VIRY.CZ

RSIT log, dakujem

Logfile of random's system information tool 1.06 (written by random/random)
Run by Tomas a Martinka at 2010-04-05 07:15:28
Microsoft Windows XP Professional Service Pack 2
System drive C: has 967 MB (10%) free of 10 GB
Total RAM: 1007 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:15:33, on 5.4.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\pdfforge Toolbar\SearchSettings.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Documents and Settings\Tomas a Martinka\Application Data\QipGuard\QipGuard.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Tomas a Martinka\Desktop\RSIT.exe
C:\Program Files\trend micro\Tomas a Martinka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Tomas a Martinka\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Tomas a Martinka\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Documents and Settings\Tomas a Martinka\Application Data\QipGuard\QipGuard.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP Infium\infium.exe (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\..\{D1A63F35-AD5C-4A2A-A5D2-99C298488DE0}: NameServer = 192.168.202.213,192.168.202.222
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

--
End of file - 6036 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-11-18 333192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Tomas a Martinka\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll [2009-05-04 650752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
C:\Program Files\pdfforge Toolbar\SearchSettings.dll [2009-05-04 1114112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-09 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Foxit Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-11-18 333192]
{B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll [2009-05-04 650752]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-07-27 68096]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2003-10-02 155648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2003-10-02 118784]
"SearchSettings"=C:\Program Files\pdfforge Toolbar\SearchSettings.exe [2009-05-04 992256]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-10-07 1461080]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"Voice ATIS"= []
"VoiceATIS"= []
"QIP Internet Guardian"=C:\Documents and Settings\Tomas a Martinka\Application Data\QipGuard\QipGuard.exe [2010-03-12 184272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2003-10-02 319488]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDesktop"=0
"NoActiveDesktop"=0
"HideClock"=0
"NoStartMenuPinnedList"=0
"NoStartMenuMFUprogramsList"=0
"NoUserNameInStartMenu"=0
"StartmenuLogoff"=0
"NoStartMenuSubFolders"=0
"NoCommonGroups"=0
"NoPrinterTabs"=0
"NoDeletePrinter"=0
"NoAddPrinter"=0
"NoPrinters"=0
"NoFavoritesMenu"=0
"NoRun"=0
"NoFind"=0
"NoClose"=0
"NoSetFolders"=0
"NoViewContextMenu"=0
"NoDrives"=0
"NoToolbarCustomize"=0
"NoRecentDocsNetHood"=0
"NoChangeAnimation"=0
"NoChangeKeyboardNavigationIndicators"=0
"NoThemesTab"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\QIP Infium\infium.exe"="C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"D:\Program Files\Flight Simulator 9\FS9.EXE"="D:\Program Files\Flight Simulator 9\FS9.EXE:*:Enabled:Microsoft Flight Simulator"
"D:\Program Files\IVAO\IvAp\ivapnetint.exe"="D:\Program Files\IVAO\IvAp\ivapnetint.exe:*:Enabled:ivapnetint"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\Program Files\Microsoft Games\Flight Simulator 9\FS9.EXE"="D:\Program Files\Microsoft Games\Flight Simulator 9\FS9.EXE:*:Enabled:Microsoft Flight Simulator"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Documents and Settings\Tomas a Martinka\Local Settings\Temp\Rar$EX00.875\vPAR_Q.exe"="C:\Documents and Settings\Tomas a Martinka\Local Settings\Temp\Rar$EX00.875\vPAR_Q.exe:*:Enabled:vPAR QuadRadar"
"C:\Documents and Settings\Tomas a Martinka\Desktop\vPAR_Q\vPAR_Q.exe"="C:\Documents and Settings\Tomas a Martinka\Desktop\vPAR_Q\vPAR_Q.exe:*:Disabled:vPAR QuadRadar"
"C:\Documents and Settings\Tomas a Martinka\Desktop\vpar\vPAR_Q.exe"="C:\Documents and Settings\Tomas a Martinka\Desktop\vpar\vPAR_Q.exe:*:Enabled:vPAR QuadRadar"
"C:\Documents and Settings\Tomas a Martinka\Desktop\vpar\vPAR_A.exe"="C:\Documents and Settings\Tomas a Martinka\Desktop\vpar\vPAR_A.exe:*:Enabled:vPAR QuadRadar Analog"
"D:\Program Files\Flight Strip Tool - IVAO\FST.exe"="D:\Program Files\Flight Strip Tool - IVAO\FST.exe:*:Enabled:FST"
"D:\Program Files\Easy Clearance 3\EasyClearance3.exe"="D:\Program Files\Easy Clearance 3\EasyClearance3.exe:*:Enabled:Clearance Tool für IVAO"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-04-05 07:10:47 ----D---- C:\Program Files\trend micro
2010-04-05 07:10:46 ----D---- C:\rsit
2010-04-04 07:45:50 ----D---- C:\Program Files\TrendMicro
2010-04-03 08:50:29 ----D---- C:\Program Files\DAEMON Tools Lite
2010-04-01 16:14:29 ----D---- C:\Program Files\Common Files\Apple
2010-04-01 16:12:51 ----D---- C:\Program Files\QuickTime
2010-04-01 16:12:40 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2010-04-01 09:28:34 ----D---- C:\Program Files\Common Files\Skype
2010-04-01 06:06:01 ----D---- C:\Documents and Settings\All Users\Application Data\Sun
2010-04-01 06:05:54 ----D---- C:\Program Files\Common Files\Java
2010-04-01 06:05:15 ----A---- C:\WINDOWS\system32\javaws.exe
2010-04-01 06:05:14 ----A---- C:\WINDOWS\system32\javaw.exe
2010-04-01 06:05:14 ----A---- C:\WINDOWS\system32\java.exe
2010-03-29 00:13:33 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2010-03-29 00:13:33 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2010-03-29 00:13:31 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2010-03-29 00:13:30 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2010-03-29 00:13:29 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2010-03-29 00:13:29 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2010-03-29 00:13:24 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2010-03-29 00:13:22 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2010-03-29 00:13:22 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2010-03-29 00:13:20 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2010-03-29 00:13:18 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2010-03-29 00:13:18 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2010-03-29 00:13:17 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2010-03-29 00:13:16 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2010-03-29 00:13:14 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2010-03-29 00:13:14 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2010-03-29 00:13:12 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2010-03-29 00:13:11 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2010-03-29 00:13:11 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2010-03-29 00:13:10 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2010-03-29 00:13:08 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2010-03-29 00:13:08 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2010-03-29 00:13:07 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2010-03-29 00:13:06 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2010-03-29 00:13:05 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2010-03-29 00:13:05 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2010-03-29 00:13:04 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2010-03-29 00:13:02 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2010-03-29 00:13:01 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2010-03-29 00:13:00 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2010-03-29 00:12:59 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2010-03-29 00:12:59 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2010-03-29 00:12:58 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2010-03-29 00:12:57 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2010-03-29 00:12:55 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2010-03-29 00:12:55 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2010-03-29 00:12:53 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2010-03-29 00:12:51 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2010-03-29 00:12:50 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2010-03-29 00:12:50 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2010-03-29 00:12:49 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2010-03-29 00:12:48 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2010-03-29 00:12:48 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2010-03-29 00:12:47 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2010-03-29 00:12:47 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2010-03-29 00:12:46 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2010-03-29 00:12:45 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2010-03-29 00:12:38 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2010-03-29 00:12:36 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2010-03-29 00:12:36 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2010-03-29 00:12:32 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2010-03-29 00:12:31 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2010-03-29 00:12:29 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2010-03-29 00:12:28 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2010-03-29 00:12:27 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2010-03-29 00:12:27 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2010-03-29 00:12:26 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-03-29 00:12:25 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2010-03-29 00:12:25 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2010-03-29 00:12:22 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2010-03-29 00:12:21 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2010-03-29 00:12:18 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2010-03-29 00:11:07 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2010-03-29 00:11:07 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2010-03-29 00:10:58 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2010-03-29 00:10:48 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2010-03-29 00:10:40 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2010-03-29 00:10:37 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2010-03-29 00:10:35 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2010-03-29 00:09:55 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2010-03-29 00:09:54 ----D---- C:\Program Files\Microsoft Speech SDK 5.1
2010-03-29 00:08:54 ----D---- C:\WINDOWS\Logs
2010-03-28 22:14:56 ----D---- C:\WINDOWS\system32\XPSViewer
2010-03-28 22:14:35 ----D---- C:\Program Files\MSBuild
2010-03-28 22:14:28 ----D---- C:\WINDOWS\system32\en-US
2010-03-28 22:14:01 ----D---- C:\Program Files\Reference Assemblies
2010-03-28 22:11:42 ----N---- C:\WINDOWS\system32\prntvpt.dll
2010-03-28 22:11:40 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2010-03-28 22:11:38 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2010-03-28 22:03:31 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2010-03-28 22:03:29 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2010-03-28 22:03:17 ----D---- C:\Program Files\MSXML 6.0
2010-03-28 21:53:57 ----D---- C:\Documents and Settings\Tomas a Martinka\Application Data\FS2Crew2010
2010-03-17 11:59:03 ----D---- C:\Program Files\Elcom
2010-03-17 11:56:28 ----D---- C:\WINDOWS\Binaries
2010-03-17 11:55:44 ----D---- C:\Program Files\Kros Alfa
2010-03-17 11:55:44 ----D---- C:\Program Files\Common Files\business objects
2010-03-17 11:55:36 ----A---- C:\WINDOWS\system32\ANGELVDD.DLL
2010-03-14 10:41:51 ----D---- C:\Documents and Settings\Tomas a Martinka\Application Data\QipGuard
2010-03-12 09:19:51 ----D---- C:\SUMSM

