Zachytené vírusy NOD kou

Zpráva

Luigy88 · #1 Příspěvek od **Luigy88** » 03 pro 2010 13:35

Zdravim.
NOD ka mi vcera detekovala nejake víry , dal som zmazat , ale pre istotu prosim aj o kontrolu logu.
Asi to súvisí s instalacio jedneho programu , krtory som uz zmazal , patch k instalacke bol asi nakazeny....

2. 12. 2010 20:39:58 Rezidentná ochrana súbor C:\Users\Majo\AppData\Local\Temp\Patch.exe pravdepodobne variant infiltrácie Win32/Agent.MUSQNQM trójsky kôň zmazaný Majo-VAIO\Majo Táto skutočnosť bola zistená na novom súbore, ktorý bol vytvorený aplikáciou: C:\Users\Majo\AppData\Roaming\windows update\svchost.exe.

Dakujem za pomoc

Logfile of random's system information tool 1.08 (written by random/random)
Run by Majo at 2010-12-03 13:31:14
Microsoft Windows 7 Home Premium
System drive C: has 260 GB (56%) free of 462 GB
Total RAM: 3950 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:31:18, on 3. 12. 2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\Program Files\Sony\VAIO Care\VCSpt.exe
C:\Program Files (x86)\Common Files\Acronis\Plán2\schedhlp.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\InterVideo\DVD5R\SchSvr.exe
C:\Program Files (x86)\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\GIGABYTE\U8300 Utilities\CONRCtl.exe
C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\InterVideo\FastTVSync\FastTVSync.exe
C:\Program Files (x86)\Adobe\Adobe Photoshop Lightroom 1.3\apdproxy.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Windows\SysWOW64\explorer.exe
C:\Windows\SysWOW64\explorer.exe
C:\Windows\SysWOW64\windows update\svchost.EXE
C:\Windows\SysWOW64\windows update\svchost.EXE
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames2.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10h_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\trend micro\Majo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [FastTVSync] "C:\Program Files (x86)\Common Files\InterVideo\FastTVSync\FastTVSync.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files (x86)\Adobe\Adobe Photoshop Lightroom 1.3\apdproxy.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [HKLM] C:\Windows\system32\windows update\svchost.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [HKCU] C:\Users\Majo\AppData\Roaming\windows update\svchost.exe
O4 - HKLM\..\Policies\Explorer\Run: [Policies] C:\Windows\system32\windows update\svchost.exe
O4 - HKCU\..\Policies\Explorer\Run: [Policies] C:\Windows\system32\windows update\svchost.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: InterVideo Scheduler server.lnk = C:\Program Files (x86)\InterVideo\DVD5R\SchSvr.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files (x86)\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Remote Control.lnk = C:\Program Files (x86)\GIGABYTE\U8300 Utilities\CONRCtl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
O9 - Extra 'Tools' menuitem: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.5.7.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Plán2\schedul2.exe
O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Media plus Database Manager (SOHDBSvr) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Media plus Playlist Manager (SOHPlMgr) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 18765 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Acronis\Plán2\schedul2.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
"C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe" -service
"C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe"
"C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe"
"C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe"
"C:\Program Files\Sony\VAIO Smart Network\VSNService.exe"
C:\Windows\SysWOW64\DllHost.exe /Processid:{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
"C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe"
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a3215c52-f7e1-4460-9a33-9fd1e475e773 -SystemEventPortName:HostProcess-2739c9c6-746e-4667-b633-f7a0643be168 -IoCancelEventPortName:HostProcess-63f90e1a-e25a-46e9-87dd-741579ce1973 -NonStateChangingEventPortName:HostProcess-c245d41a-885a-4018-827e-36ec9dfa182b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:2e1ce906-27ba-4a9c-8ce2-6eaac54f5b94
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
taskeng.exe {14B75ADB-D242-4BF6-A9DB-EA8C613B3746}
C:\Windows\Explorer.EXE
taskeng.exe {E72E7FB7-CE4E-4021-A8D3-04D508125299}
/Device:000000a1
"C:\Program Files\Sony\VAIO Care\VCSpt.exe"
"C:\Program Files\Apoint\Apoint.exe"
"C:\Program Files\Java\jre6\bin\jusched.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Common Files\Acronis\Plán2\schedhlp.exe"
"C:\Windows\WindowsMobile\wmdc.exe"
"C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" /Start
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\InterVideo\DVD5R\SchSvr.exe"
"C:\Program Files (x86)\InterVideo\Common\Bin\WinCinemaMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe"
"C:\Program Files (x86)\GIGABYTE\U8300 Utilities\CONRCtl.exe"
"C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe"
"C:\Program Files\Apoint\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Common Files\InterVideo\FastTVSync\FastTVSync.exe"
"C:\Program Files (x86)\Adobe\Adobe Photoshop Lightroom 1.3\apdproxy.exe"
"C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
"C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe"
"C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\CyberLink\Shared files\brs.exe"
explorer.exe
