Problém s ICQ

[Petr73]

Nemohl by mi někdo poradit, z ICQ mi odchází skoro každý den nesmyslné znaky v azbuce těm co je mám v kontaktech a to ho ani nemám zapnutý.

[stell]

zdravim
Stiahnes>>RSIT >>logy vloz sem,

[Petr73]

LOG.txt

Logfile of random's system information tool 1.08 (written by random/random)
Run by Petr at 2010-08-03 13:32:39
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 20 GB (20%) free of 101 GB
Total RAM: 4062 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:32:45, on 3.8.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
H:\totalcmd\TOTALCMD.EXE
C:\Program Files\trend micro\Petr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=66008
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1700389
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66008
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=66008
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66008
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=66008
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AML] "C:\Program Files (x86)\Sony\VAIO Launcher\AML.exe" InitApp
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\utorrent.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Google Update] "C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: UpdateTool.lnk = ?
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\Google\GOOGLE~3\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: SAMSUNG AllShare Service (AllShare) - Unknown owner - C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NSUService - Sony Corporation - C:\Program Files\sony\Network Utility\NSUService.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PS3 Media Server - Unknown owner - H:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Windows\RtkAudioService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Media plus\SOHCImp.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Media plus\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Media plus\SOHDs.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - H:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - Unknown owner - C:\Windows\System32\TUProgSt.exe (file missing)
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: WD SmartWare Drive Manager Service (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio64.exe (file missing)

--
End of file - 18018 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\RtkAudioService.exe
C:\Windows\system32\svchost.exe -k NetworkService
Ati2evxx.exe -Client
C:\Windows\System32\spoolsv.exe
taskeng.exe {937BF6C3-10A3-4C7B-AF43-07B515E40823}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe 36710896
"C:\Windows\system32\Dwm.exe"
taskeng.exe {96A1CBEF-5794-4152-82DE-CB807D3314C5}
C:\Windows\Explorer.EXE
"C:\Program Files\Windows Defender\MSASCui.exe" -hide
"C:\Program Files\Apoint\Apoint.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
"C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe"
"C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe"
"C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe"
"C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe"
"C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe"
"C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
"C:\Program Files\sony\Network Utility\NSUService.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\Sony\VAIO Media plus\SOHCImp.exe"
"C:\Program Files (x86)\Sony\VAIO Media plus\SOHDms.exe"
"C:\Program Files (x86)\Sony\VAIO Media plus\SOHDs.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"H:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\TUProgSt.exe
"C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe"
"C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe"
"C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe"
C:\Windows\SysWOW64\DllHost.exe /Processid:{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
"C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe"
"C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-7de55332-0e06-4cc9-8a00-2f0d5eea88cc -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-c4b87a61-ba6b-483e-bdab-d98356314b0b -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-5e61e29a-b78a-49f0-a6b1-0f613abbf833 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:f9dc889e-148d-487d-9a61-994ba70b5fc4
"C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe"
C:\Windows\SysWOW64\DllHost.exe /Processid:{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
C:\Windows\system32\DRIVERS\xaudio64.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\mobsync.exe -Embedding
"C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe" -RunBySCM
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Apoint\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"Apntex.exe"
C:\Windows\system32\conime.exe
"C:\Program Files\Sony\VAIO Power Management\SPMService.exe"
"C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" /Start
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4564.ff8dbe0.1139541091 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 4564 plugin \\.\pipe\gecko-crash-server-pipe.4564
"H:\totalcmd\TOTALCMD.EXE"
"c:\program files\windows defender\MpCmdRun.exe" Scan -RestrictPrivileges -Reinvoke
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Petr\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\1-Click Maintenance.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2874693757-3683864873-2912791595-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2874693757-3683864873-2912791595-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-07-25 371888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg64.dll [2010-06-09 322104]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2009-04-09 520192]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-25 278192]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-06-19 349640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-06-09 814648]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-06-19 349640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-07-25 371888]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-06-19 349640]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2009-08-16 962808]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2009-04-09 520192]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-25 278192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1584184]
"RtHDVCpl"=C:\Windows\RAVCpl64.exe [2008-10-17 6453760]
"Skytel"=C:\Windows\Skytel.exe [2008-10-17 1826816]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2008-07-18 152576]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-04-09 2692008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Program Files (x86)\uTorrent\utorrent.exe [2010-07-25 327472]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-02 39408]
"LinkMagic for magicolor 1680MF"= []
"ISUSPM"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-03-20 213936]
"Google Update"=C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-05 136176]
"WEBTRAN"= []
"WMPNSCFG"=C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2010-06-19 640440]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"AML"=C:\Program Files (x86)\Sony\VAIO Launcher\AML.exe [2008-09-09 1097728]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"SSBkgdUpdate"=C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
"PaperPort PTD"=C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [2008-06-10 29984]
"IndexSearch"=C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [2008-06-10 46368]
"PPort11reminder"=C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe [2007-08-31 328992]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
UpdateTool.lnk - H:\Program Files (x86)\Plants Vs Zombies\UpdateTool.exe
WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-08-03 13:25:20 ----D---- C:\rsit
2010-08-03 13:25:20 ----D---- C:\Program Files\trend micro
2010-07-28 05:09:41 ----D---- C:\Windows\Downloaded Installations
2010-07-28 04:57:55 ----D---- C:\Program Files (x86)\DTS
2010-07-25 15:15:28 ----D---- C:\PCShareManagerUpload
2010-07-25 14:58:51 ----D---- C:\Program Files (x86)\Samsung
2010-07-20 16:30:33 ----D---- C:\ProgramData\NOS