======List of files/folders modified in the last 1 months======

2010-04-05 07:14:53 ----D---- C:\WINDOWS\Temp
2010-04-05 07:11:12 ----D---- C:\WINDOWS\Prefetch
2010-04-05 07:10:47 ----RD---- C:\Program Files
2010-04-04 23:22:12 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-04 19:07:46 ----D---- C:\Documents and Settings\Tomas a Martinka\Application Data\teamspeak2
2010-04-04 18:55:43 ----D---- C:\Documents and Settings\Tomas a Martinka\Application Data\Skype
2010-04-04 18:30:57 ----D---- C:\Documents and Settings\Tomas a Martinka\Application Data\skypePM
2010-04-04 15:08:35 ----D---- C:\Documents and Settings\Tomas a Martinka\Application Data\vlc
2010-04-04 07:45:58 ----SHD---- C:\WINDOWS\Installer
2010-04-04 07:45:58 ----D---- C:\Config.Msi
2010-04-03 18:27:45 ----D---- C:\Program Files\PokerStars
2010-04-03 12:32:44 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-03 12:32:43 ----A---- C:\WINDOWS\JeppECData.ini
2010-04-03 08:54:09 ----D---- C:\WINDOWS\system32\drivers
2010-04-02 12:46:30 ----D---- C:\Program Files\Mozilla Firefox
2010-04-01 16:14:29 ----D---- C:\Program Files\Common Files
2010-04-01 16:12:51 ----D---- C:\WINDOWS\system32
2010-04-01 06:04:42 ----D---- C:\Program Files\Java
2010-03-29 19:55:35 ----HD---- C:\WINDOWS\inf
2010-03-29 19:55:20 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-29 15:43:30 ----A---- C:\WINDOWS\NeroDigital.ini
2010-03-29 05:56:59 ----D---- C:\WINDOWS
2010-03-29 00:12:18 ----RSD---- C:\WINDOWS\assembly
2010-03-29 00:11:29 ----D---- C:\WINDOWS\Microsoft.NET
2010-03-29 00:09:14 ----D---- C:\WINDOWS\system32\DirectX
2010-03-28 22:20:12 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-28 22:17:33 ----D---- C:\WINDOWS\WinSxS
2010-03-28 22:14:21 ----RSD---- C:\WINDOWS\Fonts
2010-03-28 22:12:27 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-28 22:07:13 ----D---- C:\Program Files\Internet Explorer
2010-03-27 18:31:18 ----A---- C:\WINDOWS\win.ini
2010-03-17 12:05:21 ----A---- C:\WINDOWS\system.ini
2010-03-14 10:40:27 ----D---- C:\Program Files\QIP Infium
2010-03-09 04:28:20 ----A---- C:\WINDOWS\system32\deploytk.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2009-10-07 54184]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-10-07 35168]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-03 36096]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
R2 Angelnt;Angelnt; C:\WINDOWS\System32\Drivers\ANGELNT.SYS [2010-03-17 51072]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-10-07 40824]
R3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-10-08 120830]
R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-10-08 98842]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-02-24 400384]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-08-02 635281]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-08-31 25280]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-23 9600]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2003-10-08 93979]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12160]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S3 a0ivxs1t;a0ivxs1t; C:\WINDOWS\system32\drivers\a0ivxs1t.sys []
S3 CAM1210;HAMA WEBCAM AC-100; C:\WINDOWS\System32\Drivers\cam1210.sys [2007-03-15 93952]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-11 18944]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-10-07 472280]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-03-09 153376]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-10-07 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Dobrý večer, prosím o dodání kompletnějšího RSIT logu.

1) Random's System Information Tool

Stáhněte a uložte na Plochu RSIT.
Spusťte, nechte v rolovacím menu '1 month' a klikněte na 'Continue'.
Vyčkejte několik vteřin, než se vygeneruje log se jménem log.txt
Pokud nebude log vygenerován, naleznete jej v C:\rsit\log.txt
Obsah tohoto logu vložte do svého příspěvku.

hotovo

0K, pokračujeme. ↓

1) OTMoveit3

Stáhněte OTM3 na Plochu.
Spusťte ho dvojklikem na OTM.exe, pokud to nepůjde, zkuste to s adminskými právy.

Do levého okna 'Paste Instructions for Items to be Moved' vkopírujte následující skript:

Kód: Vybrat vše

:processes
Explorer.EXE
SearchSettings.exe

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}"=-
"{E312764E-7706-43F1-8DAB-FCDD2B1E416D}"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"=-
"{B922D405-6D13-4A2B-AE89-08A030DA4402}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SearchSettings"=-
"SunJavaUpdateSched"=-
"QuickTime Task"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Voice ATIS"=-
"VoiceATIS"=-

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
C:\Documents and Settings\Tomas a Martinka\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll
C:\Program Files\pdfforge Toolbar
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\Program Files\AskBarDis

:services
JavaQuickStarterService

:commands
[emptytemp]
[emptyflash]
[reboot]

Poté klikněte na červené tlačítko 'MoveIt!'.
V zeleném okně vpravo by se měl zobrazit log, ten vkopírujete sem do fóra.
Pokud se zobrazí hláška k restartování, klikněte na 'Yes'.
Po restartu se log otevře sám, nebo ho najdete v C:\_OTM\MovedFiles

2) Fixnutí v HJT

Spusťte přejmenované HijackThis - C:\Program Files\Trend Micro\HijackThis\jmeno_uzivatele.exe
Následně klikněte na 'Do a system scan only'.

U níže uvedených položek udělejte fajfku do čtverečku a poté klikněte na 'Fix Checked'.

Kód: Vybrat vše

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R3 - URLSearchHook: (no name) - - (no file)
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP Infium\infium.exe (HKCU)

Pokud by tam nějaká položka nebyla, vynechte ji.

3) VirusTotal

Otestujte na VirusTotal soubory:

Kód: Vybrat vše

C:\Documents and Settings\Tomas a Martinka\Application Data\QipGuard\QipGuard.exe

Jednoduše tam vkopírujete cesty, co jsem napsal do code.
Jestliže Vám to napíše, že soubor byl již testován, nechte ho otestovat znovu.
Poté sem vložíte linky (odkazy) na jednotlivé testy.

dakujem tesim sa vasej ochote, urobim to najskor az v piatok, pretoze som musel ist neplanovane na sluzobku a pc ostal doma manzelke

zatim

V pořádku, nic se neděje.

1. OTmoveit3

Kód: Vybrat vše

All processes killed
========== PROCESSES ==========
No active process named Explorer.EXE was found!
No active process named SearchSettings.exe was found!
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Voice ATIS deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\VoiceATIS deleted successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9DF.tmp folder moved successfully.
C:\WINDOWS\system32\CONFIG.TMP moved successfully.
C:\WINDOWS\Temp\HTTDA4.tmp moved successfully.
C:\WINDOWS\Temp\HTTDBC.tmp moved successfully.
C:\WINDOWS\Temp\NSF21.tmp moved successfully.
C:\WINDOWS\Temp\NSF22A8.tmp moved successfully.
C:\WINDOWS\Temp\NSF9EB.tmp moved successfully.
C:\WINDOWS\Temp\NUP20.tmp moved successfully.
C:\WINDOWS\Temp\NUP22.tmp moved successfully.
C:\WINDOWS\Temp\NUP22A7.tmp moved successfully.
C:\WINDOWS\Temp\NUP9EA.tmp moved successfully.
C:\Documents and Settings\Tomas a Martinka\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
C:\Program Files\pdfforge Toolbar\Res folder moved successfully.
C:\Program Files\pdfforge Toolbar folder moved successfully.
C:\WINDOWS\tasks\AppleSoftwareUpdate.job moved successfully.
C:\Program Files\AskBarDis\PopSwatter\History folder moved successfully.
C:\Program Files\AskBarDis\PopSwatter folder moved successfully.
C:\Program Files\AskBarDis\bar\Settings folder moved successfully.
C:\Program Files\AskBarDis\bar\History folder moved successfully.
C:\Program Files\AskBarDis\bar\Cache folder moved successfully.
C:\Program Files\AskBarDis\bar\bin folder moved successfully.
C:\Program Files\AskBarDis\bar folder moved successfully.
C:\Program Files\AskBarDis folder moved successfully.
========== SERVICES/DRIVERS ==========
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 49554 bytes
 
User: Tomas a Martinka
->Temp folder emptied: 31901901 bytes
->Temporary Internet Files folder emptied: 32830468 bytes
->Java cache emptied: 41596684 bytes
->FireFox cache emptied: 84184602 bytes
->Flash cache emptied: 47480 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 14156288 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 2050079 bytes
 
Total Files Cleaned = 197,00 mb
 
 
OTM by OldTimer - Version 3.1.10.1 log created on 04112010_203305

Files moved on Reboot...

