prosím o kontrolu logu,stále mi vyskakujú alerty od antivíru

Zpráva

666_peter_666 · #1 Příspěvek od **666_peter_666** » 04 led 2010 22:06

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:03:14, on 4.1.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\msb.exe
C:\Windows\Explorer.EXE
C:\Users\i\AppData\Local\Temp\c.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Vista Start Menu\VistaStartMenu.exe
C:\Hry\LEGO Indiana Jones\LEGOIndy.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Vista Start Menu\VistaStartMenu.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://club.geewa.com/sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [OutpostMonitor] "C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe" /tray /noservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [VistaStartMenu] C:\Program Files\Vista Start Menu\VistaStartMenu.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2042303748-983762039-2973062252-1003\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'i')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 6220 bytes

#2 Příspěvek od **Rudy** » 04 led 2010 22:09

Dejte log z RSIT: http://viry.cz/forum/viewtopic.php?f=24&t=81939 . Je podrobnější, než HJT.

666_peter_666 · #3 Příspěvek od **666_peter_666** » 04 led 2010 22:25

666_peter_666 · #4 Příspěvek od **666_peter_666** » 04 led 2010 23:07

Spustil som RSIT v režime kompatibility s Windows Vista, lebo pri normálnom spustení pod Windows 7 RSIT vypísal chybové hlásenie. Posielam Vám výpisy:

log.txt:
Logfile of random's system information tool 1.06 (written by random/random)
Run by i at 2010-01-04 22:57:36
Microsoft Windows 7 Ultimate Service Pack 2
System drive C: has 125 GB (33%) free of 377 GB
Total RAM: 3327 MB (31% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:59:30, on 4.1.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\msb.exe
C:\Windows\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Vista Start Menu\VistaStartMenu.exe
C:\Hry\LEGO Indiana Jones\LEGOIndy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Opera\opera.exe
C:\Users\i\AppData\Local\Temp\_tc\Piaip RC Hack v1.12\piaipRCHack_v1.12.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Vista Start Menu\VistaStartMenu.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\wincmd\TOTALCMD.EXE
C:\Users\i\AppData\Local\Temp\c.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\wincmd\TOTALCMD.EXE
C:\DL\RSIT.exe
C:\Program Files\trend micro\HijackThis\i.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [OutpostMonitor] "C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe" /tray /noservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [VistaStartMenu] C:\Program Files\Vista Start Menu\VistaStartMenu.exe
O4 - HKCU\..\Run: [PUT2VIDQLG] C:\Users\i\AppData\Local\Temp\c.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2042303748-983762039-2973062252-1001\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'a')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 6356 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2042303748-983762039-2973062252-1004Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2042303748-983762039-2973062252-1004UA.job
C:\Windows\tasks\RtlVistaStart.job
C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\Windows\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2007-08-28 1282048]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-12-20 788880]
"NPSStartup"= []
"OutpostMonitor"=C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe [2009-09-23 1270080]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"VistaStartMenu"=C:\Program Files\Vista Start Menu\VistaStartMenu.exe [2010-01-01 2420568]
"PUT2VIDQLG"=C:\Users\i\AppData\Local\Temp\c.exe [2010-01-01 163840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-04-02 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OutpostFeedBack]
C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe [2009-09-23 436552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
C:\Hry\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-12-13 306088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [2009-09-24 434176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundTray]
C:\Program Files\Analog Devices\SoundMAX\SoundTray.exe [2007-08-02 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2009-01-21 92168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI\ATI.ACE\Core-Static\CLIStart.exe [2009-12-14 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Hry\Steam\Steam.exe [2009-11-22 1217808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-03-11 210520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^i^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FreeRapid 0.82.lnk]
C:\PROGRA~1\FREERA~1\frd.exe [2009-10-29 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="c:\progra~1\agnitum\outpos~1\wl_hook.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SynchronousMachineGroupPolicy"=0
"SynchronousUserGroupPolicy"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-01-04 22:21:58 ----D---- C:\rsit
2010-01-03 21:35:20 ----A---- C:\rcTools_v1_ck.exe
2010-01-03 12:13:46 ----A---- C:\Nameless_Rc_cheat.exe
2010-01-01 21:14:15 ----A---- C:\Windows\msb.exe
2010-01-01 21:08:13 ----A---- C:\Windows\msa.exe
2010-01-01 21:07:40 ----A---- C:\Windows\system32\sshnas.dll
2009-12-31 19:13:53 ----D---- C:\ProgramData\ATI
2009-12-31 19:08:44 ----D---- C:\Program Files\ATI
2009-12-31 19:01:12 ----D---- C:\Windows\LastGood
2009-12-31 18:54:20 ----D---- C:\Windows\LastGood.Tmp
2009-12-31 10:50:04 ----D---- C:\Windows\Minidump
2009-12-30 17:01:54 ----D---- C:\ProgramData\FLEXnet
2009-12-30 16:52:36 ----D---- C:\Program Files\Common Files\Macrovision Shared
2009-12-29 19:22:24 ----A---- C:\Windows\system32\d3dx9.dll
2009-12-29 19:22:24 ----A---- C:\Windows\system32\D3DX81ab.dll
2009-12-29 19:22:23 ----D---- C:\Program Files\Cheat Engine
2009-12-29 17:42:37 ----A---- C:\CheatEngine55.exe
2009-12-24 11:28:35 ----D---- C:\Program Files\Winamp Detect
2009-12-24 11:22:06 ----D---- C:\Program Files\Your Uninstaller 2010
2009-12-15 00:47:52 ----A---- C:\Windows\system32\ATIDEMGX.dll
2009-12-15 00:47:22 ----A---- C:\Windows\system32\atieclxx.exe
2009-12-15 00:46:52 ----A---- C:\Windows\system32\atiesrxx.exe
2009-12-15 00:45:32 ----A---- C:\Windows\system32\atitmmxx.dll
2009-12-15 00:45:14 ----A---- C:\Windows\system32\atipdlxx.dll
2009-12-15 00:45:00 ----A---- C:\Windows\system32\Oemdspif.dll
2009-12-15 00:44:52 ----A---- C:\Windows\system32\atimuixx.dll
2009-12-15 00:44:44 ----A---- C:\Windows\system32\ati2edxx.dll
2009-12-15 00:41:58 ----A---- C:\Windows\system32\atidxx32.dll
2009-12-15 00:25:40 ----A---- C:\Windows\system32\atiumdag.dll
2009-12-15 00:13:22 ----A---- C:\Windows\system32\atioglxx.dll
2009-12-15 00:07:36 ----A---- C:\Windows\system32\atiumdva.dll
2009-12-14 23:55:12 ----A---- C:\Windows\system32\atimpc32.dll
2009-12-14 23:55:12 ----A---- C:\Windows\system32\amdpcom32.dll
2009-12-14 23:54:38 ----A---- C:\Windows\system32\atiadlxx.dll
2009-12-14 23:50:10 ----A---- C:\Windows\system32\aticalrt.dll
2009-12-14 23:49:58 ----A---- C:\Windows\system32\aticalcl.dll
2009-12-14 23:48:52 ----A---- C:\Windows\system32\aticaldd.dll
2009-12-09 18:19:13 ----A---- C:\Windows\system32\tzres.dll
2009-12-09 18:16:29 ----D---- C:\Program Files\MSXML 4.0
2009-12-09 18:12:59 ----A---- C:\Windows\system32\mshtml.dll
2009-12-09 18:12:59 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-12-09 14:40:57 ----D---- C:\Program Files\LeeGTs Games
2009-12-06 20:40:15 ----A---- C:\Windows\system32\javaws.exe
2009-12-06 20:40:15 ----A---- C:\Windows\system32\javaw.exe
2009-12-06 20:40:15 ----A---- C:\Windows\system32\java.exe
2009-12-06 20:33:44 ----D---- C:\ProgramData\Apple Computer
2009-12-06 20:33:39 ----D---- C:\Program Files\QuickTime Alternative