======List of files/folders modified in the last 1 months======

2010-08-03 13:32:44 ----D---- C:\Windows\Temp
2010-08-03 13:30:00 ----D---- C:\Windows\Prefetch
2010-08-03 13:28:15 ----D---- C:\Program Files (x86)\ICQ6.5
2010-08-03 13:25:20 ----RD---- C:\Program Files
2010-08-03 13:22:28 ----D---- C:\Users\Petr\AppData\Roaming\uTorrent
2010-08-03 13:18:39 ----SHD---- C:\System Volume Information
2010-08-03 12:57:51 ----D---- C:\Windows\system32\catroot
2010-08-03 12:57:45 ----D---- C:\Windows\winsxs
2010-08-02 14:44:08 ----D---- C:\Windows\System32
2010-08-02 14:44:08 ----D---- C:\Windows\inf
2010-08-02 14:44:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-07-29 19:59:48 ----D---- C:\Users\Petr\AppData\Roaming\Audacity
2010-07-29 18:43:49 ----AD---- C:\ProgramData\TEMP
2010-07-28 05:09:41 ----AD---- C:\Windows
2010-07-28 04:58:35 ----SHD---- C:\Windows\Installer
2010-07-28 04:57:55 ----RD---- C:\Program Files (x86)
2010-07-26 10:31:50 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-07-25 15:15:28 ----D---- C:\Windows\SysWOW64
2010-07-25 14:58:58 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-07-24 11:08:11 ----D---- C:\ProgramData\Adobe
2010-07-20 16:51:13 ----D---- C:\Users\Petr\AppData\Roaming\Adobe
2010-07-20 16:37:28 ----D---- C:\Program Files (x86)\Adobe
2010-07-20 16:33:27 ----D---- C:\Program Files (x86)\Common Files
2010-07-20 16:30:33 ----HD---- C:\ProgramData
2010-07-15 06:40:11 ----D---- C:\Program Files\Windows Mail
2010-07-15 06:40:11 ----D---- C:\Program Files (x86)\Windows Mail
2010-07-14 08:13:13 ----D---- C:\Windows\system32\catroot2
2010-07-10 22:52:31 ----D---- C:\Users\Petr\AppData\Roaming\ICQ

