Prosim o kontrolu logu

[raky2702]

Dobry den,
Pc ide nejako pomaly. Mozte sa nato pozriet. CCleaner bol pouzity - ziadne zmeny.


Logfile of random's system information tool 1.08 (written by random/random)
Run by mato at 2010-08-02 16:56:28
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 94 GB (31%) free of 305 GB
Total RAM: 3071 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:56:50, on 2. 8. 2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Users\mato\AppData\Local\Google\Update\1.2.183.29\GoogleCrashHandler.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\NetLimiter 2 Pro\NLClient.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10e.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\mato\Desktop\RSIT.exe
C:\Program Files\trend micro\mato.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ABBYY FineReader 10 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.10.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe

--
End of file - 6443 bytes

======Scheduled tasks folder======

C:\Windows\tasks\1-Click Maintenance.job
C:\Windows\tasks\AWC Startup.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-190942252-359916794-3278992379-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-190942252-359916794-3278992379-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2010-03-06 503808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-06-24 341600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-21 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2010-03-06 503808]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-11-16 2054360]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-06-24 202256]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bonus.SSR.FR10]
C:\Program Files\ABBYY FineReader 10\Bonus.ScreenshotReader.exe [2010-01-17 941320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel File Shell Monitor]
C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe [2008-01-15 16200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe [2007-12-14 531784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus SX400 Series]
C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE [2007-12-17 188928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eurobattlegui]
C:\hry\Warcraft III\eb.exe [2009-10-22 757760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe /startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\mato\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-02 135664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia FastStart]
C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe [2009-02-26 2376992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2010-07-02 671608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia pc suite\Nokia PC Suite 7\PCSuite.exe -onlytray []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2010-05-13 26192168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^mato^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PowerMenu.lnk]
[]

C:\Users\mato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Yahoo! Widgets.lnk - C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=0
"HonorAutoRunSetting"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=0
"HonorAutoRunSetting"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2010-08-02 16:56:28 ----D---- C:\rsit
2010-07-30 17:17:44 ----D---- C:\ProgramData\Blizzard Entertainment
2010-07-28 18:39:13 ----D---- C:\ProgramData\NFS Underground
2010-07-28 11:17:15 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-07-28 11:17:15 ----A---- C:\Windows\system32\PresentationHost.exe
2010-07-28 11:17:15 ----A---- C:\Windows\system32\netfxperf.dll
2010-07-28 11:17:15 ----A---- C:\Windows\system32\mscoree.dll
2010-07-28 11:17:15 ----A---- C:\Windows\system32\dfshim.dll
2010-07-28 11:16:29 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-07-28 11:16:29 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-07-27 21:06:02 ----A---- C:\Windows\unvise32.exe
2010-07-26 19:51:39 ----D---- C:\Users\mato\AppData\Roaming\RigNRoll_eng
2010-07-26 19:50:25 ----RA---- C:\Windows\system32\tmpECC1.tmp
2010-07-25 19:19:57 ----A---- C:\Windows\system32\drivers\pccsmcfd.sys
2010-07-25 19:19:41 ----D---- C:\Program Files\PC Connectivity Solution
2010-07-25 19:16:14 ----D---- C:\ProgramData\NokiaInstallerCache
2010-07-07 20:53:47 ----D---- C:\Users\mato\AppData\Roaming\Electronic Arts
2010-07-07 17:18:29 ----D---- C:\Users\mato\AppData\Roaming\MOBILeditForensic
2010-07-07 17:18:05 ----D---- C:\Program Files\COMPELSON Labs
2010-07-07 17:16:58 ----D---- C:\Program Files\MOBILedit!4 Forensic
2010-07-06 21:58:05 ----D---- C:\Program Files\SignSIS-GUI
2010-07-05 20:50:52 ----D---- C:\Westwood
2010-07-05 20:02:33 ----A---- C:\Windows\iun6002.exe

======List of files/folders modified in the last 1 months======

2010-08-02 16:56:41 ----D---- C:\Windows\Temp
2010-08-02 16:56:38 ----D---- C:\Windows\Prefetch
2010-08-02 16:56:29 ----D---- C:\Program Files\trend micro
2010-08-02 16:48:18 ----D---- C:\Windows\Debug
2010-08-02 16:48:18 ----D---- C:\Windows
2010-08-02 16:41:42 ----AD---- C:\ProgramData\TEMP
2010-08-02 16:04:30 ----SHD---- C:\System Volume Information
2010-08-02 13:13:29 ----D---- C:\Windows\System32
2010-08-02 13:13:29 ----D---- C:\Windows\inf
2010-08-02 13:13:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-08-02 13:06:29 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-30 19:14:43 ----SD---- C:\Users\mato\AppData\Roaming\Microsoft
2010-07-30 17:46:23 ----D---- C:\hry
2010-07-30 17:46:08 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2010-07-30 17:46:07 ----D---- C:\ProgramData
2010-07-30 17:32:37 ----D---- C:\Users\mato\AppData\Roaming\uTorrent
2010-07-30 17:17:29 ----RD---- C:\Program Files
2010-07-30 17:17:03 ----SHD---- C:\Windows\Installer
2010-07-28 12:45:34 ----D---- C:\Windows\Microsoft.NET
2010-07-28 12:45:27 ----RSD---- C:\Windows\assembly
2010-07-28 11:34:38 ----D---- C:\Windows\winsxs
2010-07-28 11:23:26 ----D---- C:\Windows\system32\catroot
2010-07-28 11:23:23 ----D---- C:\Program Files\Windows Mail
2010-07-28 11:23:17 ----D---- C:\Windows\AppPatch
2010-07-28 11:18:21 ----D---- C:\Windows\ehome
2010-07-28 11:18:11 ----D---- C:\Windows\system32\catroot2
2010-07-27 11:17:37 ----D---- C:\Windows\system32\drivers
2010-07-27 11:12:51 ----D---- C:\Users\mato\AppData\Roaming\Nokia
2010-07-27 11:10:41 ----D---- C:\Program Files\Common Files\Nokia
2010-07-26 16:13:56 ----D---- C:\Windows\system32\drivers\UMDF
2010-07-26 15:42:19 ----D---- C:\Windows\system32\Tasks
2010-07-26 07:47:43 ----D---- C:\Users\mato\AppData\Roaming\InstallShield
2010-07-26 07:46:39 ----A---- C:\Windows\Ascd_tmp.ini
2010-07-25 19:20:06 ----D---- C:\Program Files\Nokia
2010-07-25 19:19:57 ----DC---- C:\Windows\system32\DRVSTORE
2010-07-25 18:38:20 ----D---- C:\ProgramData\Nokia
2010-07-21 00:29:11 ----D---- C:\Users\mato\AppData\Roaming\ICQ
2010-07-19 11:52:43 ----D---- C:\Users\mato\AppData\Roaming\Skype
2010-07-19 08:39:48 ----D---- C:\Users\mato\AppData\Roaming\skypePM
2010-07-17 19:51:46 ----D---- C:\Users\mato\AppData\Roaming\vlc
2010-07-09 21:56:27 ----D---- C:\Program Files\SystemRequirementsLab