Registry entries deleted on Reboot...

2. VirusTotal

Kód: Vybrat vše

[url] 	analisis/6069074070492512fff61612fd759b38a6a083522a78b0617c06ef8002caafa0-1270569957[/url]

potom som stlacil otestovat znova, nenasiel som zaidne linky na tie jednotlive testy, preto som skopiroval log ktory mi ostal na stranke po dokonceni

Kód: Vybrat vše

Antivirus  	Verze  	Poslední aktualizace  	Výsledek
a-squared	4.5.0.50	2010.04.11	-
AhnLab-V3	5.0.0.2	2010.04.10	-
AntiVir	7.10.6.55	2010.04.09	-
Antiy-AVL	2.0.3.7	2010.04.09	-
Authentium	5.2.0.5	2010.04.11	-
Avast	4.8.1351.0	2010.04.11	-
Avast5	5.0.332.0	2010.04.11	-
AVG	9.0.0.787	2010.04.11	-
BitDefender	7.2	2010.04.11	-
CAT-QuickHeal	10.00	2010.04.10	-
ClamAV	0.96.0.3-git	2010.04.11	-
Comodo	4570	2010.04.11	Heur.Packed.Unknown
DrWeb	5.0.2.03300	2010.04.11	-
eSafe	7.0.17.0	2010.04.11	-
eTrust-Vet	35.2.7418	2010.04.09	-
F-Prot	4.5.1.85	2010.04.11	-
F-Secure	9.0.15370.0	2010.04.11	Suspicious:W32/Malware!Gemini
Fortinet	4.0.14.0	2010.04.10	-
GData	19	2010.04.11	-
Ikarus	T3.1.1.80.0	2010.04.11	-
Jiangmin	13.0.900	2010.04.11	-
Kaspersky	7.0.0.125	2010.04.11	-
McAfee-GW-Edition	6.8.5	2010.04.11	Heuristic.LooksLike.Trojan.Crypt.C
Microsoft	1.5605	2010.04.11	-
NOD32	5018	2010.04.11	-
Norman	6.04.11	2010.04.10	-
nProtect	2009.1.8.0	2010.04.06	-
Panda	10.0.2.2	2010.04.11	-
PCTools	7.0.3.5	2010.04.11	-
Prevx	3.0	2010.04.11	Low Risk Adware
Rising	22.42.06.04	2010.04.11	-
Sophos	4.52.0	2010.04.11	-
Sunbelt	6164	2010.04.11	-
Symantec	20091.2.0.41	2010.04.11	-
TheHacker	6.5.2.0.259	2010.04.11	-
TrendMicro	9.120.0.1004	2010.04.11	-
VBA32	3.12.12.4	2010.04.09	-
ViRobot	2010.4.10.2270	2010.04.10	-
VirusBuster	5.0.27.0	2010.04.11	-
Rozšiřující informace
File size: 184272 bytes
MD5...: 9780bef310a81f77f49f8f8babdd740e
SHA1..: 3f441d4e20d7a18487dbbef3ce659bc764a094e4
SHA256: 6069074070492512fff61612fd759b38a6a083522a78b0617c06ef8002caafa0
ssdeep: 3072:KlMvI+b2tjb8XEzXQ2poe775KeLinklYH1XaUtkV2sj4G5EWED9p:wMg+k0
XER375KFnJ1XuVnj4G5EBDn
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x77570
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
UPX0 0x1000 0x4c000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
UPX1 0x4d000 0x2b000 0x2a800 7.93 e0bbd5afccc31297acc2ffab30b4bb8d
.rsrc 0x78000 0x2000 0x1a00 3.01 6de3f4333f8ef95bbaf1b75ee3ea3a65

( 9 imports )
> KERNEL32.DLL: LoadLibraryA, GetProcAddress, VirtualProtect, VirtualAlloc, VirtualFree, ExitProcess
> advapi32.dll: RegFlushKey
> comctl32.dll: ImageList_Add
> gdi32.dll: SaveDC
> ole32.dll: CoInitialize
> oleaut32.dll: VariantCopy
> shell32.dll: ShellExecuteW
> user32.dll: GetDC
> version.dll: VerQueryValueW

( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: UPX compressed Win32 Executable (38.5%)
Win32 EXE Yoda's Crypter (33.4%)
Win32 Executable Generic (10.7%)
Win32 Dynamic Link Library (generic) (9.5%)
Win16/32 Executable Delphi generic (2.6%)
packers (Kaspersky): PE_Patch.UPX, UPX
<a href='http://info.prevx.com/aboutprogramtext.asp?PX5=51E41020D0EB2F5ACF3B026D143742004C29A0E5' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=51E41020D0EB2F5ACF3B026D143742004C29A0E5</a>
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: OOO Russkie Internet Reshenija
Thawte Code Signing CA
Thawte Premium Server CA
signing date.: 8:48 PM 4/11/2010
verified.....: -
packers (F-Prot): UPX

Prosím o nový RSIT log.

Unlimited_Killer píše:Prosím o nový RSIT log.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Tomas a Martinka at 2010-04-11 21:43:57
Microsoft Windows XP Professional Service Pack 2
System drive C: has 1 GB (10%) free of 10 GB
Total RAM: 1007 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:44:02, on 11.4.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Documents and Settings\Tomas a Martinka\Application Data\QipGuard\QipGuard.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\QIP Infium\infium.exe
C:\Documents and Settings\Tomas a Martinka\Desktop\RSIT.exe
C:\Program Files\trend micro\Tomas a Martinka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Documents and Settings\Tomas a Martinka\Application Data\QipGuard\QipGuard.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