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-10-17 406040]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2008-06-16 55024]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-07-03 868848]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-04-09 134024]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-01-01 34472]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-04-09 142776]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-04-09 165960]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-04-09 44944]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2008-04-28 17024]
R2 regi;regi; \??\C:\Windows\system32\drivers\regi.sys [2007-04-17 14112]
R2 risdptsk;risdptsk; C:\Windows\system32\DRIVERS\risdsn64.sys [2008-10-23 76288]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio64.sys [2008-04-28 9728]
R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2010-01-06 121280]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2008-07-18 193072]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2008-04-25 19968]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-09-26 4598784]
R3 CAXHWAZL;CAXHWAZL; C:\Windows\system32\DRIVERS\CAXHWAZL.sys [2008-04-28 300032]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-04-09 33608]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\CAX_DPV.sys [2008-04-28 1511936]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2008-10-17 1474840]
R3 NETw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\NETw5v64.sys [2008-08-29 4745216]
R3 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimssn64.sys [2008-10-23 85504]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2008-10-24 185248]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2008-08-22 11392]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 168704]
R3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\CAX_CNXT.sys [2008-04-28 731648]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 108544]
R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x64.sys [2008-04-28 391680]
S1 DMICall;Sony DMI Call service; C:\Windows\system32\DRIVERS\DMICall.sys []
S3 abcq7zl1;abcq7zl1; C:\Windows\system32\drivers\abcq7zl1.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-10 26112]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 115712]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-10 694272]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-10 34816]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-10-21 95784]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2008-10-21 133672]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2008-10-21 36392]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-10-21 21160]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144]
S3 FlashUSB;FlashUSB; C:\Windows\system32\DRIVERS\FlashUSB_x64.sys [2009-05-12 20480]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 273920]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2008-01-21 286720]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-07-04 82816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-10 178176]
S3 RkHit;RkHit; \??\C:\Windows\system32\drivers\RKHit.sys []
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgx64bus.sys [2008-11-11 17920]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgx64diag.sys [2008-11-11 27136]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgx64modem.sys [2008-11-11 33792]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 41984]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-28 154168]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 46592]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 111104]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6; C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-09-11 124832]
R2 AllShare;SAMSUNG AllShare Service; C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2010-04-23 9241088]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-09-26 901120]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-10-15 832552]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2009-04-09 731840]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-08-21 1449984]
R2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2009-08-16 222968]
R2 IviRegMgr;IviRegMgr; C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2008-07-10 40999448]
R2 NSUService;NSUService; C:\Program Files\sony\Network Utility\NSUService.exe [2008-12-05 360448]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-08-21 826368]
R2 RtkAudioService;Realtek Audio Service; C:\Windows\RtkAudioService.exe [2008-10-17 134656]
R2 SOHCImp;VAIO Media plus Content Importer; C:\Program Files (x86)\Sony\VAIO Media plus\SOHCImp.exe [2008-10-21 103712]
R2 SOHDms;VAIO Media plus Digital Media Server; C:\Program Files (x86)\Sony\VAIO Media plus\SOHDms.exe [2008-10-21 353568]
R2 SOHDs;VAIO Media plus Device Searcher; C:\Program Files (x86)\Sony\VAIO Media plus\SOHDs.exe [2008-10-21 62752]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 157720]
R2 StarWindServiceAE;StarWind AE Service; H:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 TuneUp.ProgramStatisticsSvc;@%SystemRoot%\System32\TUProgSt.exe,-1; C:\Windows\System32\TUProgSt.exe [2009-04-27 841472]
R2 uCamMonitor;CamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 27648]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe [2008-11-06 203624]
R2 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2008-11-25 411496]
R2 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2008-09-12 446464]
R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2008-10-02 369952]
R2 VzCdbSvc;VAIO Entertainment Database Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [2008-09-08 192512]
R2 WDDMService;WD SmartWare Drive Manager Service; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-10-14 116224]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio64.exe [2008-04-28 410624]
R3 Vcsw;VAIO Entertainment UPnP Client Adapter; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [2008-09-08 279848]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-10 135664]
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe []
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-02-06 109056]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-04-09 23296]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-12-26 651720]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 27648]
S3 GoogleDesktopManager;GoogleDesktopManager; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2009-05-04 1838592]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-28 182768]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2008-05-20 53248]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2008-05-20 53248]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 PS3 Media Server;PS3 Media Server; H:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe [2010-01-13 217088]
S3 SPTISRV;Sony SPTI Service; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [2008-05-20 77824]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2009-04-27 505600]
S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [2008-09-08 73728]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2008-09-19 108832]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 47128]
S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [2008-07-29 4737024]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-10 369688]
S4 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-07-10 258072]

-----------------EOF-----------------

[Petr73]

Mám nahodit i INFO.txt?

[stell]

netreba,
Zapni zobrazovanie skrytych suborov a zloziek
pojdes na www.virustotal.com
klik-prochazet-hore v okne nastavis c:\-dole do okna skopiruj
C:\Windows\system32\drivers\RKHit.sys
klik-otvorit-klik-odoslat-pockas vysledok a vloz sem.
Stiahnes>>Malwarebytes' Anti-Malware stiahnut-nainstalovat -aktualizovat-
sprav komplet skan,co najde zmazat,log vloz sem,
Stiahnite RootRepeal Beta a uložte ju na plochu.
* Zatvorte všetky ostatné programy,spustite dvoj-kliknutím na súbor s názvom RootRepeal.exe
* Akonáhle sa hlavne okne objaví,kliknite na tlačidlo Report v pravo dole.
* kliknite na tlačidlo scan.
* Ďalšie okno so žiadosťou, aby ste vybrať, čo chcete zahrnúť do vyhľadávania. Prosím, zrušte všetko,okrem políčka Stealth , a potom kliknite na tlačidlo OK.
* Akonáhle program dokončení skenovania,budú výsledky zobrazere.Kliknite na tlačidlo Uložiť správu a správu uložiť na plochu.
* Prosím postnite sem.

