Trojanek

[Pana]

Ahoj,
defender mi začal vyhazovat hlasku ze mam trojan downloader, a asi ho nedokaze odstranit.
Pomohl by mi nekdo prosim?
Díky

Kód: Vybrat vše

Logfile of random's system information tool 1.08 (written by random/random)
Run by Uzivatel at 2010-11-03 07:26:47
Microsoft Windows 7 Ultimate  
System drive C: has 1 GB (2%) free of 51 GB
Total RAM: 4095 MB (20% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:26:49, on 3.11.2010
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\Windows\system\ComHookMonitor.exe
C:\Program Files\ASUS Xonar D2 Audio\Customapp\ASUSAUDIOCENTER.EXE
G:\STEAM\Steam.exe
C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
C:\Users\Uzivatel\AppData\Roaming\QipGuard\QipGuard.exe
C:\Program Files (x86)\DNA\btdna.exe
C:\Apache\bin\ApacheMonitor.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Ralink\Common\RaUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Users\Uzivatel\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe
C:\Users\Uzivatel\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files (x86)\TightVNC\tvnserver.exe
G:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\Common Files\Nokia\NoA\nokiaaserver.exe
G:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
C:\Program Files (x86)\QIP Infium\infium.exe
C:\Program Files (x86)\Winamp\winamp.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files (x86)\Opera\opera.exe
C:\Users\Uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\PSPad editor\PSPad.exe
C:\Users\Uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
C:\Windows\Fjizoa.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
c:\program files (x86)\winamp toolbar\WinampTbServer.exe
C:\Users\Uzivatel\AppData\Local\Temp\Fph.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\trend micro\Uzivatel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Uzivatel\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) -  - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
O2 - BHO: QipLI - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Users\Uzivatel\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Uzivatel\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files (x86)\TightVNC\tvnserver.exe" -controlservice -slave
O4 - HKLM\..\Run: [PMBVolumeWatcher] G:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RemoteControl10] "G:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "g:\steam\steam.exe" -silent
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Uzivatel\AppData\Roaming\uTorrent\utorrent.exe"
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Users\Uzivatel\AppData\Roaming\QipGuard\QipGuard.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files (x86)\DNA\btdna.exe"
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Metropolis] rundll32.exe C:\Windows\system32\sshnas21.dll,GetHandle
O4 - HKCU\..\Run: [U36VRSFLG6] C:\Users\Uzivatel\AppData\Local\Temp\Fph.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Uzivatel\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Monitor Apache Servers.lnk = C:\Apache\bin\ApacheMonitor.exe
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files (x86)\Ralink\Common\RaUI.exe
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files (x86)\SoundTaxi\YouTubeRipper.dll
O9 - Extra 'Tools' menuitem: Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files (x86)\SoundTaxi\YouTubeRipper.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{F69848AE-C41B-41A6-ADF9-D2E585ACB477}: NameServer = 192.168.1.1
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apache2.2 - Apache Software Foundation - C:\Apache\bin\httpd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\Windows\SysWOW64\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments Corporation - C:\Windows\SysWOW64\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments Corporation - C:\Windows\SysWOW64\lktsrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NI Configuration Manager (mxssvr) - National Instruments Corporation - G:\Program Files (x86)\National Instruments\MAX\nimxs.exe
O23 - Service: MySQL - Unknown owner - C:\MySQL\bin\mysqld (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NI Device Loader (nidevldu) - Unknown owner - C:\Windows\SysWOW64\nipalsm.exe (file missing)
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments Corporation - G:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: National Instruments RIO Server (NiRioRpc) - Unknown owner - C:\Windows\SysWOW64\NiRioRpc.exe (file missing)
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corporation - C:\Windows\SysWOW64\nisvcloc.exe
O23 - Service: National Instruments Variable Engine (NITaggerService) - National Instruments Corporation - G:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe
O23 - Service: O&O Defrag - O&O Software GmbH - F:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: OpcEnum - OPC Foundation - C:\Windows\SysWOW64\OpcEnum.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - G:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files (x86)\Ralink\Common\RalinkRegistryWriter.exe
O23 - Service: Realtek11nSU - Realtek - C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SMServer - SMServer - C:\Windows\SysWOW64\snmvtsvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: STSService - Unknown owner - C:\Program Files (x86)\SoundTaxi Media Suite\STSService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: TightVNC Server (tvnserver) - GlavSoft LLC. - C:\Program Files (x86)\TightVNC\tvnserver.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16743 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Apache\bin\httpd.exe" -k runservice
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\srvany.exe
C:\Windows\SysWOW64\lkads.exe
C:\Windows\KMService.exe
\??\C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\lktsrv.exe
"G:\Program Files (x86)\National Instruments\MAX\nimxs.exe"
"C:\Windows\system\ComHookMonitor.exe" 
"F:\Program Files\OO Software\Defrag\oodtray.exe" 
"C:\MySQL\bin\mysqld" --defaults-file="C:\MySQL\my.ini" MySQL
"C:\Program Files\ASUS Xonar D2 Audio\Customapp\ASUSAUDIOCENTER.EXE" 
C:\Apache\bin\httpd.exe -d C:/Apache -f C:\Apache\conf\httpd.conf -d C:\Apache\.
"G:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe"
C:\Windows\SysWOW64\nisvcloc.exe -s
"G:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe"
"F:\Program Files\OO Software\Defrag\oodag.exe"
"G:\STEAM\Steam.exe" -silent
"C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe" 
"C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" -tray
"G:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe"
"C:\Users\Uzivatel\AppData\Roaming\QipGuard\QipGuard.exe" 
"C:\Program Files (x86)\Ralink\Common\RalinkRegistryWriter.exe"
"C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWlan.exe" /H
"C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe" -service
"C:\Program Files (x86)\TightVNC\tvnserver.exe" -service
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
TeamViewer.exe --HostService
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
WLIDSvcM.exe 3432
"C:\Program Files (x86)\DNA\btdna.exe" 
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Apache\bin\ApacheMonitor.exe" 
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" 
"C:\Program Files (x86)\Ralink\Common\RaUI.exe" -s
"C:\Program Files (x86)\iTunes\iTunesHelper.exe" 
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Users\Uzivatel\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe" /crashhandler
"C:\Users\Uzivatel\AppData\Roaming\Dropbox\bin\Dropbox.exe" 
"C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe" /watchfiles startup
"C:\Program Files (x86)\TightVNC\tvnserver.exe" -controlservice -slave
"G:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe" 
"C:\Program Files (x86)\Common Files\Nokia\NoA\nokiaaserver.exe" 
"G:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10\PDVD10Serv.exe" 
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Cyberlink\Shared files\brs.exe" 
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\QIP Infium\infium.exe" 
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Winamp\winamp.exe" 
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
"taskhost.exe"
C:\Windows\SysWOW64\svchost.exe -k Akamai
"C:\totalcmd\TOTALCMD.EXE" 
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
"C:\Program Files (x86)\Opera\opera.exe" 
"C:\Users\Uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe" 
"C:\Program Files (x86)\PSPad editor\PSPad.exe" 
"C:\Users\Uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=CacheSize/CacheSizeGroup_0/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SpdyImpact/npn_with_spdy/ --channel=7836.0654AA80.1885116314 /prefetch:3
rundll32.exe C:\Windows\system32\sshnas21.dll,GetHandle
"G:\HRY\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe" 
"C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" "-launchedbycsxs"
 {814CD327-30DC-4C8F-8B26-025636ADA94D}
 {90FDDFB0-BD62-4746-90B5-F1112060B107}
C:\Windows\Fjizoa.exe
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" -Embedding
"c:\program files (x86)\winamp toolbar\WinampTbServer.exe" -Embedding
C:\Windows\system32\AUDIODG.EXE 0xb78
C:\Users\Uzivatel\AppData\Local\Temp\Fph.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe74_ Global\UsGthrCtrlFltPipeMssGthrPipe74 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\Windows\system32\SearchFilterHost.exe" 0 504 508 516 65536 512 
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:5316 CREDAT:145630
"C:\Users\Uzivatel\Documents\RSITx64.exe" 