--
End of file - 3418 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-09 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-07-27 68096]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2003-10-02 155648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2003-10-02 118784]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-10-07 1461080]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"QIP Internet Guardian"=C:\Documents and Settings\Tomas a Martinka\Application Data\QipGuard\QipGuard.exe [2010-03-12 184272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2003-10-02 319488]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDesktop"=0
"NoActiveDesktop"=0
"HideClock"=0
"NoStartMenuPinnedList"=0
"NoStartMenuMFUprogramsList"=0
"NoUserNameInStartMenu"=0
"StartmenuLogoff"=0
"NoStartMenuSubFolders"=0
"NoCommonGroups"=0
"NoPrinterTabs"=0
"NoDeletePrinter"=0
"NoAddPrinter"=0
"NoPrinters"=0
"NoFavoritesMenu"=0
"NoRun"=0
"NoFind"=0
"NoClose"=0
"NoSetFolders"=0
"NoViewContextMenu"=0
"NoDrives"=0
"NoToolbarCustomize"=0
"NoRecentDocsNetHood"=0
"NoChangeAnimation"=0
"NoChangeKeyboardNavigationIndicators"=0
"NoThemesTab"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\QIP Infium\infium.exe"="C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"D:\Program Files\Flight Simulator 9\FS9.EXE"="D:\Program Files\Flight Simulator 9\FS9.EXE:*:Enabled:Microsoft Flight Simulator"
"D:\Program Files\IVAO\IvAp\ivapnetint.exe"="D:\Program Files\IVAO\IvAp\ivapnetint.exe:*:Enabled:ivapnetint"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\Program Files\Microsoft Games\Flight Simulator 9\FS9.EXE"="D:\Program Files\Microsoft Games\Flight Simulator 9\FS9.EXE:*:Enabled:Microsoft Flight Simulator"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Documents and Settings\Tomas a Martinka\Local Settings\Temp\Rar$EX00.875\vPAR_Q.exe"="C:\Documents and Settings\Tomas a Martinka\Local Settings\Temp\Rar$EX00.875\vPAR_Q.exe:*:Enabled:vPAR QuadRadar"
"C:\Documents and Settings\Tomas a Martinka\Desktop\vPAR_Q\vPAR_Q.exe"="C:\Documents and Settings\Tomas a Martinka\Desktop\vPAR_Q\vPAR_Q.exe:*:Disabled:vPAR QuadRadar"
"C:\Documents and Settings\Tomas a Martinka\Desktop\vpar\vPAR_Q.exe"="C:\Documents and Settings\Tomas a Martinka\Desktop\vpar\vPAR_Q.exe:*:Enabled:vPAR QuadRadar"
"C:\Documents and Settings\Tomas a Martinka\Desktop\vpar\vPAR_A.exe"="C:\Documents and Settings\Tomas a Martinka\Desktop\vpar\vPAR_A.exe:*:Enabled:vPAR QuadRadar Analog"
"D:\Program Files\Flight Strip Tool - IVAO\FST.exe"="D:\Program Files\Flight Strip Tool - IVAO\FST.exe:*:Enabled:FST"
"D:\Program Files\Easy Clearance 3\EasyClearance3.exe"="D:\Program Files\Easy Clearance 3\EasyClearance3.exe:*:Enabled:Clearance Tool für IVAO"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-04-11 20:33:05 ----D---- C:\_OTM
2010-04-05 07:10:47 ----D---- C:\Program Files\trend micro
2010-04-05 07:10:46 ----D---- C:\rsit
2010-04-04 07:45:50 ----D---- C:\Program Files\TrendMicro
2010-04-03 08:50:29 ----D---- C:\Program Files\DAEMON Tools Lite
2010-04-01 16:14:29 ----D---- C:\Program Files\Common Files\Apple
2010-04-01 16:12:51 ----D---- C:\Program Files\QuickTime
2010-04-01 16:12:40 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2010-04-01 09:28:34 ----D---- C:\Program Files\Common Files\Skype
2010-04-01 06:06:01 ----D---- C:\Documents and Settings\All Users\Application Data\Sun
2010-04-01 06:05:54 ----D---- C:\Program Files\Common Files\Java
2010-04-01 06:05:15 ----A---- C:\WINDOWS\system32\javaws.exe
2010-04-01 06:05:14 ----A---- C:\WINDOWS\system32\javaw.exe
2010-04-01 06:05:14 ----A---- C:\WINDOWS\system32\java.exe
2010-03-29 00:13:33 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2010-03-29 00:13:33 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2010-03-29 00:13:31 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2010-03-29 00:13:30 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2010-03-29 00:13:29 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2010-03-29 00:13:29 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2010-03-29 00:13:24 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2010-03-29 00:13:22 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2010-03-29 00:13:22 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2010-03-29 00:13:20 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2010-03-29 00:13:18 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2010-03-29 00:13:18 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2010-03-29 00:13:17 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2010-03-29 00:13:16 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2010-03-29 00:13:14 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2010-03-29 00:13:14 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2010-03-29 00:13:12 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2010-03-29 00:13:11 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2010-03-29 00:13:11 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2010-03-29 00:13:10 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2010-03-29 00:13:08 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2010-03-29 00:13:08 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2010-03-29 00:13:07 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2010-03-29 00:13:06 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2010-03-29 00:13:05 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2010-03-29 00:13:05 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2010-03-29 00:13:04 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2010-03-29 00:13:02 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2010-03-29 00:13:01 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2010-03-29 00:13:00 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2010-03-29 00:12:59 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2010-03-29 00:12:59 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2010-03-29 00:12:58 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2010-03-29 00:12:57 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2010-03-29 00:12:55 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2010-03-29 00:12:55 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2010-03-29 00:12:53 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2010-03-29 00:12:51 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2010-03-29 00:12:50 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2010-03-29 00:12:50 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2010-03-29 00:12:49 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2010-03-29 00:12:48 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2010-03-29 00:12:48 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2010-03-29 00:12:47 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2010-03-29 00:12:47 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2010-03-29 00:12:46 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2010-03-29 00:12:45 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2010-03-29 00:12:38 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2010-03-29 00:12:36 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2010-03-29 00:12:36 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2010-03-29 00:12:32 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2010-03-29 00:12:31 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2010-03-29 00:12:29 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2010-03-29 00:12:28 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2010-03-29 00:12:27 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2010-03-29 00:12:27 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2010-03-29 00:12:26 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-03-29 00:12:25 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2010-03-29 00:12:25 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2010-03-29 00:12:22 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2010-03-29 00:12:21 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2010-03-29 00:12:18 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2010-03-29 00:11:07 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2010-03-29 00:11:07 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2010-03-29 00:10:58 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2010-03-29 00:10:48 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2010-03-29 00:10:40 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2010-03-29 00:10:37 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2010-03-29 00:10:35 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2010-03-29 00:09:55 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2010-03-29 00:09:54 ----D---- C:\Program Files\Microsoft Speech SDK 5.1
2010-03-29 00:08:54 ----D---- C:\WINDOWS\Logs
2010-03-28 22:14:56 ----D---- C:\WINDOWS\system32\XPSViewer
2010-03-28 22:14:35 ----D---- C:\Program Files\MSBuild
2010-03-28 22:14:28 ----D---- C:\WINDOWS\system32\en-US
2010-03-28 22:14:01 ----D---- C:\Program Files\Reference Assemblies
2010-03-28 22:11:42 ----N---- C:\WINDOWS\system32\prntvpt.dll
2010-03-28 22:11:40 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2010-03-28 22:11:38 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2010-03-28 22:03:31 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2010-03-28 22:03:29 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2010-03-28 22:03:17 ----D---- C:\Program Files\MSXML 6.0
2010-03-28 21:53:57 ----D---- C:\Documents and Settings\Tomas a Martinka\Application Data\FS2Crew2010
2010-03-17 11:59:03 ----D---- C:\Program Files\Elcom
2010-03-17 11:56:28 ----D---- C:\WINDOWS\Binaries
2010-03-17 11:55:44 ----D---- C:\Program Files\Kros Alfa
2010-03-17 11:55:44 ----D---- C:\Program Files\Common Files\business objects
2010-03-17 11:55:36 ----A---- C:\WINDOWS\system32\ANGELVDD.DLL
2010-03-14 10:41:51 ----D---- C:\Documents and Settings\Tomas a Martinka\Application Data\QipGuard
2010-03-12 09:19:51 ----D---- C:\SUMSM

======List of files/folders modified in the last 1 months======

2010-04-11 21:43:41 ----D---- C:\WINDOWS\Temp
2010-04-11 20:37:18 ----D---- C:\WINDOWS\Prefetch
2010-04-11 20:34:23 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-11 20:33:46 ----RD---- C:\Program Files
2010-04-11 20:33:45 ----SD---- C:\WINDOWS\Tasks
2010-04-11 20:33:38 ----D---- C:\WINDOWS\system32
2010-04-11 20:33:19 ----D---- C:\WINDOWS
2010-04-11 20:30:00 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-04 19:07:46 ----D---- C:\Documents and Settings\Tomas a Martinka\Application Data\teamspeak2
2010-04-04 18:55:43 ----D---- C:\Documents and Settings\Tomas a Martinka\Application Data\Skype
2010-04-04 18:30:57 ----D---- C:\Documents and Settings\Tomas a Martinka\Application Data\skypePM
2010-04-04 15:08:35 ----D---- C:\Documents and Settings\Tomas a Martinka\Application Data\vlc
2010-04-04 07:45:58 ----SHD---- C:\WINDOWS\Installer
2010-04-04 07:45:58 ----D---- C:\Config.Msi
2010-04-03 18:27:45 ----D---- C:\Program Files\PokerStars
2010-04-03 12:32:44 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-03 12:32:43 ----A---- C:\WINDOWS\JeppECData.ini
2010-04-03 08:54:09 ----D---- C:\WINDOWS\system32\drivers
2010-04-02 12:46:30 ----D---- C:\Program Files\Mozilla Firefox
2010-04-01 16:14:29 ----D---- C:\Program Files\Common Files
2010-04-01 06:04:42 ----D---- C:\Program Files\Java
2010-03-29 19:55:35 ----HD---- C:\WINDOWS\inf
2010-03-29 15:43:30 ----A---- C:\WINDOWS\NeroDigital.ini
2010-03-29 00:12:18 ----RSD---- C:\WINDOWS\assembly
2010-03-29 00:11:29 ----D---- C:\WINDOWS\Microsoft.NET
2010-03-29 00:09:14 ----D---- C:\WINDOWS\system32\DirectX
2010-03-28 22:20:12 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-28 22:17:33 ----D---- C:\WINDOWS\WinSxS
2010-03-28 22:14:21 ----RSD---- C:\WINDOWS\Fonts
2010-03-28 22:12:27 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-28 22:07:13 ----D---- C:\Program Files\Internet Explorer
2010-03-27 18:31:18 ----A---- C:\WINDOWS\win.ini
2010-03-17 12:05:21 ----A---- C:\WINDOWS\system.ini
2010-03-14 10:40:27 ----D---- C:\Program Files\QIP Infium

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2009-10-07 54184]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-10-07 35168]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-03 36096]
R2 Angelnt;Angelnt; C:\WINDOWS\System32\Drivers\ANGELNT.SYS [2010-03-17 51072]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-10-07 40824]
R3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-10-08 120830]
R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-10-08 98842]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-02-24 400384]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-08-02 635281]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-08-31 25280]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-23 9600]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2003-10-08 93979]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12160]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
S3 agibfs54;agibfs54; C:\WINDOWS\system32\drivers\agibfs54.sys []
S3 CAM1210;HAMA WEBCAM AC-100; C:\WINDOWS\System32\Drivers\cam1210.sys [2007-03-15 93952]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-11 18944]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-10-07 472280]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-10-07 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Prosím odstraňte log z

Kód: Vybrat vše

 - špatně se to luští. :)

Unlimited_Killer píše:Prosím odstraňte log z
Kód: Vybrat vše
 - špatně se to luští. :)[/quote]


no ako dalej, alebo to je uz beznadejny pripad? :-D

Velice se omlouvám se za zpoždění - úprava příspěvku se mi totiž nezobrazí jako nový příspěvek, a tak jsem na vás pozapomněl.

