Pre-Run: Volných bajtu: 23 785 394 176
Post-Run: Volných bajtu: 24 144 465 920

- - End Of File - - B027B48BCBFE11FD4D32596F457B0416

Dobré ranko
Záskok za kolegu

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka
-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:




-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci


Stáhněte Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878
- rozbalte a spusťte
-proběhne sken, po skončení se otevře okno s výsledky, klikněte na Save a tím si uložíte log,který sem vložíte

-Podle návodu v odkazu provedete druhý sken a log sem také vložíte.