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4026519982-3516096917-702431145-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4026519982-3516096917-702431145-1001UA.job
C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - D:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}]
QipLI Class - C:\Users\Uzivatel\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll [2010-05-28 48080]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Users\Uzivatel\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-05-28 149968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-03-23 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio8788"=C:\Windows\syswow64\RunDll32.exe [2009-07-14 44544]
"Cmaudio8788Hook"=C:\Windows\system\ComHookMonitor.exe [2007-06-21 20480]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"OODefragTray"=F:\Program Files\OO Software\Defrag\oodtray.exe [2009-09-11 3832064]
"BCSSync"=D:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"Steam"=g:\steam\steam.exe [2010-08-24 1242448]
"uTorrent"=C:\Users\Uzivatel\AppData\Roaming\uTorrent\utorrent.exe [2010-09-26 328056]
"AutoStartNPSAgent"=C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-12-17 116056]
"NokiaOviSuite2"=C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2010-06-18 671608]
"QIP Internet Guardian"=C:\Users\Uzivatel\AppData\Roaming\QipGuard\QipGuard.exe [2010-05-28 184272]
""= []
"BitTorrent DNA"=C:\Program Files (x86)\DNA\btdna.exe [2010-06-30 323392]
"AnyDVD"=C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [2009-11-11 3124160]
"Google Update"=C:\Users\Uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-06-15 136176]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"Metropolis"=C:\Windows\system32\sshnas21.dll,GetHandle []
"U36VRSFLG6"=C:\Users\Uzivatel\AppData\Local\Temp\Fph.exe [2010-11-01 221184]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"NPSStartup"= []
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-03-17 421888]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2010-03-26 142120]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"NokiaMServer"=C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"tvncontrol"=C:\Program Files (x86)\TightVNC\tvnserver.exe [2010-07-08 815704]
"PMBVolumeWatcher"=G:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [2009-11-04 597792]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"RemoteControl10"=G:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10\PDVD10Serv.exe [2010-02-02 87336]
"BDRegion"=C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [2010-08-26 75048]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-09-30 98304]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Monitor Apache Servers.lnk - C:\Apache\bin\ApacheMonitor.exe
Ralink Wireless Utility.lnk - C:\Program Files (x86)\Ralink\Common\RaUI.exe