1) Odinstalujte přebytečné aplikace - máte málo místa na disku

2) OTMoveit3

Stáhněte OTM3 na Plochu.
Spusťte ho dvojklikem na OTM.exe, pokud to nepůjde, zkuste to s adminskými právy.

Do levého okna 'Paste Instructions for Items to be Moved' vkopírujte následující skript:

Kód: Vybrat vše

:processes
explorer.exe

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"QIP Internet Guardian"=-

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
C:\Documents and Settings\Tomas a Martinka\Application Data\QipGuard

:commands
[emptytemp]
[emptyflash]
[reboot]

Poté klikněte na červené tlačítko 'MoveIt!'.
V zeleném okně vpravo by se měl zobrazit log, ten vkopírujete sem do fóra.
Pokud se zobrazí hláška k restartování, klikněte na 'Yes'.
Po restartu se log otevře sám, nebo ho najdete v C:\_OTM\MovedFiles

3) CCleaner

Stáhněte si program jménem CCleaner.
Normálně nainstalujte, jen dávejte pozor a odškrtněte položku 'Instalovat Yahoo! Toolbar'.
Spusťte ho.
- Záložka Čistič → nechte zatrženo vše, jak je, a klikněte na 'Spustit CCleaner'.
- Záložka Registry → klikněte na 'Hledej problémy'. Vyhledá problémy v registru, až dokončí analyzování, klikněte na 'Opravit vybrané problémy'. Nabídne Vám vytvoření zálohy - pro jistotu ji vytvořte a uložte například na Plochu.
CCleaner doporučuji používat pravidelně, celkem rapidně dokáže zrychlit PC.

4) Nový RSIT log

RSIT:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Tomas a Martinka at 2010-04-18 19:31:26
Microsoft Windows XP Professional Service Pack 2
System drive C: has 2 GB (18%) free of 10 GB
Total RAM: 1007 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:31:49, on 18.4.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Tomas a Martinka\Desktop\RSIT.exe
C:\Program Files\trend micro\Tomas a Martinka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

--
End of file - 3170 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-09 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-07-27 68096]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2003-10-02 155648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2003-10-02 118784]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-10-07 1461080]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2003-10-02 319488]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDesktop"=0
"NoActiveDesktop"=0
"HideClock"=0
"NoStartMenuPinnedList"=0
"NoStartMenuMFUprogramsList"=0
"NoUserNameInStartMenu"=0
"StartmenuLogoff"=0
"NoStartMenuSubFolders"=0
"NoCommonGroups"=0
"NoPrinterTabs"=0
"NoDeletePrinter"=0
"NoAddPrinter"=0
"NoPrinters"=0
"NoFavoritesMenu"=0
"NoRun"=0
"NoFind"=0
"NoClose"=0
"NoSetFolders"=0
"NoViewContextMenu"=0
"NoDrives"=0
"NoToolbarCustomize"=0
"NoRecentDocsNetHood"=0
"NoChangeAnimation"=0
"NoChangeKeyboardNavigationIndicators"=0
"NoThemesTab"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\QIP Infium\infium.exe"="C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"D:\Program Files\Flight Simulator 9\FS9.EXE"="D:\Program Files\Flight Simulator 9\FS9.EXE:*:Enabled:Microsoft Flight Simulator"
"D:\Program Files\IVAO\IvAp\ivapnetint.exe"="D:\Program Files\IVAO\IvAp\ivapnetint.exe:*:Enabled:ivapnetint"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\Program Files\Microsoft Games\Flight Simulator 9\FS9.EXE"="D:\Program Files\Microsoft Games\Flight Simulator 9\FS9.EXE:*:Enabled:Microsoft Flight Simulator"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Documents and Settings\Tomas a Martinka\Local Settings\Temp\Rar$EX00.875\vPAR_Q.exe"="C:\Documents and Settings\Tomas a Martinka\Local Settings\Temp\Rar$EX00.875\vPAR_Q.exe:*:Enabled:vPAR QuadRadar"
"C:\Documents and Settings\Tomas a Martinka\Desktop\vPAR_Q\vPAR_Q.exe"="C:\Documents and Settings\Tomas a Martinka\Desktop\vPAR_Q\vPAR_Q.exe:*:Disabled:vPAR QuadRadar"
"C:\Documents and Settings\Tomas a Martinka\Desktop\vpar\vPAR_Q.exe"="C:\Documents and Settings\Tomas a Martinka\Desktop\vpar\vPAR_Q.exe:*:Enabled:vPAR QuadRadar"
"C:\Documents and Settings\Tomas a Martinka\Desktop\vpar\vPAR_A.exe"="C:\Documents and Settings\Tomas a Martinka\Desktop\vpar\vPAR_A.exe:*:Enabled:vPAR QuadRadar Analog"
"D:\Program Files\Flight Strip Tool - IVAO\FST.exe"="D:\Program Files\Flight Strip Tool - IVAO\FST.exe:*:Enabled:FST"
"D:\Program Files\Easy Clearance 3\EasyClearance3.exe"="D:\Program Files\Easy Clearance 3\EasyClearance3.exe:*:Enabled:Clearance Tool für IVAO"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-04-18 19:27:29 ----D---- C:\Program Files\CCleaner
2010-04-11 20:33:05 ----D---- C:\_OTM
2010-04-05 07:10:47 ----D---- C:\Program Files\trend micro
2010-04-05 07:10:46 ----D---- C:\rsit
2010-04-04 07:45:50 ----D---- C:\Program Files\TrendMicro
2010-04-03 08:50:29 ----D---- C:\Program Files\DAEMON Tools Lite
2010-04-01 16:12:51 ----D---- C:\Program Files\QuickTime
2010-04-01 16:12:40 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2010-04-01 09:28:34 ----D---- C:\Program Files\Common Files\Skype
2010-04-01 06:06:01 ----D---- C:\Documents and Settings\All Users\Application Data\Sun
2010-04-01 06:05:54 ----D---- C:\Program Files\Common Files\Java
2010-04-01 06:05:15 ----A---- C:\WINDOWS\system32\javaws.exe
2010-04-01 06:05:14 ----A---- C:\WINDOWS\system32\javaw.exe
2010-04-01 06:05:14 ----A---- C:\WINDOWS\system32\java.exe
2010-03-29 00:13:33 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2010-03-29 00:13:33 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2010-03-29 00:13:31 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2010-03-29 00:13:30 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2010-03-29 00:13:29 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2010-03-29 00:13:29 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2010-03-29 00:13:24 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2010-03-29 00:13:22 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2010-03-29 00:13:22 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2010-03-29 00:13:20 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2010-03-29 00:13:18 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2010-03-29 00:13:18 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2010-03-29 00:13:17 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2010-03-29 00:13:16 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2010-03-29 00:13:14 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2010-03-29 00:13:14 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2010-03-29 00:13:12 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2010-03-29 00:13:11 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2010-03-29 00:13:11 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2010-03-29 00:13:10 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2010-03-29 00:13:08 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2010-03-29 00:13:08 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2010-03-29 00:13:07 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2010-03-29 00:13:06 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2010-03-29 00:13:05 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2010-03-29 00:13:05 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2010-03-29 00:13:04 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2010-03-29 00:13:02 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2010-03-29 00:13:01 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2010-03-29 00:13:00 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2010-03-29 00:12:59 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2010-03-29 00:12:59 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2010-03-29 00:12:58 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2010-03-29 00:12:57 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2010-03-29 00:12:55 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2010-03-29 00:12:55 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2010-03-29 00:12:53 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2010-03-29 00:12:51 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2010-03-29 00:12:50 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2010-03-29 00:12:50 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2010-03-29 00:12:49 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2010-03-29 00:12:48 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2010-03-29 00:12:48 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2010-03-29 00:12:47 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2010-03-29 00:12:47 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2010-03-29 00:12:46 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2010-03-29 00:12:45 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2010-03-29 00:12:38 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2010-03-29 00:12:36 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2010-03-29 00:12:36 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2010-03-29 00:12:32 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2010-03-29 00:12:31 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2010-03-29 00:12:29 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2010-03-29 00:12:28 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2010-03-29 00:12:27 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2010-03-29 00:12:27 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2010-03-29 00:12:26 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-03-29 00:12:25 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2010-03-29 00:12:25 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2010-03-29 00:12:22 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2010-03-29 00:12:21 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2010-03-29 00:12:18 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2010-03-29 00:11:07 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2010-03-29 00:11:07 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2010-03-29 00:10:58 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2010-03-29 00:10:48 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2010-03-29 00:10:40 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2010-03-29 00:10:37 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2010-03-29 00:10:35 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2010-03-29 00:09:55 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2010-03-29 00:09:54 ----D---- C:\Program Files\Microsoft Speech SDK 5.1
2010-03-29 00:08:54 ----D---- C:\WINDOWS\Logs
2010-03-28 22:14:56 ----D---- C:\WINDOWS\system32\XPSViewer
2010-03-28 22:14:35 ----D---- C:\Program Files\MSBuild
2010-03-28 22:14:28 ----D---- C:\WINDOWS\system32\en-US
2010-03-28 22:14:01 ----D---- C:\Program Files\Reference Assemblies
2010-03-28 22:11:42 ----N---- C:\WINDOWS\system32\prntvpt.dll
2010-03-28 22:11:40 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2010-03-28 22:11:38 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2010-03-28 22:03:31 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2010-03-28 22:03:29 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2010-03-28 22:03:17 ----D---- C:\Program Files\MSXML 6.0
2010-03-28 21:53:57 ----D---- C:\Documents and Settings\Tomas a Martinka\Application Data\FS2Crew2010