======List of files/folders modified in the last 1 months======

2010-01-04 22:54:49 ----D---- C:\Windows\Temp
2010-01-04 22:43:01 ----D---- C:\Windows\system32\Tasks
2010-01-04 22:43:00 ----D---- C:\Windows\Tasks
2010-01-04 22:26:14 ----D---- C:\Windows\Prefetch
2010-01-04 22:22:33 ----D---- C:\DL
2010-01-04 21:59:55 ----D---- C:\Windows\System32
2010-01-04 21:59:55 ----D---- C:\Windows\inf
2010-01-04 21:59:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-01-04 21:54:13 ----D---- C:\Users\i\AppData\Roaming\Vista Start Menu
2010-01-04 21:53:29 ----D---- C:\Windows
2010-01-04 21:53:20 ----SHD---- C:\System Volume Information
2010-01-04 21:53:08 ----D---- C:\Program Files\Vista Start Menu
2010-01-04 20:01:34 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-01-04 20:01:33 ----D---- C:\Windows\debug
2010-01-04 16:19:37 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-04 16:19:27 ----RSD---- C:\Windows\assembly
2010-01-04 16:18:50 ----SHD---- C:\Windows\Installer
2010-01-04 16:18:50 ----HD---- C:\Config.Msi
2010-01-04 16:14:44 ----D---- C:\Hry
2010-01-04 14:50:00 ----D---- C:\Igorko
2010-01-03 21:21:14 ----D---- C:\Strong DL
2010-01-03 13:19:57 ----D---- C:\Windows\system32\config
2010-01-01 19:04:11 ----AD---- C:\ProgramData\TEMP
2009-12-31 20:02:30 ----D---- C:\X
2009-12-31 19:51:35 ----D---- C:\Windows\system32\Filt
2009-12-31 19:13:53 ----HD---- C:\ProgramData
2009-12-31 19:10:22 ----D---- C:\Windows\system32\catroot
2009-12-31 19:10:14 ----D---- C:\Windows\system32\drivers
2009-12-31 19:10:07 ----D---- C:\Windows\system32\DriverStore
2009-12-31 19:08:44 ----RD---- C:\Program Files
2009-12-31 19:01:09 ----D---- C:\Windows\system32\catroot2
2009-12-31 18:54:07 ----D---- C:\Windows\winsxs
2009-12-31 18:46:29 ----D---- C:\Drivers
2009-12-31 18:45:00 ----D---- C:\Program Files\7-Zip
2009-12-31 10:50:43 ----D---- C:\Users\i\AppData\Roaming\Adobe
2009-12-30 16:58:16 ----D---- C:\Program Files\Adobe
2009-12-30 16:57:57 ----D---- C:\ProgramData\Adobe
2009-12-30 16:56:30 ----D---- C:\Program Files\Common Files\Adobe
2009-12-30 16:56:14 ----RSD---- C:\Windows\Fonts
2009-12-30 16:52:36 ----D---- C:\Program Files\Common Files
2009-12-24 12:42:18 ----D---- C:\Hry na mobil
2009-12-24 12:38:32 ----SD---- C:\Users\i\AppData\Roaming\Microsoft
2009-12-24 12:27:22 ----D---- C:\Program Files\MultiCore Optimizer
2009-12-24 12:24:52 ----D---- C:\Users\i\AppData\Roaming\URSoft
2009-12-24 11:28:45 ----D---- C:\Program Files\Winamp
2009-12-23 22:07:11 ----D---- C:\Program Files\FLV to AVI
2009-12-20 17:42:41 ----D---- C:\Program Files\Free Rapidshare Downloader
2009-12-09 19:09:23 ----D---- C:\Windows\rescache
2009-12-09 18:19:20 ----D---- C:\Windows\system32\en-US
2009-12-09 18:19:20 ----D---- C:\Windows\system32\cs-CZ
2009-12-06 20:40:10 ----D---- C:\Program Files\Java
2009-12-06 20:11:17 ----D---- C:\Témy na mobil