C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Uzivatel\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\xchat\xchat.exe"="C:\Program Files (x86)\xchat\xchat.exe:*:Enabled:XChat IRC Client"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - 
.js - open - 
.txt - open - 

======List of files/folders created in the last 1 months======

2010-11-03 07:24:05 ----D---- C:\Program Files\trend micro
2010-11-03 07:24:04 ----D---- C:\rsit
2010-11-01 22:44:15 ----A---- C:\Windows\Fjizoa.exe
2010-11-01 22:44:01 ----A---- C:\Windows\SYSWOW64\sshnas21.dll
2010-10-27 12:43:11 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2010-10-27 12:43:10 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2010-10-27 12:43:10 ----A---- C:\Windows\system32\msdri.dll
2010-10-27 12:43:10 ----A---- C:\Windows\system32\CPFilters.dll
2010-10-25 08:51:44 ----D---- C:\ProgramData\ATI
2010-10-25 08:50:21 ----SHD---- C:\Config.Msi
2010-10-24 18:21:25 ----D---- C:\Users\Uzivatel\AppData\Roaming\CyberLink
2010-10-24 18:18:50 ----D---- C:\ProgramData\CyberLink
2010-10-24 18:18:47 ----D---- C:\Program Files (x86)\Cyberlink
2010-10-24 18:16:43 ----A---- C:\Windows\SYSWOW64\msxml3a.dll
2010-10-24 14:12:59 ----D---- C:\Program Files (x86)\MakeMKV
2010-10-24 14:12:28 ----D---- C:\Users\Uzivatel\AppData\Roaming\HandBrake
2010-10-24 14:12:25 ----D---- C:\Program Files (x86)\Handbrake
2010-10-24 13:47:08 ----ASH---- C:\pagefile.sys
2010-10-24 12:46:40 ----D---- C:\Users\Uzivatel\AppData\Roaming\COWON
2010-10-22 11:36:18 ----D---- C:\Users\Uzivatel\AppData\Roaming\FLV Extract
2010-10-21 03:06:10 ----D---- C:\Windows\rescache
2010-10-21 02:00:48 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2010-10-21 02:00:48 ----A---- C:\Windows\system32\drivers\ks.sys
2010-10-20 18:08:03 ----RHD---- C:\MSOCache
2010-10-20 18:03:17 ----A---- C:\Windows\SYSWOW64\ole32.dll
2010-10-20 18:03:17 ----A---- C:\Windows\system32\ole32.dll
2010-10-20 18:03:15 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2010-10-20 18:03:15 ----A---- C:\Windows\system32\t2embed.dll
2010-10-20 18:03:14 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2010-10-20 18:03:14 ----A---- C:\Windows\system32\StructuredQuery.dll
2010-10-20 18:03:12 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2010-10-20 18:03:12 ----A---- C:\Windows\SYSWOW64\secproc.dll
2010-10-20 18:03:12 ----A---- C:\Windows\system32\secproc_isv.dll
2010-10-20 18:03:12 ----A---- C:\Windows\system32\secproc.dll
2010-10-20 18:03:12 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-10-20 18:03:12 ----A---- C:\Windows\system32\RMActivate.exe
2010-10-20 18:03:11 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2010-10-20 18:03:11 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2010-10-20 18:03:11 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2010-10-20 18:03:11 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2010-10-20 18:03:11 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2010-10-20 18:03:11 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2010-10-20 18:03:11 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-10-20 18:03:11 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-10-20 18:03:11 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-10-20 18:03:11 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-10-20 18:03:09 ----A---- C:\Windows\SYSWOW64\schannel.dll
2010-10-20 18:03:09 ----A---- C:\Windows\system32\schannel.dll
2010-10-20 18:03:07 ----A---- C:\Windows\system32\comctl32.dll
2010-10-20 18:03:06 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2010-10-20 18:03:01 ----A---- C:\Windows\SYSWOW64\tzres.dll
2010-10-20 18:03:01 ----A---- C:\Windows\system32\tzres.dll
2010-10-20 18:02:25 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2010-10-20 18:02:25 ----A---- C:\Windows\system32\wmpmde.dll
2010-10-20 18:02:24 ----A---- C:\Windows\SYSWOW64\mfc40.dll
2010-10-20 18:02:23 ----A---- C:\Windows\SYSWOW64\mfc40u.dll
2010-10-20 18:02:17 ----A---- C:\Windows\system32\mshtml.dll
2010-10-20 18:02:16 ----A---- C:\Windows\system32\ieframe.dll
2010-10-20 18:02:15 ----A---- C:\Windows\system32\iertutil.dll
2010-10-20 18:02:14 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2010-10-20 18:02:14 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2010-10-20 18:02:13 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2010-10-20 18:02:13 ----A---- C:\Windows\system32\msfeeds.dll