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BTHidMgr;Bluetooth HID Manager Service; C:\Windows\System32\Drivers\BTHidMgr.sys [2005-04-30 28271]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2009-02-03 59000]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2007-02-08 83320]
R1 ASPI32;ASPI32; C:\Windows\system32\drivers\ASPI32.sys [1999-09-10 25244]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-12-18 26024]
R1 epfwtdi;epfwtdi; C:\Windows\system32\DRIVERS\epfwtdi.sys [2009-11-16 55768]
R1 nltdi;nltdi; \??\C:\Windows\system32\drivers\nltdi.sys [2007-04-23 82200]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-04-13 165376]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-11-16 116520]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-12-18 135048]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-04-13 18048]
R3 bbcap;bbcap; C:\Windows\system32\DRIVERS\bbcap.sys [2010-05-28 4096]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-01-08 33096]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-04-03 11573800]
R3 PAC7302;PAC7302 VGA USB Camera; C:\Windows\system32\DRIVERS\PAC7302.SYS [2007-06-14 457856]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-07-22 123904]
R3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-08-09 29696]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2008-01-24 19336]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2008-01-24 48904]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
S0 BtHidBus;Bluetooth HID Bus Service; C:\Windows\System32\Drivers\BtHidBus.sys []
S3 BlueletAudio;Bluetooth Audio Service; C:\Windows\system32\DRIVERS\blueletaudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys []
S3 BTCOM;Bluetooth Serial port driver; C:\Windows\system32\DRIVERS\btcomport.sys []
S3 BTCOMBUS;Bluetooth Serial Port Bus Service; C:\Windows\System32\Drivers\btcombus.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys []
S3 BTHidEnum;Bluetooth HID Enumerator; C:\Windows\system32\DRIVERS\vbtenum.sys [2005-04-30 11860]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\Windows\System32\Drivers\btnetBus.sys [2008-12-07 30088]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys []
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-19 8192]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-11 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys []
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2008-01-24 28168]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\Windows\system32\drivers\WmHidLo.sys [2008-01-24 29192]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2008-01-24 14728]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]
S4 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-03-02 691696]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Professional.10.0;ABBYY FineReader 10 PE Licensing Service; C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [2009-12-10 814344]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-11-16 735960]
R2 nlsvc;NetLimiter; C:\Program Files\NetLimiter 2 Pro\nlsvc.exe [2007-03-21 516096]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-04-03 129640]
R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\system32\PSIService.exe [2007-06-05 177704]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 TuneUp.ProgramStatisticsSvc;@%SystemRoot%\System32\TUProgSt.exe,-1; C:\Windows\System32\TUProgSt.exe [2010-03-11 603904]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-07 135664]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-11-16 20680]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2010-03-11 360192]

-----------------EOF-----------------

[motji]

Dobrý večer

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

[raky2702]

Tu je log :


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verzia databázy: 4384

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928

3. 8. 2010 11:10:12
mbam-log-2010-08-03 (11-10-12).txt

Typ kontroly: Úplná kontrola (C:\|)
Objektov kontrolovaných: 451282
Uplynulý čas: 2 hod, 3 min, 5 sek

Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 0
Infikované registračné hodnoty: 0
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 0

Infikované služby pamäte:
(Škodlivé položky neboli zistené)

Infikované moduly pamäte:
(Škodlivé položky neboli zistené)

Infikované registračné kľúče:
(Škodlivé položky neboli zistené)

Infikované registračné hodnoty:
(Škodlivé položky neboli zistené)

Infikované položky registračných dát:
(Škodlivé položky neboli zistené)

Infikované priečinky:
(Škodlivé položky neboli zistené)

Infikované súbory:
(Škodlivé položky neboli zistené)

[motji]

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe


- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem

[raky2702]

ComboFix 10-08-03.01 - mato . 08. 2010 21:07:49.3.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.421.1051.18.3071.2091 [GMT 2:00]
Running from: c:\users\mato\Desktop\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
SP: ESET Smart Security 4.0 *enabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Install.exe

.
((((((((((((((((((((((((( Files Created from 2010-07-03 to 2010-08-03 )))))))))))))))))))))))))))))))
.

