VIRY.CZ

Zdravim strasne pomaly ide mi notebook...neviem preco..antivirak nemam este ted ziadny nainstalovany....doraz nainstalujem...mam original ESS tu je log z RSIT :

Logfile of random's system information tool 1.06 (written by random/random)
Run by Jozef Čopík at 2010-01-20 18:47:36
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 119 GB (78%) free of 153 GB
Total RAM: 1014 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:47:45, on 20.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AhnRpta.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\VVSN\VVSN.exe
C:\Program Files\Hotbar\bin\11.0.78.0\HotbarSA.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Hotbar\bin\11.0.78.0\Weather.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Opera\Opera.exe
F:\Programy\Programy na Vyrusy\RSIT.exe
C:\Program Files\trend micro\Jozef Čopík.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.gamingharbor.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Jozef Čopík\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: ShopperReports - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShopperReports3\bin\3.0.268.0\ShopperReports.dll
O2 - BHO: Media Access Startup - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - (no file)
O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - (no file)
O2 - BHO: Hotbar - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\Hotbar\bin\11.0.78.0\HostIE.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Jozef Čopík\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: System Search Dispatcher - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Program Files\System Search Dispatcher\1.4.0.970\ssd.dll
O3 - Toolbar: Hotbar - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\Hotbar\bin\11.0.78.0\HostIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [nvch] rundll32.exe rchnewver.dll,go
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [VVSN] C:\Program Files\VVSN\VVSN.exe
O4 - HKLM\..\Run: [HotbarSA] "C:\Program Files\Hotbar\bin\11.0.78.0\HotbarSA.exe"
O4 - HKLM\..\RunOnce: [NSSInstallation] C:\WINDOWS\system32\Adobe\Shockwave 11\nssstub.exe /runonce
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [kamsoft] C:\WINDOWS\system32\ckvo.exe
O4 - HKCU\..\Run: [cdoosoft] C:\DOCUME~1\JOZEFO~1\LOCALS~1\Temp\herss.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [WeatherDPA] "C:\Program Files\Hotbar\bin\11.0.78.0\Weather.exe" -auto
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShopperReports3\bin\3.0.268.0\ShopperReports.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShopperReports3\bin\3.0.268.0\ShopperReports.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe

--
End of file - 6965 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\NSSstub.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465}]
ShopperReports - C:\Program Files\ShopperReports3\bin\3.0.268.0\ShopperReports.dll [2009-12-21 1081856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25B8D58C-B0CB-46b0-BA64-05B3804E4E86}]
Media Access Startup

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86}]
NP Helper Class

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}]
Hotbar - C:\Program Files\Hotbar\bin\11.0.78.0\HostIE.dll [2009-09-15 537904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Jozef Čopík\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CDBFB47B-58A8-4111-BF95-06178DCE326D}]
System Search Dispatcher - C:\Program Files\System Search Dispatcher\1.4.0.970\ssd.dll [2009-08-21 294912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - Hotbar - C:\Program Files\Hotbar\bin\11.0.78.0\HostIE.dll [2009-09-15 537904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-06-12 16861696]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2009-06-12 69632]
"AzMixerSel"=C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe [2009-06-12 53248]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-06-12 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-06-12 166424]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2009-06-12 137752]
"nvch"=rchnewver.dll,go []
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"VVSN"=C:\Program Files\VVSN\VVSN.exe [2005-10-25 107520]
"HotbarSA"=C:\Program Files\Hotbar\bin\11.0.78.0\HotbarSA.exe [2009-09-15 768816]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NSSInstallation"=C:\WINDOWS\system32\Adobe\Shockwave 11\nssstub.exe [2009-11-14 284024]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"kamsoft"=C:\WINDOWS\system32\ckvo.exe [2008-10-25 106524]
"cdoosoft"=C:\DOCUME~1\JOZEFO~1\LOCALS~1\Temp\herss.exe [2010-01-19 118272]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe []
"WeatherDPA"=C:\Program Files\Hotbar\bin\11.0.78.0\Weather.exe [2009-09-15 353584]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2007-09-13 22880040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2009-06-12 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B03A4BE6-5E5A-483E-B9B3-C484D4B20B72}"=C:\WINDOWS\system32\softqq1.dll [2008-04-14 165637]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Průvodce přenesením souborů a nastavení"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"c:\program files\relevantknowledge\rlvknlg.exe"="c:\program files\relevantknowledge\rlvknlg.exe:*:Enabled:rlvknlg.exe"
"C:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat"="C:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat:*:Enabled:The Battle for Middle-earth(tm) II"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{90085232-76cd-11de-a8a3-001eec51da1d}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bcf1ea79-59c5-11de-a86a-001eec51da1d}]
shell\AutoRun\command - E:\xih9.cmd
shell\explore\command - E:\xih9.cmd
shell\open\command - E:\xih9.cmd

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f31a3ac1-e27f-11de-a9ca-001eec51da1d}]
shell\AutoRun\command - E:\xih9.cmd
shell\explore\command - E:\xih9.cmd
shell\open\command - E:\xih9.cmd


======List of files/folders created in the last 1 months======

2010-01-20 18:47:37 ----D---- C:\Program Files\trend micro
2010-01-20 18:47:36 ----D---- C:\rsit
2010-01-19 19:17:16 ----D---- C:\Program Files\Photodex Presenter
2010-01-19 19:17:16 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\Netscape
2010-01-19 19:17:03 ----D---- C:\Program Files\Photodex
2010-01-19 19:16:48 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\Photodex
2010-01-19 18:39:18 ----RSH---- C:\9fo3ar0j.exe
2010-01-18 17:58:00 ----RSH---- C:\sywyrl0q.exe
2010-01-17 21:00:21 ----D---- C:\Program Files\MPC HomeCinema
2010-01-17 20:58:05 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\Opera
2010-01-17 20:57:54 ----D---- C:\Program Files\Opera
2010-01-17 20:33:04 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\Ashampoo
2010-01-17 20:32:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\ashampoo
2010-01-17 20:32:31 ----D---- C:\Program Files\Ashampoo
2010-01-17 20:30:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2010-01-17 20:29:53 ----A---- C:\WINDOWS\ODBC.INI
2010-01-17 20:29:47 ----A---- C:\WINDOWS\system32\mdimon.dll
2010-01-17 20:28:38 ----D---- C:\Program Files\Common Files\DESIGNER
2010-01-17 20:28:32 ----D---- C:\Program Files\Microsoft Works
2010-01-17 20:28:26 ----D---- C:\Program Files\Microsoft Visual Studio
2010-01-17 20:28:06 ----D---- C:\WINDOWS\SHELLNEW
2010-01-17 20:28:03 ----D---- C:\Program Files\Microsoft.NET
2010-01-17 20:28:03 ----D---- C:\Program Files\Microsoft Office
2010-01-17 20:25:19 ----RHD---- C:\MSOCache
2010-01-17 20:24:59 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\Skype
2010-01-17 20:24:26 ----D---- C:\Program Files\Skype
2010-01-17 20:24:26 ----D---- C:\Program Files\Common Files\Skype
2010-01-17 20:24:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2010-01-17 20:05:02 ----SHD---- C:\Config.Msi
2010-01-17 19:48:43 ----D---- C:\Program Files\QIP
2010-01-17 19:27:19 ----D---- C:\Program Files\CCleaner
2010-01-17 18:24:13 ----RSH---- C:\9xf8.exe
2010-01-16 17:27:56 ----RSH---- C:\mh.exe
2010-01-12 17:32:53 ----RSH---- C:\kmj.exe
2010-01-09 16:42:38 ----RSH---- C:\8xcrbho6.exe
2010-01-09 15:40:08 ----RSH---- C:\ljy.exe
2010-01-08 18:33:23 ----RSH---- C:\31lyx.exe
2010-01-08 18:17:45 ----RSH---- C:\mltox.exe
2010-01-07 19:09:46 ----RSH---- C:\f2kmj.exe
2010-01-07 17:28:42 ----D---- C:\Program Files\Microsoft Silverlight
2010-01-04 13:44:34 ----RSH---- C:\e9naq.exe
2010-01-01 18:13:18 ----RSH---- C:\h0.exe
2009-12-31 10:37:15 ----RSH---- C:\anoataly.exe
2009-12-30 17:39:24 ----RSH---- C:\wisf1.exe
2009-12-29 19:07:50 ----RSH---- C:\3exi.exe
2009-12-28 19:04:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\HotbarSA
2009-12-28 19:04:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
2009-12-28 19:04:55 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\WeatherDPA
2009-12-28 19:04:50 ----D---- C:\Program Files\Hotbar
2009-12-28 19:04:50 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\Hotbar
2009-12-28 19:04:17 ----D---- C:\Program Files\ShopperReports3
2009-12-28 19:04:17 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\ShopperReports3
2009-12-26 19:02:45 ----RSH---- C:\imghyva6.exe
2009-12-23 19:40:30 ----RSH---- C:\u16sqrqn.exe

======List of files/folders modified in the last 1 months======

2010-01-20 18:47:44 ----D---- C:\WINDOWS\Prefetch
2010-01-20 18:47:37 ----RD---- C:\Program Files
2010-01-20 15:01:37 ----D---- C:\Program Files\Mozilla Firefox
2010-01-20 14:11:23 ----D---- C:\WINDOWS\system32
2010-01-20 14:11:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-01-20 14:06:48 ----D---- C:\WINDOWS\Temp
2010-01-20 14:06:43 ----RSH---- C:\WINDOWS\system32\ckvo0.dll
2010-01-20 14:06:43 ----D---- C:\WINDOWS\system32\drivers
2010-01-20 13:08:48 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-19 19:17:16 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\Mozilla
2010-01-17 21:43:18 ----SD---- C:\Documents and Settings\Jozef Čopík\Data aplikací\Microsoft
2010-01-17 20:58:04 ----SHD---- C:\WINDOWS\Installer
2010-01-17 20:48:13 ----D---- C:\Program Files\Google
2010-01-17 20:30:20 ----SD---- C:\WINDOWS\Tasks
2010-01-17 20:29:58 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-01-17 20:29:53 ----AD---- C:\WINDOWS
2010-01-17 20:29:41 ----RSD---- C:\WINDOWS\assembly
2010-01-17 20:29:36 ----A---- C:\WINDOWS\win.ini
2010-01-17 20:29:19 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-01-17 20:29:16 ----RSD---- C:\WINDOWS\Fonts
2010-01-17 20:28:38 ----D---- C:\Program Files\Common Files
2010-01-17 20:28:36 ----HD---- C:\WINDOWS\inf
2010-01-17 20:28:11 ----D---- C:\Program Files\Common Files\System
2010-01-17 20:25:24 ----D---- C:\WINDOWS\system
2010-01-17 20:08:18 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-17 20:07:42 ----D---- C:\Program Files\EA SPORTS
2010-01-17 19:58:47 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-17 19:58:31 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\uTorrent
2010-01-17 19:55:34 ----D---- C:\Program Files\PowerISO
2010-01-17 19:44:23 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\~0
2010-01-17 19:27:55 ----D---- C:\WINDOWS\Minidump
2010-01-17 19:27:55 ----D---- C:\WINDOWS\Debug
2010-01-12 16:46:29 ----A---- C:\WINDOWS\wwp.INI
2010-01-07 18:21:44 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\Google
2010-01-03 14:00:13 ----SHD---- C:\RECYCLER
2010-01-02 15:00:19 ----D---- C:\WINDOWS\system32\Adobe
2010-01-02 14:42:59 ----RSH---- C:\WINDOWS\system32\nmdfgds0.dll
2010-01-02 14:42:56 ----RSH---- C:\yudald.bat
2010-01-02 14:42:56 ----RSH---- C:\WINDOWS\system32\olhrwef.exe
2009-12-21 11:29:35 ----RSH---- C:\nx.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-04-14 225664]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2008-04-14 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2008-04-14 55936]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-07-26 547904]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2008-05-30 161792]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-06-12 5851488]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-06-12 4785664]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2009-11-19 223128]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ScsiAccess;ScsiAccess; C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe [2010-01-19 181312]
R2 SNMP;SNMP; C:\WINDOWS\System32\snmp.exe [2008-04-14 32768]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-21 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 LPDSVC;Tiskový server TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2008-04-14 19456]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SNMPTRAP;Zachytávání pro službu SNMP; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------

Nazdar, slusny vykon...
Najprv doinstaluj antivirus, prescanuj nim PC a potom sem vloz novy log z RSITu. Bez AV a firewallu nema cenu pokracovat, haved by si mal hned naspat...