"C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe" /Stationary
"Apntex.exe"
"C:\Program Files\Apoint\Apvfb.exe"
\??\C:\Windows\system32\conhost.exe
explorer.exe
"C:\Windows\SysWOW64\windows update\svchost.EXE"
"C:\Windows\SysWOW64\windows update\svchost.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe" /SILENT
"C:\Program Files\Sony\VAIO Power Management\SPMService.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval=5000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network Interface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Processor Frequency:1" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Processor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcounter=\Processor(*)\% C3 Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" "/directory=inteldata"
C:\Program Files\Sony\VAIO Care/listener.exe /silent /slot=0
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
"C:\Program Files\Sony\VAIO Care\VCsystray.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\uTorrent\uTorrent.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:6092 CREDAT:71937
"C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe"
"C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames2.exe" -Embedding
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10h_ActiveX.exe -Embedding
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe11_ Global\UsGthrCtrlFltPipeMssGthrPipe11 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:6092 CREDAT:203009
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3281548022-4250810235-489721878-100013_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3281548022-4250810235-489721878-100013 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Users\Majo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LDQXNMJV\RSITx64[1].exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-08-06 132448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-10-27 398512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll [2010-10-27 317496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-17 43520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-08-04 341600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-10-27 297648]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll [2010-10-27 843832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-05-03 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2010-03-25 1548096]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-10-27 398512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-10-27 297648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-12-16 9636896]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2009-11-04 208384]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2010-02-17 171520]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-03-24 2839840]
"Služba Acronis Scheduler2"=C:\Program Files (x86)\Common Files\Acronis\Plán2\schedhlp.exe [2009-11-26 361976]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Policies"=C:\Windows\system32\windows update\svchost.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-02-17 39408]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2010-05-13 26192168]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"HKCU"=C:\Users\Majo\AppData\Roaming\windows update\svchost.exe [2006-03-20 748548]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Policies"=C:\Windows\system32\windows update\svchost.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2009-11-21 284696]
"ISBMgr.exe"=C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2009-08-26 320880]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-01-13 98304]
"NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-06-17 538472]
"PMBVolumeWatcher"=C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [2009-10-24 597792]
"MarketingTools"=C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe [2010-02-17 26624]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"FastTVSync"=C:\Program Files (x86)\Common Files\InterVideo\FastTVSync\FastTVSync.exe [2003-12-26 245760]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"Adobe Photo Downloader"=C:\Program Files (x86)\Adobe\Adobe Photoshop Lightroom 1.3\apdproxy.exe [2007-11-05 61440]
"AdobeCS4ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"TkBellExe"=C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe [2010-08-04 202256]
"SHTtray.exe"=C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [2009-10-15 99624]
"TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2009-11-26 5129128]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2010-02-02 87336]
"BDRegion"=C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [2010-08-26 75048]
"HKLM"=C:\Windows\system32\windows update\svchost.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Policies"=C:\Windows\system32\windows update\svchost.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
InterVideo Scheduler server.lnk - C:\Program Files (x86)\InterVideo\DVD5R\SchSvr.exe
InterVideo WinCinema Manager.lnk - C:\Program Files (x86)\InterVideo\Common\Bin\WinCinemaMgr.exe
Remote Control.lnk - C:\Program Files (x86)\GIGABYTE\U8300 Utilities\CONRCtl.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-12-16 268800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - "C:\Program Files (x86)\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-12-02 12:31:09 ----D---- C:\Program Files (x86)\XericDesign
2010-11-19 10:29:57 ----D---- C:\Program Files (x86)\GIMP-2.0
2010-11-19 10:19:07 ----D---- C:\Users\Majo\AppData\Roaming\Thinstall