2010-08-03 19:14 . 2010-08-03 19:15 -------- d-----w- c:\users\mato\AppData\Local\temp
2010-08-03 19:14 . 2010-08-03 19:14 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-08-03 19:14 . 2010-08-03 19:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-08-03 19:04 . 2010-08-03 19:04 -------- d-----w- C:\32788R22FWJFW
2010-08-03 08:15 . 2010-08-03 08:15 -------- d-----w- c:\users\mato\sc2_raz1911
2010-08-03 07:05 . 2010-08-03 07:05 6153352 ----a-w- c:\users\mato\mbam-setup-1.46.exe
2010-08-02 14:56 . 2010-08-02 14:56 -------- d-----w- C:\rsit
2010-07-31 10:49 . 2010-07-31 10:50 -------- d-----w- c:\users\mato\SC2.Launcher
2010-07-31 10:48 . 2010-07-31 10:48 -------- d-----w- c:\users\mato\Monster.Trucks.Nitro
2010-07-30 15:55 . 2010-07-30 15:55 47364 ----a-w- c:\programdata\Blizzard Entertainment\Battle.net\Cache\Download\Scan.dll
2010-07-30 15:49 . 2010-07-30 15:49 -------- d-----w- c:\users\mato\ine
2010-07-30 15:17 . 2010-07-30 15:55 -------- d-----w- c:\programdata\Blizzard Entertainment
2010-07-28 16:39 . 2010-07-28 17:46 -------- d-----w- c:\programdata\NFS Underground
2010-07-28 09:17 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-07-28 09:17 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-07-28 09:17 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-07-28 09:17 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-07-28 09:17 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-07-28 09:16 . 2010-04-16 16:43 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-07-28 09:16 . 2010-04-16 14:39 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-07-27 19:06 . 1999-12-17 08:13 86016 ----a-w- c:\windows\unvise32.exe
2010-07-26 17:51 . 2010-07-26 17:51 -------- d-----w- c:\users\mato\AppData\Roaming\RigNRoll_eng
2010-07-26 05:41 . 2010-07-26 05:41 -------- d-----w- c:\users\mato\AppData\Local\NokiaAccount
2010-07-25 17:19 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-07-25 17:19 . 2010-07-25 17:19 -------- d-----w- c:\program files\PC Connectivity Solution
2010-07-25 17:16 . 2010-07-27 09:10 12212040 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe
2010-07-25 17:16 . 2010-07-27 09:10 13930312 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X64-ENU.exe
2010-07-25 17:16 . 2010-07-27 09:10 77824 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\Run_XML6_SP1.exe
2010-07-25 17:16 . 2010-07-27 09:10 50000 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\pcswpc.exe
2010-07-25 17:16 . 2010-07-27 09:10 38912 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMF11Runx86.exe
2010-07-25 17:16 . 2010-07-27 09:10 38912 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMF11Runx64.exe
2010-07-25 17:16 . 2010-07-27 09:04 103412296 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer.exe
2010-07-25 17:16 . 2010-07-25 17:16 -------- d-----w- c:\programdata\NokiaInstallerCache
2010-07-08 18:08 . 2010-07-30 15:29 -------- d-----w- c:\users\mato\css texture
2010-07-08 08:33 . 2010-07-08 08:35 -------- d-----w- c:\users\mato\css update
2010-07-07 18:53 . 2010-07-07 18:53 -------- d-----w- c:\users\mato\AppData\Roaming\Electronic Arts
2010-07-07 15:18 . 2010-07-08 08:42 -------- d-----w- c:\users\mato\AppData\Roaming\MOBILeditForensic
2010-07-07 15:18 . 2010-07-07 15:18 -------- d-----w- c:\program files\COMPELSON Labs
2010-07-07 15:16 . 2010-07-07 15:17 -------- d-----w- c:\program files\MOBILedit!4 Forensic
2010-07-06 19:58 . 2010-07-06 20:03 -------- d-----w- c:\program files\SignSIS-GUI
2010-07-06 19:34 . 2010-07-06 19:34 -------- d-----w- c:\users\mato\Shell
2010-07-05 18:50 . 2010-07-05 18:50 -------- d-----w- C:\Westwood
2010-07-05 18:02 . 2010-07-05 18:00 720896 ----a-w- c:\windows\iun6002.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-03 19:01 . 2010-04-24 07:02 34805 ----a-w- c:\programdata\nvModes.dat
2010-08-03 10:07 . 2010-03-02 07:19 -------- d-----w- c:\users\mato\AppData\Roaming\ICQ
2010-08-03 07:06 . 2010-03-21 15:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-02 14:56 . 2010-03-20 20:31 -------- d-----w- c:\program files\trend micro
2010-08-02 11:13 . 2010-04-19 13:22 36836 ----a-w- c:\windows\system32\perfh01B.dat
2010-08-02 11:13 . 2010-04-19 13:22 11018 ----a-w- c:\windows\system32\perfc01B.dat
2010-08-02 11:06 . 2010-03-02 06:18 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-02 09:21 . 2010-03-02 06:06 4195 ----a-w- c:\windows\bthservsdp.dat
2010-07-30 15:46 . 2010-03-05 17:02 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-07-30 15:32 . 2010-03-04 17:38 -------- d-----w- c:\users\mato\AppData\Roaming\uTorrent
2010-07-28 09:23 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-07-27 13:50 . 2010-04-14 16:02 2516 --sha-w- c:\windows\system32\KGyGaAvL.sys
2010-07-27 09:12 . 2010-03-02 15:19 -------- d-----w- c:\users\mato\AppData\Roaming\Nokia
2010-07-27 09:10 . 2010-03-02 15:18 -------- d-----w- c:\program files\Common Files\Nokia
2010-07-26 05:47 . 2010-03-02 06:18 -------- d-----w- c:\users\mato\AppData\Roaming\InstallShield
2010-07-25 17:20 . 2010-06-02 04:32 -------- d-----w- c:\program files\Nokia
2010-07-25 16:38 . 2010-06-02 04:54 -------- d-----w- c:\programdata\Nokia
2010-07-19 09:52 . 2010-03-02 07:22 -------- d-----w- c:\users\mato\AppData\Roaming\Skype
2010-07-19 06:39 . 2010-03-02 07:23 -------- d-----w- c:\users\mato\AppData\Roaming\skypePM
2010-07-17 17:51 . 2010-03-04 08:30 -------- d-----w- c:\users\mato\AppData\Roaming\vlc
2010-07-09 19:56 . 2010-03-02 06:21 -------- d-----w- c:\program files\SystemRequirementsLab
2010-07-01 22:50 . 2010-07-01 22:50 -------- d-----w- c:\program files\IPX-SPX Protocol
2010-06-29 15:48 . 2010-06-29 15:48 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2010-06-29 15:44 . 2010-03-24 14:27 -------- d-----w- c:\users\mato\AppData\Roaming\dvdcss
2010-06-27 20:29 . 2010-06-27 20:29 -------- d-----w- c:\program files\SoftPepper
2010-06-27 20:29 . 2010-06-27 20:29 -------- d-----w- c:\program files\SoftPepper Video Converter 2.0
2010-06-27 18:35 . 2010-03-02 15:19 -------- d-----w- c:\programdata\PC Suite
2010-06-27 16:39 . 2010-06-23 14:28 -------- d-----w- c:\program files\Phone Remote Control
2010-06-27 11:39 . 2010-03-02 07:18 -------- d-----w- c:\program files\ICQ7.0
2010-06-25 14:35 . 2010-06-25 14:35 -------- d-----w- c:\program files\MagicDVDRipper
2010-06-25 14:35 . 2010-06-25 14:35 -------- d-----w- c:\programdata\MagicSoftware
2010-06-25 14:31 . 2010-06-25 14:17 -------- d-----w- c:\program files\EasyDVDRip
2010-06-25 14:19 . 2010-06-25 14:13 -------- d-----w- c:\users\mato\AppData\Roaming\Media Player Classic
2010-06-25 14:18 . 2010-06-25 14:18 -------- d-----w- c:\program files\XviD
2010-06-25 14:18 . 2010-06-25 14:18 1664 ----a-w- c:\windows\unins000.dat
2010-06-25 14:18 . 2010-06-25 14:18 641021 ----a-w- c:\windows\unins000.exe
2010-06-25 13:53 . 2010-06-25 13:53 -------- d-----w- c:\program files\DVD Decrypter
2010-06-24 13:58 . 2010-06-24 13:58 -------- d-----w- c:\program files\Common Files\PCSuite
2010-06-24 13:57 . 2010-06-24 13:57 95232 ----a-w- c:\programdata\Installations\{18756A46-652E-4ED4-A029-C4940D59F09B}\Installer\CommonCustomActions\pcswpcsi.exe
2010-06-24 13:57 . 2010-06-24 13:57 8192 ----a-w- c:\programdata\Installations\{18756A46-652E-4ED4-A029-C4940D59F09B}\Installer\CommonCustomActions\UninstCCD.exe
2010-06-24 13:57 . 2010-06-24 13:57 61440 ----a-w- c:\programdata\Installations\{18756A46-652E-4ED4-A029-C4940D59F09B}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-06-24 13:57 . 2010-06-24 13:57 10240 ----a-w- c:\programdata\Installations\{18756A46-652E-4ED4-A029-C4940D59F09B}\Installer\CommonCustomActions\UninstPCS.exe
2010-06-24 13:57 . 2010-03-02 15:08 -------- d-----w- c:\programdata\Installations
2010-06-24 13:57 . 2010-06-24 13:57 36665824 ----a-w- c:\programdata\Installations\{18756A46-652E-4ED4-A029-C4940D59F09B}\Nokia_PC_Suite_slk_web.exe
2010-06-24 13:53 . 2010-03-02 15:09 -------- d-----w- c:\program files\Nokia pc suite
2010-06-24 11:27 . 2010-06-23 14:28 -------- d-----w- c:\users\mato\AppData\Roaming\PhoneRemoteControl
2010-06-24 11:22 . 2010-05-22 16:48 -------- d-----w- c:\programdata\Electronic Arts
2010-06-23 05:14 . 2010-03-11 10:43 -------- d-----w- c:\program files\Logitech
2010-06-23 05:14 . 2010-06-22 09:22 -------- d-----w- c:\program files\Common Files\Logitech
2010-06-22 14:27 . 2010-03-02 15:19 -------- d-----w- c:\users\mato\AppData\Roaming\PC Suite
2010-06-22 14:27 . 2010-06-22 14:27 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2010-06-22 14:22 . 2010-03-02 06:14 65336 ----a-w- c:\users\mato\AppData\Local\GDIPFONTCACHEV1.DAT
2010-06-22 14:20 . 2010-06-22 14:20 51534 ----a-w- c:\windows\inf\Nokia Music\001B\tmpEAC3.tmp
2010-06-22 14:20 . 2010-06-22 14:20 51534 ----a-w- c:\windows\inf\Nokia Music\0009\tmpEAC3.tmp
2010-06-22 14:20 . 2010-06-22 14:20 51534 ----a-w- c:\windows\inf\Nokia Music\0000\tmpEAC3.tmp
2010-06-22 14:20 . 2010-06-22 14:20 1593 ----a-w- c:\windows\inf\Nokia Music\tmpEAC4.tmp
2010-06-22 14:20 . 2010-06-22 14:20 -------- d-----w- c:\programdata\NokiaMusic
2010-06-22 14:19 . 2010-06-22 14:19 -------- d-----w- c:\program files\Common Files\muvee Technologies
2010-06-20 15:45 . 2010-06-19 14:32 138184 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-06-20 15:45 . 2010-06-19 14:32 183112 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-06-19 14:32 . 2010-06-19 14:32 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-06-18 20:26 . 2010-03-03 05:50 -------- d-----w- c:\users\mato\AppData\Roaming\IrfanView
2010-06-17 14:13 . 2010-06-17 14:13 -------- d-----w- c:\program files\Electronic Arts
2010-06-17 13:18 . 2010-06-17 13:18 10134 ----a-r- c:\users\mato\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
2010-06-17 13:18 . 2010-06-17 13:18 -------- d-----w- c:\program files\Microsoft WSE
2010-06-16 14:21 . 2010-03-17 19:44 -------- d-----w- c:\program files\OpenAL
2010-06-14 12:41 . 2010-06-14 12:41 -------- d-----w- c:\program files\DOSBox-0.74
2010-06-14 12:34 . 2010-03-20 08:11 -------- d-----w- c:\users\mato\AppData\Roaming\Dropbox
2010-06-14 12:34 . 2010-03-07 10:11 -------- d-----w- c:\program files\Google
2010-06-14 04:53 . 2010-04-10 12:07 -------- d-----w- c:\program files\PowerMenu
2010-06-14 04:53 . 2010-05-10 19:51 -------- d-----w- c:\program files\Pidgin
2010-06-14 04:49 . 2010-05-10 20:24 -------- d-----w- c:\program files\Graffiti Studio 2.0
2010-06-13 20:09 . 2010-06-13 20:09 -------- d-----w- c:\program files\directx
2010-06-13 17:16 . 2010-05-14 05:51 -------- d-----w- c:\program files\ABBYY FineReader 10
2010-06-12 09:47 . 2010-06-12 09:47 -------- d-----w- c:\program files\Common Files\Adobe
2010-06-11 05:02 . 2010-04-18 21:01 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-11 05:00 . 2010-03-02 07:31 -------- d-----w- c:\programdata\Microsoft Help
2010-06-11 04:56 . 2010-04-18 21:01 -------- d-----w- c:\program files\Microsoft
2010-06-08 15:39 . 2010-06-08 15:39 50354 ----a-w- c:\users\mato\AppData\Roaming\Facebook\uninstall.exe
2010-06-08 15:39 . 2010-06-08 15:39 -------- d-----w- c:\users\mato\AppData\Roaming\Facebook
2010-06-07 17:09 . 2010-06-07 17:05 -------- d-----w- c:\program files\InfoMapa 16
2010-06-07 16:56 . 2010-03-06 08:11 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-06-07 14:05 . 2010-06-07 14:05 -------- d-----w- c:\program files\NetLimiter 2 Pro
2010-06-05 22:09 . 2010-03-10 17:34 -------- d-----w- c:\program files\fraps
2010-06-02 04:32 . 2010-06-02 04:32 3351812 ----a-w- c:\programdata\Installations\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\Installer\CommonCustomActions\msxml6Exec.exe
2010-06-02 04:32 . 2010-06-02 04:32 36864 ----a-w- c:\programdata\Installations\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\Installer\CommonCustomActions\Sleep.exe
2010-06-02 04:32 . 2010-06-02 04:32 3203453 ----a-w- c:\programdata\Installations\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\Installer\CommonCustomActions\vcredistExec.exe
2010-06-02 04:29 . 2010-06-02 04:32 35790800 ----a-w- c:\programdata\Installations\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\NokiaSoftwareUpdaterSetup_sk.exe
2010-05-28 16:46 . 2010-05-28 16:46 4608 ----a-w- c:\windows\system32\bbchlp.dll
2010-05-28 16:46 . 2010-05-28 16:46 4096 ----a-w- c:\windows\system32\drivers\bbcap.sys
2010-05-28 16:46 . 2010-05-28 16:46 30720 ----a-w- c:\windows\system32\bbcap.dll
2010-05-26 17:06 . 2010-06-11 04:50 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-26 14:47 . 2010-06-11 04:50 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-05-21 14:45 . 2010-05-21 14:45 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-21 12:14 . 2010-03-02 07:34 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-15 07:14 . 2010-05-15 07:14 1791 ----a-w- c:\users\mato\AppData\Roaming\.purple\certificates\x509\tls_peers\bos.oscar.aol.com
2010-05-15 07:14 . 2010-05-15 07:14 1779 ----a-w- c:\users\mato\AppData\Roaming\.purple\certificates\x509\tls_peers\api.oscar.aol.com
2010-05-15 07:14 . 2010-05-15 07:14 1201 ----a-w- c:\users\mato\AppData\Roaming\.purple\certificates\x509\tls_peers\login.facebook.com
2010-05-15 07:14 . 2010-05-15 07:14 1691 ----a-w- c:\users\mato\AppData\Roaming\.purple\certificates\x509\tls_peers\api.screenname.aol.com
2010-05-11 04:33 . 2010-03-13 17:49 977 ----a-w- c:\windows\eReg.dat
2010-04-25 18:14 . 2010-04-14 16:09 88 --sh--r- c:\windows\System32\9CA8217D90.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-11-16 2054360]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-06-24 202256]