Takze tu je log po kontrole ESS.....našlo tam niejake vyri....P.S nemozem spustit centrum zabezpecenia..myslim tym to ze som chcel vypnut firewall a ostatne veci kedze mam ESS .....proste neponukne mi moznost ....aby som si to zmenil Dakujem tu prikladam log RSIT :

Logfile of random's system information tool 1.06 (written by random/random)
Run by Jozef Čopík at 2010-01-20 20:59:13
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 107 GB (70%) free of 153 GB
Total RAM: 1014 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:59:20, on 20.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\VVSN\VVSN.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Hotbar\bin\11.0.78.0\Weather.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Winamp\winamp.exe
C:\WINDOWS\system32\cidaemon.exe
F:\Programy\Programy na Vyrusy\RSIT.exe
C:\Program Files\trend micro\Jozef Čopík.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.gamingharbor.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Jozef Čopík\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: ShopperReports - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShopperReports3\bin\3.0.268.0\ShopperReports.dll
O2 - BHO: Media Access Startup - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - (no file)
O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - (no file)
O2 - BHO: Hotbar - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - (no file)
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Jozef Čopík\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: System Search Dispatcher - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Program Files\System Search Dispatcher\1.4.0.970\ssd.dll
O3 - Toolbar: Hotbar - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - (no file)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [nvch] rundll32.exe rchnewver.dll,go
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [VVSN] C:\Program Files\VVSN\VVSN.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\RunOnce: [NSSInstallation] C:\WINDOWS\system32\Adobe\Shockwave 11\nssstub.exe /runonce
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [cdoosoft] C:\DOCUME~1\JOZEFO~1\LOCALS~1\Temp\herss.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [WeatherDPA] "C:\Program Files\Hotbar\bin\11.0.78.0\Weather.exe" -auto
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShopperReports3\bin\3.0.268.0\ShopperReports.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShopperReports3\bin\3.0.268.0\ShopperReports.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 4015597593
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe

--
End of file - 7251 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\NSSstub.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465}]
ShopperReports - C:\Program Files\ShopperReports3\bin\3.0.268.0\ShopperReports.dll [2009-12-21 1081856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25B8D58C-B0CB-46b0-BA64-05B3804E4E86}]
Media Access Startup

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86}]
NP Helper Class

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}]
Hotbar

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Jozef Čopík\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CDBFB47B-58A8-4111-BF95-06178DCE326D}]
System Search Dispatcher - C:\Program Files\System Search Dispatcher\1.4.0.970\ssd.dll [2009-08-21 294912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-06-12 16861696]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2009-06-12 69632]
"AzMixerSel"=C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe [2009-06-12 53248]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-06-12 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-06-12 166424]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2009-06-12 137752]
"nvch"=rchnewver.dll,go []
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"VVSN"=C:\Program Files\VVSN\VVSN.exe [2005-10-25 107520]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-11-16 2054360]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NSSInstallation"=C:\WINDOWS\system32\Adobe\Shockwave 11\nssstub.exe [2009-11-14 284024]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"cdoosoft"=C:\DOCUME~1\JOZEFO~1\LOCALS~1\Temp\herss.exe [2010-01-20 118272]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe []
"WeatherDPA"=C:\Program Files\Hotbar\bin\11.0.78.0\Weather.exe [2009-09-15 353584]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2007-09-13 22880040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2009-06-12 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B03A4BE6-5E5A-483E-B9B3-C484D4B20B72}"=C:\WINDOWS\system32\softqq1.dll []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Průvodce přenesením souborů a nastavení"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"c:\program files\relevantknowledge\rlvknlg.exe"="c:\program files\relevantknowledge\rlvknlg.exe:*:Enabled:rlvknlg.exe"
"C:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat"="C:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat:*:Enabled:The Battle for Middle-earth(tm) II"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{70615d66-0395-11df-aa51-001eec51da1d}]
shell\AutoRun\command - F:\9fo3ar0j.exe
shell\open\command - F:\9fo3ar0j.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{90085232-76cd-11de-a8a3-001eec51da1d}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bcf1ea79-59c5-11de-a86a-001eec51da1d}]
shell\AutoRun\command - E:\xih9.cmd
shell\explore\command - E:\xih9.cmd
shell\open\command - E:\xih9.cmd

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f31a3ac1-e27f-11de-a9ca-001eec51da1d}]
shell\AutoRun\command - E:\xih9.cmd
shell\explore\command - E:\xih9.cmd
shell\open\command - E:\xih9.cmd


======List of files/folders created in the last 1 months======

2010-01-20 20:29:42 ----A---- C:\WINDOWS\system32\wups2.dll
2010-01-20 20:29:32 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2010-01-20 20:29:25 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2010-01-20 20:29:01 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-01-20 20:27:47 ----D---- C:\WINDOWS\LastGood
2010-01-20 20:03:28 ----A---- C:\WINDOWS\nscrt.dll
2010-01-20 20:02:29 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2010-01-20 20:02:27 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2010-01-20 20:02:25 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-01-20 20:02:05 ----D---- C:\WINDOWS\Logs
2010-01-20 20:01:44 ----D---- C:\Program Files\Winamp Detect
2010-01-20 19:57:00 ----D---- C:\Program Files\Winamp
2010-01-20 19:57:00 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\Winamp
2010-01-20 19:23:53 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\ESET
2010-01-20 19:18:36 ----D---- C:\Program Files\ESET
2010-01-20 18:59:28 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\SteelBytes
2010-01-20 18:47:37 ----D---- C:\Program Files\trend micro
2010-01-20 18:47:36 ----D---- C:\rsit
2010-01-19 19:17:16 ----D---- C:\Program Files\Photodex Presenter
2010-01-19 19:17:16 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\Netscape
2010-01-19 19:17:03 ----D---- C:\Program Files\Photodex
2010-01-19 19:16:48 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\Photodex
2010-01-19 18:39:18 ----RSH---- C:\9fo3ar0j.exe
2010-01-17 21:00:21 ----D---- C:\Program Files\MPC HomeCinema
2010-01-17 20:58:05 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\Opera
2010-01-17 20:57:54 ----D---- C:\Program Files\Opera
2010-01-17 20:33:04 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\Ashampoo
2010-01-17 20:32:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\ashampoo
2010-01-17 20:32:31 ----D---- C:\Program Files\Ashampoo
2010-01-17 20:30:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2010-01-17 20:29:53 ----A---- C:\WINDOWS\ODBC.INI
2010-01-17 20:29:47 ----A---- C:\WINDOWS\system32\mdimon.dll
2010-01-17 20:28:38 ----D---- C:\Program Files\Common Files\DESIGNER
2010-01-17 20:28:32 ----D---- C:\Program Files\Microsoft Works
2010-01-17 20:28:26 ----D---- C:\Program Files\Microsoft Visual Studio
2010-01-17 20:28:06 ----D---- C:\WINDOWS\SHELLNEW
2010-01-17 20:28:03 ----D---- C:\Program Files\Microsoft.NET
2010-01-17 20:28:03 ----D---- C:\Program Files\Microsoft Office
2010-01-17 20:25:19 ----RHD---- C:\MSOCache
2010-01-17 20:24:59 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\Skype
2010-01-17 20:24:26 ----D---- C:\Program Files\Skype
2010-01-17 20:24:26 ----D---- C:\Program Files\Common Files\Skype
2010-01-17 20:24:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2010-01-17 20:05:02 ----SHD---- C:\Config.Msi
2010-01-17 19:48:43 ----D---- C:\Program Files\QIP
2010-01-17 19:27:19 ----D---- C:\Program Files\CCleaner
2010-01-07 17:28:42 ----D---- C:\Program Files\Microsoft Silverlight
2009-12-28 19:04:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\HotbarSA
2009-12-28 19:04:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
2009-12-28 19:04:55 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\WeatherDPA
2009-12-28 19:04:50 ----D---- C:\Program Files\Hotbar
2009-12-28 19:04:50 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\Hotbar
2009-12-28 19:04:17 ----D---- C:\Program Files\ShopperReports3
2009-12-28 19:04:17 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\ShopperReports3

======List of files/folders modified in the last 1 months======

2010-01-20 20:58:54 ----D---- C:\WINDOWS\Prefetch
2010-01-20 20:58:35 ----D---- C:\WINDOWS\system32
2010-01-20 20:56:17 ----D---- C:\WINDOWS\Temp
2010-01-20 20:29:57 ----D---- C:\WINDOWS\SoftwareDistribution
2010-01-20 20:29:48 ----HD---- C:\WINDOWS\inf
2010-01-20 20:29:48 ----D---- C:\WINDOWS\Help
2010-01-20 20:29:40 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-20 20:27:53 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-01-20 20:27:47 ----AD---- C:\WINDOWS
2010-01-20 20:26:50 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-20 20:24:40 ----D---- C:\Program Files\Mozilla Firefox
2010-01-20 20:13:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-01-20 20:02:34 ----D---- C:\WINDOWS\system32\DirectX
2010-01-20 20:01:44 ----RD---- C:\Program Files
2010-01-20 20:01:43 ----D---- C:\Program Files\Windows Media Player
2010-01-20 20:01:40 ----D---- C:\WINDOWS\RegisteredPackages
2010-01-20 20:01:39 ----D---- C:\WINDOWS\security
2010-01-20 20:01:35 ----D---- C:\WINDOWS\system32\drivers
2010-01-20 19:24:41 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-20 19:22:08 ----SHD---- C:\WINDOWS\Installer
2010-01-19 19:17:16 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\Mozilla
2010-01-17 21:43:18 ----SD---- C:\Documents and Settings\Jozef Čopík\Data aplikací\Microsoft
2010-01-17 20:48:13 ----D---- C:\Program Files\Google
2010-01-17 20:30:20 ----SD---- C:\WINDOWS\Tasks
2010-01-17 20:29:58 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-01-17 20:29:41 ----RSD---- C:\WINDOWS\assembly
2010-01-17 20:29:36 ----A---- C:\WINDOWS\win.ini
2010-01-17 20:29:19 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-01-17 20:29:16 ----RSD---- C:\WINDOWS\Fonts
2010-01-17 20:28:38 ----D---- C:\Program Files\Common Files
2010-01-17 20:28:11 ----D---- C:\Program Files\Common Files\System
2010-01-17 20:25:24 ----D---- C:\WINDOWS\system
2010-01-17 20:08:18 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-17 20:07:42 ----D---- C:\Program Files\EA SPORTS
2010-01-17 19:58:31 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\uTorrent
2010-01-17 19:55:34 ----D---- C:\Program Files\PowerISO
2010-01-17 19:44:23 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\~0
2010-01-17 19:27:55 ----D---- C:\WINDOWS\Minidump
2010-01-17 19:27:55 ----D---- C:\WINDOWS\Debug
2010-01-12 16:46:29 ----A---- C:\WINDOWS\wwp.INI
2010-01-07 18:21:44 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\Google
2010-01-03 14:00:13 ----SHD---- C:\RECYCLER
2010-01-02 15:00:19 ----D---- C:\WINDOWS\system32\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2009-11-16 55768]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-04-14 225664]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-11-16 116520]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2009-11-16 135048]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2008-04-14 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2008-04-14 55936]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-07-26 547904]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2008-05-30 161792]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2009-06-19 33096]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-06-12 5851488]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-06-12 4785664]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2009-11-19 223128]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-11-16 735960]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ScsiAccess;ScsiAccess; C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe [2010-01-19 181312]
R2 SNMP;SNMP; C:\WINDOWS\System32\snmp.exe [2008-04-14 32768]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-11-16 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-21 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 LPDSVC;Tiskový server TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2008-04-14 19456]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SNMPTRAP;Zachytávání pro službu SNMP; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------

Nastrkaj do PC vsetky flashky, USB a podobne...