[Petr73]

Antivirus Verze Poslední aktualizace Výsledek
AhnLab-V3 2010.08.03.00 2010.08.03 -
AntiVir 8.2.4.32 2010.08.03 -
Antiy-AVL 2.0.3.7 2010.08.03 -
Authentium 5.2.0.5 2010.08.03 -
Avast 4.8.1351.0 2010.08.03 -
Avast5 5.0.332.0 2010.08.03 -
AVG 9.0.0.851 2010.08.03 -
BitDefender 7.2 2010.08.03 -
CAT-QuickHeal 11.00 2010.08.03 -
ClamAV 0.96.0.3-git 2010.08.03 -
Comodo 5631 2010.08.03 -
DrWeb 5.0.2.03300 2010.08.03 -
Emsisoft 5.0.0.36 2010.08.03 -
eSafe 7.0.17.0 2010.08.03 -
eTrust-Vet 36.1.7759 2010.08.03 -
F-Prot 4.6.1.107 2010.08.03 -
F-Secure 9.0.15370.0 2010.08.03 -
Fortinet 4.1.143.0 2010.08.02 -
GData 21 2010.08.03 -
Ikarus T3.1.1.84.0 2010.08.03 -
Jiangmin 13.0.900 2010.08.03 -
Kaspersky 7.0.0.125 2010.08.03 -
McAfee 5.400.0.1158 2010.08.03 -
McAfee-GW-Edition 2010.1 2010.08.03 -
Microsoft 1.6004 2010.08.03 -
NOD32 5337 2010.08.03 -
Norman 6.05.11 2010.08.03 -
nProtect 2010-08-03.01 2010.08.03 -
Panda 10.0.2.7 2010.08.02 -
PCTools 7.0.3.5 2010.08.03 -
Prevx 3.0 2010.08.03 -
Rising 22.59.01.04 2010.08.03 -
Sophos 4.56.0 2010.08.03 -
Sunbelt 6678 2010.08.03 -
SUPERAntiSpyware 4.40.0.1006 2010.08.03 -
Symantec 20101.1.1.7 2010.08.03 -
TheHacker 6.5.2.1.329 2010.08.03 -
TrendMicro 9.120.0.1004 2010.08.03 -
TrendMicro-HouseCall 9.120.0.1004 2010.08.03 -
VBA32 3.12.12.7 2010.08.02 -
ViRobot 2010.8.3.3969 2010.08.03 -
VirusBuster 5.0.27.0 2010.08.03 -
Rozšiřující informace
File size: 30080 bytes
MD5...: 5f83735559a1d9b610020065741f5aa5
SHA1..: c14a986ab1dc432337149382813411dbae5337e2
SHA256: bc3e61b3416511177f51e1c5aa89eeceefb2dc49c48df09512db090f1d08ca76
ssdeep: 768:pp5xc53aqYJ2t6LL8np3S9uWKbxLjk8ILplEbc/:ppnMaqYJ2cLL8np35Xbx
k8ILTEb
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x6385
timedatestamp.....: 0x48cf79ac (Tue Sep 16 09:17:32 2008)
machinetype.......: 0x14c (I386)

( 6 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x480 0x4ab0 0x4b00 6.37 62a8aa7f7ddf4867ec356dd14aad7fa2
.rdata 0x4f80 0x2e4 0x300 3.83 e958541d1f801eb43098a072ff1fc0da
.data 0x5280 0x1090 0x1100 0.01 15800a9c230a2a86476577d9a2d48c09
INIT 0x6380 0x95c 0x980 5.34 2a686358bd7d2f9323c5fc4fd43d7092
.rsrc 0x6d00 0x2e0 0x300 3.01 368ed489a87b035095dba8505d52e7d5
.reloc 0x7000 0x572 0x580 6.26 7d0865f0d3bcc6e87505dbf8dc22247d