c:\users\mato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Yahoo! Widgets.lnk - c:\program files\Yahoo!\Widgets\YahooWidgets.exe [2008-3-19 4742184]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKLM\~\startupfolder\C:^Users^mato^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PowerMenu.lnk]
backup=c:\windows\pss\PowerMenu.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bonus.SSR.FR10]
2010-01-17 17:02 941320 ----a-w- c:\program files\ABBYY FineReader 10\Bonus.ScreenshotReader.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel File Shell Monitor]
2008-01-15 13:18 16200 ----a-r- c:\program files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
2007-12-14 11:35 531784 ----a-r- c:\program files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus SX400 Series]
2007-12-17 15:00 188928 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\E_FATIEGE.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eurobattlegui]
2009-10-22 17:39 757760 ----a-w- c:\hry\Warcraft III\eb.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-03-02 06:23 135664 ----atw- c:\users\mato\AppData\Local\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 14:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia FastStart]
2009-02-26 15:04 2376992 ----a-w- c:\program files\Nokia\Nokia Music\NokiaMusic.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
2010-07-02 10:20 671608 ----a-w- c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-05-13 14:12 26192168 ----a-r- c:\program files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
"EPSON Stylus SX400 Series"=c:\windows\system32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE /FU "c:\users\mato\AppData\Local\Temp\E_SCAC7.tmp" /EF "HKCU"
"Google Update"="c:\users\mato\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
"PAC7302_Monitor"=c:\windows\PixArt\PAC7302\Monitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):41,f1,2b,17,6e,e1,ca,01

R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [x]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-07 135664]
R3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys [x]
R3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys [x]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2008-12-07 30088]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [x]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-03-02 691696]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
S1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [2007-04-23 82200]
S2 ABBYY.Licensing.FineReader.Professional.10.0;ABBYY FineReader 10 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [2009-12-10 814344]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2009-11-16 735960]
S3 bbcap;bbcap;c:\windows\system32\DRIVERS\bbcap.sys [2010-05-28 4096]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2010-08-03 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]

2010-08-03 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2010-05-23 12:54]

2010-08-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-07 10:11]

2010-08-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-07 10:11]

2010-08-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-190942252-359916794-3278992379-1000Core.job
- c:\users\mato\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-02 06:23]

2010-08-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-190942252-359916794-3278992379-1000UA.job
- c:\users\mato\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-02 06:23]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452}
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
FF - ProfilePath - c:\users\mato\AppData\Roaming\Mozilla\Firefox\Profiles\o0nu3p77.default\
FF - prefs.js: browser.startup.homepage - hxxp://ahoolly.com
FF - component: c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\components\FirefoxExtension.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - component: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll
FF - plugin: c:\program files\Opera\program\plugins\nppl3260.dll
FF - plugin: c:\program files\Opera\program\plugins\nppl3260.dll
FF - plugin: c:\program files\Opera\program\plugins\nprjplug.dll
FF - plugin: c:\program files\Opera\program\plugins\nprjplug.dll
FF - plugin: c:\program files\Opera\program\plugins\nprpjplug.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: c:\users\mato\AppData\Local\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\users\mato\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - ORPHANS REMOVED - - - -

SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-Google Desktop Search - c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
MSConfigStartUp-PC Suite Tray - c:\program files\Nokia pc suite\Nokia PC Suite 7\PCSuite.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-03 21:15
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0015\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0016\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0017\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2010-08-03 21:16:49
ComboFix-quarantined-files.txt 2010-08-03 19:16

Pre-Run: 94 994 083 840 bytes free
Post-Run: 94 953 287 680 bytes free

- - End Of File - - 1F8E411617ABBEBC0FBB3A3514CEBCC9

[motji]

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

Reglock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0015\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0016\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}

File::
c:\windows\System32\9CA8217D90.sys
c:\windows\inf\Nokia Music\001B\tmpEAC3.tmp
c:\windows\inf\Nokia Music\0009\tmpEAC3.tmp
c:\windows\inf\Nokia Music\0000\tmpEAC3.tmp
c:\windows\inf\Nokia Music\tmpEAC4.tmp
Firefox::
FF - ProfilePath - c:\users\mato\AppData\Roaming\Mozilla\Firefox\Profiles\o0nu3p77.default\
FF - prefs.js: browser.startup.homepage - hxxp://ahoolly.com

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:




-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

[raky2702]

Mam otazku... Ked som spustil Combofix tak vsetko prebehlo OK ale PC sa nerestartoval sam, a ked som isiel na internet tak mi nesiel ani ten, tak som ho manualne restaroval a uz ide vsetko OK. To iste spravil aj pri predoslom skene Combofixu. Je to dobre ???