1) Stiahni USBFix. Ukonci vsetky spustene veci a spust program. Vyber jazyk - v pripade anglictiny stlac E -> Enter. Dostanes do dalsieho menu. V nom stlac 2 -> Enter. Zacne sa scan, nezasahuj donho. Mozny je restart PC. Vytvoreny log najdes na "C:\UsbFix.txt", vloz ho sem.


2) Stiahni OTM. Do laveho policka skopiruj:
Klik na "Move It". Nasledne sa ti objavi v okne "Result" pokec, ktory sem cely skopiruj.

P.S.: Keby program ziadal restart, potvr ho. Nasledujuci log najdes v "C:\_OTM\MovedFiles\".

takze tu je log z USB FIX


############################## | UsbFix V6.077 |

User : Jozef Čopík (Administrators) # DOMACNOS-2257B7
Update on 21/01/2010 by El Desaparecido , C_XX & Chimay8
Start at: 16:52:53 | 23.1.2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Procesor Intel Pentium II
Microsoft Windows XP Home Edition (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 6.0.2900.5512
Windows Firewall Status : Disabled
AV : ESET Smart Security 4.0 4.0 [ Enabled | Updated ]
FW : ESET personal firewall[ Enabled ]4.0.474.0

C:\ -> Místní pevný disk # 149,04 Go (104,08 Go free) # NTFS
D:\ -> Disk CD-ROM
E:\ -> Vyměnitelný disk # 1,92 Go (565,88 Mo free) [STORE N GO] # FAT
F:\ -> Vyměnitelný disk # 943,9 Mo (263,16 Mo free) [JOŽO] # FAT32

############################## | Active processes |

C:\WINDOWS\System32\smss.exe 1492
C:\WINDOWS\system32\csrss.exe 1548
C:\WINDOWS\system32\winlogon.exe 1572
C:\WINDOWS\system32\services.exe 1616
C:\WINDOWS\system32\lsass.exe 1628
C:\WINDOWS\system32\svchost.exe 1788
C:\WINDOWS\system32\svchost.exe 1884
C:\WINDOWS\System32\svchost.exe 220
C:\WINDOWS\system32\svchost.exe 276
C:\WINDOWS\system32\svchost.exe 324
C:\WINDOWS\Explorer.EXE 1120
C:\WINDOWS\system32\spoolsv.exe 1204
C:\WINDOWS\system32\cisvc.exe 668
C:\Program Files\ESET\ESET Smart Security\ekrn.exe 688
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE 784
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe 860
C:\WINDOWS\System32\snmp.exe 900
C:\WINDOWS\system32\svchost.exe 1872
C:\WINDOWS\system32\wdfmgr.exe 1988
C:\WINDOWS\system32\wuauclt.exe 312
C:\WINDOWS\System32\alg.exe 480
C:\WINDOWS\System32\svchost.exe 2188
C:\WINDOWS\system32\wbem\wmiprvse.exe 2812

################## | Files # Infected Folders |

Deleted ! C:\WINDOWS\AhnRpta.exe
Deleted ! C:\2buirw.exe
Deleted ! C:\hqy.exe
Deleted ! C:\ohd.exe
Deleted ! C:\sbcatf.exe
Deleted ! C:\sys
Deleted ! C:\t8g.exe
Deleted ! C:\Recycler\S-1-5-18
Deleted ! C:\Recycler\S-1-5-21-606747145-602162358-1801674531-1004
Deleted ! E:\0xuc.com
Deleted ! E:\8xcrbho6.exe
Deleted ! E:\9xf8.exe
Deleted ! E:\comment.htt
Deleted ! E:\kmj.exe
Deleted ! E:\m9ma.exe
Not deleted ! E:\mh.exe
Deleted ! E:\MS32DLL.dll.vbs
Deleted ! E:\rbj9jn1n.bat
Not deleted ! E:\Recycled\ctfmon.exe
Deleted ! E:\sbcatf.exe
Not deleted ! E:\yudald.bat
Deleted ! F:\sywyrl0q.exe
Not deleted ! F:\Recycler\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe
Deleted ! F:\Recycler\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini
Deleted ! F:\Recycler\S-1-5-21-1482476501-1644491937-682003330-1013

################## | Registry # Infected Keys |

Deleted ! [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B03A4BE6-5E5A-483E-B9B3-C484D4B20B72}"
Deleted ! [HKLM\SOFTWARE\Classes\CLSID\MADOWN]
Deleted ! [HKCR\CLSID\{B03A4BE6-5E5A-483E-B9B3-C484D4B20B72}]

################## | Registry # Mountpoints2 |

Deleted ! HKCU\...\Explorer\MountPoints2\{90085232-76cd-11de-a8a3-001eec51da1d}\Shell\AutoRun\Command

################## | Listing of the present files |

[01.06.2009 17:44|--a------|0] C:\AUTOEXEC.BAT
[01.06.2009 17:39|---hs----|211] C:\boot.ini
[14.04.2008 13:00|-rahs----|4952] C:\Bootfont.bin
[01.06.2009 17:44|--a------|0] C:\CONFIG.SYS
[01.06.2009 17:44|-rahs----|0] C:\IO.SYS
[01.06.2009 17:44|-rahs----|0] C:\MSDOS.SYS
[14.04.2008 13:00|-rahs----|47564] C:\NTDETECT.COM
[14.04.2008 13:00|-rahs----|250576] C:\ntldr
[?|?|?] C:\pagefile.sys
[19.01.2010 19:17|--a------|1777] C:\photodex-presenter-install.log
[23.01.2010 16:55|--a------|3686] C:\UsbFix.txt
[13.08.2007 13:27|--ahs----|4096] E:\Thumbs.db
[04.09.2008 13:50|---hs----|72] E:\desktop.ini
[01.12.2008 13:34|--ah-----|124] E:\.~lock.Plosak1.odt#

################## | Vaccination |

# C:\autorun.inf -> Folder created by UsbFix.
# E:\autorun.inf -> Folder created by UsbFix.
# F:\autorun.inf -> Folder created by UsbFix.

################## | Crack > Keygen > Serial |

Deleted ! "C:\Documents and Settings\Jozef ¬opˇk\Dokumenty\Downloads\sims 2+power iso 3.1\power iso 3.1+keygen\keygen.exe"
13.12.2009 21:24 |Size 106496 |Crc32 2e21f05e |Md5 b7791c2ab0fa088ee5417cdecb72a3fd

Deleted ! "F:\Programy\Ostatne Programy\ImTOO MPEG Encoder - Soft Na Prerabanie Formatov\Keygen\Keygen.exe"
20.01.2009 15:55 |Size 77824 |Crc32 647752e6 |Md5 327e48db721312d92d48eb67b290825f

Deleted ! "F:\Programy\Ostatne Programy\Win xp Manager\keygen.exe"
21.12.2007 21:32 |Size 90112 |Crc32 dac96c33 |Md5 6d35af63d8d46578736eb4d95112c1d8

Deleted ! "F:\Programy\Ostatne Programy\X to DVD converter\Keygen.exe"
12.04.2008 17:42 |Size 64512 |Crc32 24ca0c26 |Md5 456342c77effd41b36ad261baa3418d1

Deleted ! "F:\Programy\Ostatne Programy\ProShow Gold 4.1\Proshow Gold 4.1\Keygen\keygen.exe"
09.01.2009 23:57 |Size 126464 |Crc32 8cf2f89e |Md5 72a499b6a463d181b9077ebff3304f13


################## | Upload |

Please send the file : C:\DOCUME~1\JOZEFO~1\Plocha\UsbFix_Upload_Me_DOMACNOS-2257B7.zip : http://chiquitine.changelog.fr/Sample/Upload.php
Thank you for your contribution .

################## | ! End of report # UsbFix V6.077 ! |



a tu je log z OTM



All processes killed
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{100EB1FD-D03E-47FD-81F3-EE91287F9465}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25B8D58C-B0CB-46b0-BA64-05B3804E4E86}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25B8D58C-B0CB-46b0-BA64-05B3804E4E86}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CDBFB47B-58A8-4111-BF95-06178DCE326D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CDBFB47B-58A8-4111-BF95-06178DCE326D}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\nvch deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\cdoosoft not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\WeatherDPA deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{B03A4BE6-5E5A-483E-B9B3-C484D4B20B72} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B03A4BE6-5E5A-483E-B9B3-C484D4B20B72}\ not found.
========== FILES ==========
File/Folder C:\WINDOWS\system32\softqq1.dll not found.
File/Folder C:\9fo3ar0j.exe not found.
C:\Documents and Settings\All Users\Data aplikací\HotbarSA folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\WeatherDPA folder moved successfully.
C:\Program Files\Hotbar\bin\11.0.78.0\firefox\extensions\plugins folder moved successfully.
C:\Program Files\Hotbar\bin\11.0.78.0\firefox\extensions\components folder moved successfully.
C:\Program Files\Hotbar\bin\11.0.78.0\firefox\extensions folder moved successfully.
C:\Program Files\Hotbar\bin\11.0.78.0\firefox folder moved successfully.
C:\Program Files\Hotbar\bin\11.0.78.0 folder moved successfully.
C:\Program Files\Hotbar\bin folder moved successfully.
C:\Program Files\Hotbar folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\Hotbar\Weather\Weather_XML folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\Hotbar\Weather\WeatherDPA\Weather_XML folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\Hotbar\Weather\WeatherDPA folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\Hotbar\Weather folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\Hotbar\v3.5\Hotbar\static\DownLoad folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\Hotbar\v3.5\Hotbar\static\2 folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\Hotbar\v3.5\Hotbar\static\1 folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\Hotbar\v3.5\Hotbar\static folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\Hotbar\v3.5\Hotbar\dynamic\ustat folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\Hotbar\v3.5\Hotbar\dynamic\TooltipXML folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\Hotbar\v3.5\Hotbar\dynamic folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\Hotbar\v3.5\Hotbar folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\Hotbar\v3.5\HostWD\static\DownLoad folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\Hotbar\v3.5\HostWD\static\2 folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\Hotbar\v3.5\HostWD\static\1 folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\Hotbar\v3.5\HostWD\static folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\Hotbar\v3.5\HostWD folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\Hotbar\v3.5\HostOL\dynamic folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\Hotbar\v3.5\HostOL folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\Hotbar\v3.5\HostOI\dynamic folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\Hotbar\v3.5\HostOI folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\Hotbar\v3.5 folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\Hotbar\IESkins folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\Hotbar folder moved successfully.
C:\Program Files\ShopperReports3\bin\3.0.268.0\firefox\firefoxtoolbar\extensions\components folder moved successfully.
C:\Program Files\ShopperReports3\bin\3.0.268.0\firefox\firefoxtoolbar\extensions\chrome folder moved successfully.
C:\Program Files\ShopperReports3\bin\3.0.268.0\firefox\firefoxtoolbar\extensions folder moved successfully.
C:\Program Files\ShopperReports3\bin\3.0.268.0\firefox\firefoxtoolbar folder moved successfully.
C:\Program Files\ShopperReports3\bin\3.0.268.0\firefox folder moved successfully.
C:\Program Files\ShopperReports3\bin\3.0.268.0 folder moved successfully.
C:\Program Files\ShopperReports3\bin folder moved successfully.
C:\Program Files\ShopperReports3 folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\ShopperReports3\IE\cs\res1 folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\ShopperReports3\IE\cs\report folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\ShopperReports3\IE\cs\dwld folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\ShopperReports3\IE\cs\db folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\ShopperReports3\IE\cs folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\ShopperReports3\IE folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\ShopperReports3\Firefox\cs\res1 folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\ShopperReports3\Firefox\cs\report folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\ShopperReports3\Firefox\cs\dwld folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\ShopperReports3\Firefox\cs\db folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\ShopperReports3\Firefox\cs folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\ShopperReports3\Firefox folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\ShopperReports3\cs\dwld folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\ShopperReports3\cs folder moved successfully.
C:\Documents and Settings\Jozef Čopík\Data aplikací\ShopperReports3 folder moved successfully.
C:\Program Files\Media Access Startup\1.5.6.910\FF\components folder moved successfully.
C:\Program Files\Media Access Startup\1.5.6.910\FF\chrome\content folder moved successfully.
C:\Program Files\Media Access Startup\1.5.6.910\FF\chrome folder moved successfully.
C:\Program Files\Media Access Startup\1.5.6.910\FF folder moved successfully.
C:\Program Files\Media Access Startup\1.5.6.910\Data folder moved successfully.
C:\Program Files\Media Access Startup\1.5.6.910 folder moved successfully.
C:\Program Files\Media Access Startup folder moved successfully.
File/Folder C:\Program Files\NP Helper Class not found.
C:\Program Files\System Search Dispatcher\1.4.0.970\Data folder moved successfully.
C:\Program Files\System Search Dispatcher\1.4.0.970 folder moved successfully.
C:\Program Files\System Search Dispatcher folder moved successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar folder moved successfully.
C:\Program Files\DoubleD folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Jozef Čopík
->Temp folder emptied: 2356401629 bytes
->Temporary Internet Files folder emptied: 186031 bytes
->FireFox cache emptied: 95583657 bytes
->Google Chrome cache emptied: 37826964 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 383997 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2351732 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 771667547 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 3 113,00 mb


OTM by OldTimer - Version 3.1.6.0 log created on 01232010_165902

Files moved on Reboot...