( 2 imports )
> ntoskrnl.exe: _except_handler3, MmUnlockPages, ObfDereferenceObject, KeUnstackDetachProcess, KeStackAttachProcess, DbgPrint, PsLookupProcessByProcessId, MmIsAddressValid, KeInitializeSpinLock, ObReferenceObjectByName, IoDriverObjectType, RtlInitUnicodeString, ExFreePool, _stricmp, strrchr, ExAllocatePoolWithTag, ZwQuerySystemInformation, IoFileObjectType, ZwClose, ObReferenceObjectByHandle, ZwOpenKey, PsProcessType, IoDeviceObjectType, MmSectionObjectType, ZwUnmapViewOfSection, ZwMapViewOfSection, ZwCreateSection, ZwOpenFile, RtlImageDirectoryEntryToData, NtBuildNumber, RtlAppendUnicodeStringToString, RtlVolumeDeviceToDosName, IoCreateFile, wcscpy, ProbeForRead, IoGetCurrentProcess, KeGetCurrentThread, KeServiceDescriptorTable, ObQueryNameString, ObReferenceObjectByPointer, IoAllocateMdl, PsGetVersion, MmUserProbeAddress, IoThreadToProcess, PsLookupThreadByThreadId, NtGlobalFlag, PsThreadType, IofCallDriver, ZwOpenDirectoryObject, MmGetVirtualForPhysical, MmGetPhysicalAddress, MmSystemRangeStart, IoFreeIrp, KeSetEvent, KeWaitForSingleObject, MmBuildMdlForNonPagedPool, IoAllocateIrp, IoGetBaseFileSystemDeviceObject, KeInitializeEvent, IoGetDeviceObjectPointer, ZwQuerySymbolicLinkObject, ZwOpenSymbolicLinkObject, swprintf, IoGetConfigurationInformation, ZwTerminateProcess, PsGetCurrentProcessId, KeInsertQueueApc, KeInitializeApc, KeClearEvent, ExfInterlockedInsertTailList, ExfInterlockedRemoveHeadList, IoCreateSynchronizationEvent, MmGetSystemRoutineAddress, IoDeleteDevice, IoDeleteSymbolicLink, RtlInitAnsiString, IofCompleteRequest, IoCreateSymbolicLink, IoCreateDevice, KeTickCount, KeBugCheckEx, MmProbeAndLockPages, MmMapLockedPagesSpecifyCache, ObOpenObjectByPointer, IoFreeMdl
> HAL.dll: KfAcquireSpinLock, KfReleaseSpinLock, KeStallExecutionProcessor

( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable Generic (58.4%)
Clipper DOS Executable (13.8%)
Generic Win/DOS Executable (13.7%)
DOS Executable Generic (13.7%)
VXD Driver (0.2%)
packers (Kaspersky): PE_Patch
sigcheck:
publisher....: n/a
copyright....: Copyright (C) QiWang Corporation
product......: RKHit
description..: RKHit
original name: RKHit
internal name: RKHit
file version.: 2, 0, 0, 0
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

[Petr73]

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4385

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928

3.8.2010 18:23:20
mbam-log-2010-08-03 (18-23-20).txt

Typ skenu: Úplný sken (C:\|G:\|H:\|)
Skenované objekty: 443234
Uplynulý čas: 1 hodina(y), 54 minuta(y), 6 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 4
Infikované hodnoty registru: 1
Infikované datové položky registru: 0
Infikované složky: 4
Infikované soubory: 7

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RkHit (Rogue.BestSpywareScanner) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Infikované hodnoty registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
C:\Program Files (x86)\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Infikované soubory:
H:\Aplikace\CryptLoad\ocr\netload.in\asmCaptcha\test.exe (Malware.Packer) -> Quarantined and deleted successfully.
H:\Aplikace\CryptLoad\router\FRITZ!Box\nc.exe (PUP.KeyLogger) -> Quarantined and deleted successfully.
H:\Aplikace\DVDFab.Platinum.v7.0.1.2.BETA.AHCU.TUANDT\DVDFab.v7012.BETA-AHCU\dbghelp.dll (Trojan.FakeMS) -> Quarantined and deleted successfully.
H:\Aplikace\Everest Ultimate Edition 2007 3.80.905\Keymaker - Ultimate.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
H:\Aplikace\IsoBuster Pro v2.3.0.1\Keygen ZWT\Keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Windows\System32\drivers\RKHit.sys (Rogue.BestSpywareScanner) -> Quarantined and deleted successfully.

[Petr73]

Tak ten RootRepeal mi bohužel nejde, mám 64-bit Vistu a ten program jde jen na 32-bit.

[stell]

SysProt AntiRootkit http://sites.google.com/site/sysprotantirootkit/
http://www.x64bitdownload.com/downloads ... rxpoe.html
rozbalis, spustis, prepnes se do zalozky Log tab, v ni oznacis vse v sloupci Write to log, zmacknes Create Log, odkliknes pripadne vytvoreni logu, ale co je nejdulezitejsi, chvili pockas nez se objevi okno s infem, kde chces skenovat zvolis Scan Root Drive. Klik na Start, po ukonceni skenu se otevre log, pokud ne najdes tam kam si ho prvne ulozil (standardne ve szlozce sse spustecim souborem)

alebo:
Stáhněte RootkitUnhooker - http://www.antirootkit.com/software/Roo ... hooker.htm
Rozbalte a spusťte. Program se skládá z řady záložek. Ze záložek "Processes", "SSDT", "Drivers", "Code Hooks" udělejte log. , stisknete tlačítko "Scan" a potom v menu (vlevo) je položka "Quick report" - tím se log uloží. Logy sem hoďte. Vše by mělo jít udělat také najednou, pokud sisknete Scan v záložce "Report".