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 afw;Agnitum Firewall Driver; C:\Windows\system32\DRIVERS\afw.sys [2009-02-18 29208]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys [2009-07-14 32256]
R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\Windows\system32\drivers\rdprefmp.sys [2009-07-14 7168]
R1 SandBox;SandBox; \??\C:\Windows\system32\drivers\SandBox.sys [2009-08-28 714112]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-08-15 28520]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2009-09-23 55040]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2009-09-23 294912]
R1 WfpLwf;WFP Lightweight Filter; C:\Windows\system32\DRIVERS\wfplwf.sys [2009-07-14 9728]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-12-07 56816]
R3 1394ohci;1394 OHCI Compliant Host Controller; C:\Windows\system32\DRIVERS\1394ohci.sys [2009-07-14 163328]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2007-08-29 345088]
R3 afwcore;afwcore; C:\Windows\system32\drivers\afwcore.sys [2009-09-14 318488]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-12-15 5144576]
R3 CompositeBus;Composite Bus Enumerator Driver; C:\Windows\system32\DRIVERS\CompositeBus.sys [2009-07-14 31232]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-07-14 304128]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-18 7680]
R3 RasAgileVpn;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys [2009-07-14 49152]
R3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\Windows\system32\DRIVERS\rdpbus.sys [2009-07-14 18944]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
R3 vpcbus;Virtual PC Host Bus Service; C:\Windows\system32\DRIVERS\vpchbus.sys [2009-09-23 165376]
R3 vpcusb;USB Virtualization Connector Service; C:\Windows\system32\DRIVERS\vpcusb.sys [2009-09-23 78336]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2009-01-13 19336]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2009-01-13 49160]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-08-15 278528]
S1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver; C:\Windows\system32\DRIVERS\rtlprot.sys []
S3 AcpiPmi;ACPI Power Meter Driver; C:\Windows\system32\DRIVERS\acpipmi.sys [2009-07-14 9728]
S3 AmdPPM;AMD Processor Driver; C:\Windows\system32\DRIVERS\amdppm.sys [2009-07-14 52736]
S3 amdsata;amdsata; C:\Windows\system32\DRIVERS\amdsata.sys [2009-07-14 79952]
S3 amdsbs;amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [2009-07-14 159312]
S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys [2009-07-14 50176]
S3 ASWFilt;ASWFilt; \??\C:\Windows\system32\Filt\ASWFilt.dll [2009-08-28 33920]
S3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-24 103440]
S3 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\DRIVERS\bxvbdx.sys [2009-07-13 430080]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2009-07-14 14080]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 drmkaud;Microsoft Trusted Audio Drivers; C:\Windows\system32\drivers\drmkaud.sys [2009-07-14 5120]
S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\system32\DRIVERS\evbdx.sys [2009-07-13 3100160]
S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2008-04-22 27672]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\DRIVERS\errdev.sys [2009-07-14 7168]
S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys [2009-07-14 46160]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-03-31 36608]
S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\Windows\system32\drivers\hcw85cir.sys [2009-07-13 26624]
S3 HidBatt;HID UPS Battery Driver; C:\Windows\system32\DRIVERS\HidBatt.sys [2009-07-14 21504]
S3 HpSAMD;HpSAMD; C:\Windows\system32\DRIVERS\HpSAMD.sys [2009-07-14 67152]
S3 LSI_SAS2;LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [2009-07-14 54864]
S3 MegaSR;MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [2009-07-14 235584]
S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys [2009-07-14 4096]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2009-07-14 8320]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2009-07-14 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2009-07-14 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2009-07-14 6144]
S3 MTConfig;Microsoft Input Configuration Driver; C:\Windows\system32\DRIVERS\MTConfig.sys [2009-07-14 12288]
S3 NdisCap;NDIS Capture LightWeight Filter; C:\Windows\system32\DRIVERS\ndiscap.sys [2009-07-14 27136]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pgfilter;pgfilter; C:\Windows\system32\drivers\pgfilter.sys []
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\Windows\system32\DRIVERS\s1018bus.sys [2009-03-25 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1018obex.sys [2009-03-25 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1018unic.sys [2009-03-25 109864]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys [2009-07-14 26624]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
S3 stexstor;stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [2009-07-14 21072]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 UmPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys [2009-07-14 8192]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 vhdmp;vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys [2009-07-14 159824]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 vpcuxd;USB Virtualization Stub Service; C:\Windows\system32\DRIVERS\vpcuxd.sys [2009-09-23 12800]
S3 vwifibus;@%SystemRoot%\System32\drivers\vwifibus.sys,-257; C:\Windows\System32\drivers\vwifibus.sys [2009-07-14 19968]
S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2009-07-14 19008]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2009-01-13 29192]
S3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2009-07-14 11264]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2009-01-13 14728]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 acssrv;Agnitum Client Security Service; C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe [2009-09-23 1338560]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-15 185089]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-08-15 108289]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-12-20 1181328]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [2009-07-14 3179520]
S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe [2009-07-14 22528]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-12-30 655624]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2009-03-31 233472]
S3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
S3 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-06-30 316664]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [2009-07-14 22528]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-07-14 1202688]
S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2007-06-07 86016]
S4 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-12-15 172032]
S4 bthserv;Služba pro podporu technologie Bluetooth; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 CscService;Offline soubory; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 Fax;Fax; C:\Windows\system32\fxssvc.exe [2009-07-14 522752]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe /svc []
S4 PeerDistSvc;BranchCache; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 SensrSvc;Adaptivní jas; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 WwanSvc;WWAN AutoConfig; C:\Windows\system32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

666_peter_666 · #5 Příspěvek od **666_peter_666** » 04 led 2010 23:08

a ešte info.txt:

info.txt logfile of random's system information tool 1.06 2010-01-04 22:59:37

======Uninstall list======

-->C:\Program Files\MAGIX\Digital_Foto_Maker_4_e-version\instslct.exe
-->MsiExec /X{5DB65884-C963-4454-AABA-4CA3089281FA}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BA8A7C81-B0D0-422D-8FBD-BF2D25986667}\setup.exe" -l0x9
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
3DMark Vantage-->C:\Program Files\InstallShield Installation Information\{C40C3C3D-97CF-44B5-836C-766E374464B3}\setup.exe -runfromtemp -l0x0009 -removeonly
7-Zip 9.10 beta-->"C:\Program Files\7-Zip\Uninstall.exe"
AC-3 ACM Codec-->C:\Windows\system32\rundll32.exe setupapi,InstallHinfSection DefaultUninstall 132 C:\Windows\INF\AC3ACM.inf
AC3Filter (remove only)-->C:\Program Files\AC3Filter\uninstall.exe
Ad-Aware-->"C:\ProgramData\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\ProgramData\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe
Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Adobe Color EU Recommended Settings CS4-->MsiExec.exe /I{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}
Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
Adobe Color NA Extra Settings CS4-->MsiExec.exe /I{098A2A49-7CF3-4F08-A38D-FB879117152A}
Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}
Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
Adobe MPEG Encoder-->MsiExec.exe /I{9811A185-3D3D-11D6-9E14-00036D172B00}
Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}
Adobe Photoshop CS4-->C:\Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\Setup.exe --uninstall=1
Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}
Adobe Photoshop CS4-->MsiExec.exe /I{E4848436-0345-47E2-B648-8B522FCDA623}
Adobe Reader 9.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A92000000001}
Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
Adobe Setup-->MsiExec.exe /I{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}
AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
Advertising Center-->MsiExec.exe /X{b2ec4a38-b545-4a00-8214-13fe0e915e6d}
Age of Mythology-->"C:\Hry\Microsoft Games\Age of Mythology\UNINSTAL.EXE" /runtemp /addremove
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Balík Compatibility Pack pre systém Office 2007-->MsiExec.exe /X{90120000-0020-041B-0000-0000000FF1CE}
Battlefield 2(TM)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}\setup.exe" -l0x9 -removeonly
Battlefield 2: Special Forces-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{50D4CB89-AF34-4978-96DC-C3034062E901}\setup.exe" -l0x9 -removeonly
BF2ALL64-->C:\Hry\EA GAMES\Battlefield 2\mods\bf2all64\Uninstall.exe
Bias Sound Soap 2 DX RTAS VST v2.01-->C:\PROGRA~1\Bias\Bias\BIASSO~1\UNWISE.EXE C:\PROGRA~1\Bias\Bias\BIASSO~1\INSTALL.LOG
BS.Player PRO-->"C:\Program Files\BSplayer\uninstall.exe"
Catalyst Control Center - Branding-->MsiExec.exe /I{8D7133DE-27D2-47E5-B248-4180278D32AA}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
DH Driver Cleaner Professional Edition-->C:\Program Files\Driver Cleaner Pro\Uninstall.exe
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DolbyFiles-->MsiExec.exe /X{b1adf008-e898-4fe2-8a1f-690d9a06acaf}
Farm Frenzy 3-->MsiExec.exe /X{6363DDF4-DE51-4B27-A0C3-73FB8FB18C38}
ffdshow [rev 3054] [2009-08-04]-->"C:\Program Files\ffdshow\unins000.exe"
FIFA 09-->MsiExec.exe /X{2315B23D-3E21-4920-837D-AE6460934ECB}
FinePrint-->C:\Windows\system32\spool\DRIVERS\W32X86\3\fpinst6.exe /uninstall
Firebird SQL Server - MAGIX Edition 2.0.0.1 (US)-->C:\Program Files\MAGIX\Common\Database\uninstall.exe
Fraps (remove only)-->"C:\Program Files\Fraps\uninstall.exe"
Futuremark SystemInfo-->C:\Program Files\InstallShield Installation Information\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}\setup.exe -runfromtemp -l0x0009 -removeonly
FuturixImager 5.9.4-->C:\Program Files\FuturixImager\uninstallfx.exe
Google Earth-->MsiExec.exe /X{12803180-9CAD-11DE-B804-005056806466}
Google Talk Plugin-->MsiExec.exe /I{5299C5E1-70F9-3D1D-A1FA-BDECA4EC8015}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Grand Theft Auto IV-->"C:\Program Files\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x0009 -removeonly
GTA San Andreas-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x9 -removeonly
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Host OpenAL (ADI)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BA8A7C81-B0D0-422D-8FBD-BF2D25986667}\setup.exe" -l0x9 /remove
HP Deskjet All-In-One Software 9.0-->C:\Program Files\HP\Digital Imaging\{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}\setup\hpzscr01.exe -datfile hposcr14.dat
HP Imaging Device Functions 9.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Solution Center 9.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
Cheat Engine 5.5-->"C:\Program Files\Cheat Engine\unins000.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
ICQ6.5-->"C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
Jasc Paint Shop Photo Album-->MsiExec.exe /I{B76D4A7F-FF11-4420-947C-C3AD624B9DBA}
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216015FF}
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
Lame ACM MP3 Codec-->C:\Windows\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 C:\Windows\INF\LameACM.inf
LEGO® Indiana Jones™-->C:\Program Files\InstallShield Installation Information\{A14C40E7-F7E5-498D-B8BD-A3EAE942EED0}\setup.exe -runfromtemp -l0x0409
Lingea Lexicon 2002-->C:\Windows\LgUninst.exe C:\Program Files\Lingea\Lex2002\Setup.exe
Logitech Gaming Software 5.04-->MsiExec.exe /X{768F22DC-2D20-4F52-A9A1-5E231FB7F752}
Marvell Miniport Driver-->C:\Program Files\Marvell\Miniport Driver\Uninst.exe
Menu Templates - Starter Kit-->MsiExec.exe /X{b78120a0-cf84-4366-a393-4d0a59bc546c}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{F112F66E-25CA-42DD-983C-6118EB38F606}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110405-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
Neat Video v2.21 Demo plug-in for Pinnacle Studio-->"C:\Program Files\Neat Video for Pinnacle Studio\unins000.exe"
Need for Speed™ SHIFT-->MsiExec.exe /X{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}
Nero 9 Trial-->C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="8M01-209M-AH6P-5UW0-WHAW-C53X-473X-79MH"
Nero BurnRights-->MsiExec.exe /X{7829db6f-a066-4e40-8912-cb07887c20bb}
Nero ControlCenter-->MsiExec.exe /X{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}
Nero CoverDesigner-->MsiExec.exe /X{62ac81f6-bdd3-4110-9d36-3e9eaab40999}
Nero Installer-->MsiExec.exe /X{e8a80433-302b-4ff1-815d-fcc8eac482ff}
NeroBurningROM-->MsiExec.exe /X{d025a639-b9c9-417d-8531-208859000af8}
NHL® 09-->MsiExec.exe /X{F2B5A2A7-2DF9-4361-8BD5-362714528B51}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{52D02A2B-03D2-4E34-A358-DC5D951FD296}
NVIDIA PhysX-->MsiExec.exe /X{5DB65884-C963-4454-AABA-4CA3089281FA}
OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
Opera 10.10-->MsiExec.exe /X{690BE098-6D0D-493D-B079-BD7E8F81A141}
Opera 9.64-->MsiExec.exe /X{E1BBBAC5-2857-4155-82A6-54492CE88620}
Orca-->MsiExec.exe /I{4F34C602-4D6D-470D-A2A0-59E4F25DDBF2}
Outpost Firewall Pro 2009-->"C:\Program Files\Agnitum\Outpost Firewall Pro\unins000.exe"
Ovladače videa společnosti Pinnacle-->MsiExec.exe /X{5EB90C06-964F-4195-B83E-BD7E55C88415}
PC Connectivity Solution-->MsiExec.exe /I{0C973594-7DDF-4BD0-84ED-3517F7622037}
PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
Pinnacle Studio 12-->MsiExec.exe /I{D041EB9E-890A-4098-8F94-51DA194AC72A}
Prostředí Windows XP Mode-->MsiExec.exe /X{1374CC63-B520-4f3f-98E8-E9020BF01CFF}
QuickTime Alternative 3.1.0-->"C:\Program Files\QuickTime Alternative\unins000.exe"
Rockstar Games Social Club-->"C:\Program Files\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x0009 -removeonly
SAMSUNG Mobile Composite Device Software-->C:\Windows\system32\Samsung_USB_Drivers\6_old\SSBCUninstall.exe
Samsung Mobile Modem Device Software-->C:\Windows\system32\Samsung_USB_Drivers\7\SSECUninstall.exe
SAMSUNG Mobile Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung Mobile phone USB driver Drive Software-->C:\Windows\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung New PC Studio-->"C:\Program Files\InstallShield Installation Information\{F193FC0E-9E18-40FC-A974-509A1BDD240A}\setup.exe" -runfromtemp -l0x0405 -removeonly
Samsung New PC Studio-->MsiExec.exe /X{F193FC0E-9E18-40FC-A974-509A1BDD240A}
SAMSUNG USB Mobile Device Software-->C:\Windows\system32\Samsung_USB_Drivers\6\SS_BUninstall.exe
SamsungConnectivityCableDriver-->MsiExec.exe /X{7E84FAC8-C518-40F9-9807-7455301D6D25}
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Sony Ericsson PC Suite 6.009.00-->"C:\Program Files\InstallShield Installation Information\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}\ISAdmin.exe" -runfromtemp -l0x0009 -removeonly
SoundMAX-->C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe -runfromtemp -l0x0005 -removeonly
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
SPORE™-->"C:\Program Files\InstallShield Installation Information\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}\setup.exe" -runfromtemp -l0x0005 -removeonly
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
SUPER © Version 2009.bld.36 (June 10, 2009)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
The Sims™ 3-->"C:\Program Files\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe" -runfromtemp -l0x0005 -removeonly
Total Commander (Remove or Repair)-->c:\Program Files\wincmd\tcuninst.exe
UltraISO Premium V9.32-->"C:\Program Files\UltraISO\unins000.exe"
Vista Start Menu 3.41-->"C:\Program Files\Vista Start Menu\unins000.exe"
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows 7 Manager-->MsiExec.exe /I{D86B6C32-49BD-4A02-9C43-14E497018498}
Windows Commander (Remove or Repair)-->c:\Program Files\wincmd\wcuninst.exe
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{C6CA8874-5F22-4AF0-9BE3-016BF299C536}
Windows Live Mail-->MsiExec.exe /I{63C1109E-D977-49ED-BCE3-D00D0BF187D6}
Windows Live Sign-in Assistant-->MsiExec.exe /I{45338B07-A236-4270-9A77-EBB4115517B5}
Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Xvid 1.1.3 final uninstall-->"C:\Program Files\Xvid\unins000.exe"
Yacc 0.4.0.3-->C:\Program Files\Yacc Yet Another CSO Compressor\uninst.exe
Youda Camper-->MsiExec.exe /I{3AA3CE5E-5CC3-406B-A84D-A6231C3721C9}
Youda Farmer-->MsiExec.exe /I{CA256FA1-4CF9-492C-98A6-6E451F83AEC3}
Youda Sushi Chef-->MsiExec.exe /I{87A8CF4F-6C4D-4B17-8382-5954D37CBC9A}
Your Uninstaller! 2010-->"C:\Program Files\Your Uninstaller 2010\unins000.exe"