Registry entries deleted on Reboot...


P.s zabudol som spomenut ze nemozem updatnut system....a ked pojdem do centra zabezpecenia....tak nemozem zmenit sposob akym Centrum zabezpeceni odesila upozorneni...neviem preco ale nemam tam moznost proste nesvieti.....

ak chcem updatnut system vyskoci mi toto :

Web nemůže pokračovat, protože nejméně jedna z těchto služeb systému Windows není spuštěna:

Automatické aktualizace (umožňuje webu vyhledat, stáhnout a nainstalovat nejdůležitější aktualizace pro tento počítač)
Služba inteligentního přenosu na pozadí (v případě přerušení stahování tato služba přispívá k rychlejšímu a bezproblémovému stahování aktualizací)
Protokol událostí (obsahuje záznamy o aktivitách při aktualizacích a v případě potřeby pomáhá při odstraňování potíží)
Následujícím postupem se přesvědčte, zda jsou tyto služby spuštěny:
1. V nabídce Start klikněte na příkaz Spustit.
2. Zadejte příkaz services.msc a klikněte na tlačítko OK.
3. V seznamu služeb klikněte pravým tlačítkem na službu Automatické aktualizace a pak klikněte na příkaz Vlastnosti.
4. V seznamu Typ spouštění vyberte možnost Automaticky a klikněte na tlačítko Použít.
5. Ověřte, zda je služba spuštěná. Je-li zastavená, klikněte na tlačítko Spustit.
6. V seznamu služeb klikněte pravým tlačítkem na službu Služba inteligentního přenosu na pozadí a pak klikněte na příkaz Vlastnosti.
7. V seznamu Typ spouštění vyberte možnost Ručně a klikněte na tlačítko Použít.
8. Ověřte, zda je služba spuštěná. Je-li zastavená, klikněte na tlačítko Spustit.
9. V seznamu služeb klikněte pravým tlačítkem na službu Protokol událostí a pak klikněte na příkaz Vlastnosti.
10. V seznamu Typ spouštění vyberte možnost Automaticky a klikněte na tlačítko Použít.
11. Ověřte, zda je služba spuštěná. Je-li zastavená, klikněte na tlačítko Spustit.
Pokud se ani potom potíže nevyřeší, můžete získat pomoc z některého z následujících zdrojů.

Možnosti svépomoci:

Nejčastější dotazy
Hledání řešení
Diskusní skupina systému Windows Update
Možnosti odborné pomoci:
Odborná pomoc online společnosti Microsoft (zdarma při problémech se systémem Windows Update)

Menom autorov USBFixu ta prosim, aby si subor C:\DOCUME~1\JOZEFO~1\Plocha\UsbFix_Upload_Me_DOMACNOS-2257B7.zip uploadol na >>tuto<< stranku. Vdaka.


A teraz sa musime dohodnut. Bud sa zbavis crackov a keygenov, alebo na moju pomoc mozes zabudnut...

Takze tie cracky som zmazal..ak niejake najdes tak ich zmazem....samozrejme....staci povedat...chcem mat notebook a cely system v poriadku ..aby notebook slapal v pohode takze hovor co dalej ...

1) Stiahni CKScanner na plochu. Spust program dvojklikom na ikonu. Otvori sa okno, v nom klik na "Search For Files". Zacne scan, po jeho skonceni klikni na "Save List To File" -> "OK". Na ploche by sa mal objavit subor s nazvom CKFiles.txt, jeho obsah mi sem skopiruj.


2) Stiahni ComboFix, najlepsie na plochu. Vypni vsetky otvorene aplikacie, ako aj rezidenty antiviru, antispywaru a firewall. Spust program cez ucet s administratorskymi pravami a postupuj podla instrukcii. Cely sken bude trvat cca 10 minut. Pocas neho moze byt PC restartovane. Log, ktory ComboFix vytvori, najdes na adrese "C:\ComboFix.txt".
Ten vloz sem.

Pozor: Kym ComboFix nevytvori log, na nic neklikat, nic nestlacat !!

takze tu je log z CKScanner

CKScanner - Additional Security Risks - These are not necessarily bad
c:\documents and settings\jozef Čopík\dokumenty\downloads\sims 2+power iso 3.1\serials & crack instructions.txt
c:\documents and settings\jozef Čopík\dokumenty\downloads\sims 2+power iso 3.1\power iso 3.1+keygen\poweriso3.1.exe
scanner sequence 3.LB.11
----- EOF -----

a tu je COMBOFIX....zmazalo mi to winamp ( tu je ten log

ComboFix 10-01-24.01 - Jozef Čopík 24.01.2010 20:48:18.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1014.717 [GMT 1:00]
Spuštěný z: c:\documents and settings\Jozef Čopík\Plocha\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Rezidentní štít AV je zapnutý