======List of files/folders modified in the last 1 months======

2010-12-03 13:31:18 ----D---- C:\Windows\Prefetch
2010-12-03 13:31:17 ----D---- C:\Windows\Temp
2010-12-03 13:31:17 ----D---- C:\Program Files\trend micro
2010-12-03 13:30:53 ----D---- C:\Users\Majo\AppData\Roaming\uTorrent
2010-12-03 13:27:35 ----D---- C:\Windows\system32\config
2010-12-03 13:27:00 ----D---- C:\Users\Majo\AppData\Roaming\Skype
2010-12-03 12:36:39 ----D---- C:\Windows\system32\NDF
2010-12-03 12:16:00 ----A---- C:\Windows\SYSWOW64\log.txt
2010-12-03 09:33:44 ----D---- C:\Users\Majo\AppData\Roaming\vlc
2010-12-03 08:43:06 ----D---- C:\Windows\System32
2010-12-03 08:43:06 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-12-03 08:43:05 ----D---- C:\Windows\inf
2010-12-03 08:28:09 ----D---- C:\Users\Majo\AppData\Roaming\dvdcss
2010-12-03 08:26:55 ----D---- C:\Users\Majo\AppData\Roaming\skypePM
2010-12-02 20:58:41 ----D---- C:\Windows\system32\drivers
2010-12-02 12:36:47 ----D---- C:\Windows\system32\Tasks
2010-12-02 12:31:28 ----D---- C:\Windows\SysWOW64
2010-12-02 12:31:09 ----RD---- C:\Program Files (x86)
2010-11-30 16:50:43 ----SHD---- C:\System Volume Information
2010-11-29 22:47:33 ----D---- C:\Users\Majo\AppData\Roaming\ICQ
2010-11-29 22:25:29 ----D---- C:\enweb
2010-11-29 21:54:42 ----D---- C:\web KOZ
2010-11-29 21:22:36 ----D---- C:\Program Files (x86)\ICQ6.5
2010-11-28 15:06:37 ----D---- C:\Windows\Tasks
2010-11-28 15:06:37 ----D---- C:\Windows\system32\wfp
2010-11-28 15:06:34 ----D---- C:\Windows\system32\wbem
2010-11-28 15:06:34 ----AD---- C:\Windows
2010-11-28 15:05:49 ----D---- C:\Windows\system32\DriverStore
2010-11-28 15:05:49 ----D---- C:\Windows\system32\catroot2
2010-11-28 15:05:48 ----D---- C:\Windows\system32\drivers\etc
2010-11-28 15:05:48 ----D---- C:\Windows\system32\CodeIntegrity
2010-11-28 15:05:46 ----D---- C:\ProgramData\Sony Corporation
2010-11-28 15:05:44 ----D---- C:\Windows\registration
2010-11-24 20:37:01 ----D---- C:\Program Files\Internet Explorer
2010-11-24 20:37:01 ----D---- C:\Program Files (x86)\Internet Explorer
2010-11-24 20:37:00 ----D---- C:\Windows\winsxs
2010-11-24 14:00:49 ----D---- C:\Windows\system32\catroot
2010-11-20 19:43:09 ----D---- C:\ProgramData\Roxio
2010-11-18 16:45:37 ----D---- C:\ProgramData\Real
2010-11-18 16:45:24 ----D---- C:\Users\Majo\AppData\Roaming\Real
2010-11-10 22:37:55 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2009-11-21 537112]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2009-05-20 55280]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2010-10-19 257120]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-05-14 834544]
R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258); C:\Windows\system32\DRIVERS\tdrpm258.sys [2010-10-19 1477728]
R0 timounter;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2010-10-19 943712]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-03-24 139704]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-03-24 163888]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-03-24 169592]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-03-24 50600]
R2 rimspci;rimspci; C:\Windows\system32\drivers\rimssne64.sys [2009-11-06 93696]
R2 risdsnpe;risdsnpe; C:\Windows\system32\drivers\risdsne64.sys [2009-09-15 75776]
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2010-10-19 251488]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\drivers\Apfiltr.sys [2009-11-04 253488]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-11-12 1542656]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-01-27 6106624]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-11-18 21160]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-03-24 33608]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-12-14 56344]
R3 Impcd;Impcd; C:\Windows\system32\drivers\Impcd.sys [2009-11-13 151936]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-12-16 2212640]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-05-15 82816]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-12-16 213280]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-10-09 109056]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\drivers\SFEP.sys [2009-08-19 11392]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 CXIR;Conexant Polaris IR Transceiver; C:\Windows\system32\drivers\cxcir64.sys [2009-04-23 44544]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-11-18 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-11-18 98344]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2009-11-18 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-11-18 35104]
S3 CXPOLARIS;Conexant Polaris Video Capture; C:\Windows\system32\drivers\cxpolar64.sys [2009-11-24 416000]
S3 dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 19968]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-06 61280]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-12-16 7778176]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2009-12-16 244736]
S3 netr7364;RT73 USB Wireless LAN Card Driver for Vista; C:\Windows\system32\DRIVERS\netr7364.sys [2009-06-10 707072]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S4 RsFx0103;RsFx0103 Driver; C:\Windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files (x86)\Common Files\Acronis\Plán2\schedul2.exe [2009-11-26 894480]
R2 afcdpsrv;Acronis Nonstop Backup service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2010-10-19 2480048]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-01-27 202752]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-09-04 873248]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2010-03-24 810120]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-21 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-12-14 268824]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 57617752]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 SampleCollector;VAIO Care Performance Service; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2010-08-12 257936]
R2 SOHCImp;VAIO Media plus Content Importer; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-10-15 120104]
R2 SOHDBSvr;VAIO Media plus Database Manager; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-10-15 70952]
R2 SOHDms;VAIO Media plus Digital Media Server; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-10-15 427304]
R2 SOHDs;VAIO Media plus Device Searcher; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-10-15 75048]
R2 SOHPlMgr;VAIO Media plus Playlist Manager; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-10-15 91432]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 157720]
R2 TeamViewer5;TeamViewer 5; C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2010-05-21 173352]
R2 uCamMonitor;CamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-14 2320920]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe [2010-05-28 205168]
R2 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-09-14 642416]
R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-02-19 529776]
R2 VSNService;VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2009-11-25 821760]
R2 VzCdbSvc;VAIO Entertainment Database Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [2009-09-14 206336]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-17 133104]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-03-24 42336]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-07-22 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-07-22 655624]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-02-17 182768]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]
S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [2009-09-14 69632]
S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager; C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-09-01 361840]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-02-19 115568]
S3 VUAgent;VUAgent; C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [2010-04-09 1223024]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-22 1255736]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]