======Hosts File======

127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com
127.0.0.1 genuine.microsoft.com
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com

======Security center information======

FW: Outpost Firewall Pro (disabled)
AS: Spybot - Search and Destroy (disabled)
AS: Lavasoft Ad-Watch Live!
AS: Outpost Firewall Pro (disabled)

======System event log======

Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Distributed Link Tracking Client byl změněn na: stopped
Record Number: 5
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Security Center byl změněn na: stopped
Record Number: 4
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Desktop Window Manager Session Manager byl změněn na: stopped
Record Number: 3
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Diagnostic Policy Service byl změněn na: stopped
Record Number: 2
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Microsoft Software Shadow Copy Provider byl změněn na: stopped
Record Number: 1
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: 37L4247D28-05
Event Code: 1001
Message: Chybný blok , typ 0
Název události: PnPDriverNotFound
Reakce: Not available
ID souboru CAB: 0

Podpis problému:
P1: x86
P2: ACPI\ATK0110
P3:
P4:
P5:
P6:
P7:
P8:
P9:
P10:

Připojené soubory:
C:\Windows\Temp\DMI8593.tmp.log.xml

Tyto soubory mohou být k dispozici zde:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x86_93856eefc23cb6f60c4f9525ca72dec1a9d7155_cab_037a865e

Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: 3e8c79c1-8996-11de-b553-d66b706fc534
Stav hlášení: 6
Record Number: 5
Source Name: Windows Error Reporting
Time Written: 20090815122206.000000-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20090815122048.000000-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20090815122042.000000-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.

Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090815122033.667325-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: 37L4247D28-05
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20090815122034.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: 37L4247D28-05
Event Code: 4735
Message: Byla změněna zabezpečená místní skupina.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247D28-05$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Změněné atributy:
Název účtu SAM: -
Historie identifikátoru zabezpečení: -

Další informace:
Oprávnění: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090815122004.651274-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247D28-05
Event Code: 4731
Message: Byla vytvořena zabezpečená místní skupina.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247D28-05$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Nová skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Atributy:
Název účtu SAM: Backup Operators
Historie identifikátoru zabezpečení: -

Další informace:
Oprávnění: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090815122004.635674-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247D28-05
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvořena.

Počet prvků: 0
ID zásady: 0x25363
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090815122004.074073-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247D28-05
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0

Typ přihlášení: 0

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x4
Název procesu:

Informace o síti:
Název pracovní stanice: -
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: -
Balíček ověření: -
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090815122000.283266-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247D28-05
Event Code: 4608
Message: Spouští se systém Windows.

Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090815122000.080466-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Pinnacle\Shared Files\;C:\Program Files\Samsung\Samsung PC Studio 3\;C:\Program Files\QuickTime Alternative\QTSystem;C:\Program Files\ATI\ATI.ACE\Core-Static
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=1707
"RGSCLauncher"=C:\Hry\Rockstar Games\Rockstar Games Social Club
"RGSC"=C:\Hry\Rockstar Games\Rockstar Games Social Club\1_0_0_0

-----------------EOF-----------------

666_peter_666 · #6 Příspěvek od **666_peter_666** » 05 led 2010 12:40

ešte som spustil aj Spybot S&D, našiel Smitfraud.C, Win32Agent.ieu, Win32.FraudLoad.edt, ktoré síce opravil, ale okná s hláseniami od Aviry mi vyskakujú naďalej

#7 Příspěvek od **Rudy** » 05 led 2010 19:47

Proskenujte ComboFixem a dejte log:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

666_peter_666 · #8 Příspěvek od **666_peter_666** » 05 led 2010 20:49

ComboFix 10-01-04.01 - a 05.01.2010 20:21:46.1.4 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1033.18.3327.2479 [GMT 1:00]
Spuštěný z: c:\dl\ComboFix.exe
FW: Outpost Firewall Pro *disabled* {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Outpost Firewall Pro *disabled* (Updated) {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Cheat Engine\dbk32.sys
c:\programdata\hpeB25.dll
c:\recycler\S-1-5-21-1390067357-884357618-725345543-1003
c:\recycler\S-1-5-21-1390067357-884357618-725345543-1004
c:\recycler\S-1-5-21-1390067357-884357618-725345543-1005
c:\windows\system32\AutoRun.inf
c:\windows\system32\sshnas.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-05 do 2010-01-05 )))))))))))))))))))))))))))))))
.