.
ADS - WINDOWS: deleted 24 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Dokumenty\desktop.ini
c:\documents and settings\All Users\Dokumenty\EA Games
c:\documents and settings\All Users\Dokumenty\Hudba
c:\documents and settings\All Users\Dokumenty\Hudba\Desktop.ini
c:\documents and settings\All Users\Dokumenty\Hudba\Sample Playlists\000A2634\Plylst1.wpl
c:\documents and settings\All Users\Dokumenty\Hudba\Sample Playlists\000A2634\Plylst10.wpl
c:\documents and settings\All Users\Dokumenty\Hudba\Sample Playlists\000A2634\Plylst11.wpl
c:\documents and settings\All Users\Dokumenty\Hudba\Sample Playlists\000A2634\Plylst12.wpl
c:\documents and settings\All Users\Dokumenty\Hudba\Sample Playlists\000A2634\Plylst13.wpl
c:\documents and settings\All Users\Dokumenty\Hudba\Sample Playlists\000A2634\Plylst14.wpl
c:\documents and settings\All Users\Dokumenty\Hudba\Sample Playlists\000A2634\Plylst15.wpl
c:\documents and settings\All Users\Dokumenty\Hudba\Sample Playlists\000A2634\Plylst2.wpl
c:\documents and settings\All Users\Dokumenty\Hudba\Sample Playlists\000A2634\Plylst3.wpl
c:\documents and settings\All Users\Dokumenty\Hudba\Sample Playlists\000A2634\Plylst4.wpl
c:\documents and settings\All Users\Dokumenty\Hudba\Sample Playlists\000A2634\Plylst5.wpl
c:\documents and settings\All Users\Dokumenty\Hudba\Sample Playlists\000A2634\Plylst6.wpl
c:\documents and settings\All Users\Dokumenty\Hudba\Sample Playlists\000A2634\Plylst7.wpl
c:\documents and settings\All Users\Dokumenty\Hudba\Sample Playlists\000A2634\Plylst8.wpl
c:\documents and settings\All Users\Dokumenty\Hudba\Sample Playlists\000A2634\Plylst9.wpl
c:\documents and settings\All Users\Dokumenty\Hudba\Ukázky hudby\Beethovenova symfonie č. 9 (Scherzo).wma
c:\documents and settings\All Users\Dokumenty\Hudba\Ukázky hudby\desktop.ini
c:\documents and settings\All Users\Dokumenty\Hudba\Ukázky hudby\Nové příběhy (Highway Blues).wma
c:\documents and settings\All Users\Dokumenty\Monolith Productions
c:\documents and settings\All Users\DRM
c:\documents and settings\All Users\DRM\drmstore.hds
c:\documents and settings\All Users\DRM\drmv2.lic
c:\documents and settings\All Users\DRM\drmv2.sst
c:\documents and settings\All Users\DRM\migration.log
c:\documents and settings\All Users\DRM\v2ks.bla
c:\documents and settings\All Users\DRM\v2ks.sec
c:\documents and settings\All Users\Plocha\Ashampoo Burning Studio 8.lnk
c:\documents and settings\All Users\Plocha\Google Zem.lnk
c:\documents and settings\All Users\Plocha\Media Player Classic - Home Cinema.lnk
c:\documents and settings\All Users\Plocha\ProShow Gold.lnk
c:\documents and settings\All Users\Plocha\Winamp.lnk
c:\documents and settings\Default User\Local Settings\desktop.ini
c:\documents and settings\Default User\Okolní síť
c:\documents and settings\Default User\Okolní tiskárny
c:\documents and settings\LocalService\Local Settings\desktop.ini
c:\documents and settings\LocalService\ntuser.ini
c:\documents and settings\NetworkService\Local Settings\desktop.ini
c:\documents and settings\NetworkService\ntuser.ini
c:\program files\Internet Saving Optimizer
c:\program files\Internet Saving Optimizer\3.7.0.4550\Data\config.md
c:\program files\Internet Saving Optimizer\3.7.0.4550\FF\components\NPFFAddOn.xpt
c:\program files\Internet Saving Optimizer\3.7.0.4550\FF\components\NPFFHelperComponent.js
c:\program files\Internet Saving Optimizer\3.7.0.4550\FF\chrome.manifest
c:\program files\Internet Saving Optimizer\3.7.0.4550\FF\chrome\content\NPAddOn.js
c:\program files\Internet Saving Optimizer\3.7.0.4550\FF\chrome\content\NPAddOn.xul
c:\program files\Internet Saving Optimizer\3.7.0.4550\FF\chrome\NPAddOn.jar
c:\program files\Internet Saving Optimizer\3.7.0.4550\FF\install.rdf
c:\program files\Internet Saving Optimizer\3.7.0.4550\NPCommon.dll
c:\program files\Internet Saving Optimizer\3.7.0.4550\unins000.dat
c:\program files\Internet Saving Optimizer\3.7.0.4550\unins000.exe
c:\program files\Mozilla Firefox\components\npclntax.xpt
c:\program files\Mozilla Firefox\Plugins\npclntax_HotbarSA.dll
c:\program files\RelevantKnowledge
c:\program files\RelevantKnowledge\rloci.bin
c:\program files\RelevantKnowledge\rlservice.exe
c:\windows\system32\config\systemprofile\Data aplikací
c:\windows\system32\config\systemprofile\Data aplikací\desktop.ini
c:\windows\system32\config\systemprofile\Data aplikací\Microsoft\CryptnetUrlCache\Content\2BF68F4714092295550497DD56F57004
c:\windows\system32\config\systemprofile\Data aplikací\Microsoft\CryptnetUrlCache\Content\303572DF538EDD8B1D606185F1D559B8
c:\windows\system32\config\systemprofile\Data aplikací\Microsoft\CryptnetUrlCache\Content\486CC6AFD08942336C61FCD401C4A1D1
c:\windows\system32\config\systemprofile\Data aplikací\Microsoft\CryptnetUrlCache\Content\52FE9FFE4780FF24EC690DB2F1D013CE
c:\windows\system32\config\systemprofile\Data aplikací\Microsoft\CryptnetUrlCache\Content\60E31627FDA0A46932B0E5948949F2A5
c:\windows\system32\config\systemprofile\Data aplikací\Microsoft\CryptnetUrlCache\Content\74BFD122C0875EC75DBE5C6DB4C59019
c:\windows\system32\config\systemprofile\Data aplikací\Microsoft\CryptnetUrlCache\Content\7735880A01E3F94F763761958A7A8191
c:\windows\system32\config\systemprofile\Data aplikací\Microsoft\CryptnetUrlCache\Content\79841F8EF00FBA86D33CC5A47696F165
c:\windows\system32\config\systemprofile\Data aplikací\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
c:\windows\system32\config\systemprofile\Data aplikací\Microsoft\CryptnetUrlCache\Content\A44F4E7CB3133FF765C39A53AD8FCFDD
c:\windows\system32\config\systemprofile\Data aplikací\Microsoft\CryptnetUrlCache\Content\A8FABA189DB7D25FBA7CAC806625FD30
c:\windows\system32\config\systemprofile\Data aplikací\Microsoft\CryptnetUrlCache\MetaData\2BF68F4714092295550497DD56F57004
c:\windows\system32\config\systemprofile\Data aplikací\Microsoft\CryptnetUrlCache\MetaData\303572DF538EDD8B1D606185F1D559B8
c:\windows\system32\config\systemprofile\Data aplikací\Microsoft\CryptnetUrlCache\MetaData\486CC6AFD08942336C61FCD401C4A1D1
c:\windows\system32\config\systemprofile\Data aplikací\Microsoft\CryptnetUrlCache\MetaData\52FE9FFE4780FF24EC690DB2F1D013CE
c:\windows\system32\config\systemprofile\Data aplikací\Microsoft\CryptnetUrlCache\MetaData\60E31627FDA0A46932B0E5948949F2A5
c:\windows\system32\config\systemprofile\Data aplikací\Microsoft\CryptnetUrlCache\MetaData\74BFD122C0875EC75DBE5C6DB4C59019
c:\windows\system32\config\systemprofile\Data aplikací\Microsoft\CryptnetUrlCache\MetaData\7735880A01E3F94F763761958A7A8191
c:\windows\system32\config\systemprofile\Data aplikací\Microsoft\CryptnetUrlCache\MetaData\79841F8EF00FBA86D33CC5A47696F165
c:\windows\system32\config\systemprofile\Data aplikací\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
c:\windows\system32\config\systemprofile\Data aplikací\Microsoft\CryptnetUrlCache\MetaData\A44F4E7CB3133FF765C39A53AD8FCFDD
c:\windows\system32\config\systemprofile\Data aplikací\Microsoft\CryptnetUrlCache\MetaData\A8FABA189DB7D25FBA7CAC806625FD30
c:\windows\system32\config\systemprofile\Data aplikací\Microsoft\Internet Explorer\brndlog.bak
c:\windows\system32\config\systemprofile\Data aplikací\Microsoft\Internet Explorer\brndlog.txt
c:\windows\system32\config\systemprofile\Dokumenty
c:\windows\system32\config\systemprofile\Local Settings\desktop.ini
c:\windows\system32\config\systemprofile\Nabídka Start
c:\windows\system32\config\systemprofile\Nabídka Start\desktop.ini
c:\windows\system32\config\systemprofile\Nabídka Start\Programy\desktop.ini
c:\windows\system32\config\systemprofile\Nabídka Start\Programy\Příslušenství\desktop.ini
c:\windows\system32\config\systemprofile\Nabídka Start\Programy\Příslušenství\Příkazový řádek.lnk
c:\windows\system32\config\systemprofile\Nabídka Start\Programy\Příslušenství\Poznámkový blok.lnk
c:\windows\system32\config\systemprofile\Nabídka Start\Programy\Příslušenství\Průvodce ověřením kompatibility programu.lnk
c:\windows\system32\config\systemprofile\Nabídka Start\Programy\Příslušenství\Průzkumník Windows.lnk
c:\windows\system32\config\systemprofile\Nabídka Start\Programy\Příslušenství\Prohlídka systému Windows XP.lnk
c:\windows\system32\config\systemprofile\Nabídka Start\Programy\Příslušenství\Synchronizovat.lnk
c:\windows\system32\config\systemprofile\Nabídka Start\Programy\Příslušenství\Usnadnění\desktop.ini
c:\windows\system32\config\systemprofile\Nabídka Start\Programy\Příslušenství\Usnadnění\Klávesnice na obrazovce.lnk
c:\windows\system32\config\systemprofile\Nabídka Start\Programy\Příslušenství\Usnadnění\Lupa.lnk
c:\windows\system32\config\systemprofile\Nabídka Start\Programy\Příslušenství\Usnadnění\Správce nástrojů.lnk
c:\windows\system32\config\systemprofile\Nabídka Start\Programy\Příslušenství\Zábava\desktop.ini
c:\windows\system32\config\systemprofile\Nabídka Start\Programy\Příslušenství\Zábava\Windows Media Player.lnk
c:\windows\system32\config\systemprofile\Nabídka Start\Programy\Po spuštění\desktop.ini
c:\windows\system32\config\systemprofile\Nabídka Start\Programy\Vzdálená pomoc.lnk
c:\windows\system32\config\systemprofile\Nabídka Start\Programy\Windows Media Player.lnk
c:\windows\system32\config\systemprofile\Šablony
c:\windows\system32\config\systemprofile\Šablony\amipro.sam
c:\windows\system32\config\systemprofile\Šablony\excel.xls
c:\windows\system32\config\systemprofile\Šablony\excel4.xls
c:\windows\system32\config\systemprofile\Šablony\lotus.wk4
c:\windows\system32\config\systemprofile\Šablony\powerpnt.ppt
c:\windows\system32\config\systemprofile\Šablony\presenta.shw
c:\windows\system32\config\systemprofile\Šablony\quattro.wb2
c:\windows\system32\config\systemprofile\Šablony\sndrec.wav
c:\windows\system32\config\systemprofile\Šablony\winword.doc
c:\windows\system32\config\systemprofile\Šablony\winword2.doc
c:\windows\system32\config\systemprofile\Šablony\wordpfct.wpd
c:\windows\system32\config\systemprofile\Šablony\wordpfct.wpg
c:\windows\system32\config\systemprofile\Oblíbené položky
c:\windows\system32\config\systemprofile\Okolní síť
c:\windows\system32\config\systemprofile\Okolní tiskárny
c:\windows\system32\config\systemprofile\Plocha
c:\windows\system32\Desktop_.ini
c:\windows\system32\rchnewver.dll
c:\windows\system32\SIntf16.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-24 do 2010-01-24 )))))))))))))))))))))))))))))))
.

2010-01-23 18:07 . 2010-01-23 18:15 -------- d--h--w- c:\windows\$hf_mig$
2010-01-23 17:57 . 2010-01-05 09:57 380928 -c----w- c:\windows\system32\dllcache\ieapfltr.dll
2010-01-23 17:57 . 2009-06-29 08:33 2452872 -c----w- c:\windows\system32\dllcache\ieapfltr.dat
2010-01-23 17:57 . 2009-12-31 15:33 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe
2010-01-23 17:57 . 2010-01-05 09:58 268288 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-01-23 17:57 . 2010-01-05 09:57 63488 -c----w- c:\windows\system32\dllcache\icardie.dll
2010-01-23 17:57 . 2010-01-05 09:58 52224 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-01-23 17:57 . 2010-01-05 09:58 6067200 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-01-23 17:57 . 2010-01-05 09:58 459264 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-01-23 15:48 . 2010-01-23 16:37 -------- d-----w- C:\UsbFix
2010-01-20 19:29 . 2009-08-06 18:24 44768 ----a-w- c:\windows\system32\wups2.dll
2010-01-20 19:03 . 2006-05-24 18:00 352256 ----a-w- c:\windows\nscrt.dll
2010-01-20 19:02 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2010-01-20 19:02 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2010-01-20 19:02 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2010-01-20 19:02 . 2010-01-20 19:02 -------- d-----w- c:\windows\Logs
2010-01-20 19:01 . 2010-01-20 19:01 -------- d-----w- c:\program files\Winamp Detect
2010-01-20 18:57 . 2010-01-20 19:03 -------- d-----w- c:\program files\Winamp
2010-01-20 18:18 . 2010-01-20 18:18 -------- d-----w- c:\program files\ESET
2010-01-20 17:47 . 2010-01-20 19:59 -------- d-----w- c:\program files\trend micro
2010-01-19 18:17 . 2010-01-19 18:17 -------- d-----w- c:\program files\Photodex Presenter
2010-01-19 18:17 . 2010-01-19 18:17 -------- d-----w- c:\program files\Photodex
2010-01-17 20:00 . 2010-01-17 20:00 -------- d-----w- c:\program files\MPC HomeCinema
2010-01-17 19:57 . 2010-01-17 19:57 -------- d-----w- c:\program files\Opera
2010-01-17 19:32 . 2010-01-17 19:32 -------- d-----w- c:\program files\Ashampoo
2010-01-17 19:29 . 2003-06-18 23:31 18944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll
2010-01-17 19:29 . 2003-06-18 23:31 17920 ----a-w- c:\windows\system32\mdimon.dll
2010-01-17 19:28 . 2010-01-17 19:28 -------- d-----w- c:\program files\Microsoft Works
2010-01-17 19:28 . 2010-01-17 19:29 -------- d-----w- c:\windows\SHELLNEW
2010-01-17 19:28 . 2010-01-17 19:28 -------- d-----w- c:\program files\Microsoft.NET
2010-01-17 19:25 . 2010-01-17 19:25 -------- d-----r- C:\MSOCache
2010-01-17 19:24 . 2010-01-17 19:24 -------- d-----w- c:\program files\Skype
2010-01-17 19:24 . 2010-01-17 19:24 -------- d-----w- c:\program files\Common Files\Skype
2010-01-17 18:48 . 2010-01-17 18:51 -------- d-----w- c:\program files\QIP
2010-01-17 18:27 . 2010-01-17 18:27 -------- d-----w- c:\program files\CCleaner
2010-01-07 16:28 . 2010-01-07 16:28 -------- d-----w- c:\program files\Microsoft Silverlight