-----------------EOF-----------------

#2 Příspěvek od **stell** » 03 pro 2010 13:56

zdravim
ano mas tam este zopar smejdov
Stiahnes>>mbam-setup
Nainstalovat, aktualizovat, a spustit skan.
Spravit Uplny skan, co najde daj zmazat,
Log vloz sem.
Podrobny Navod:
http://www.viry.cz/forum/viewtopic.php?f=29&t=67229

Luigy88 · #3 Příspěvek od **Luigy88** » 03 pro 2010 17:14

Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Verzia databázy: 5238

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

3. 12. 2010 17:13:40
mbam-log-2010-12-03 (17-13-40).txt

Typ kontroly: Úplná kontrola (C:\|)
Objektov kontrolovaných: 393970
Uplynutý čas: 1 hod, 15 min, 9 sek

Infikované služby pamäte: 1
Infikované moduly pamäte: 0
Infikované registračné kľúče: 2
Infikované registračné hodnoty: 4
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 14

Infikované služby pamäte:
c:\Users\Majo\AppData\Roaming\windows update\svchost.exe (Trojan.Agent) -> 5288 -> Unloaded process successfully.

Infikované moduly pamäte:
(Škodlivé položky neboli zistené)

Infikované registračné kľúče:
HKEY_CLASSES_ROOT\CLSID\{UJO312H7-0CY0-A5F0-80X2-S7X2C0700PIS} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{UJO312H7-0CY0-A5F0-80X2-S7X2C0700PIS} (Trojan.Agent) -> Quarantined and deleted successfully.

Infikované registračné hodnoty:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies (Trojan.Agent) -> Value: Policies -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\HKLM (Trojan.Agent) -> Value: HKLM -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies (Trojan.Agent) -> Value: Policies -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\HKCU (Trojan.Agent) -> Value: HKCU -> Quarantined and deleted successfully.

Infikované položky registračných dát:
(Škodlivé položky neboli zistené)

Infikované priečinky:
(Škodlivé položky neboli zistené)

Infikované súbory:
c:\$Recycle.Bin\s-1-5-21-3281548022-4250810235-489721878-1000\$R1Q6V3Z.04\animation shop 3.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\install\dreamweaver8_install_keygen_cestina\macromedia_keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
c:\install\photoshop\photoshop.cs2.keygen.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
c:\Users\Majo\AppData\Local\Temp\Keygen.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
c:\Users\Majo\AppData\Local\Temp\ir_ext_temp_0\AutoPlay\Docs\nero8_addiction.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
c:\Users\Majo\AppData\Local\Temp\ir_ext_temp_1\AutoPlay\Docs\ahead_nero_v8.3.6.0.keygen.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Majo\AppData\Local\Temp\ir_ext_temp_1\AutoPlay\Docs\keygen 8.3.2.1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Majo\AppData\Roaming\logs.dat (Bifrose.Trace) -> Quarantined and deleted successfully.
c:\Users\Majo\AppData\Local\Temp\IELOGIN.abc (Malware.Trace) -> Quarantined and deleted successfully.
c:\Users\Majo\AppData\Local\Temp\MSN.abc (Malware.Trace) -> Quarantined and deleted successfully.
c:\Users\Majo\AppData\Local\Temp\XxX.xXx (Malware.Trace) -> Quarantined and deleted successfully.
c:\Users\Majo\AppData\Local\Temp\xxxyyyzzz.dat (Malware.Trace) -> Quarantined and deleted successfully.
c:\Windows\System32\windows update\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Majo\AppData\Roaming\windows update\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.