======List of files/folders modified in the last 1 months======

2010-04-18 19:31:28 ----D---- C:\WINDOWS\Temp
2010-04-18 19:28:11 ----D---- C:\WINDOWS\Minidump
2010-04-18 19:28:11 ----D---- C:\WINDOWS\Debug
2010-04-18 19:28:11 ----D---- C:\WINDOWS
2010-04-18 19:27:29 ----RD---- C:\Program Files
2010-04-18 19:17:58 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-04-18 19:09:58 ----SHD---- C:\WINDOWS\Installer
2010-04-18 19:09:58 ----D---- C:\Config.Msi
2010-04-18 19:00:48 ----D---- C:\Program Files\Common Files
2010-04-11 20:37:18 ----D---- C:\WINDOWS\Prefetch
2010-04-11 20:33:45 ----SD---- C:\WINDOWS\Tasks
2010-04-11 20:33:38 ----D---- C:\WINDOWS\system32
2010-04-11 20:30:00 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-04 19:07:46 ----D---- C:\Documents and Settings\Tomas a Martinka\Application Data\teamspeak2
2010-04-04 18:55:43 ----D---- C:\Documents and Settings\Tomas a Martinka\Application Data\Skype
2010-04-04 18:30:57 ----D---- C:\Documents and Settings\Tomas a Martinka\Application Data\skypePM
2010-04-04 15:08:35 ----D---- C:\Documents and Settings\Tomas a Martinka\Application Data\vlc
2010-04-03 18:27:45 ----D---- C:\Program Files\PokerStars
2010-04-03 12:32:44 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-03 12:32:43 ----A---- C:\WINDOWS\JeppECData.ini
2010-04-03 08:54:09 ----D---- C:\WINDOWS\system32\drivers
2010-04-02 12:46:30 ----D---- C:\Program Files\Mozilla Firefox
2010-04-02 12:38:16 ----D---- C:\Program Files\Kros Alfa
2010-04-01 06:04:42 ----D---- C:\Program Files\Java
2010-03-29 19:55:35 ----HD---- C:\WINDOWS\inf
2010-03-29 15:43:30 ----A---- C:\WINDOWS\NeroDigital.ini
2010-03-29 00:12:18 ----RSD---- C:\WINDOWS\assembly
2010-03-29 00:11:29 ----D---- C:\WINDOWS\Microsoft.NET
2010-03-29 00:09:14 ----D---- C:\WINDOWS\system32\DirectX
2010-03-28 22:20:12 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-28 22:17:33 ----D---- C:\WINDOWS\WinSxS
2010-03-28 22:14:21 ----RSD---- C:\WINDOWS\Fonts
2010-03-28 22:12:27 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-28 22:07:13 ----D---- C:\Program Files\Internet Explorer
2010-03-27 18:31:18 ----A---- C:\WINDOWS\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2009-10-07 54184]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-10-07 35168]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-03 36096]
R2 Angelnt;Angelnt; C:\WINDOWS\System32\Drivers\ANGELNT.SYS [2010-03-17 51072]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-10-07 40824]
R3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-10-08 120830]
R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-10-08 98842]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-02-24 400384]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-08-02 635281]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-08-31 25280]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-23 9600]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2003-10-08 93979]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12160]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
S3 aukaau19;aukaau19; C:\WINDOWS\system32\drivers\aukaau19.sys []
S3 CAM1210;HAMA WEBCAM AC-100; C:\WINDOWS\System32\Drivers\cam1210.sys [2007-03-15 93952]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-11 18944]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-10-07 472280]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-10-07 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Super, pokračujeme. A omlouvám se za zpoždění.

1) OTCleaner

Stáhněte OTC a dvojklikem ho spusťte.
Vyskočí okénko, kde kliknete na 'CleanUp!'.
Potvrdíte kliknutím na 'Yes'.
Poté se ještě zeptá, zda chcete restartovat PC - to proveďte opět kliknutím na 'Yes'.

2) Defragmentace

Defragmentujte disk.
Lze to udělat několika způsoby ↓
- Přes defragmentaci integrovanou ve Windows [Start → Spustit → dfrg.msc → Enter]. Toto není příliš účinný způsob.
- Přes jednoduchý a přehledný program jménem Defraggler.
- Přes geniální program, který se nemusí instalovat a je hodně jednoduchý - JKDefrag.

3) Update Internet Exploreru

Máte nainstalovanou zastaralou verzi Internet Exploreru (konkrétně verzi 6).
Proto doporučuji updatovat (i když IE nepoužíváte) na verzi 7, nebo rovnou na nejnovější 'osmičku'.

4) FileHippo.com UpdateChecker

Abyste měl/a přehled o aktualizacích, doporučuji stáhnout program FileHippo.com UpdateChecker.
- Běžně ho nainstalujte.
- Spouštějte ho například jednou až dvakrát týdně.
- Přehledně zobrazí všechny programy, které jsou neaktualizované, nabídne stažení novější verze (což doporučuji).
- Dávejte si pozor,co dané aplikace instalují 's sebou' → například zbytečné toolbary (lišty).
  - Proto se nevyplatí bezmyšlenkovitě klikat na 'Next', popřípadě 'Další'.

5) Nový RSIT log

RSIT log

Logfile of random's system information tool 1.06 (written by random/random)
Run by Tomas a Martinka at 2010-04-24 09:21:02
Microsoft Windows XP Professional Service Pack 2
System drive C: has 2 GB (18%) free of 10 GB
Total RAM: 1007 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:21:14, on 24.4.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\FileHippo.com\UpdateChecker.exe
C:\Documents and Settings\Tomas a Martinka\Desktop\RSIT.exe
C:\Program Files\trend micro\Tomas a Martinka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [FileHippo.com] "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