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-24 19:50 . 2008-04-14 12:00 664588 ----a-w- c:\windows\system32\perfh005.dat
2010-01-24 19:50 . 2008-04-14 12:00 217354 ----a-w- c:\windows\system32\perfc005.dat
2010-01-23 18:06 . 2009-10-06 14:53 -------- d-----w- c:\program files\VictoryRoad
2010-01-23 18:01 . 2009-05-18 08:38 -------- d-----w- c:\program files\Google
2010-01-17 19:08 . 2009-06-12 14:36 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-17 19:07 . 2009-11-24 16:33 -------- d-----w- c:\program files\EA SPORTS
2010-01-17 18:55 . 2009-12-13 21:54 -------- d-----w- c:\program files\PowerISO
2010-01-05 09:58 . 2008-04-14 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2010-01-05 09:57 . 2008-04-14 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-05 09:57 . 2008-04-14 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-12-17 15:15 . 2009-12-17 15:15 22 ----a-w- c:\windows\system32\winStudio.bin
2009-12-17 15:14 . 2009-12-17 15:14 -------- d-----w- c:\program files\IconCool Software
2009-12-13 21:37 . 2009-12-02 18:24 -------- d-----w- c:\program files\EA GAMES
2009-12-02 19:18 . 2009-12-02 19:18 -------- d-----w- c:\program files\Common Files\DirectX
2009-12-02 17:35 . 2009-12-02 17:35 -------- d-----w- c:\program files\Rockstar Games
2009-12-02 17:35 . 2009-06-12 14:36 -------- d-----w- c:\program files\Common Files\InstallShield
2009-11-30 15:11 . 2009-11-30 15:10 -------- d-----w- c:\program files\DivX
2009-11-30 15:10 . 2009-11-30 15:10 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-11-19 19:16 . 2009-11-19 19:16 223128 ----a-w- c:\windows\system32\drivers\dtscsi.sys
2009-11-18 17:30 . 2009-11-18 17:30 21840 ----a-w- c:\windows\system32\SIntfNT.dll
2009-11-18 17:30 . 2009-11-18 17:30 17212 ----a-w- c:\windows\system32\SIntf32.dll
2009-11-18 16:56 . 2009-11-18 16:56 685816 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-11-16 08:06 . 2009-11-16 08:06 55768 ----a-w- c:\windows\system32\drivers\epfwtdi.sys
2009-11-16 08:06 . 2009-11-16 08:06 135048 ----a-w- c:\windows\system32\drivers\epfw.sys
2009-11-16 08:03 . 2009-11-16 08:03 108792 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2009-11-16 07:56 . 2009-11-16 07:56 116520 ----a-w- c:\windows\system32\drivers\eamon.sys
2009-11-14 00:49 . 2009-11-30 15:11 120056 ------w- c:\windows\system32\pxcpyi64.exe
2009-11-14 00:49 . 2009-11-30 15:11 118520 ------w- c:\windows\system32\pxinsi64.exe
2009-11-14 00:47 . 2009-11-14 00:47 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-11-14 00:47 . 2009-11-14 00:47 856064 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-11-14 00:47 . 2009-11-14 00:47 856064 ----a-w- c:\windows\system32\divx_xx07.dll
2009-11-14 00:47 . 2009-11-14 00:47 847872 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-11-14 00:47 . 2009-11-14 00:47 843776 ----a-w- c:\windows\system32\divx_xx16.dll
2009-11-14 00:47 . 2009-11-14 00:47 839680 ----a-w- c:\windows\system32\divx_xx11.dll
2009-11-14 00:47 . 2009-11-14 00:47 696320 ----a-w- c:\windows\system32\DivX.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2007-09-13 22880040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2009-06-12 16861696]
"AzMixerSel"="c:\program files\Realtek\Audio\InstallShield\AzMixerSel.exe" [2009-06-12 53248]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-06-12 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-06-12 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-06-12 137752]
"VVSN"="c:\program files\VVSN\VVSN.exe" [2005-10-25 107520]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-11-16 2054360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4139:TCP"= 4139:TCP:kzfqy

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [16.11.2009 9:03 108792]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [16.11.2009 9:04 735960]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [18.11.2009 17:56 685816]
S2 vewjwatw;Helper Server;c:\windows\system32\svchost.exe -k netsvcs [14.4.2008 13:00 14336]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
vewjwatw
.
Obsah adresáře 'Naplánované úlohy'

2010-01-24 c:\windows\Tasks\NSSstub.job
- c:\windows\system32\Adobe\Shockwave 11\nssstub.exe [2009-11-14 20:17]
.
.
------- Doplňkový sken -------
.
uDefault_Search_URL = hxxp://search.qip.ru
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {{C5428486-50A0-4a02-9D20-520B59A9F9B2} - {C9CCBB35-D123-4a31-AFFC-9B2933132116} -
IE: {{C5428486-50A0-4a02-9D20-520B59A9F9B3} - {A16AD1E9-F69A-45af-9462-B1C286708842} -
FF - ProfilePath - c:\documents and settings\Jozef Čopík\Data aplikací\Mozilla\Firefox\Profiles\8xbekjd6.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
FF - prefs.js: network.proxy.type - 4
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npsaix.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

URLSearchHooks-{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - (no file)
WebBrowser-{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-24 20:56
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\vewjwatw]
"ServiceDll"="c:\windows\system32\boaywxp.dll"
.
Celkový čas: 2010-01-24 20:59:24
ComboFix-quarantined-files.txt 2010-01-24 19:59

Před spuštěním: Volných bajtů: 119 587 385 344
Po spuštění: Volných bajtů: 119 816 531 968

WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 3C690611863CE0FEDA08AB71171C1A9A

Pitimíre, omlouvám se za vstup, byla jsem požádána po sz

Odinstalujte combofix přes
Start >> Spustit zkopírujte do okénka:

ComboFix /Uninstall

stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.

Stahněte nový combofix
http://download.bleepingcomputer.com/sUBs/ComboFix.exe


Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka
-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:




-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci




Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

Takze tu je log z COMBOFIXU :

ComboFix 10-01-26.01 - Jozef Čopík 26.01.2010 18:25:26.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1014.571 [GMT 1:00]
Spuštěný z: c:\documents and settings\Jozef Čopík\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Jozef Čopík\Plocha\CFScript.txt.txt
AV: ESET Smart Security 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Rezidentní štít AV je zapnutý


FILE ::
"c:\documents and settings\jozef Čopík\dokumenty\downloads\sims 2+power iso 3.1\power iso 3.1+keygen\poweriso3.1.exe"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\jozef Čopík\dokumenty\downloads\sims 2+power iso 3.1\power iso 3.1+keygen\poweriso3.1.exe

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_VEWJWATW
-------\Service_vewjwatw


((((((((((((((((((((((((( Soubory vytvořené od 2009-12-26 do 2010-01-26 )))))))))))))))))))))))))))))))
.

2010-01-24 19:57 . 2010-01-24 19:57 -------- d-s---w- c:\windows\system32\config\systemprofile\Data aplikací
2010-01-23 18:07 . 2010-01-24 20:06 -------- d--h--w- c:\windows\$hf_mig$
2010-01-23 17:57 . 2010-01-05 09:57 380928 -c----w- c:\windows\system32\dllcache\ieapfltr.dll
2010-01-23 17:57 . 2009-06-29 08:33 2452872 -c----w- c:\windows\system32\dllcache\ieapfltr.dat
2010-01-23 17:57 . 2009-12-31 15:33 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe
2010-01-23 17:57 . 2010-01-05 09:58 268288 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-01-23 17:57 . 2010-01-05 09:57 63488 -c----w- c:\windows\system32\dllcache\icardie.dll
2010-01-23 17:57 . 2010-01-05 09:58 52224 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-01-23 17:57 . 2010-01-05 09:58 6067200 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-01-23 17:57 . 2010-01-05 09:58 459264 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-01-20 19:29 . 2009-08-06 18:24 44768 ----a-w- c:\windows\system32\wups2.dll
2010-01-20 19:03 . 2006-05-24 18:00 352256 ----a-w- c:\windows\nscrt.dll
2010-01-20 19:02 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2010-01-20 19:02 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2010-01-20 19:02 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2010-01-20 19:02 . 2010-01-20 19:02 -------- d-----w- c:\windows\Logs
2010-01-20 19:01 . 2010-01-20 19:01 -------- d-----w- c:\program files\Winamp Detect
2010-01-20 18:57 . 2010-01-20 19:03 -------- d-----w- c:\program files\Winamp
2010-01-20 18:18 . 2010-01-20 18:18 -------- d-----w- c:\program files\ESET
2010-01-20 17:47 . 2010-01-20 19:59 -------- d-----w- c:\program files\trend micro
2010-01-19 18:17 . 2010-01-19 18:17 -------- d-----w- c:\program files\Photodex Presenter
2010-01-19 18:17 . 2010-01-19 18:17 -------- d-----w- c:\program files\Photodex
2010-01-17 20:00 . 2010-01-17 20:00 -------- d-----w- c:\program files\MPC HomeCinema
2010-01-17 19:57 . 2010-01-17 19:57 -------- d-----w- c:\program files\Opera
2010-01-17 19:32 . 2010-01-17 19:32 -------- d-----w- c:\program files\Ashampoo
2010-01-17 19:29 . 2003-06-18 23:31 18944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll
2010-01-17 19:29 . 2003-06-18 23:31 17920 ----a-w- c:\windows\system32\mdimon.dll
2010-01-17 19:28 . 2010-01-17 19:28 -------- d-----w- c:\program files\Microsoft Works
2010-01-17 19:28 . 2010-01-17 19:29 -------- d-----w- c:\windows\SHELLNEW
2010-01-17 19:28 . 2010-01-17 19:28 -------- d-----w- c:\program files\Microsoft.NET
2010-01-17 19:25 . 2010-01-17 19:25 -------- d-----r- C:\MSOCache
2010-01-17 19:24 . 2010-01-17 19:24 -------- d-----w- c:\program files\Skype
2010-01-17 19:24 . 2010-01-17 19:24 -------- d-----w- c:\program files\Common Files\Skype
2010-01-17 18:48 . 2010-01-17 18:51 -------- d-----w- c:\program files\QIP
2010-01-17 18:27 . 2010-01-17 18:27 -------- d-----w- c:\program files\CCleaner
2010-01-07 16:28 . 2010-01-07 16:28 -------- d-----w- c:\program files\Microsoft Silverlight

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-26 09:47 . 2008-04-14 12:00 672382 ----a-w- c:\windows\system32\perfh005.dat
2010-01-26 09:47 . 2008-04-14 12:00 221998 ----a-w- c:\windows\system32\perfc005.dat
2010-01-23 18:06 . 2009-10-06 14:53 -------- d-----w- c:\program files\VictoryRoad
2010-01-23 18:01 . 2009-05-18 08:38 -------- d-----w- c:\program files\Google
2010-01-17 19:08 . 2009-06-12 14:36 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-17 19:07 . 2009-11-24 16:33 -------- d-----w- c:\program files\EA SPORTS
2010-01-05 09:58 . 2008-04-14 12:00 832512 ------w- c:\windows\system32\wininet.dll
2010-01-05 09:57 . 2008-04-14 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-05 09:57 . 2008-04-14 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-12-17 15:15 . 2009-12-17 15:15 22 ----a-w- c:\windows\system32\winStudio.bin
2009-12-13 21:37 . 2009-12-02 18:24 -------- d-----w- c:\program files\EA GAMES
2009-12-02 19:18 . 2009-12-02 19:18 -------- d-----w- c:\program files\Common Files\DirectX
2009-12-02 17:35 . 2009-12-02 17:35 -------- d-----w- c:\program files\Rockstar Games
2009-12-02 17:35 . 2009-06-12 14:36 -------- d-----w- c:\program files\Common Files\InstallShield
2009-11-30 15:11 . 2009-11-30 15:10 -------- d-----w- c:\program files\DivX
2009-11-30 15:10 . 2009-11-30 15:10 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-11-19 19:16 . 2009-11-19 19:16 223128 ----a-w- c:\windows\system32\drivers\dtscsi.sys
2009-11-18 17:30 . 2009-11-18 17:30 21840 ----a-w- c:\windows\system32\SIntfNT.dll
2009-11-18 17:30 . 2009-11-18 17:30 17212 ----a-w- c:\windows\system32\SIntf32.dll
2009-11-18 16:56 . 2009-11-18 16:56 685816 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-11-16 08:06 . 2009-11-16 08:06 55768 ----a-w- c:\windows\system32\drivers\epfwtdi.sys
2009-11-16 08:06 . 2009-11-16 08:06 135048 ----a-w- c:\windows\system32\drivers\epfw.sys
2009-11-16 08:03 . 2009-11-16 08:03 108792 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2009-11-16 07:56 . 2009-11-16 07:56 116520 ----a-w- c:\windows\system32\drivers\eamon.sys
2009-11-14 00:49 . 2009-11-30 15:11 120056 ------w- c:\windows\system32\pxcpyi64.exe
2009-11-14 00:49 . 2009-11-30 15:11 118520 ------w- c:\windows\system32\pxinsi64.exe
2009-11-14 00:47 . 2009-11-14 00:47 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-11-14 00:47 . 2009-11-14 00:47 856064 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-11-14 00:47 . 2009-11-14 00:47 856064 ----a-w- c:\windows\system32\divx_xx07.dll
2009-11-14 00:47 . 2009-11-14 00:47 847872 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-11-14 00:47 . 2009-11-14 00:47 843776 ----a-w- c:\windows\system32\divx_xx16.dll
2009-11-14 00:47 . 2009-11-14 00:47 839680 ----a-w- c:\windows\system32\divx_xx11.dll
2009-11-14 00:47 . 2009-11-14 00:47 696320 ----a-w- c:\windows\system32\DivX.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2007-09-13 22880040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2009-06-12 16861696]
"AzMixerSel"="c:\program files\Realtek\Audio\InstallShield\AzMixerSel.exe" [2009-06-12 53248]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-06-12 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-06-12 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-06-12 137752]
"VVSN"="c:\program files\VVSN\VVSN.exe" [2005-10-25 107520]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-11-16 2054360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [16.11.2009 9:03 108792]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [16.11.2009 9:04 735960]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [18.11.2009 17:56 685816]
.
.
------- Doplňkový sken -------
.
uDefault_Search_URL = hxxp://search.qip.ru
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {{C5428486-50A0-4a02-9D20-520B59A9F9B2} - {C9CCBB35-D123-4a31-AFFC-9B2933132116} -
IE: {{C5428486-50A0-4a02-9D20-520B59A9F9B3} - {A16AD1E9-F69A-45af-9462-B1C286708842} -
FF - ProfilePath - c:\documents and settings\Jozef Čopík\Data aplikací\Mozilla\Firefox\Profiles\8xbekjd6.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
FF - prefs.js: network.proxy.type - 4
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npsaix.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-26 18:34
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\RTHDCPL.EXE
c:\windows\system32\igfxsrvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Photodex\ProShowGold\ScsiAccess.exe
c:\windows\System32\snmp.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
.
**************************************************************************
.
Celkový čas: 2010-01-26 18:37:11 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-01-26 17:37