Tu je log :




ComboFix 10-08-03.01 - mato . 08. 2010 21:34:21.4.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.421.1051.18.3071.2113 [GMT 2:00]
Running from: c:\users\mato\Desktop\ComboFix.exe
Command switches used :: c:\users\mato\Desktop\CFScript.txt
AV: ESET Smart Security 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
SP: ESET Smart Security 4.0 *enabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Resident AV is active


FILE ::
"c:\windows\inf\Nokia Music\0000\tmpEAC3.tmp"
"c:\windows\inf\Nokia Music\0009\tmpEAC3.tmp"
"c:\windows\inf\Nokia Music\001B\tmpEAC3.tmp"
"c:\windows\inf\Nokia Music\tmpEAC4.tmp"
"c:\windows\System32\9CA8217D90.sys"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\inf\Nokia Music\0000\tmpEAC3.tmp
c:\windows\inf\Nokia Music\0009\tmpEAC3.tmp
c:\windows\inf\Nokia Music\001B\tmpEAC3.tmp
c:\windows\inf\Nokia Music\tmpEAC4.tmp
c:\windows\System32\9CA8217D90.sys

.
((((((((((((((((((((((((( Files Created from 2010-07-03 to 2010-08-03 )))))))))))))))))))))))))))))))
.

2010-08-03 19:40 . 2010-08-03 19:40 -------- d-----w- c:\users\mato\AppData\Local\temp
2010-08-03 19:40 . 2010-08-03 19:40 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-08-03 19:40 . 2010-08-03 19:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-08-03 19:32 . 2010-08-03 19:33 -------- d-----w- C:\32788R22FWJFW
2010-08-03 08:15 . 2010-08-03 08:15 -------- d-----w- c:\users\mato\sc2_raz1911
2010-08-03 07:05 . 2010-08-03 07:05 6153352 ----a-w- c:\users\mato\mbam-setup-1.46.exe
2010-08-02 14:56 . 2010-08-02 14:56 -------- d-----w- C:\rsit
2010-07-31 10:49 . 2010-07-31 10:50 -------- d-----w- c:\users\mato\SC2.Launcher
2010-07-31 10:48 . 2010-07-31 10:48 -------- d-----w- c:\users\mato\Monster.Trucks.Nitro
2010-07-30 15:55 . 2010-07-30 15:55 47364 ----a-w- c:\programdata\Blizzard Entertainment\Battle.net\Cache\Download\Scan.dll
2010-07-30 15:49 . 2010-07-30 15:49 -------- d-----w- c:\users\mato\ine
2010-07-30 15:17 . 2010-07-30 15:55 -------- d-----w- c:\programdata\Blizzard Entertainment
2010-07-28 16:39 . 2010-07-28 17:46 -------- d-----w- c:\programdata\NFS Underground
2010-07-28 09:17 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-07-28 09:17 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-07-28 09:17 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-07-28 09:17 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-07-28 09:17 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-07-28 09:16 . 2010-04-16 16:43 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-07-28 09:16 . 2010-04-16 14:39 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-07-27 19:06 . 1999-12-17 08:13 86016 ----a-w- c:\windows\unvise32.exe
2010-07-26 17:51 . 2010-07-26 17:51 -------- d-----w- c:\users\mato\AppData\Roaming\RigNRoll_eng
2010-07-26 05:41 . 2010-07-26 05:41 -------- d-----w- c:\users\mato\AppData\Local\NokiaAccount
2010-07-25 17:19 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-07-25 17:19 . 2010-07-25 17:19 -------- d-----w- c:\program files\PC Connectivity Solution
2010-07-25 17:16 . 2010-07-27 09:10 12212040 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe
2010-07-25 17:16 . 2010-07-27 09:10 13930312 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X64-ENU.exe
2010-07-25 17:16 . 2010-07-27 09:10 77824 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\Run_XML6_SP1.exe
2010-07-25 17:16 . 2010-07-27 09:10 50000 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\pcswpc.exe
2010-07-25 17:16 . 2010-07-27 09:10 38912 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMF11Runx86.exe
2010-07-25 17:16 . 2010-07-27 09:10 38912 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMF11Runx64.exe
2010-07-25 17:16 . 2010-07-27 09:04 103412296 ----a-w- c:\programdata\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer.exe
2010-07-25 17:16 . 2010-07-25 17:16 -------- d-----w- c:\programdata\NokiaInstallerCache
2010-07-08 18:08 . 2010-07-30 15:29 -------- d-----w- c:\users\mato\css texture
2010-07-08 08:33 . 2010-07-08 08:35 -------- d-----w- c:\users\mato\css update
2010-07-07 18:53 . 2010-07-07 18:53 -------- d-----w- c:\users\mato\AppData\Roaming\Electronic Arts
2010-07-07 15:18 . 2010-07-08 08:42 -------- d-----w- c:\users\mato\AppData\Roaming\MOBILeditForensic
2010-07-07 15:18 . 2010-07-07 15:18 -------- d-----w- c:\program files\COMPELSON Labs
2010-07-07 15:16 . 2010-07-07 15:17 -------- d-----w- c:\program files\MOBILedit!4 Forensic
2010-07-06 19:58 . 2010-07-06 20:03 -------- d-----w- c:\program files\SignSIS-GUI
2010-07-06 19:34 . 2010-07-06 19:34 -------- d-----w- c:\users\mato\Shell
2010-07-05 18:50 . 2010-07-05 18:50 -------- d-----w- C:\Westwood
2010-07-05 18:02 . 2010-07-05 18:00 720896 ----a-w- c:\windows\iun6002.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-03 19:25 . 2010-04-19 13:22 36836 ----a-w- c:\windows\system32\perfh01B.dat
2010-08-03 19:25 . 2010-04-19 13:22 11018 ----a-w- c:\windows\system32\perfc01B.dat
2010-08-03 19:20 . 2010-04-24 07:02 34805 ----a-w- c:\programdata\nvModes.dat
2010-08-03 19:19 . 2010-03-02 06:06 2140 ----a-w- c:\windows\bthservsdp.dat
2010-08-03 10:07 . 2010-03-02 07:19 -------- d-----w- c:\users\mato\AppData\Roaming\ICQ
2010-08-03 07:06 . 2010-03-21 15:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-02 14:56 . 2010-03-20 20:31 -------- d-----w- c:\program files\trend micro
2010-08-02 11:06 . 2010-03-02 06:18 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-30 15:46 . 2010-03-05 17:02 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-07-30 15:32 . 2010-03-04 17:38 -------- d-----w- c:\users\mato\AppData\Roaming\uTorrent
2010-07-28 09:23 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-07-27 13:50 . 2010-04-14 16:02 2516 --sha-w- c:\windows\system32\KGyGaAvL.sys
2010-07-27 09:12 . 2010-03-02 15:19 -------- d-----w- c:\users\mato\AppData\Roaming\Nokia
2010-07-27 09:10 . 2010-03-02 15:18 -------- d-----w- c:\program files\Common Files\Nokia
2010-07-26 05:47 . 2010-03-02 06:18 -------- d-----w- c:\users\mato\AppData\Roaming\InstallShield
2010-07-25 17:20 . 2010-06-02 04:32 -------- d-----w- c:\program files\Nokia
2010-07-25 16:38 . 2010-06-02 04:54 -------- d-----w- c:\programdata\Nokia
2010-07-19 09:52 . 2010-03-02 07:22 -------- d-----w- c:\users\mato\AppData\Roaming\Skype
2010-07-19 06:39 . 2010-03-02 07:23 -------- d-----w- c:\users\mato\AppData\Roaming\skypePM
2010-07-17 17:51 . 2010-03-04 08:30 -------- d-----w- c:\users\mato\AppData\Roaming\vlc
2010-07-09 19:56 . 2010-03-02 06:21 -------- d-----w- c:\program files\SystemRequirementsLab
2010-07-01 22:50 . 2010-07-01 22:50 -------- d-----w- c:\program files\IPX-SPX Protocol
2010-06-29 15:48 . 2010-06-29 15:48 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2010-06-29 15:44 . 2010-03-24 14:27 -------- d-----w- c:\users\mato\AppData\Roaming\dvdcss
2010-06-27 20:29 . 2010-06-27 20:29 -------- d-----w- c:\program files\SoftPepper
2010-06-27 20:29 . 2010-06-27 20:29 -------- d-----w- c:\program files\SoftPepper Video Converter 2.0