2010-10-20 18:02:12 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2010-10-20 18:02:12 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2010-10-20 18:02:12 ----A---- C:\Windows\system32\urlmon.dll
2010-10-20 18:02:12 ----A---- C:\Windows\system32\licmgr10.dll
2010-10-20 18:02:11 ----A---- C:\Windows\SYSWOW64\wininet.dll
2010-10-20 18:02:11 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2010-10-20 18:02:11 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2010-10-20 18:02:11 ----A---- C:\Windows\system32\wininet.dll
2010-10-20 18:02:11 ----A---- C:\Windows\system32\mshtmled.dll
2010-10-20 18:02:11 ----A---- C:\Windows\system32\iedkcs32.dll
2010-10-20 18:02:10 ----A---- C:\Windows\SYSWOW64\mstime.dll
2010-10-20 18:02:10 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2010-10-20 18:02:10 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2010-10-20 18:02:10 ----A---- C:\Windows\SYSWOW64\ieui.dll
2010-10-20 18:02:10 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2010-10-20 18:02:10 ----A---- C:\Windows\system32\mstime.dll
2010-10-20 18:02:10 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-10-20 18:02:10 ----A---- C:\Windows\system32\ieui.dll
2010-10-20 18:02:10 ----A---- C:\Windows\system32\iepeers.dll
2010-10-20 18:02:09 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2010-10-20 18:02:09 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2010-10-20 18:02:09 ----A---- C:\Windows\system32\msfeedssync.exe
2010-10-20 18:02:09 ----A---- C:\Windows\system32\jsproxy.dll
2010-10-20 18:02:03 ----A---- C:\Windows\system32\wmp.dll
2010-10-20 18:02:02 ----A---- C:\Windows\SYSWOW64\wmp.dll
2010-10-20 18:02:00 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2010-10-20 18:01:59 ----A---- C:\Windows\system32\wmploc.DLL
2010-10-20 18:01:54 ----A---- C:\Windows\system32\srvsvc.dll
2010-10-20 18:01:54 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-10-20 18:01:54 ----A---- C:\Windows\system32\drivers\srv.sys
2010-10-20 18:01:53 ----A---- C:\Windows\SYSWOW64\sscore.dll
2010-10-20 18:01:53 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-10-20 18:00:00 ----A---- C:\Windows\system32\win32k.sys
2010-10-20 17:58:46 ----A---- C:\Windows\SYSWOW64\srvany.exe
2010-10-20 17:58:46 ----A---- C:\Windows\KMService.exe
2010-10-20 17:48:46 ----D---- C:\Program Files\Common Files\DESIGNER
2010-10-20 17:48:21 ----D---- C:\Program Files\Microsoft Synchronization Services
2010-10-20 17:48:04 ----D---- C:\Windows\PCHEALTH
2010-10-20 17:48:04 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2010-10-20 17:48:04 ----D---- C:\Program Files (x86)\Microsoft.NET
2010-10-20 17:45:26 ----D---- C:\Program Files\Microsoft Analysis Services
2010-10-20 17:45:25 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2010-10-20 17:44:58 ----D---- C:\Program Files (x86)\Microsoft Office
2010-10-13 07:18:31 ----D---- C:\Windows\SYSWOW64\Shared Memory
2010-10-12 22:18:02 ----D---- C:\Users\Uzivatel\AppData\Roaming\Sony Corporation
2010-10-12 22:15:07 ----D---- C:\ProgramData\Sony Corporation
2010-10-11 10:39:55 ----D---- C:\Windows\SYSWOW64\cvirte
2010-10-10 21:42:59 ----D---- C:\ProgramData\IVI Foundation
2010-10-10 21:42:59 ----D---- C:\Program Files\IVI Foundation
2010-10-10 21:42:59 ----D---- C:\Program Files (x86)\IVI Foundation
2010-10-10 21:33:34 ----D---- C:\Program Files\National Instruments
2010-10-10 21:32:40 ----D---- C:\ProgramData\National Instruments
2010-10-08 21:02:26 ----D---- C:\ProgramData\Ralink
2010-10-08 21:02:11 ----D---- C:\ProgramData\Ralink Driver
2010-10-08 21:02:07 ----D---- C:\Program Files (x86)\Ralink
2010-10-08 21:02:07 ----A---- C:\Windows\SYSWOW64\RAIHV.dll
2010-10-08 21:02:07 ----A---- C:\Windows\SYSWOW64\RAEXTUI.dll
2010-10-08 21:02:07 ----A---- C:\Windows\system32\RAIHV.dll
2010-10-08 21:02:07 ----A---- C:\Windows\system32\RAEXTUI.dll
2010-10-08 21:01:41 ----D---- C:\Users\Uzivatel\AppData\Roaming\InstallShield
2010-10-08 20:27:36 ----D---- C:\Program Files (x86)\Cisco
2010-10-08 20:27:05 ----A---- C:\Windows\system32\RtlUI2.exe
2010-10-08 20:27:05 ----A---- C:\Windows\system32\Rtlihvs.dll
2010-10-08 20:27:05 ----A---- C:\Windows\system32\RTLExtUI.dll
2010-10-08 20:27:05 ----A---- C:\Windows\system32\drivers\rtl8192su.sys
2010-10-08 20:27:05 ----A---- C:\Windows\RtlUI2.exe
2010-10-08 20:27:05 ----A---- C:\Windows\Rtlihvs.dll
2010-10-08 20:27:05 ----A---- C:\Windows\RTLExtUI.dll
2010-10-08 20:27:04 ----D---- C:\Program Files (x86)\REALTEK
2010-10-08 20:27:04 ----A---- C:\Windows\SYSWOW64\ISSRemoveSP.exe