Před spuštěním: Volných bajtů: 119 624 224 768
Po spuštění: Volných bajtů: 119 738 605 568

- - End Of File - - B5FBB07BF59BCA4974D04C709A4EC409

a pridavam aj log z MBAM

Malwarebytes' Anti-Malware 1.44
Verzia databázy: 3640
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

26.1.2010 20:11:34
mbam-log-2010-01-26 (20-11-30).txt

Typ kontroly: Úplná (C:\|)
Objektov kontrolovaných: 160189
Uplynutý cas: 55 minute(s), 46 second(s)

Infikovaných procesov pamäte: 0
Infikovaných modulov pamäte: 0
Infikovaných registracných klúcov: 35
Infikovaných registracných hodnôt: 6
Infikovaných registracných údajov položiek: 3
Infikovaných priecinkov: 4
Infikovaných súborov: 38

Infikovaných procesov pamäte:
(Žiadne škodlivé položky)

Infikovaných modulov pamäte:
(Žiadne škodlivé položky)

Infikovaných registracných klúcov:
HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{877f3eab-4462-44df-8475-6064eafd7fbf} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{9bec9b38-bf39-4899-806e-a1c5dfeb60a2} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e6961c59-cfce-4ccd-b794-bc78db98413a} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{8c788aa2-7530-43be-97b7-4d491f13bea3} (Adware.Softomate) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{b03a4be6-5e5a-b9b3-483e-c484d4b20b72} (Spyware.OnlineGames) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{883dfc00-8a21-411d-956c-73a4e4b7d16f} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{ac5ab953-ed25-4f9c-87f0-b086b0178ffa} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{c28a0312-c403-417b-a425-a915bc0519cd} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.ShopperReports) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.ShopperReports) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eddbb5ee-bb64-4bfc-9dbe-e7c85941335b} (Adware.Zango) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sukoku (Adware.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Media Access Startup (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> No action taken.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Funband Serach (Adware.DoubleD) -> No action taken.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Funband Serach (Adware.DoubleD) -> No action taken.

Infikovaných registracných hodnôt:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{0ba0192d-94a5-45e3-b2b8-3ec5a1a0b5ec} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{2224e955-00e9-4613-a844-ce69fccaae91} (Adware.DoubleD) -> No action taken.

Infikovaných registracných údajov položiek:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Infikovaných priecinkov:
C:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge (Spyware.MarketScore) -> No action taken.
C:\Documents and Settings\All Users\Data aplikací\Sukoku (Adware.Zwangi) -> No action taken.
C:\Program Files\Sukoku (Adware.Zwangi) -> No action taken.
C:\Documents and Settings\All Users\Nabídka Start\Programy\Hotbar (Adware.Hotbar) -> No action taken.

Infikovaných súborov:
C:\Program Files\Sukoku\uninstall.exe (Adware.Agent) -> No action taken.
C:\System Volume Information\_restore{6C9D170E-38D9-4373-9DA6-5EDDA548218C}\RP134\A0082154.exe (Spyware.OnlineGames) -> No action taken.
C:\System Volume Information\_restore{6C9D170E-38D9-4373-9DA6-5EDDA548218C}\RP134\A0082202.exe (Spyware.OnlineGames) -> No action taken.
C:\System Volume Information\_restore{6C9D170E-38D9-4373-9DA6-5EDDA548218C}\RP140\A0112462.exe (Adware.Zango) -> No action taken.
C:\System Volume Information\_restore{6C9D170E-38D9-4373-9DA6-5EDDA548218C}\RP140\A0112464.exe (Adware.Zango) -> No action taken.
C:\System Volume Information\_restore{6C9D170E-38D9-4373-9DA6-5EDDA548218C}\RP154\A0143132.exe (Spyware.OnlineGames) -> No action taken.
C:\System Volume Information\_restore{6C9D170E-38D9-4373-9DA6-5EDDA548218C}\RP155\A0143140.exe (Spyware.OnlineGames) -> No action taken.
C:\System Volume Information\_restore{6C9D170E-38D9-4373-9DA6-5EDDA548218C}\RP155\A0143158.exe (Spyware.OnlineGames) -> No action taken.
C:\System Volume Information\_restore{6C9D170E-38D9-4373-9DA6-5EDDA548218C}\RP155\A0143177.exe (Spyware.OnlineGames) -> No action taken.
C:\System Volume Information\_restore{6C9D170E-38D9-4373-9DA6-5EDDA548218C}\RP155\A0143195.exe (Spyware.OnlineGames) -> No action taken.
C:\System Volume Information\_restore{6C9D170E-38D9-4373-9DA6-5EDDA548218C}\RP157\A0145730.exe (Adware.DoubleD) -> No action taken.
C:\System Volume Information\_restore{6C9D170E-38D9-4373-9DA6-5EDDA548218C}\RP166\A0147236.exe (Spyware.OnlineGames) -> No action taken.
C:\System Volume Information\_restore{6C9D170E-38D9-4373-9DA6-5EDDA548218C}\RP166\A0147253.exe (Spyware.OnlineGames) -> No action taken.
C:\System Volume Information\_restore{6C9D170E-38D9-4373-9DA6-5EDDA548218C}\RP170\A0147502.dll (Trojan.FakeAlert) -> No action taken.
C:\System Volume Information\_restore{6C9D170E-38D9-4373-9DA6-5EDDA548218C}\RP178\A0151282.exe (Adware.Hotbar) -> No action taken.
C:\System Volume Information\_restore{6C9D170E-38D9-4373-9DA6-5EDDA548218C}\RP178\A0151283.dll (Adware.Hotbar) -> No action taken.
C:\System Volume Information\_restore{6C9D170E-38D9-4373-9DA6-5EDDA548218C}\RP178\A0151285.dll (Adware.Hotbar) -> No action taken.
C:\System Volume Information\_restore{6C9D170E-38D9-4373-9DA6-5EDDA548218C}\RP178\A0153407.exe (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{6C9D170E-38D9-4373-9DA6-5EDDA548218C}\RP178\A0153427.sys (Malware.Trace) -> No action taken.
C:\System Volume Information\_restore{6C9D170E-38D9-4373-9DA6-5EDDA548218C}\RP178\A0153464.sys (Malware.Trace) -> No action taken.
C:\System Volume Information\_restore{6C9D170E-38D9-4373-9DA6-5EDDA548218C}\RP178\A0153527.sys (Malware.Trace) -> No action taken.
C:\System Volume Information\_restore{6C9D170E-38D9-4373-9DA6-5EDDA548218C}\RP178\A0153571.sys (Malware.Trace) -> No action taken.
C:\System Volume Information\_restore{6C9D170E-38D9-4373-9DA6-5EDDA548218C}\RP178\A0153663.dll (Adware.Hotbar) -> No action taken.
C:\System Volume Information\_restore{6C9D170E-38D9-4373-9DA6-5EDDA548218C}\RP178\A0153704.sys (Malware.Trace) -> No action taken.
C:\System Volume Information\_restore{6C9D170E-38D9-4373-9DA6-5EDDA548218C}\RP179\A0155671.sys (Malware.Trace) -> No action taken.
C:\System Volume Information\_restore{6C9D170E-38D9-4373-9DA6-5EDDA548218C}\RP180\A0157786.sys (Malware.Trace) -> No action taken.
C:\System Volume Information\_restore{6C9D170E-38D9-4373-9DA6-5EDDA548218C}\RP180\A0157975.sys (Malware.Trace) -> No action taken.
C:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge\About RelevantKnowledge.lnk (Spyware.MarketScore) -> No action taken.
C:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge\Privacy Policy and User License Agreement.lnk (Spyware.MarketScore) -> No action taken.
C:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge\Support.lnk (Spyware.MarketScore) -> No action taken.
C:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge\Uninstall Instructions.lnk (Spyware.MarketScore) -> No action taken.
C:\Documents and Settings\All Users\Nabídka Start\Programy\Hotbar\About Hotbar.lnk (Adware.Hotbar) -> No action taken.
C:\Documents and Settings\All Users\Nabídka Start\Programy\Hotbar\Hotbar Customer Support Center.lnk (Adware.Hotbar) -> No action taken.
C:\Documents and Settings\All Users\Nabídka Start\Programy\Hotbar\Hotbar Games!.lnk (Adware.Hotbar) -> No action taken.
C:\Documents and Settings\All Users\Nabídka Start\Programy\Hotbar\Hotbar Uninstall Instructions.lnk (Adware.Hotbar) -> No action taken.
C:\Documents and Settings\All Users\Nabídka Start\Programy\Hotbar\Hotbar Videos!.lnk (Adware.Hotbar) -> No action taken.
C:\Documents and Settings\All Users\Nabídka Start\Programy\Hotbar\Reset Cursor.lnk (Adware.Hotbar) -> No action taken.
C:\Documents and Settings\All Users\Nabídka Start\Programy\Hotbar\Weather.lnk (Adware.Hotbar) -> No action taken.

Co našel mbam, smaž
jak to vypadá s pořítačem?

Stáhněte SystemLook
http://jpshortstuff.247fixes.com/SystemLook.exe

-uložte ho na plochu a spustte.
-do okénka zkopírujte -klikněte na Look, proběhne sken, na konci se zobrazí log, jehož obsah zkopírujete sem

Tu je Log s SystemLook

SystemLook v1.0 by jpshortstuff (11.01.10)
Log created at 20:03 on 28/01/2010 by Jozef Čopík (Administrator - Elevation successful)

========== filefind ==========

Searching for "boaywxp.dll"
No files found.

========== regfind ==========

Searching for "boaywxp.dll"
No data found.

-=End Of File=-

Zde - C:\Qoobox\Quarantine vytáhni z karantény co Ti combofix smazal a potřebuješ - hudbu a pod.

Odinstalujte combofix přes
Start >> Spustit zkopírujte do okénka:

ComboFix /Uninstall

stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.



Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir


Stahněte TFC a použijte
TFC (http://oldtimer.geekstogo.com/TFC.exe)


Stáhněte Ccleaner,viz můj podpis
-nainstalujte a vyčištěte dočasné soubory, i registry

Vložte nový log ze RSIT a řekněte co počítač,jak se chová,už je vše v pořádku?