2010-01-05 19:35 . 2010-01-05 19:37 -------- d-----w- c:\users\a\AppData\Local\temp
2010-01-05 19:35 . 2010-01-05 19:35 -------- d-----w- c:\users\s\AppData\Local\temp
2010-01-05 19:35 . 2010-01-05 19:35 -------- d-----w- c:\users\i\AppData\Local\temp
2010-01-05 19:35 . 2010-01-05 19:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-01-04 21:21 . 2010-01-04 21:59 -------- d-----w- C:\rsit
2010-01-04 15:23 . 2010-01-04 15:23 -------- d-----w- c:\users\i\AppData\Local\LucasArts
2010-01-04 08:57 . 2010-01-04 08:57 754413 ----a-w- C:\vip.zip
2010-01-03 20:35 . 2010-01-03 20:35 635787 ----a-w- C:\rcTools_v1_ck.exe
2010-01-03 11:13 . 2010-01-03 11:13 376643 ----a-w- C:\Nameless_Rc_cheat.exe
2009-12-31 18:13 . 2009-12-31 18:13 -------- d-----w- c:\programdata\ATI
2009-12-31 18:09 . 2009-12-31 18:09 10134 ----a-r- c:\users\a\AppData\Roaming\Microsoft\Installer\{1F19E412-CA39-1DC9-409E-D20130E97CB5}\ARPPRODUCTICON.exe
2009-12-31 18:08 . 2009-12-31 18:11 -------- d-----w- c:\program files\ATI
2009-12-31 18:01 . 2009-12-31 18:10 -------- d-----w- c:\windows\LastGood
2009-12-31 17:54 . 2009-12-31 17:54 -------- d-----w- c:\windows\LastGood.Tmp
2009-12-30 16:01 . 2009-12-30 16:01 -------- d-----w- c:\programdata\FLEXnet
2009-12-30 15:52 . 2009-12-30 15:52 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2009-12-30 09:57 . 2009-12-30 09:57 98684 ----a-w- C:\Piaip_RC_Hack_v1.12.zip
2009-12-29 18:22 . 2007-12-26 16:30 679936 ----a-w- c:\windows\system32\D3DX81ab.dll
2009-12-29 18:22 . 2007-12-26 16:30 1970176 ----a-w- c:\windows\system32\d3dx9.dll
2009-12-29 18:22 . 2010-01-05 19:35 -------- d-----w- c:\program files\Cheat Engine
2009-12-29 16:42 . 2009-12-29 16:42 4393269 ----a-w- C:\CheatEngine55.exe
2009-12-28 22:40 . 2009-12-29 18:33 -------- d-----w- c:\users\i\AppData\Local\ElevatedDiagnostics
2009-12-24 10:28 . 2009-12-24 10:28 -------- d-----w- c:\program files\Winamp Detect
2009-12-24 10:22 . 2009-12-24 10:23 -------- d-----w- c:\program files\Your Uninstaller 2010
2009-12-22 21:05 . 2009-12-22 21:06 -------- d-----w- c:\users\s\AppData\Local\Google
2009-12-22 21:05 . 2009-12-22 21:05 -------- d-----w- c:\users\s\AppData\Local\Deployment
2009-12-15 00:21 . 2009-12-15 00:21 5144576 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2009-12-14 23:47 . 2009-12-14 23:47 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-12-14 23:47 . 2009-12-14 23:47 368640 ----a-w- c:\windows\system32\atieclxx.exe
2009-12-14 23:46 . 2009-12-14 23:46 172032 ----a-w- c:\windows\system32\atiesrxx.exe
2009-12-14 23:45 . 2009-12-14 23:45 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2009-12-14 23:45 . 2009-12-14 23:45 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2009-12-14 23:45 . 2009-12-14 23:45 274432 ----a-w- c:\windows\system32\Oemdspif.dll
2009-12-14 23:44 . 2009-12-14 23:44 11776 ----a-w- c:\windows\system32\atimuixx.dll
2009-12-14 23:44 . 2009-12-14 23:44 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2009-12-14 23:41 . 2009-12-14 23:41 3056640 ----a-w- c:\windows\system32\atidxx32.dll
2009-12-14 23:25 . 2009-12-14 23:25 3618304 ----a-w- c:\windows\system32\atiumdag.dll
2009-12-14 23:13 . 2009-12-14 23:13 13487616 ----a-w- c:\windows\system32\atioglxx.dll
2009-12-14 23:07 . 2009-12-14 23:07 2902016 ----a-w- c:\windows\system32\atiumdva.dll
2009-12-14 22:55 . 2009-12-14 22:55 52224 ----a-w- c:\windows\system32\atimpc32.dll
2009-12-14 22:55 . 2009-12-14 22:55 52224 ----a-w- c:\windows\system32\amdpcom32.dll
2009-12-14 22:54 . 2009-12-14 22:54 225280 ----a-w- c:\windows\system32\atiadlxx.dll
2009-12-14 22:50 . 2009-12-14 22:50 53248 ----a-w- c:\windows\system32\aticalrt.dll
2009-12-14 22:49 . 2009-12-14 22:49 53248 ----a-w- c:\windows\system32\aticalcl.dll
2009-12-14 22:48 . 2009-12-14 22:48 3629056 ----a-w- c:\windows\system32\aticaldd.dll
2009-12-14 22:39 . 2009-12-14 22:39 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2009-12-09 17:19 . 2009-10-29 07:22 2048 ----a-w- c:\windows\system32\tzres.dll
2009-12-09 17:16 . 2009-12-09 17:16 -------- d-----w- c:\program files\MSXML 4.0
2009-12-09 13:40 . 2009-12-09 13:40 -------- d-----w- c:\program files\LeeGTs Games
2009-12-06 19:47 . 2009-12-06 19:47 166260072 ----a-w- C:\BackupRegistry(20091206).reg