[Petr73]

Tak bohužel z těch 4 programů mi na 64-bit funguje jen Sophos Anti-Rootkit a s ním je to na delší dobu, výsledek nahodím až zítra.

[stell]

stacis,,
Este ICQ-odosiela-spam??

[Petr73]

S tím ICQ ještě nevím, odpoledne se poptám zda někdo ode mne něco nedostal. Pokoušel sem se použít ten Sophos Anti-Rootkit, ale žádný LOG mi to nenabízelo, jen to asi 3 hod. scanovalo PC a potom mi to nabídlo smazat určité věci, ale to sem zatím neudělal, abych nepoškodil systémové soubory.

[stell]

Start-spustit-vloz prikaz ,log bude tu:
%temp%\sarscan.log
vloz sem
inak tu je Navod co sa moze zmazat:
http://spywarehammer.com/simplemachines ... pic=8219.0

[Petr73]

Sophos Anti-Rootkit Version 1.5.4 (c) 2009 Sophos Plc
Started logging on 4.8.2010 at 17:22:36
User "Petr" on computer "PETR-PC"
Windows version 6.0 SP 2.0 Service Pack 2 build 6002 SM=0x300 PT=0x1 WOW64
Info: Starting registry scan.
Info: Starting disk scan of C: (NTFS).
Hidden: file C:\Windows\System32\drivers\sptd.sys
Hidden: file C:\Users\Petr\AppData\Local\Temp\KVALIFIKOVANA SEKRETARKA OB.pps
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..erstorageenterprise_31bf3856ad364e35_6.0.6002.18005_none_48ea5e33718c73fa\security-licensing-slc-component-sku-serverstorageenterprise-oem-nonslp-ul-oob.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..erstorageenterprise_31bf3856ad364e35_6.0.6002.18005_none_48ea5e33718c73fa\security-licensing-slc-component-sku-serverstorageenterprise-oem-nonslp-ul-phn.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..erstorageenterprise_31bf3856ad364e35_6.0.6002.18005_none_48ea5e33718c73fa\security-licensing-slc-component-sku-serverstorageenterprise-oem-slpcoa-ul-phn.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..erstorageenterprise_31bf3856ad364e35_6.0.6002.18005_none_48ea5e33718c73fa\security-licensing-slc-component-sku-serverstorageenterprise-oem-slpcoa-ul-oob.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..rstorageexpresscore_31bf3856ad364e35_6.0.6002.18005_none_d35365ed95d89b88\security-licensing-slc-component-sku-serverstorageexpresscore-oem-slpcoa-ul-phn.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..rstorageexpresscore_31bf3856ad364e35_6.0.6002.18005_none_d35365ed95d89b88\security-licensing-slc-component-sku-serverstorageexpresscore-oem-slpcoa-ul-oob.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..storagestandardcore_31bf3856ad364e35_6.0.6002.18005_none_3a56dd5d19a3e1a1\security-licensing-slc-component-sku-serverstoragestandardcore-oem-slpcoa-ul-oob.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..storagestandardcore_31bf3856ad364e35_6.0.6002.18005_none_3a56dd5d19a3e1a1\security-licensing-slc-component-sku-serverstoragestandardcore-oem-slpcoa-ul-phn.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..storagestandardcore_31bf3856ad364e35_6.0.6002.18005_none_3a56dd5d19a3e1a1\security-licensing-slc-component-sku-serverstoragestandardcore-oem-nonslp-ul-oob.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..storagestandardcore_31bf3856ad364e35_6.0.6002.18005_none_3a56dd5d19a3e1a1\security-licensing-slc-component-sku-serverstoragestandardcore-oem-nonslp-ul-phn.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..orageenterprisecore_31bf3856ad364e35_6.0.6002.18005_none_89a58520c5a9bc67\security-licensing-slc-component-sku-serverstorageenterprisecore-oem-slpcoa-ul-phn.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..orageenterprisecore_31bf3856ad364e35_6.0.6002.18005_none_89a58520c5a9bc67\security-licensing-slc-component-sku-serverstorageenterprisecore-oem-slpcoa-pl.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..orageenterprisecore_31bf3856ad364e35_6.0.6002.18005_none_89a58520c5a9bc67\security-licensing-slc-component-sku-serverstorageenterprisecore-oem-slpcoa-ul-oob.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..orageenterprisecore_31bf3856ad364e35_6.0.6002.18005_none_89a58520c5a9bc67\security-licensing-slc-component-sku-serverstorageenterprisecore-retail1-ul-phn.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..orageenterprisecore_31bf3856ad364e35_6.0.6002.18005_none_89a58520c5a9bc67\security-licensing-slc-component-sku-serverstorageenterprisecore-retail1-ul-oob.