======List of files/folders modified in the last 1 months======

2010-11-03 07:26:48 ----D---- C:\Windows\Temp
2010-11-03 07:26:28 ----D---- C:\Windows\Prefetch
2010-11-03 07:24:05 ----RD---- C:\Program Files
2010-11-03 07:20:33 ----D---- C:\Users\Uzivatel\AppData\Roaming\DNA
2010-11-03 07:16:08 ----D---- C:\Windows\system32\Tasks
2010-11-03 07:16:07 ----D---- C:\Windows\Tasks
2010-11-03 07:12:09 ----D---- C:\Users\Uzivatel\AppData\Roaming\uTorrent
2010-11-03 01:29:57 ----D---- C:\Windows\system32\config
2010-11-03 01:19:40 ----SHD---- C:\System Volume Information
2010-11-01 22:44:15 ----D---- C:\Windows
2010-11-01 22:44:01 ----D---- C:\Windows\SysWOW64
2010-11-01 14:56:40 ----RSD---- C:\Windows\Fonts
2010-11-01 14:49:31 ----D---- C:\websites
2010-10-31 18:41:02 ----D---- C:\Windows\System32
2010-10-31 18:41:02 ----D---- C:\Windows\inf
2010-10-31 18:41:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-10-30 15:29:49 ----D---- C:\Program Files (x86)\Common Files
2010-10-29 02:00:48 ----D---- C:\Windows\winsxs
2010-10-29 02:00:37 ----D---- C:\Windows\AppPatch
2010-10-28 09:16:41 ----D---- C:\Users\Uzivatel\AppData\Roaming\GARMIN
2010-10-28 02:06:16 ----D---- C:\Windows\Microsoft.NET
2010-10-28 02:05:50 ----RSD---- C:\Windows\assembly
2010-10-28 02:01:50 ----D---- C:\Windows\ehome
2010-10-28 02:00:30 ----D---- C:\Windows\system32\drivers
2010-10-27 12:43:04 ----D---- C:\Windows\system32\catroot2
2010-10-27 12:43:04 ----D---- C:\Windows\system32\catroot
2010-10-25 20:23:09 ----SD---- C:\Users\Uzivatel\AppData\Roaming\Microsoft
2010-10-25 20:23:08 ----D---- C:\ProgramData\Microsoft Help
2010-10-25 18:20:10 ----D---- C:\Users\Uzivatel\AppData\Roaming\Dropbox
2010-10-25 18:18:48 ----D---- C:\Program Files (x86)\DNA
2010-10-25 08:51:44 ----HD---- C:\ProgramData
2010-10-25 08:51:13 ----SHD---- C:\Windows\Installer
2010-10-25 08:50:54 ----D---- C:\Program Files\ATI Technologies
2010-10-25 08:50:15 ----D---- C:\Windows\system32\DriverStore
2010-10-24 18:56:18 ----D---- C:\Program Files (x86)\SpeedFan
2010-10-24 18:18:47 ----RD---- C:\Program Files (x86)
2010-10-24 18:18:18 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-10-24 18:16:30 ----AD---- C:\ProgramData\TEMP
2010-10-24 18:13:26 ----D---- C:\Users\Uzivatel\AppData\Roaming\vlc
2010-10-24 13:47:36 ----D---- C:\Windows\Minidump
2010-10-24 12:29:57 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2010-10-24 12:29:57 ----A---- C:\Windows\system32\OpenAL32.dll
2010-10-21 02:29:03 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2010-10-21 02:27:42 ----D---- C:\Windows\SYSWOW64\cs-CZ
2010-10-21 02:27:42 ----D---- C:\Windows\system32\cs-CZ
2010-10-21 02:27:40 ----D---- C:\Windows\SYSWOW64\migration
2010-10-21 02:27:40 ----D---- C:\Windows\system32\migration
2010-10-21 02:27:40 ----D---- C:\Program Files\Windows Media Player
2010-10-21 02:27:40 ----D---- C:\Program Files\Internet Explorer
2010-10-21 02:27:40 ----D---- C:\Program Files (x86)\Windows Media Player
2010-10-21 02:27:40 ----D---- C:\Program Files (x86)\Internet Explorer
2010-10-21 02:02:11 ----D---- C:\Windows\debug
2010-10-21 02:02:08 ----A---- C:\Windows\system32\MRT.exe
2010-10-20 17:48:46 ----D---- C:\Program Files\Common Files
2010-10-20 17:48:21 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-10-20 17:48:04 ----SD---- C:\ProgramData\Microsoft
2010-10-20 17:45:37 ----D---- C:\Windows\ShellNew
2010-10-20 17:42:38 ----D---- C:\Users\Uzivatel\AppData\Roaming\Media Player Classic
2010-10-19 10:41:44 ----N---- C:\Windows\system32\MpSigStub.exe
2010-10-18 18:46:24 ----D---- C:\Program Files (x86)\Opera
2010-10-13 07:22:39 ----D---- C:\ProgramData\Adobe
2010-10-11 17:29:36 ----D---- C:\Users\Uzivatel\AppData\Roaming\Mozilla
2010-10-11 17:28:58 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-10-11 09:48:11 ----D---- C:\Windows\SYSWOW64\drivers
2010-10-10 22:00:44 ----D---- C:\Users\Uzivatel\AppData\Roaming\Guitar Pro 6
2010-10-08 21:01:42 ----A---- C:\Windows\win.ini
2010-10-08 20:41:03 ----D---- C:\Windows\system32\oodag
2010-10-08 20:18:06 ----D---- C:\Windows\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2007-02-07 14104]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-03-16 834544]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 28752]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 121936]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 51280]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-01-01 34472]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2010-06-08 202576]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2010-06-08 53520]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2009-09-23 66304]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2009-09-23 359552]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 20048]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 61008]