2010-06-27 18:35 . 2010-03-02 15:19 -------- d-----w- c:\programdata\PC Suite
2010-06-27 16:39 . 2010-06-23 14:28 -------- d-----w- c:\program files\Phone Remote Control
2010-06-27 11:39 . 2010-03-02 07:18 -------- d-----w- c:\program files\ICQ7.0
2010-06-25 14:35 . 2010-06-25 14:35 -------- d-----w- c:\program files\MagicDVDRipper
2010-06-25 14:35 . 2010-06-25 14:35 -------- d-----w- c:\programdata\MagicSoftware
2010-06-25 14:31 . 2010-06-25 14:17 -------- d-----w- c:\program files\EasyDVDRip
2010-06-25 14:19 . 2010-06-25 14:13 -------- d-----w- c:\users\mato\AppData\Roaming\Media Player Classic
2010-06-25 14:18 . 2010-06-25 14:18 -------- d-----w- c:\program files\XviD
2010-06-25 14:18 . 2010-06-25 14:18 1664 ----a-w- c:\windows\unins000.dat
2010-06-25 14:18 . 2010-06-25 14:18 641021 ----a-w- c:\windows\unins000.exe
2010-06-25 13:53 . 2010-06-25 13:53 -------- d-----w- c:\program files\DVD Decrypter
2010-06-24 13:58 . 2010-06-24 13:58 -------- d-----w- c:\program files\Common Files\PCSuite
2010-06-24 13:57 . 2010-06-24 13:57 95232 ----a-w- c:\programdata\Installations\{18756A46-652E-4ED4-A029-C4940D59F09B}\Installer\CommonCustomActions\pcswpcsi.exe
2010-06-24 13:57 . 2010-06-24 13:57 8192 ----a-w- c:\programdata\Installations\{18756A46-652E-4ED4-A029-C4940D59F09B}\Installer\CommonCustomActions\UninstCCD.exe
2010-06-24 13:57 . 2010-06-24 13:57 61440 ----a-w- c:\programdata\Installations\{18756A46-652E-4ED4-A029-C4940D59F09B}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-06-24 13:57 . 2010-06-24 13:57 10240 ----a-w- c:\programdata\Installations\{18756A46-652E-4ED4-A029-C4940D59F09B}\Installer\CommonCustomActions\UninstPCS.exe
2010-06-24 13:57 . 2010-03-02 15:08 -------- d-----w- c:\programdata\Installations
2010-06-24 13:57 . 2010-06-24 13:57 36665824 ----a-w- c:\programdata\Installations\{18756A46-652E-4ED4-A029-C4940D59F09B}\Nokia_PC_Suite_slk_web.exe
2010-06-24 13:53 . 2010-03-02 15:09 -------- d-----w- c:\program files\Nokia pc suite
2010-06-24 11:27 . 2010-06-23 14:28 -------- d-----w- c:\users\mato\AppData\Roaming\PhoneRemoteControl
2010-06-24 11:22 . 2010-05-22 16:48 -------- d-----w- c:\programdata\Electronic Arts
2010-06-23 05:14 . 2010-03-11 10:43 -------- d-----w- c:\program files\Logitech
2010-06-23 05:14 . 2010-06-22 09:22 -------- d-----w- c:\program files\Common Files\Logitech
2010-06-22 14:27 . 2010-03-02 15:19 -------- d-----w- c:\users\mato\AppData\Roaming\PC Suite
2010-06-22 14:27 . 2010-06-22 14:27 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2010-06-22 14:22 . 2010-03-02 06:14 65336 ----a-w- c:\users\mato\AppData\Local\GDIPFONTCACHEV1.DAT
2010-06-22 14:20 . 2010-06-22 14:20 -------- d-----w- c:\programdata\NokiaMusic
2010-06-22 14:19 . 2010-06-22 14:19 -------- d-----w- c:\program files\Common Files\muvee Technologies
2010-06-20 15:45 . 2010-06-19 14:32 138184 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-06-20 15:45 . 2010-06-19 14:32 183112 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-06-19 14:32 . 2010-06-19 14:32 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-06-18 20:26 . 2010-03-03 05:50 -------- d-----w- c:\users\mato\AppData\Roaming\IrfanView
2010-06-17 14:13 . 2010-06-17 14:13 -------- d-----w- c:\program files\Electronic Arts
2010-06-17 13:18 . 2010-06-17 13:18 10134 ----a-r- c:\users\mato\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
2010-06-17 13:18 . 2010-06-17 13:18 -------- d-----w- c:\program files\Microsoft WSE
2010-06-16 14:21 . 2010-03-17 19:44 -------- d-----w- c:\program files\OpenAL
2010-06-14 12:41 . 2010-06-14 12:41 -------- d-----w- c:\program files\DOSBox-0.74
2010-06-14 12:34 . 2010-03-20 08:11 -------- d-----w- c:\users\mato\AppData\Roaming\Dropbox
2010-06-14 12:34 . 2010-03-07 10:11 -------- d-----w- c:\program files\Google
2010-06-14 04:53 . 2010-04-10 12:07 -------- d-----w- c:\program files\PowerMenu
2010-06-14 04:53 . 2010-05-10 19:51 -------- d-----w- c:\program files\Pidgin
2010-06-14 04:49 . 2010-05-10 20:24 -------- d-----w- c:\program files\Graffiti Studio 2.0
2010-06-13 20:09 . 2010-06-13 20:09 -------- d-----w- c:\program files\directx
2010-06-13 17:16 . 2010-05-14 05:51 -------- d-----w- c:\program files\ABBYY FineReader 10
2010-06-12 09:47 . 2010-06-12 09:47 -------- d-----w- c:\program files\Common Files\Adobe
2010-06-11 05:02 . 2010-04-18 21:01 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-11 05:00 . 2010-03-02 07:31 -------- d-----w- c:\programdata\Microsoft Help
2010-06-11 04:56 . 2010-04-18 21:01 -------- d-----w- c:\program files\Microsoft
2010-06-08 15:39 . 2010-06-08 15:39 50354 ----a-w- c:\users\mato\AppData\Roaming\Facebook\uninstall.exe
2010-06-08 15:39 . 2010-06-08 15:39 -------- d-----w- c:\users\mato\AppData\Roaming\Facebook
2010-06-07 17:09 . 2010-06-07 17:05 -------- d-----w- c:\program files\InfoMapa 16
2010-06-07 16:56 . 2010-03-06 08:11 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-06-07 14:05 . 2010-06-07 14:05 -------- d-----w- c:\program files\NetLimiter 2 Pro
2010-06-05 22:09 . 2010-03-10 17:34 -------- d-----w- c:\program files\fraps
2010-06-02 04:32 . 2010-06-02 04:32 3351812 ----a-w- c:\programdata\Installations\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\Installer\CommonCustomActions\msxml6Exec.exe
2010-06-02 04:32 . 2010-06-02 04:32 36864 ----a-w- c:\programdata\Installations\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\Installer\CommonCustomActions\Sleep.exe
2010-06-02 04:32 . 2010-06-02 04:32 3203453 ----a-w- c:\programdata\Installations\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\Installer\CommonCustomActions\vcredistExec.exe
2010-06-02 04:29 . 2010-06-02 04:32 35790800 ----a-w- c:\programdata\Installations\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\NokiaSoftwareUpdaterSetup_sk.exe
2010-05-28 16:46 . 2010-05-28 16:46 4608 ----a-w- c:\windows\system32\bbchlp.dll
2010-05-28 16:46 . 2010-05-28 16:46 4096 ----a-w- c:\windows\system32\drivers\bbcap.sys
2010-05-28 16:46 . 2010-05-28 16:46 30720 ----a-w- c:\windows\system32\bbcap.dll
2010-05-26 17:06 . 2010-06-11 04:50 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-26 14:47 . 2010-06-11 04:50 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-05-21 14:45 . 2010-05-21 14:45 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-21 12:14 . 2010-03-02 07:34 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-15 07:14 . 2010-05-15 07:14 1791 ----a-w- c:\users\mato\AppData\Roaming\.purple\certificates\x509\tls_peers\bos.oscar.aol.com
2010-05-15 07:14 . 2010-05-15 07:14 1779 ----a-w- c:\users\mato\AppData\Roaming\.purple\certificates\x509\tls_peers\api.oscar.aol.com
2010-05-15 07:14 . 2010-05-15 07:14 1201 ----a-w- c:\users\mato\AppData\Roaming\.purple\certificates\x509\tls_peers\login.facebook.com
2010-05-15 07:14 . 2010-05-15 07:14 1691 ----a-w- c:\users\mato\AppData\Roaming\.purple\certificates\x509\tls_peers\api.screenname.aol.com
2010-05-11 04:33 . 2010-03-13 17:49 977 ----a-w- c:\windows\eReg.dat
.