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..orageenterprisecore_31bf3856ad364e35_6.0.6002.18005_none_89a58520c5a9bc67\security-licensing-slc-component-sku-serverstorageenterprisecore-oem-slp-ul-oob.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..orageenterprisecore_31bf3856ad364e35_6.0.6002.18005_none_89a58520c5a9bc67\security-licensing-slc-component-sku-serverstorageenterprisecore-oem-nonslp-pl.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..orageenterprisecore_31bf3856ad364e35_6.0.6002.18005_none_89a58520c5a9bc67\security-licensing-slc-component-sku-serverstorageenterprisecore-oem-nonslp-ul-phn.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..orageenterprisecore_31bf3856ad364e35_6.0.6002.18005_none_89a58520c5a9bc67\security-licensing-slc-component-sku-serverstorageenterprisecore-oem-nonslp-ul-oob.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..rstorageexpresscore_31bf3856ad364e35_6.0.6002.18005_none_d35365ed95d89b88\security-licensing-slc-component-sku-serverstorageexpresscore-oem-nonslp-ul-phn.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..rstorageexpresscore_31bf3856ad364e35_6.0.6002.18005_none_d35365ed95d89b88\security-licensing-slc-component-sku-serverstorageexpresscore-oem-nonslp-ul-oob.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..erverenterprisecore_31bf3856ad364e35_6.0.6002.18005_none_0e8993fe47c43f82\security-licensing-slc-component-sku-serverenterprisecore-vl-bypass-rac-public.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..erverenterprisecore_31bf3856ad364e35_6.0.6002.18005_none_0e8993fe47c43f82\security-licensing-slc-component-sku-serverenterprisecore-vl-bypass-rac-private.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..iumbusinesssecurity_31bf3856ad364e35_6.0.6002.18005_none_0d311b0a2f90e033\security-licensing-slc-component-sku-servermediumbusinesssecurity-retail1-ul-oob.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..iumbusinesssecurity_31bf3856ad364e35_6.0.6002.18005_none_0d311b0a2f90e033\security-licensing-slc-component-sku-servermediumbusinesssecurity-retail1-ul-phn.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..mbusinessmanagement_31bf3856ad364e35_6.0.6002.18005_none_a20d7367efaf3c0e\security-licensing-slc-component-sku-servermediumbusinessmanagement-oem-slp-ul-oob.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..mbusinessmanagement_31bf3856ad364e35_6.0.6002.18005_none_a20d7367efaf3c0e\security-licensing-slc-component-sku-servermediumbusinessmanagement-oem-slp-ul.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..mbusinessmanagement_31bf3856ad364e35_6.0.6002.18005_none_a20d7367efaf3c0e\security-licensing-slc-component-sku-servermediumbusinessmanagement-retail1-pl.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..mbusinessmanagement_31bf3856ad364e35_6.0.6002.18005_none_a20d7367efaf3c0e\security-licensing-slc-component-sku-servermediumbusinessmanagement-retail1-ul-phn.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..mbusinessmanagement_31bf3856ad364e35_6.0.6002.18005_none_a20d7367efaf3c0e\security-licensing-slc-component-sku-servermediumbusinessmanagement-retail1-ul-oob.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..mbusinessmanagement_31bf3856ad364e35_6.0.6002.18005_none_a20d7367efaf3c0e\security-licensing-slc-component-sku-servermediumbusinessmanagement-oem-nonslp-ul-oob.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..mbusinessmanagement_31bf3856ad364e35_6.0.6002.18005_none_a20d7367efaf3c0e\security-licensing-slc-component-sku-servermediumbusinessmanagement-oem-nonslp-ul-phn.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..mbusinessmanagement_31bf3856ad364e35_6.0.6002.18005_none_a20d7367efaf3c0e\security-licensing-slc-component-sku-servermediumbusinessmanagement-oem-nonslp-pl.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..iumbusinesssecurity_31bf3856ad364e35_6.0.6002.18005_none_0d311b0a2f90e033\security-licensing-slc-component-sku-servermediumbusinesssecurity-oem-nonslp-ul-oob.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..iumbusinesssecurity_31bf3856ad364e35_6.0.6002.18005_none_0d311b0a2f90e033\security-licensing-slc-component-sku-servermediumbusinesssecurity-oem-nonslp-ul-phn.