R2 cpuz132;cpuz132; \??\C:\Windows\system32\drivers\cpuz132_x64.sys [2009-03-27 19432]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-09-29 7883264]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-09-29 285696]
R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2009-11-11 121280]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-08-16 116240]
R3 cmudaxp;ASUS Xonar D2 Audio Interface; C:\Windows\system32\drivers\cmudaxp.sys [2007-09-11 1161216]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
R3 SndTAudio;SndTAudio; C:\Windows\system32\drivers\SndTAudio.sys [2010-03-19 33336]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2010-06-08 144656]
R3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2010-06-08 164176]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2009-09-23 187904]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2009-09-23 95232]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-06 125456]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-09-29 7883264]
S3 cpuz130;cpuz130; \??\C:\Users\Uzivatel\AppData\Local\Temp\cpuz130\cpuz_x64.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\D:\Program Files\MediaCoder\SysInfoX64.sys [2007-09-25 18128]
S3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2010-07-27 339040]
S3 LVUVC64;QuickCam Pro for Notebooks(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2010-07-27 6465632]
S3 netr28ux;RT2870 USB Wireless LAN Card Driver pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-06-10 867328]
S3 nisldk;nisldk; \??\C:\Windows\system32\drivers\nisldkl.sys []
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2010-02-26 25088]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2010-02-26 19456]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192su.sys [2009-11-11 676864]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2009-12-14 16392]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2010-02-26 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys [2010-02-26 9216]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 vpcuxd;Služba zástupné procedury virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcuxd.sys [2009-09-23 16384]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-09-29 203264]
R2 Apache2.2;Apache2.2; C:\Apache\bin\httpd.exe [2010-07-30 24645]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-03-19 144672]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-02-12 345376]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 KMService;KMService; C:\Windows\syswow64\srvany.exe [2010-10-20 8192]
R2 lkClassAds;National Instruments PSP Server Locator; C:\Windows\SysWOW64\lkads.exe [2009-06-18 42544]
R2 lkTimeSync;National Instruments Time Synchronization; C:\Windows\SysWOW64\lktsrv.exe [2009-06-18 53296]
R2 mxssvr;NI Configuration Manager; G:\Program Files (x86)\National Instruments\MAX\nimxs.exe [2009-06-15 12696]
R2 MySQL;MySQL; C:\MySQL\bin\mysqld --defaults-file=C:\MySQL\my.ini MySQL []
R2 NIDomainService;National Instruments Domain Service; G:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [2009-06-18 356912]
R2 niSvcLoc;NI Service Locator; C:\Windows\SysWOW64\nisvcloc.exe [2009-06-04 13896]
R2 NITaggerService;National Instruments Variable Engine; G:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe [2009-06-23 740968]
R2 O&O Defrag;O&O Defrag; F:\Program Files\OO Software\Defrag\oodag.exe [2009-09-11 2287360]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; G:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
R2 RalinkRegistryWriter;Ralink Registry Writer; C:\Program Files (x86)\Ralink\Common\RalinkRegistryWriter.exe [2008-05-12 69632]
R2 Realtek11nSU;Realtek11nSU; C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe [2009-12-07 40960]
R2 TeamViewer5;TeamViewer 5; C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2010-05-21 173352]
R2 tvnserver;TightVNC Server; C:\Program Files (x86)\TightVNC\tvnserver.exe [2010-07-08 815704]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-03-26 660256]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-03-27 136176]
S2 nidevldu;NI Device Loader; C:\Windows\SysWOW64\nipalsm.exe []
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 LkCitadelServer;Lookout Citadel Server; C:\Windows\SysWOW64\lkcitdl.exe [2008-10-31 695136]
S3 NiRioRpc;National Instruments RIO Server; C:\Windows\SysWOW64\NiRioRpc.exe []
S3 OpcEnum;OpcEnum; C:\Windows\SysWOW64\OpcEnum.exe [2009-06-03 98304]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SMServer;SMServer; C:\Windows\SysWOW64\snmvtsvc.exe [2010-03-19 245760]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S3 STSService;STSService; C:\Program Files (x86)\SoundTaxi Media Suite\STSService.exe [2010-03-19 344064]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-04-15 1255736]
S4 NILM License Manager;NILM License Manager; G:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe []

-----------------EOF-----------------

[Rudy]

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

[Pana]

Kód: Vybrat vše

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 5036

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

3.11.2010 22:20:24
mbam-log-2010-11-03 (22-20-24).txt

Typ skenu: Úplný sken (C:\|D:\|F:\|G:\|)
Skenované objekty: 526727
Uplynulý čas: 1 hodina(y), 8 minuta(y), 7 sekunda(y)

Infikované procesy v paměti: 1
Infikované moduly v paměti: 0
Infikované klíče registru: 4
Infikované hodnoty registru: 1
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 17

Infikované procesy v paměti:
C:\Windows\Fjizoa.exe (Trojan.Downloader) -> No action taken.

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
HKEY_CURRENT_USER\SOFTWARE\C8H1KKCTZV (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\U36VRSFLG6 (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.

Infikované hodnoty registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\u36vrsflg6 (Trojan.FakeAlert) -> No action taken.

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\Windows\Fjizoa.exe (Trojan.Downloader) -> No action taken.
C:\Users\Uzivatel\AppData\Local\Temp\Fpg.exe (Trojan.Downloader) -> No action taken.
C:\Users\Uzivatel\AppData\Local\Temp\Fpk.exe (Trojan.Downloader) -> No action taken.
C:\Users\Uzivatel\AppData\Local\Temp\Fpl.exe (Trojan.Downloader) -> No action taken.
C:\Users\Uzivatel\AppData\Local\Temp\Fpp.exe (Trojan.Downloader) -> No action taken.
C:\Users\Uzivatel\AppData\Local\Temp\B888.tmp\hs_message.exe (Trojan.Downloader) -> No action taken.
D:\Downloads\Windows 7 RemoveWAT\Windows 7 RemoveWAT 2.2.5 by Hazar - DM999\RemoveWAT.exe (Risk.Tool.CK) -> No action taken.
D:\Image\Instalace\Clone DVD 2.9.1.0 & Clone CD 5.3.0.1\Slysoft Products Generic Crack 1.43.exe (RiskWare.Tool.CK) -> No action taken.
F:\Downloads3\Clone DVD 2.9.1.0 & Clone CD 5.3.0.1\Slysoft Products Generic Crack 1.43.exe (RiskWare.Tool.CK) -> No action taken.
F:\System Volume Information\_restore{055F6FCA-5BEA-4091-B8E8-B216CDBCAD10}\RP92\A0029590.exe (Trojan.Horst) -> No action taken.
F:\System Volume Information\_restore{055F6FCA-5BEA-4091-B8E8-B216CDBCAD10}\RP92\A0029603.exe (Trojan.Agent) -> No action taken.
F:\System Volume Information\_restore{055F6FCA-5BEA-4091-B8E8-B216CDBCAD10}\RP92\A0029724.exe (Malware.NSPack) -> No action taken.
F:\System Volume Information\_restore{055F6FCA-5BEA-4091-B8E8-B216CDBCAD10}\RP92\A0029730.exe (Trojan.Dropper.PGen) -> No action taken.
F:\System Volume Information\_restore{BE2645E8-7B0D-43FF-B266-742371BF7F21}\RP238\A0050654.exe (RiskWare.Tool.CK) -> No action taken.
G:\Downloads\Adobe Photoshop CS5 Extended LS6\keygen.exe (Malware.Packer.Gen) -> No action taken.
C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job (Trojan.Downloader) -> No action taken.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> No action taken.

takhle?

[Rudy]

Ano. Všechny nalezené položky smažte.

[Pana]

díky, snad to bude teď v pohodě, vyměnil jsem avast za nod a budu se chovat slusnej O:-)

jeste jednou díky moc!

[cernohous13]

díky, snad to bude teď v pohodě, vyměnil jsem avast za nod a budu se chovat slusnej O:-)
jeste jednou díky moc!

Taky cracknutej ?

D:\Downloads\Windows 7 RemoveWAT\Windows 7 RemoveWAT 2.2.5 by Hazar - DM999\RemoveWAT.exe (Risk.Tool.CK)
D:\Image\Instalace\Clone DVD 2.9.1.0 & Clone CD 5.3.0.1\Slysoft Products Generic Crack 1.43.exe (RiskWare.Tool.CK)
F:\Downloads3\Clone DVD 2.9.1.0 & Clone CD 5.3.0.1\Slysoft Products Generic Crack 1.43.exe (RiskWare.Tool.CK)
G:\Downloads\Adobe Photoshop CS5 Extended LS6\keygen.exe (Malware.Packer.Gen)

[Pana]

ee trial - odinstalovat, trial odinstalovat (odinstalace pomaci smarty uninstaller:) )

[cernohous13]

Avast je dost slušná volba - nemůže ale zabránit kaskadérským kouskům uživatele

[Pana]

vim... tohle dopadlo takhle proto, ze jsem opustil bezpecnou zonu a zacal hledat soft pro pritelkyni ... a kdyz uz tak by sel reinstal systému a na to nemám čas, jinak to delam pravidelne co pul roku...