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-05 19:35 . 2009-12-29 18:22 -------- d-----w- c:\program files\Cheat Engine
2010-01-05 19:27 . 2009-08-15 13:05 624036 ----a-w- c:\windows\system32\perfh005.dat
2010-01-05 19:27 . 2009-08-15 13:05 119194 ----a-w- c:\windows\system32\perfc005.dat
2010-01-05 10:26 . 2009-08-15 15:35 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-01-04 20:54 . 2009-09-22 14:58 -------- d-----w- c:\users\i\AppData\Roaming\Vista Start Menu
2010-01-04 20:53 . 2009-09-22 14:35 -------- d-----w- c:\program files\Vista Start Menu
2010-01-04 15:19 . 2009-08-15 13:31 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-04 10:40 . 2009-09-22 14:36 -------- d-----w- c:\users\a\AppData\Roaming\Vista Start Menu
2010-01-01 20:47 . 2009-09-23 17:34 -------- d-----w- c:\users\s\AppData\Roaming\Vista Start Menu
2009-12-31 18:13 . 2009-08-15 14:26 -------- d-----w- c:\users\a\AppData\Roaming\ATI
2009-12-31 17:45 . 2009-08-31 21:31 -------- d-----w- c:\program files\7-Zip
2009-12-30 16:08 . 2009-08-15 12:49 140504 ----a-w- c:\users\a\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-30 16:05 . 2009-08-20 11:40 140504 ----a-w- c:\users\s\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-30 16:02 . 2009-08-17 15:57 140504 ----a-w- c:\users\i\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-30 15:56 . 2009-08-15 17:33 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-24 11:27 . 2009-09-28 15:25 -------- d-----w- c:\program files\MultiCore Optimizer
2009-12-24 11:24 . 2009-08-20 09:45 -------- d-----w- c:\users\i\AppData\Roaming\URSoft
2009-12-24 10:28 . 2009-08-15 20:06 -------- d-----w- c:\program files\Winamp
2009-12-24 10:22 . 2009-08-16 10:59 -------- d-----w- c:\users\a\AppData\Roaming\URSoft
2009-12-23 21:07 . 2009-08-26 07:07 -------- d-----w- c:\program files\FLV to AVI
2009-12-20 16:42 . 2009-08-15 17:34 -------- d-----w- c:\program files\Free Rapidshare Downloader
2009-12-20 08:19 . 2009-08-23 14:20 862040 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\threatwork.exe
2009-12-20 08:19 . 2009-08-23 14:20 206944 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\lavamessage.dll
2009-12-20 08:19 . 2009-08-23 14:20 390288 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\lavalicense.dll
2009-12-20 08:19 . 2009-10-14 17:53 537576 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\aawapi.dll
2009-12-20 08:19 . 2009-08-23 14:20 370744 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\UpdateManager.dll
2009-12-20 08:19 . 2009-08-23 14:20 194104 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Savapibridge.dll
2009-12-20 08:19 . 2009-08-23 14:19 6296864 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Resources.dll
2009-12-20 08:18 . 2009-08-23 14:19 933120 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\CEAPI.dll
2009-12-20 08:18 . 2009-08-23 14:19 816272 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe
2009-12-20 08:18 . 2009-08-23 14:19 822904 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe
2009-12-20 08:18 . 2009-08-23 14:19 1643272 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Ad-Aware.exe
2009-12-20 08:18 . 2009-08-23 14:19 788880 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\AAWTray.exe
2009-12-20 08:18 . 2009-08-23 14:19 1181328 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\AAWService.exe
2009-12-07 18:32 . 2009-08-16 17:57 -------- d-----w- c:\users\a\AppData\Roaming\Skype
2009-12-07 17:54 . 2009-08-16 18:03 -------- d-----w- c:\users\a\AppData\Roaming\skypePM
2009-12-07 17:13 . 2009-08-15 14:47 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-12-06 19:40 . 2009-08-25 20:16 -------- d-----w- c:\program files\Java
2009-12-06 19:33 . 2009-12-06 19:33 -------- d-----w- c:\programdata\Apple Computer
2009-12-06 19:33 . 2009-12-06 19:33 -------- d-----w- c:\program files\QuickTime Alternative
2009-12-04 09:03 . 2009-12-04 09:03 251376 ----a-w- c:\users\s\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
2009-11-30 18:50 . 2009-11-30 18:50 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-11-27 17:44 . 2009-11-27 17:04 -------- d-----w- c:\users\a\AppData\Roaming\MOBILedit
2009-11-27 17:04 . 2009-11-27 17:03 -------- d-----w- c:\program files\MobilEdit!
2009-11-27 16:58 . 2009-11-27 16:58 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2009-11-27 16:56 . 2009-11-27 16:56 -------- d-----w- c:\programdata\BVRP Software
2009-11-27 16:54 . 2009-11-27 16:54 -------- d-----w- c:\programdata\Sony Ericsson
2009-11-27 16:54 . 2009-11-27 16:54 -------- d-----w- c:\program files\Sony Ericsson
2009-11-25 15:41 . 2009-08-15 15:34 -------- d-----w- c:\program files\Opera
2009-11-22 10:33 . 2009-11-22 10:33 -------- d-----w- c:\program files\Common Files\Steam
2009-11-22 09:28 . 2009-08-23 14:19 163728 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\ShellExt.dll
2009-11-22 09:28 . 2009-08-23 14:19 327000 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\RPAPI.dll
2009-11-22 09:28 . 2009-08-23 14:19 87496 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\PrivacyClean.dll
2009-11-22 09:28 . 2009-09-21 12:50 641632 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\AutoLaunch.exe
2009-11-16 16:43 . 2009-09-14 14:42 -------- d-----w- c:\program files\AGEIA Technologies
2009-11-12 20:26 . 2009-08-15 15:35 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-11-10 16:21 . 2009-11-10 16:21 -------- d-----w- c:\program files\Windows Virtual PC
2009-11-10 16:15 . 2009-11-10 16:14 -------- d-----w- c:\program files\Windows XP Mode
2009-11-09 16:56 . 2009-08-15 13:32 -------- d-----w- c:\program files\Common Files\InstallShield
2009-10-30 15:05 . 2009-08-16 16:33 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-10-29 07:34 . 2009-10-27 18:12 212480 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\VipreBridge.dll
2009-10-27 18:12 . 2009-10-27 18:12 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2009-10-27 18:12 . 2009-10-27 18:12 93360 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Drivers\SBREDrv.sys
2009-10-27 18:12 . 2009-10-27 18:12 554280 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\sbap.dll
2009-10-27 18:12 . 2009-08-23 14:20 15880 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\lsdelete.exe
2009-10-27 18:12 . 2009-08-20 14:05 15880 ----a-w- c:\windows\system32\lsdelete.exe
2009-10-27 18:12 . 2009-10-27 18:12 283944 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Vipre.dll
2009-10-27 18:12 . 2009-10-27 18:12 1223976 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\SBTE.dll
2009-10-27 18:12 . 2009-10-27 18:12 242984 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\SBRE.dll
2009-10-22 15:59 . 2009-10-22 15:59 196565 ----a-w- c:\windows\system32\atiicdxx.dat
2009-10-11 03:17 . 2009-08-25 20:16 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2006-05-03 09:06 . 2009-08-15 18:03 163328 --sh--r- c:\windows\System32\flvDX.dll
2007-02-21 10:47 . 2009-08-15 18:03 31232 --sh--r- c:\windows\System32\msfDX.dll
2008-03-16 12:30 . 2009-08-15 18:03 216064 --sh--r- c:\windows\System32\nbDX.dll
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"VistaStartMenu"="c:\program files\Vista Start Menu\VistaStartMenu.exe" [2010-01-01 2420568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-08-28 1282048]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-12-20 788880]
"OutpostMonitor"="c:\progra~1\Agnitum\OUTPOS~1\op_mon.exe" [2009-09-23 1270080]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Agnitum\OUTPOS~1\wl_hook.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
backup=c:\windows\pss\Adobe Gamma Loader.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^i^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FreeRapid 0.82.lnk]
backup=c:\windows\pss\FreeRapid 0.82.lnk.Startup
backupExtension=.Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-09-04 11:08 935288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-10-03 03:08 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
2008-08-14 06:58 611712 ----a-w- c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
2009-04-02 16:05 102400 ----a-w- c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-10-30 11:57 369200 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-03-11 19:34 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OutpostFeedBack]
2009-09-23 11:34 436552 ----a-w- c:\program files\Agnitum\Outpost Firewall Pro\feedback.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
2008-12-13 07:10 306088 ----a-w- c:\hry\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2009-09-24 13:41 434176 ----a-w- c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundTray]
2007-08-02 15:45 53248 ----a-w- c:\program files\Analog Devices\SoundMAX\SoundTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
2009-01-21 12:19 92168 ----a-w- c:\program files\Logitech\Gaming Software\LWEMon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2009-12-14 16:54 98304 ----a-w- c:\program files\ATI\ATI.ACE\Core-Static\CLIStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2009-11-22 10:34 1217808 ----a-w- c:\hry\Steam\steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 03:17 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