--
End of file - 3317 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-09 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-07-27 68096]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2003-10-02 155648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2003-10-02 118784]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-10-07 1461080]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"FileHippo.com"=C:\Program Files\FileHippo.com\UpdateChecker.exe [2010-03-03 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2003-10-02 319488]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDesktop"=0
"NoActiveDesktop"=0
"HideClock"=0
"NoStartMenuPinnedList"=0
"NoStartMenuMFUprogramsList"=0
"NoUserNameInStartMenu"=0
"StartmenuLogoff"=0
"NoStartMenuSubFolders"=0
"NoCommonGroups"=0
"NoPrinterTabs"=0
"NoDeletePrinter"=0
"NoAddPrinter"=0
"NoPrinters"=0
"NoFavoritesMenu"=0
"NoRun"=0
"NoFind"=0
"NoClose"=0
"NoSetFolders"=0
"NoViewContextMenu"=0
"NoDrives"=0
"NoToolbarCustomize"=0
"NoRecentDocsNetHood"=0
"NoChangeAnimation"=0
"NoChangeKeyboardNavigationIndicators"=0
"NoThemesTab"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\QIP Infium\infium.exe"="C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"D:\Program Files\Flight Simulator 9\FS9.EXE"="D:\Program Files\Flight Simulator 9\FS9.EXE:*:Enabled:Microsoft Flight Simulator"
"D:\Program Files\IVAO\IvAp\ivapnetint.exe"="D:\Program Files\IVAO\IvAp\ivapnetint.exe:*:Enabled:ivapnetint"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\Program Files\Microsoft Games\Flight Simulator 9\FS9.EXE"="D:\Program Files\Microsoft Games\Flight Simulator 9\FS9.EXE:*:Enabled:Microsoft Flight Simulator"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Documents and Settings\Tomas a Martinka\Local Settings\Temp\Rar$EX00.875\vPAR_Q.exe"="C:\Documents and Settings\Tomas a Martinka\Local Settings\Temp\Rar$EX00.875\vPAR_Q.exe:*:Enabled:vPAR QuadRadar"
"C:\Documents and Settings\Tomas a Martinka\Desktop\vPAR_Q\vPAR_Q.exe"="C:\Documents and Settings\Tomas a Martinka\Desktop\vPAR_Q\vPAR_Q.exe:*:Disabled:vPAR QuadRadar"
"C:\Documents and Settings\Tomas a Martinka\Desktop\vpar\vPAR_Q.exe"="C:\Documents and Settings\Tomas a Martinka\Desktop\vpar\vPAR_Q.exe:*:Enabled:vPAR QuadRadar"
"C:\Documents and Settings\Tomas a Martinka\Desktop\vpar\vPAR_A.exe"="C:\Documents and Settings\Tomas a Martinka\Desktop\vpar\vPAR_A.exe:*:Enabled:vPAR QuadRadar Analog"
"D:\Program Files\Flight Strip Tool - IVAO\FST.exe"="D:\Program Files\Flight Strip Tool - IVAO\FST.exe:*:Enabled:FST"
"D:\Program Files\Easy Clearance 3\EasyClearance3.exe"="D:\Program Files\Easy Clearance 3\EasyClearance3.exe:*:Enabled:Clearance Tool für IVAO"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-04-24 09:21:02 ----D---- C:\rsit
2010-04-24 06:45:58 ----D---- C:\Program Files\FileHippo.com
2010-04-18 19:27:29 ----D---- C:\Program Files\CCleaner
2010-04-05 07:10:47 ----D---- C:\Program Files\trend micro
2010-04-04 07:45:50 ----D---- C:\Program Files\TrendMicro
2010-04-03 08:50:29 ----D---- C:\Program Files\DAEMON Tools Lite
2010-04-01 16:12:51 ----D---- C:\Program Files\QuickTime
2010-04-01 16:12:40 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2010-04-01 09:28:34 ----D---- C:\Program Files\Common Files\Skype
2010-04-01 06:06:01 ----D---- C:\Documents and Settings\All Users\Application Data\Sun
2010-04-01 06:05:54 ----D---- C:\Program Files\Common Files\Java
2010-04-01 06:05:15 ----A---- C:\WINDOWS\system32\javaws.exe
2010-04-01 06:05:14 ----A---- C:\WINDOWS\system32\javaw.exe
2010-04-01 06:05:14 ----A---- C:\WINDOWS\system32\java.exe
2010-03-29 00:13:33 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2010-03-29 00:13:33 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2010-03-29 00:13:31 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2010-03-29 00:13:30 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2010-03-29 00:13:29 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2010-03-29 00:13:29 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2010-03-29 00:13:24 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2010-03-29 00:13:22 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2010-03-29 00:13:22 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2010-03-29 00:13:20 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2010-03-29 00:13:18 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2010-03-29 00:13:18 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2010-03-29 00:13:17 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2010-03-29 00:13:16 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2010-03-29 00:13:14 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2010-03-29 00:13:14 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2010-03-29 00:13:12 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2010-03-29 00:13:11 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2010-03-29 00:13:11 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2010-03-29 00:13:10 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2010-03-29 00:13:08 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2010-03-29 00:13:08 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2010-03-29 00:13:07 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2010-03-29 00:13:06 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2010-03-29 00:13:05 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2010-03-29 00:13:05 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2010-03-29 00:13:04 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2010-03-29 00:13:02 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2010-03-29 00:13:01 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2010-03-29 00:13:00 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2010-03-29 00:12:59 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2010-03-29 00:12:59 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2010-03-29 00:12:58 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2010-03-29 00:12:57 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2010-03-29 00:12:55 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2010-03-29 00:12:55 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2010-03-29 00:12:53 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2010-03-29 00:12:51 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2010-03-29 00:12:50 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2010-03-29 00:12:50 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2010-03-29 00:12:49 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2010-03-29 00:12:48 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2010-03-29 00:12:48 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2010-03-29 00:12:47 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2010-03-29 00:12:47 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2010-03-29 00:12:46 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2010-03-29 00:12:45 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2010-03-29 00:12:38 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2010-03-29 00:12:36 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2010-03-29 00:12:36 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2010-03-29 00:12:32 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2010-03-29 00:12:31 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2010-03-29 00:12:29 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2010-03-29 00:12:28 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2010-03-29 00:12:27 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2010-03-29 00:12:27 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2010-03-29 00:12:26 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-03-29 00:12:25 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2010-03-29 00:12:25 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2010-03-29 00:12:22 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2010-03-29 00:12:21 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2010-03-29 00:12:18 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2010-03-29 00:11:07 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2010-03-29 00:11:07 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2010-03-29 00:10:58 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2010-03-29 00:10:48 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2010-03-29 00:10:40 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2010-03-29 00:10:37 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2010-03-29 00:10:35 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2010-03-29 00:09:55 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2010-03-29 00:09:54 ----D---- C:\Program Files\Microsoft Speech SDK 5.1
2010-03-29 00:08:54 ----D---- C:\WINDOWS\Logs
2010-03-28 22:14:56 ----D---- C:\WINDOWS\system32\XPSViewer
2010-03-28 22:14:35 ----D---- C:\Program Files\MSBuild
2010-03-28 22:14:28 ----D---- C:\WINDOWS\system32\en-US
2010-03-28 22:14:01 ----D---- C:\Program Files\Reference Assemblies
2010-03-28 22:11:42 ----N---- C:\WINDOWS\system32\prntvpt.dll
2010-03-28 22:11:40 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2010-03-28 22:11:38 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2010-03-28 22:03:31 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2010-03-28 22:03:29 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2010-03-28 22:03:17 ----D---- C:\Program Files\MSXML 6.0
2010-03-28 21:53:57 ----D---- C:\Documents and Settings\Tomas a Martinka\Application Data\FS2Crew2010

======List of files/folders modified in the last 1 months======

2010-04-24 09:21:10 ----D---- C:\WINDOWS\Prefetch
2010-04-24 09:20:46 ----D---- C:\WINDOWS\Temp
2010-04-24 06:45:58 ----RD---- C:\Program Files
2010-04-23 21:01:56 ----D---- C:\WINDOWS
2010-04-23 20:55:29 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-22 16:00:48 ----D---- C:\Program Files\Kros Alfa
2010-04-18 19:28:11 ----D---- C:\WINDOWS\Minidump
2010-04-18 19:28:11 ----D---- C:\WINDOWS\Debug
2010-04-18 19:09:58 ----SHD---- C:\WINDOWS\Installer
2010-04-18 19:09:58 ----D---- C:\Config.Msi
2010-04-18 19:00:48 ----D---- C:\Program Files\Common Files
2010-04-11 20:33:45 ----SD---- C:\WINDOWS\Tasks
2010-04-11 20:33:38 ----D---- C:\WINDOWS\system32
2010-04-11 20:30:00 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-04 19:07:46 ----D---- C:\Documents and Settings\Tomas a Martinka\Application Data\teamspeak2
2010-04-04 18:55:43 ----D---- C:\Documents and Settings\Tomas a Martinka\Application Data\Skype
2010-04-04 18:30:57 ----D---- C:\Documents and Settings\Tomas a Martinka\Application Data\skypePM
2010-04-04 15:08:35 ----D---- C:\Documents and Settings\Tomas a Martinka\Application Data\vlc
2010-04-03 18:27:45 ----D---- C:\Program Files\PokerStars
2010-04-03 12:32:44 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-03 12:32:43 ----A---- C:\WINDOWS\JeppECData.ini
2010-04-03 08:54:09 ----D---- C:\WINDOWS\system32\drivers
2010-04-02 12:46:30 ----D---- C:\Program Files\Mozilla Firefox
2010-04-01 06:04:42 ----D---- C:\Program Files\Java
2010-03-29 19:55:35 ----HD---- C:\WINDOWS\inf
2010-03-29 15:43:30 ----A---- C:\WINDOWS\NeroDigital.ini
2010-03-29 00:12:18 ----RSD---- C:\WINDOWS\assembly
2010-03-29 00:11:29 ----D---- C:\WINDOWS\Microsoft.NET
2010-03-29 00:09:14 ----D---- C:\WINDOWS\system32\DirectX
2010-03-28 22:20:12 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-28 22:17:33 ----D---- C:\WINDOWS\WinSxS
2010-03-28 22:14:21 ----RSD---- C:\WINDOWS\Fonts
2010-03-28 22:12:27 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-28 22:07:13 ----D---- C:\Program Files\Internet Explorer
2010-03-27 18:31:18 ----A---- C:\WINDOWS\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2009-10-07 54184]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-10-07 35168]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-03 36096]
R2 Angelnt;Angelnt; C:\WINDOWS\System32\Drivers\ANGELNT.SYS [2010-03-17 51072]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-10-07 40824]
R3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-10-08 120830]
R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-10-08 98842]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-02-24 400384]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-08-02 635281]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-08-31 25280]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-23 9600]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2003-10-08 93979]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12160]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
S3 al3i0zfq;al3i0zfq; C:\WINDOWS\system32\drivers\al3i0zfq.sys []
S3 CAM1210;HAMA WEBCAM AC-100; C:\WINDOWS\System32\Drivers\cam1210.sys [2007-03-15 93952]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-11 18944]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-10-07 472280]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-10-07 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

ked som chcel nainstalovat ci uz 7cku alebo 8cku IE, vypisalo mi ze nevie praovat s jazykom sucasneho OS, a to som stiahol 8cku pre XPcko. Dalej ked som pouzil defragmetator ktory sa neinstaluje zmizlo i z plochy RSIT aj OT3M, ked som na novo stiahol RST a dal som to checknut urobilo mi dva LOGy a nerestartovalo sa, 1. je vyssie, ten druhy nazval info.txt a ide v podstate o uninstall list, prikladam nizsie.