Jestli budeš mít ještě náladu, pust webcureit, at máme jistotu, že je pc čisté

Stahněte dr. Web CureIt http://www.viry.cz/forum/viewtopic.php?f=29&t=47721
-udělejte sken , co najde nechte léčit, smazat
-sken může trvat několik hodin
-Soubor/Uložit výsledky - uložíte jako textovy soubor a zkopírujete zde

Takze tu je novy log z RSITU :

BTW notebook sa sprava celkom v pohode, akurat troska pomaly pracuje a dost dlho sa spusta windows

Logfile of random's system information tool 1.06 (written by random/random)
Run by Jozef Čopík at 2010-02-03 18:41:37
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 117 GB (77%) free of 153 GB
Total RAM: 1014 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:42:05, on 3.2.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\VVSN\VVSN.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Opera\Opera.exe
C:\Documents and Settings\Jozef Čopík\Plocha\RSIT.exe
C:\Program Files\trend micro\Jozef Čopík.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [VVSN] C:\Program Files\VVSN\VVSN.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 4015597593
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe

--
End of file - 5080 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-06-12 16861696]
"AzMixerSel"=C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe [2009-06-12 53248]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-06-12 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-06-12 166424]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2009-06-12 137752]
"VVSN"=C:\Program Files\VVSN\VVSN.exe [2005-10-25 107520]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-11-16 2054360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2007-09-13 22880040]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2009-06-12 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"HonorAutoRunSetting"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Průvodce přenesením souborů a nastavení"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-02-03 18:41:37 ----D---- C:\rsit
2010-01-30 21:10:21 ----SHD---- C:\RECYCLER
2010-01-28 19:46:35 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-01-28 19:46:12 ----D---- C:\WINDOWS\ie8updates
2010-01-28 19:28:56 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-01-28 19:28:47 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-28 19:28:38 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-01-28 19:28:28 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-01-28 19:28:21 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2010-01-28 19:28:14 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2010-01-28 19:28:07 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-01-28 19:27:58 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2010-01-28 19:27:49 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-01-28 19:27:38 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-01-28 19:27:32 ----D---- C:\Program Files\MSXML 4.0
2010-01-28 19:27:24 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-01-28 19:27:18 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-01-28 19:27:05 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2010-01-28 19:26:56 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-01-28 19:26:48 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-01-28 19:26:41 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-01-28 19:26:36 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-01-28 19:26:30 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2010-01-28 19:23:12 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2010-01-28 19:23:07 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-01-28 19:23:00 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-01-28 19:20:24 ----HDC---- C:\WINDOWS\ie8
2010-01-28 19:09:09 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-01-28 19:09:02 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-01-28 19:08:55 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-01-28 19:08:48 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-01-28 19:08:41 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2010-01-28 19:08:32 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-01-28 19:08:22 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-01-28 19:08:12 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-01-28 19:08:02 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2010-01-28 19:07:40 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2010-01-28 19:07:34 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-01-28 19:07:28 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-01-28 19:07:22 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-01-28 19:07:16 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-01-28 19:07:06 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-01-28 19:06:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-01-28 19:06:39 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-01-28 19:06:30 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-01-28 19:06:24 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2010-01-28 19:06:06 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-01-28 19:05:59 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2010-01-28 19:05:53 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-01-28 19:05:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-01-28 19:05:40 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2010-01-28 19:05:34 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2010-01-28 19:05:28 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-01-28 19:05:23 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-01-28 19:05:17 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-01-28 19:05:10 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-01-28 19:05:05 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-01-28 19:05:00 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-01-28 19:04:55 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2010-01-28 19:04:38 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-01-28 19:04:28 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-01-28 19:04:22 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-01-28 19:04:15 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-01-28 19:04:06 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2010-01-26 20:41:43 ----D---- C:\f3f74bce354ee6ef7de00ce2
2010-01-26 18:51:57 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\Malwarebytes
2010-01-26 18:51:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-01-26 18:51:48 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-01-26 18:31:19 ----D---- C:\WINDOWS\temp
2010-01-25 10:35:47 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\Sachy
2010-01-24 21:07:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2010-01-24 21:06:39 ----D---- C:\WINDOWS\system32\PreInstall
2010-01-24 21:06:36 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2010-01-24 20:47:04 ----RASHD---- C:\cmdcons
2010-01-23 19:13:35 ----D---- C:\WINDOWS\ie7updates
2010-01-23 19:12:37 ----D---- C:\WINDOWS\WBEM
2010-01-23 19:09:29 ----HDC---- C:\WINDOWS\ie7
2010-01-23 19:08:54 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2010-01-23 19:08:18 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-01-23 19:08:08 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2010-01-23 19:07:28 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-23 19:00:09 ----A---- C:\WINDOWS\system32\MRT.exe
2010-01-23 16:55:07 ----RAD---- C:\autorun.inf
2010-01-20 20:29:42 ----A---- C:\WINDOWS\system32\wups2.dll
2010-01-20 20:29:32 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2010-01-20 20:29:25 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2010-01-20 20:29:02 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2010-01-20 20:29:01 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-01-20 20:03:28 ----A---- C:\WINDOWS\nscrt.dll
2010-01-20 20:02:29 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2010-01-20 20:02:27 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2010-01-20 20:02:25 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-01-20 20:02:05 ----D---- C:\WINDOWS\Logs
2010-01-20 20:01:44 ----D---- C:\Program Files\Winamp Detect
2010-01-20 19:57:00 ----D---- C:\Program Files\Winamp
2010-01-20 19:57:00 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\Winamp
2010-01-20 19:23:53 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\ESET
2010-01-20 19:18:36 ----D---- C:\Program Files\ESET
2010-01-20 18:59:28 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\SteelBytes
2010-01-20 18:47:37 ----D---- C:\Program Files\trend micro
2010-01-19 19:17:16 ----D---- C:\Program Files\Photodex Presenter
2010-01-19 19:17:16 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\Netscape
2010-01-19 19:17:03 ----D---- C:\Program Files\Photodex
2010-01-19 19:16:48 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\Photodex
2010-01-17 21:00:21 ----D---- C:\Program Files\MPC HomeCinema
2010-01-17 20:58:05 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\Opera
2010-01-17 20:57:54 ----D---- C:\Program Files\Opera
2010-01-17 20:33:04 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\Ashampoo
2010-01-17 20:32:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\ashampoo
2010-01-17 20:32:31 ----D---- C:\Program Files\Ashampoo
2010-01-17 20:30:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2010-01-17 20:29:53 ----A---- C:\WINDOWS\ODBC.INI
2010-01-17 20:29:47 ----A---- C:\WINDOWS\system32\mdimon.dll
2010-01-17 20:28:38 ----D---- C:\Program Files\Common Files\DESIGNER
2010-01-17 20:28:32 ----D---- C:\Program Files\Microsoft Works
2010-01-17 20:28:26 ----D---- C:\Program Files\Microsoft Visual Studio
2010-01-17 20:28:06 ----D---- C:\WINDOWS\SHELLNEW
2010-01-17 20:28:03 ----D---- C:\Program Files\Microsoft.NET
2010-01-17 20:28:03 ----D---- C:\Program Files\Microsoft Office
2010-01-17 20:25:19 ----RD---- C:\MSOCache
2010-01-17 20:24:59 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\Skype
2010-01-17 20:24:26 ----D---- C:\Program Files\Skype
2010-01-17 20:24:26 ----D---- C:\Program Files\Common Files\Skype
2010-01-17 20:24:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2010-01-17 20:05:02 ----D---- C:\Config.Msi
2010-01-17 19:48:43 ----D---- C:\Program Files\QIP
2010-01-17 19:27:19 ----D---- C:\Program Files\CCleaner
2010-01-07 17:28:42 ----D---- C:\Program Files\Microsoft Silverlight

======List of files/folders modified in the last 1 months======

2010-02-03 18:41:45 ----D---- C:\WINDOWS\Prefetch
2010-02-03 18:39:34 ----D---- C:\WINDOWS\system32
2010-02-03 18:39:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-02-03 18:37:33 ----D---- C:\WINDOWS\Debug
2010-02-03 18:37:33 ----AD---- C:\WINDOWS
2010-02-03 18:35:31 ----SHD---- C:\System Volume Information
2010-02-03 18:35:31 ----D---- C:\WINDOWS\system32\Restore
2010-02-03 18:34:02 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-02-03 18:02:41 ----D---- C:\Program Files\Mozilla Firefox
2010-02-01 20:34:02 ----HD---- C:\WINDOWS\inf
2010-02-01 20:34:00 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-29 11:25:19 ----D---- C:\WINDOWS\Microsoft.NET
2010-01-29 11:24:57 ----RSD---- C:\WINDOWS\assembly
2010-01-28 19:56:28 ----D---- C:\Program Files\Internet Explorer
2010-01-28 19:47:14 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-28 19:46:30 ----SHD---- C:\WINDOWS\Installer
2010-01-28 19:46:30 ----D---- C:\WINDOWS\WinSxS
2010-01-28 19:32:02 ----D---- C:\WINDOWS\system32\cs-cz
2010-01-28 19:32:02 ----D---- C:\WINDOWS\Media
2010-01-28 19:32:02 ----D---- C:\WINDOWS\AppPatch
2010-01-28 19:32:01 ----D---- C:\WINDOWS\Help
2010-01-28 19:32:00 ----D---- C:\WINDOWS\system32\wbem
2010-01-28 19:27:41 ----D---- C:\WINDOWS\system32\drivers
2010-01-28 19:08:43 ----D---- C:\Program Files\Outlook Express
2010-01-28 19:06:49 ----D---- C:\WINDOWS\system32\CatRoot
2010-01-28 19:05:02 ----D---- C:\Program Files\Messenger
2010-01-26 20:43:06 ----D---- C:\WINDOWS\system32\XPSViewer
2010-01-26 20:43:00 ----D---- C:\WINDOWS\system32\en-us
2010-01-26 20:42:50 ----RSD---- C:\WINDOWS\Fonts
2010-01-26 18:51:48 ----RD---- C:\Program Files
2010-01-26 18:33:31 ----A---- C:\WINDOWS\system.ini
2010-01-26 18:31:41 ----D---- C:\WINDOWS\system32\config
2010-01-26 18:29:39 ----D---- C:\Program Files\Common Files
2010-01-24 20:58:44 ----SD---- C:\WINDOWS\Tasks
2010-01-24 20:47:12 ----RASH---- C:\boot.ini
2010-01-23 19:06:28 ----D---- C:\Program Files\VictoryRoad
2010-01-23 19:01:19 ----D---- C:\Program Files\Google
2010-01-23 16:44:03 ----D---- C:\WINDOWS\SoftwareDistribution
2010-01-20 20:27:53 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-01-20 20:02:34 ----D---- C:\WINDOWS\system32\DirectX
2010-01-20 20:01:43 ----D---- C:\Program Files\Windows Media Player
2010-01-20 20:01:40 ----D---- C:\WINDOWS\RegisteredPackages
2010-01-20 20:01:39 ----D---- C:\WINDOWS\security
2010-01-19 19:17:16 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\Mozilla
2010-01-17 21:43:18 ----SD---- C:\Documents and Settings\Jozef Čopík\Data aplikací\Microsoft
2010-01-17 20:29:58 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-01-17 20:29:36 ----A---- C:\WINDOWS\win.ini
2010-01-17 20:29:19 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-01-17 20:28:11 ----D---- C:\Program Files\Common Files\System
2010-01-17 20:25:24 ----D---- C:\WINDOWS\system
2010-01-17 20:08:18 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-17 20:07:42 ----D---- C:\Program Files\EA SPORTS
2010-01-17 19:58:31 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\uTorrent
2010-01-17 19:44:23 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\~0
2010-01-17 19:27:55 ----D---- C:\WINDOWS\Minidump
2010-01-12 16:46:29 ----A---- C:\WINDOWS\wwp.INI
2010-01-07 18:21:44 ----D---- C:\Documents and Settings\Jozef Čopík\Data aplikací\Google
2010-01-05 10:57:58 ----N---- C:\WINDOWS\system32\extmgr.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2009-11-16 55768]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-11-16 116520]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2009-11-16 135048]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2008-04-14 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2008-04-14 55936]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-07-26 547904]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2008-05-30 161792]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2009-06-19 33096]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-06-12 5851488]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-06-12 4785664]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2009-11-19 223128]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-11-18 685816]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-11-16 735960]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ScsiAccess;ScsiAccess; C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe [2010-01-19 181312]
R2 SNMP;SNMP; C:\WINDOWS\System32\snmp.exe [2008-04-14 32768]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-11-16 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LPDSVC;Tiskový server TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2008-04-14 19456]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SNMPTRAP;Zachytávání pro službu SNMP; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------