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..iumbusinesssecurity_31bf3856ad364e35_6.0.6002.18005_none_0d311b0a2f90e033\security-licensing-slc-component-sku-servermediumbusinesssecurity-oem-nonslp-pl.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..iumbusinesssecurity_31bf3856ad364e35_6.0.6002.18005_none_0d311b0a2f90e033\security-licensing-slc-component-sku-servermediumbusinesssecurity-oem-slp-ul-oob.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..umbusinessmessaging_31bf3856ad364e35_6.0.6002.18005_none_a35fe19743690311\security-licensing-slc-component-sku-servermediumbusinessmessaging-oem-slp-ul-oob.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..umbusinessmessaging_31bf3856ad364e35_6.0.6002.18005_none_a35fe19743690311\security-licensing-slc-component-sku-servermediumbusinessmessaging-oem-nonslp-pl.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..umbusinessmessaging_31bf3856ad364e35_6.0.6002.18005_none_a35fe19743690311\security-licensing-slc-component-sku-servermediumbusinessmessaging-oem-nonslp-ul-phn.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..umbusinessmessaging_31bf3856ad364e35_6.0.6002.18005_none_a35fe19743690311\security-licensing-slc-component-sku-servermediumbusinessmessaging-oem-nonslp-ul-oob.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..umbusinessmessaging_31bf3856ad364e35_6.0.6002.18005_none_a35fe19743690311\security-licensing-slc-component-sku-servermediumbusinessmessaging-retail1-ul-oob.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..umbusinessmessaging_31bf3856ad364e35_6.0.6002.18005_none_a35fe19743690311\security-licensing-slc-component-sku-servermediumbusinessmessaging-retail1-ul-phn.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..torageworkgroupcore_31bf3856ad364e35_6.0.6002.18005_none_a8a4c9833cc1b9b0\security-licensing-slc-component-sku-serverstorageworkgroupcore-retail1-ul-oob.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..torageworkgroupcore_31bf3856ad364e35_6.0.6002.18005_none_a8a4c9833cc1b9b0\security-licensing-slc-component-sku-serverstorageworkgroupcore-retail1-ul-phn.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..torageworkgroupcore_31bf3856ad364e35_6.0.6002.18005_none_a8a4c9833cc1b9b0\security-licensing-slc-component-sku-serverstorageworkgroupcore-oem-nonslp-ul-oob.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..torageworkgroupcore_31bf3856ad364e35_6.0.6002.18005_none_a8a4c9833cc1b9b0\security-licensing-slc-component-sku-serverstorageworkgroupcore-oem-slp-ul-oob.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..torageworkgroupcore_31bf3856ad364e35_6.0.6002.18005_none_a8a4c9833cc1b9b0\security-licensing-slc-component-sku-serverstorageworkgroupcore-oem-nonslp-ul-phn.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..torageworkgroupcore_31bf3856ad364e35_6.0.6002.18005_none_a8a4c9833cc1b9b0\security-licensing-slc-component-sku-serverstorageworkgroupcore-oem-slpcoa-ul-oob.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..torageworkgroupcore_31bf3856ad364e35_6.0.6002.18005_none_a8a4c9833cc1b9b0\security-licensing-slc-component-sku-serverstorageworkgroupcore-oem-slpcoa-ul-phn.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..erverdatacentercore_31bf3856ad364e35_6.0.6002.18005_none_95c052f6d0c663e0\security-licensing-slc-component-sku-serverdatacentercore-vl-bypass-rac-private.xrm-ms
Hidden: file C:\2a56314586a156f4478731\ba79301a2fe85eadfd2a98\416d1103f1df78969d0b\amd64_microsoft-windows-s..erverdatacentercore_31bf3856ad364e35_6.0.6002.18005_none_95c052f6d0c663e0\security-licensing-slc-component-sku-serverdatacentercore-vl-bypass-rac-public.xrm-ms
Hidden: file C:\Users\Petr\AppData\Local\Temp\Co_se_casto_ nevidi_na_verejnosti.pps
Info: Starting disk scan of G: (NTFS).
Info: Starting disk scan of H: (NTFS).
Hidden: file H:\Program Files (x86)\Farmer Jane\models\farm3\F3_Orchard0_U0.fbx
Stopped logging on 4.8.2010 at 20:03:23

[stell]

nevidim ziadneho Rootkita,ako vidis mas tam zopar skrytych suborov,,takze zisti ci este pc -odosiela spam,ak nie tak tot vsjo.