R0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [14.10.2009 18:53 64288]
R1 afw;Agnitum Firewall Driver;c:\windows\System32\drivers\afw.sys [15.8.2009 16:11 29208]
R1 SandBox;SandBox;c:\windows\System32\drivers\SandBox.sys [15.8.2009 16:13 714112]
R2 acssrv;Agnitum Client Security Service;c:\progra~1\Agnitum\OUTPOS~1\acs.exe [15.8.2009 16:11 1338560]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [15.8.2009 15:47 108289]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [24.9.2009 12:17 1181328]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [15.8.2009 16:35 1153368]
R3 afwcore;afwcore;c:\windows\System32\drivers\afwcore.sys [15.8.2009 16:13 318488]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\System32\drivers\seehcri.sys [27.11.2009 17:54 27632]
S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [16.8.2009 17:33 691696]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [27.11.2009 17:54 90112]
S3 ASWFilt;ASWFilt;c:\windows\System32\Filt\ASWFilt.dll [15.8.2009 16:13 33920]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [16.8.2009 18:31 1527900]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\System32\FsUsbExDisk.Sys [16.9.2009 19:09 36608]
S3 FsUsbExService;FsUsbExService;c:\windows\System32\FsUsbExService.Exe [16.9.2009 19:09 233472]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\System32\drivers\s1018bus.sys [27.11.2009 17:54 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\System32\drivers\s1018mdfl.sys [27.11.2009 17:54 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\System32\drivers\s1018mdm.sys [27.11.2009 17:54 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\System32\drivers\s1018mgmt.sys [27.11.2009 17:54 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\System32\drivers\s1018nd5.sys [27.11.2009 17:54 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\System32\drivers\s1018obex.sys [27.11.2009 17:54 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\System32\drivers\s1018unic.sys [27.11.2009 17:54 109864]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\System32\drivers\ss_bbus.sys [16.9.2009 19:10 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\System32\drivers\ss_bmdfl.sys [16.9.2009 19:10 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\System32\drivers\ss_bmdm.sys [16.9.2009 19:10 121856]
S3 vpcuxd;USB Virtualization Stub Service;c:\windows\System32\drivers\vpcuxd.sys [10.11.2009 17:17 12800]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\System32\drivers\yk62x86.sys [13.7.2009 23:02 311296]
S4 AMD External Events Utility;AMD External Events Utility;c:\windows\System32\atiesrxx.exe [15.12.2009 0:46 172032]
S4 gupdate;Služba Google Update (gupdate);"c:\program files\Google\Update\GoogleUpdate.exe" /svc --> c:\program files\Google\Update\GoogleUpdate.exe [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'

2010-01-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2042303748-983762039-2973062252-1004Core.job
- c:\users\s\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-22 21:05]

2010-01-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2042303748-983762039-2973062252-1004UA.job
- c:\users\s\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-22 21:05]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://club.geewa.com/sk/
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKCU-Run-DAEMON Tools Lite - c:\program files\DAEMON Tools Lite\daemon.exe
HKLM-Run-NPSStartup - (no file)

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll >>UNKNOWN [0x86298841]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
IoDeviceObjectType -> DumpProcedure -> 0xd46a624f
SecurityProcedure -> 0x855e57b8
QueryNameProcedure -> 0x8558d810
user & kernel MBR OK

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2010-01-05 20:40:57
ComboFix-quarantined-files.txt 2010-01-05 19:40

Před spuštěním: Volných bajtů: 137 724 026 880
Po spuštění: Volných bajtů: 137 871 921 152

- - End Of File - - B182B80A775AD4FF576619D475509680

#9 Příspěvek od **Rudy** » 05 led 2010 20:53

7 položek bylo smazáno, zbytek logu vypadá čistý. Nastala nějaká změna?

666_peter_666 · #10 Příspěvek od **666_peter_666** » 05 led 2010 21:00

Zatial mi alerty od antivíru, ktoré mi stále vyskakovali, nevyskakujú.
Ak som sa už zbavil toho vírusu, tak Vám velmi pekne ďakujem za Vašu pomoc.
Peter

#11 Příspěvek od **Rudy** » 05 led 2010 21:04

Všechny smazané položky najdete pod "Ostatní výmazy" . Nemáte zač!

VIRY.CZ

prosím o kontrolu logu,stále mi vyskakujú alerty od antivíru

prosím o kontrolu logu,stále mi vyskakujú alerty od antivíru

Re: prosím o kontrolu logu,stále mi vyskakujú alerty od antivíru

Re: prosím o kontrolu logu,stále mi vyskakujú alerty od antivíru

Re: prosím o kontrolu logu,stále mi vyskakujú alerty od antivíru

Re: prosím o kontrolu logu,stále mi vyskakujú alerty od antivíru

Re: prosím o kontrolu logu,stále mi vyskakujú alerty od antivíru

Re: prosím o kontrolu logu,stále mi vyskakujú alerty od antivíru

Re: prosím o kontrolu logu,stále mi vyskakujú alerty od antivíru

Re: prosím o kontrolu logu,stále mi vyskakujú alerty od antivíru

Re: prosím o kontrolu logu,stále mi vyskakujú alerty od antivíru

Re: prosím o kontrolu logu,stále mi vyskakujú alerty od antivíru