info.txt logfile of random's system information tool 1.06 2010-04-24 09:21:16

======Uninstall list======

-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Abacus EZ-Libraries-->MsiExec.exe /I{C539AF6F-9DB3-458C-9274-1F3EE3291FB1}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
aerosoft's - CanaryIslands 3.2 Update - FS2004-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2B0000B7-89C7-49FD-B9CC-139CA2456822}\Setup.exe" -uninst
ALFA 16.20.00-->MsiExec.exe /I{69E369F1-6A92-47B5-86D5-474A7E06B3DC}
Boeing 757 Professional 2006-->"C:\WINDOWS\Boeing 757 Professional 2006\uninstall.exe" "/U:D:\Program\Microsoft Games\Flight Simulator 9\Uninstall\uninstall.xml"
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Codec Pack - All In 1 6.0.3.0-->C:\WINDOWS\iun6002.exe "C:\Program Files\Codec Pack - All In 1\irunin.ini"
Elcomm-->"C:\Program Files\Elcom\Elcomm\Elcomm_uninstaller.exe"
ESET NOD32 Antivirus-->MsiExec.exe /I{EA084D6F-5911-4B4D-985B-F4B422E33671}
FileHippo.com Update Checker-->"C:\Program Files\FileHippo.com\uninstall.exe"
FliteStar-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8F8C91F0-F15C-11D4-A4D6-0004ACD720DA}\setup.exe"
Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
FS2Crew 2010: Wilco feelThere 737 PIC Voice Commander Edition SP1-->d:\Program Files\Microsoft Games\Flight Simulator 9\unFS2Crew2010_FS9_Wilco737.exe
FS2Crew 2010: Wilco feelThere 737 PIC Voice Commander Edition-->d:\Program Files\Microsoft Games\Flight Simulator 9\unFS2Crew2010_FS9_Wilco737.exe
GAP_LGIO 2007-->d:\Program Files\Microsoft Games\Flight Simulator 9\Uninstal.exe
GAP_LGSM_2009-->d:\Program Files\Microsoft Games\Flight Simulator 9\GAP_LGSM_2009 REMOVE.exe
Greatest Airliners: 727-->"d:\Program Files\Microsoft Games\Flight Simulator 9\uninstall_GA727.exe" "/U:d:\Program Files\Microsoft Games\Flight Simulator 9\F1DF_GA727.xml"
HAMA WEBCAM AC-100-->MsiExec.exe /X{32C2F9AA-7484-48C2-AC19-2031F2ADD8F2}
Hamachi 1.0.3.0-->C:\Program Files\Hamachi\uninstall.exe
Happy Foto Asistent (Len odstráni?)-->"D:\Program Files\HappyFoto\HfAsistentSlk\uninstall.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Integrated SimAvionics for FS9/FSX - N537JB-->d:\Program Files\Microsoft Games\Flight Simulator 9\Uninstall ISG for FS9 - N537JB.exe
Intel(R) Extreme Graphics 2 Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_3582
IvAc v1.1.12 (b183)-->"D:\Program Files\IVAO\IvAc\unins000.exe"
IvAe v1.0.4 (b322)-->"D:\Program Files\IVAO\IvAe\unins000.exe"
IvAp v1.4.2 b2411-->"D:\Program Files\IVAO\IvAp\unins000.exe"
Java(TM) 6 Update 19-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
JeppTerrain-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7D28A0F2-349E-11D3-A90C-0090270E86DC}\setup.exe" -uninst
JeppView / JeppView FliteDeck-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6E0D150E-E486-4D20-BB7F-E091032C34D9}\setup.exe" -l0x9 AnyText
London Control-->MsiExec.exe /I{E2F1B35F-7C8A-41F4-8248-F5CF9ABD7261}
Magic ISO Maker v5.4 (build 0239)-->C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Flight Simulator 2004 A Century of Flight-->"d:\Program Files\Microsoft Games\Flight Simulator 9\UNINSTAL.EXE" /runtemp /addremove
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011041B-6000-11D3-8CFE-0150048383C9}
Microsoft Speech SDK 5.1-->MsiExec.exe /I{A403D88E-ED7D-48E3-91FD-B8C8A720EDA1}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Mozilla Firefox (3.6.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Nero 7 Ultra Edition-->MsiExec.exe /X{CF097717-F174-4144-954A-FBC4BF301033}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
pdfforge Toolbar v1.0-->MsiExec.exe /X{B8B0FC8B-E69B-4215-AF1A-4BDFF20D794B}
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
PokerStars-->"C:\Program Files\PokerStars\PokerStarsUninstall.exe" /u:PokerStars
QuickTime-->MsiExec.exe /I{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"
VLC media player 1.0.1-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
WinTools.net 10.2.1 Professional-->"C:\Program Files\Godlike Developers\WinTools.net Professional\unins000.exe"

=====HijackThis Backups=====

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru [2010-04-11]
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe [2010-04-11]
R3 - URLSearchHook: (no name) - - (no file) [2010-04-11]
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP Infium\infium.exe (HKCU) [2010-04-11]
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie [2010-04-11]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/ [2010-04-11]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru [2010-04-11]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie [2010-04-11]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru [2010-04-11]

======Security center information======

AV: ESET NOD32 Antivirus 3.0 (outdated)

======System event log======

Computer Name: SLOTO
Event Code: 1000
Message: Your computer has lost the lease to its IP address 5.85.104.156 on the
Network Card with network address 7A790555689C.

Record Number: 12659
Source Name: Dhcp
Time Written: 20100222095054.000000+060
Event Type: error
User:

Computer Name: SLOTO
Event Code: 1003
Message: Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 7A790555689C. The following
error occurred:
The semaphore timeout period has expired.
.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.

Record Number: 12658
Source Name: Dhcp
Time Written: 20100222095054.000000+060
Event Type: warning
User:

Computer Name: SLOTO
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Record Number: 12638
Source Name: Tcpip
Time Written: 20100221183706.000000+060
Event Type: warning
User:

Computer Name: SLOTO
Event Code: 1000
Message: Your computer has lost the lease to its IP address 5.85.104.156 on the
Network Card with network address 7A790555689C.

Record Number: 12636
Source Name: Dhcp
Time Written: 20100221084812.000000+060
Event Type: error
User:

Computer Name: SLOTO
Event Code: 1003
Message: Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 7A790555689C. The following
error occurred:
The semaphore timeout period has expired.
.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.

Record Number: 12635
Source Name: Dhcp
Time Written: 20100221084812.000000+060
Event Type: warning
User:

=====Application event log=====

Computer Name: SLOTO
Event Code: 1002
Message: Hanging application MagicISO.exe, version 5.4.0.239, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Record Number: 900
Source Name: Application Hang
Time Written: 20090725184929.000000+120
Event Type: error
User:

Computer Name: SLOTO
Event Code: 1000
Message: Faulting application explorer.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x022c1da4.

Record Number: 898
Source Name: Application Error
Time Written: 20090725122952.000000+120
Event Type: error
User:

Computer Name: SLOTO
Event Code: 1000
Message: Faulting application explorer.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x03291da4.

Record Number: 886
Source Name: Application Error
Time Written: 20090724214125.000000+120
Event Type: error
User:

Computer Name: SLOTO
Event Code: 1001
Message: Detection of product '{9011041B-6000-11D3-8CFE-0150048383C9}', feature 'ProductNonBootFiles' failed during request for component '{22056900-C842-11D1-A0DD-00A0C9054277}'

Record Number: 884
Source Name: MsiInstaller
Time Written: 20090724175918.000000+120
Event Type: warning
User: SLOTO\Tomas a Martinka

Computer Name: SLOTO
Event Code: 1517
Message: Windows saved user SLOTO\Tomas a Martinka registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.

This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 878
Source Name: Userenv
Time Written: 20090724125847.000000+120
Event Type: warning
User: NT AUTHORITY\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 9 Stepping 5, GenuineIntel
"PROCESSOR_REVISION"=0905
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

VIRY.CZ

Poprosil by som o kontrolu LOGu PC pomale

Poprosil by som o kontrolu LOGu PC pomale

Re: Poprosil by som o kontrolu LOGu PC pomale

Re: Poprosil by som o kontrolu LOGu PC pomale

Re: Poprosil by som o kontrolu LOGu PC pomale

Re: Poprosil by som o kontrolu LOGu PC pomale

Re: Poprosil by som o kontrolu LOGu PC pomale

Re: Poprosil by som o kontrolu LOGu PC pomale

Re: Poprosil by som o kontrolu LOGu PC pomale

Re: Poprosil by som o kontrolu LOGu PC pomale

Re: Poprosil by som o kontrolu LOGu PC pomale

Re: Poprosil by som o kontrolu LOGu PC pomale

Re: Poprosil by som o kontrolu LOGu PC pomale

Re: Poprosil by som o kontrolu LOGu PC pomale

Re: Poprosil by som o kontrolu LOGu PC pomale

Re: Poprosil by som o kontrolu LOGu PC pomale