((((((((((((((((((((((((((((( SnapShot@2010-08-03_19.15.02 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-03-02 06:51 . 2010-08-03 19:22 41860 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
- 2006-11-02 13:05 . 2010-08-02 11:09 70008 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:05 . 2010-08-03 19:22 70008 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2010-03-02 06:15 . 2010-08-02 11:09 7412 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-190942252-359916794-3278992379-1000_UserData.bin
+ 2010-03-02 06:15 . 2010-08-03 19:22 7412 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-190942252-359916794-3278992379-1000_UserData.bin
- 2010-08-02 11:07 . 2010-08-02 11:07 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2010-08-03 19:20 . 2010-08-03 19:20 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-08-02 11:07 . 2010-08-02 11:07 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-08-03 19:20 . 2010-08-03 19:20 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2006-11-02 10:33 . 2010-08-03 19:25 595144 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2010-08-02 11:13 595144 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2010-08-02 11:13 104346 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2010-08-03 19:25 104346 c:\windows\System32\perfc009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-11-16 2054360]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-06-24 202256]

c:\users\mato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Yahoo! Widgets.lnk - c:\program files\Yahoo!\Widgets\YahooWidgets.exe [2008-3-19 4742184]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKLM\~\startupfolder\C:^Users^mato^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PowerMenu.lnk]
backup=c:\windows\pss\PowerMenu.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bonus.SSR.FR10]
2010-01-17 17:02 941320 ----a-w- c:\program files\ABBYY FineReader 10\Bonus.ScreenshotReader.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel File Shell Monitor]
2008-01-15 13:18 16200 ----a-r- c:\program files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
2007-12-14 11:35 531784 ----a-r- c:\program files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus SX400 Series]
2007-12-17 15:00 188928 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\E_FATIEGE.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eurobattlegui]
2009-10-22 17:39 757760 ----a-w- c:\hry\Warcraft III\eb.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-03-02 06:23 135664 ----atw- c:\users\mato\AppData\Local\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 14:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia FastStart]
2009-02-26 15:04 2376992 ----a-w- c:\program files\Nokia\Nokia Music\NokiaMusic.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
2010-07-02 10:20 671608 ----a-w- c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-05-13 14:12 26192168 ----a-r- c:\program files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
"EPSON Stylus SX400 Series"=c:\windows\system32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE /FU "c:\users\mato\AppData\Local\Temp\E_SCAC7.tmp" /EF "HKCU"
"Google Update"="c:\users\mato\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
"PAC7302_Monitor"=c:\windows\PixArt\PAC7302\Monitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):41,f1,2b,17,6e,e1,ca,01

R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [x]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-07 135664]
R3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys [x]
R3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys [x]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2008-12-07 30088]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [x]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-03-02 691696]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
S1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [2007-04-23 82200]
S2 ABBYY.Licensing.FineReader.Professional.10.0;ABBYY FineReader 10 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [2009-12-10 814344]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2009-11-16 735960]
S3 bbcap;bbcap;c:\windows\system32\DRIVERS\bbcap.sys [2010-05-28 4096]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2010-08-03 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]

2010-08-03 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2010-05-23 12:54]

2010-08-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-07 10:11]

2010-08-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-07 10:11]

2010-08-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-190942252-359916794-3278992379-1000Core.job
- c:\users\mato\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-02 06:23]

2010-08-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-190942252-359916794-3278992379-1000UA.job
- c:\users\mato\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-02 06:23]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452}
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
FF - ProfilePath - c:\users\mato\AppData\Roaming\Mozilla\Firefox\Profiles\o0nu3p77.default\
FF - component: c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\components\FirefoxExtension.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - component: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-03 21:40
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2010-08-03 21:42:00
ComboFix-quarantined-files.txt 2010-08-03 19:41
ComboFix2.txt 2010-08-03 19:16

Pre-Run: 94 808 289 280 bytes free
Post-Run: 94 769 631 232 bytes free

- - End Of File - - 43DA62B3488A3E70D9F39ABEFF5FFD10

[motji]

Ano, je to možné.

Tuto složku znáte?
c:\users\mato\sc2_raz1911

Jak to ted vypadá s počítačem?

[raky2702]

PC ide lepsie.

Ta zlozka je taky spustac jednej hry ale neni to cele lebo tam mali byt este dva subory a tie oznacil ESS 4 ako viry tak teraz neviem ale chlapik co to uploudol hovori ze to neni virus. Jak zistit ci to je virus alebo len plany poplach. ??

[motji]

Vyndat soubory z karantény Nodu a otestovat je na www.virustotal.com

[raky2702]

hmm na 40% to je virus
Tak je to nebezpecne alebo ne ?

http://www.virustotal.com/analisis/f2a8 ... 1280866380

[motji]

Není to uplně jednoznačné, ale ta detekce je tak vysoká, že bych to v počítači nechtěla.

[raky2702]

OK tak Dakujem za kontroly.

[motji]

Neutíkejte mi ještě

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir



***********


Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


***********



Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech



***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

[raky2702]

zabudol ze to treba este dokoncit

RSIT log :



Logfile of random's system information tool 1.08 (written by random/random)
Run by mato at 2010-08-03 23:01:12
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 90 GB (29%) free of 305 GB
Total RAM: 3071 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:02:32, on 3. 8. 2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\NetLimiter 2 Pro\NLClient.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Users\mato\Desktop\RSIT.exe
C:\Program Files\trend micro\mato.exe
C:\Windows\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ABBYY FineReader 10 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.10.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe

--
End of file - 5838 bytes

======Scheduled tasks folder======

C:\Windows\tasks\1-Click Maintenance.job
C:\Windows\tasks\AWC Startup.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-190942252-359916794-3278992379-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-190942252-359916794-3278992379-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2010-03-06 503808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-06-24 341600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-21 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2010-03-06 503808]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-11-16 2054360]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-06-24 202256]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bonus.SSR.FR10]
C:\Program Files\ABBYY FineReader 10\Bonus.ScreenshotReader.exe [2010-01-17 941320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel File Shell Monitor]
C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe [2008-01-15 16200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe [2007-12-14 531784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus SX400 Series]
C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE [2007-12-17 188928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eurobattlegui]
C:\hry\Warcraft III\eb.exe [2009-10-22 757760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\mato\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-02 135664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia FastStart]
C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe [2009-02-26 2376992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2010-07-02 671608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-05-14 1479680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2010-05-13 26192168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^mato^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PowerMenu.lnk]
[]

C:\Users\mato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Yahoo! Widgets.lnk - C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=0
"HonorAutoRunSetting"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=0
"HonorAutoRunSetting"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2010-08-03 23:01:12 ----D---- C:\rsit
2010-08-03 21:52:00 ----A---- C:\Windows\system32\shell32.dll
2010-08-03 21:42:03 ----SHD---- C:\$RECYCLE.BIN
2010-08-03 21:42:02 ----D---- C:\Windows\temp
2010-07-30 17:17:44 ----D---- C:\ProgramData\Blizzard Entertainment
2010-07-28 18:39:13 ----D---- C:\ProgramData\NFS Underground
2010-07-28 11:17:15 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-07-28 11:17:15 ----A---- C:\Windows\system32\PresentationHost.exe
2010-07-28 11:17:15 ----A---- C:\Windows\system32\netfxperf.dll
2010-07-28 11:17:15 ----A---- C:\Windows\system32\mscoree.dll
2010-07-28 11:17:15 ----A---- C:\Windows\system32\dfshim.dll
2010-07-28 11:16:29 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-07-28 11:16:29 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-07-27 21:06:02 ----A---- C:\Windows\unvise32.exe
2010-07-26 19:51:39 ----D---- C:\Users\mato\AppData\Roaming\RigNRoll_eng
2010-07-26 19:50:25 ----RA---- C:\Windows\system32\tmpECC1.tmp
2010-07-25 19:19:57 ----A---- C:\Windows\system32\drivers\pccsmcfd.sys
2010-07-25 19:19:41 ----D---- C:\Program Files\PC Connectivity Solution
2010-07-25 19:16:14 ----D---- C:\ProgramData\NokiaInstallerCache
2010-07-07 20:53:47 ----D---- C:\Users\mato\AppData\Roaming\Electronic Arts
2010-07-07 17:18:29 ----D---- C:\Users\mato\AppData\Roaming\MOBILeditForensic
2010-07-07 17:18:05 ----D---- C:\Program Files\COMPELSON Labs
2010-07-07 17:16:58 ----D---- C:\Program Files\MOBILedit!4 Forensic
2010-07-06 21:58:05 ----D---- C:\Program Files\SignSIS-GUI
2010-07-05 20:50:52 ----D---- C:\Westwood
2010-07-05 20:02:33 ----A---- C:\Windows\iun6002.exe

======List of files/folders modified in the last 1 months======

2010-08-03 23:02:32 ----D---- C:\Program Files\trend micro
2010-08-03 23:02:30 ----D---- C:\Windows\Prefetch
2010-08-03 22:54:44 ----D---- C:\Windows
2010-08-03 22:49:23 ----D---- C:\Windows\system32\drivers
2010-08-03 22:26:02 ----D---- C:\Windows\System32
2010-08-03 22:26:02 ----D---- C:\Windows\inf
2010-08-03 22:26:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-08-03 21:53:04 ----D---- C:\Windows\winsxs
2010-08-03 21:52:25 ----SHD---- C:\System Volume Information
2010-08-03 21:51:18 ----D---- C:\Windows\system32\catroot2
2010-08-03 21:51:18 ----D---- C:\Windows\system32\catroot
2010-08-03 21:40:24 ----A---- C:\Windows\system.ini
2010-08-03 21:40:18 ----D---- C:\Windows\system32\drivers\etc
2010-08-03 21:37:56 ----D---- C:\Windows\AppPatch
2010-08-03 21:37:55 ----D---- C:\Program Files\Common Files
2010-08-03 12:07:01 ----D---- C:\Users\mato\AppData\Roaming\ICQ
2010-08-03 09:06:18 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-08-02 16:48:18 ----D---- C:\Windows\Debug
2010-08-02 16:41:42 ----AD---- C:\ProgramData\TEMP
2010-08-02 13:06:29 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-30 19:14:43 ----SD---- C:\Users\mato\AppData\Roaming\Microsoft
2010-07-30 17:46:23 ----D---- C:\hry
2010-07-30 17:46:08 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2010-07-30 17:46:07 ----D---- C:\ProgramData
2010-07-30 17:32:37 ----D---- C:\Users\mato\AppData\Roaming\uTorrent
2010-07-30 17:17:29 ----RD---- C:\Program Files
2010-07-30 17:17:03 ----SHD---- C:\Windows\Installer
2010-07-28 12:45:34 ----D---- C:\Windows\Microsoft.NET
2010-07-28 12:45:27 ----RSD---- C:\Windows\assembly
2010-07-28 11:23:23 ----D---- C:\Program Files\Windows Mail
2010-07-28 11:18:21 ----D---- C:\Windows\ehome
2010-07-27 11:12:51 ----D---- C:\Users\mato\AppData\Roaming\Nokia
2010-07-27 11:10:41 ----D---- C:\Program Files\Common Files\Nokia
2010-07-26 16:13:56 ----D---- C:\Windows\system32\drivers\UMDF
2010-07-26 15:42:19 ----D---- C:\Windows\system32\Tasks
2010-07-26 07:47:43 ----D---- C:\Users\mato\AppData\Roaming\InstallShield
2010-07-26 07:46:39 ----A---- C:\Windows\Ascd_tmp.ini
2010-07-25 19:20:06 ----D---- C:\Program Files\Nokia
2010-07-25 19:19:57 ----DC---- C:\Windows\system32\DRVSTORE
2010-07-25 18:38:20 ----D---- C:\ProgramData\Nokia
2010-07-19 11:52:43 ----D---- C:\Users\mato\AppData\Roaming\Skype
2010-07-19 08:39:48 ----D---- C:\Users\mato\AppData\Roaming\skypePM
2010-07-17 19:51:46 ----D---- C:\Users\mato\AppData\Roaming\vlc
2010-07-09 21:56:27 ----D---- C:\Program Files\SystemRequirementsLab

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BTHidMgr;Bluetooth HID Manager Service; C:\Windows\System32\Drivers\BTHidMgr.sys [2005-04-30 28271]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2009-02-03 59000]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2007-02-08 83320]
R1 ASPI32;ASPI32; C:\Windows\system32\drivers\ASPI32.sys [1999-09-10 25244]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-12-18 26024]
R1 epfwtdi;epfwtdi; C:\Windows\system32\DRIVERS\epfwtdi.sys [2009-11-16 55768]
R1 nltdi;nltdi; \??\C:\Windows\system32\drivers\nltdi.sys [2007-04-23 82200]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-04-13 165376]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-11-16 116520]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-12-18 135048]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-04-13 18048]
R3 bbcap;bbcap; C:\Windows\system32\DRIVERS\bbcap.sys [2010-05-28 4096]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-01-08 33096]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-04-03 11573800]
R3 PAC7302;PAC7302 VGA USB Camera; C:\Windows\system32\DRIVERS\PAC7302.SYS [2007-06-14 457856]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-07-22 123904]
R3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-08-09 29696]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2008-01-24 19336]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2008-01-24 48904]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
S0 BtHidBus;Bluetooth HID Bus Service; C:\Windows\System32\Drivers\BtHidBus.sys []
S3 BlueletAudio;Bluetooth Audio Service; C:\Windows\system32\DRIVERS\blueletaudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys []
S3 BTCOM;Bluetooth Serial port driver; C:\Windows\system32\DRIVERS\btcomport.sys []
S3 BTCOMBUS;Bluetooth Serial Port Bus Service; C:\Windows\System32\Drivers\btcombus.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys []
S3 BTHidEnum;Bluetooth HID Enumerator; C:\Windows\system32\DRIVERS\vbtenum.sys [2005-04-30 11860]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\Windows\System32\Drivers\btnetBus.sys [2008-12-07 30088]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys []
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-19 8192]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-11 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys []
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2008-01-24 28168]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\Windows\system32\drivers\WmHidLo.sys [2008-01-24 29192]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2008-01-24 14728]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]
S4 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-03-02 691696]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Professional.10.0;ABBYY FineReader 10 PE Licensing Service; C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [2009-12-10 814344]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-11-16 735960]
R2 nlsvc;NetLimiter; C:\Program Files\NetLimiter 2 Pro\nlsvc.exe [2007-03-21 516096]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-04-03 129640]
R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\system32\PSIService.exe [2007-06-05 177704]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 TuneUp.ProgramStatisticsSvc;@%SystemRoot%\System32\TUProgSt.exe,-1; C:\Windows\System32\TUProgSt.exe [2010-03-11 603904]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-07 135664]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-11-16 20680]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2010-03-11 360192]

-----------------EOF-----------------