Po kontrole vsak mi NOD ka este nieco nasla :

3. 12. 2010 17:14:01 Rezidentná ochrana súbor C:\Users\Majo\AppData\Local\Temp\Patch.exe pravdepodobne variant infiltrácie Win32/Agent.MUSQNQM trójsky kôň vyliečený zmazaním - uložený do karantény Majo-VAIO\Majo Táto skutočnosť bola zistená na novom súbore, ktorý bol vytvorený aplikáciou: C:\Users\Majo\AppData\Roaming\windows update\svchost.EXE.

#4 Příspěvek od **stell** » 03 pro 2010 17:41

stiahnes na plochu>Download>spustis>>vloz zeleny text a klik >look,,log vloz sem

Kód: Vybrat vše

:filefind
*svchost*

Luigy88 · #5 Příspěvek od **Luigy88** » 03 pro 2010 18:23

SystemLook 04.09.10 by jpshortstuff
Log created at 18:21 on 03/12/2010 by Majo
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

========== filefind ==========

Searching for "*svchost*"
C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\WcfSvcHost.chm --a---- 40485 bytes [01:10 31/08/2009] [01:10 31/08/2009] 78D92380B37048EB634C5335402D0216
C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\WcfSvcHost.exe --a---- 164176 bytes [12:02 19/03/2010] [12:02 19/03/2010] DE2233F22109F42737B07A8C82826044
C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\WcfSvcHost.exe.config --a---- 142 bytes [19:18 17/01/2010] [19:18 17/01/2010] 99D54862BA23E5E763F33A72B5D71445
C:\Users\Majo\AppData\Roaming\windows update\svchost.EXE ------- 748548 bytes [17:48 10/07/2006] [17:48 10/07/2006] AE14B9D3122DE0D65B4A8C7B3A6DE1CB
C:\Windows\assembly\GAC_MSIL\SMSvcHost\3.0.0.0__b03f5f7f11d50a3a\SMSvcHost.exe --a---- 128848 bytes [00:36 14/07/2009] [21:14 10/06/2009] FE2AA5A684B0DD9B1FAE57B7817C198B
C:\Windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\cb96e1d6de2c7a0c2d518761d6d139b2\SMSvcHost.ni.exe --a---- 366080 bytes [10:53 16/08/2010] [10:53 16/08/2010] 38F37CC58FC663855A47BF9D2D655BBF
C:\Windows\assembly\NativeImages_v2.0.50727_64\SMSvcHost\7110a5c937257cffcde87dffc17feede\SMSvcHost.ni.exe --a---- 525824 bytes [10:58 16/08/2010] [10:58 16/08/2010] 5F545AB3D9AF4F99776680E9AC67616B
C:\Windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\38f0d77629891e7808424103aaef0728\SMSvcHost.ni.exe --a---- 316928 bytes [08:20 26/06/2010] [08:20 26/06/2010] 6C2981E4E5FAC2901673F948691C34D0
C:\Windows\assembly\NativeImages_v4.0.30319_32\WcfSvcHost\47d5f321656d602064e1953c9555b172\WcfSvcHost.ni.exe --a---- 289280 bytes [13:22 03/10/2010] [13:22 03/10/2010] A71DA533D5993A695B2BBC9F5A5D85DB
C:\Windows\assembly\NativeImages_v4.0.30319_64\SMSvcHost\d20799ac98338d32319cf18637d0aae6\SMSvcHost.ni.exe --a---- 424960 bytes [09:41 15/10/2010] [09:41 15/10/2010] DB5D93DC5554B7CD15B49EF0D0C08E0B
C:\Windows\inf\SMSvcHost 3.0.0.0\_SMSvcHostPerfCounters.h --a---- 702 bytes [05:32 14/07/2009] [05:32 14/07/2009] 3CC34148EEA74522DCA93B5EB6AAF3B8
C:\Windows\inf\SMSvcHost 3.0.0.0\_SMSvcHostPerfCounters.ini --a---- 132292 bytes [05:32 14/07/2009] [05:32 14/07/2009] 520B0DCB5E08CA780373C558BE7F336B
C:\Windows\inf\SMSvcHost 3.0.0.0\0000\_SMSvcHostPerfCounters_D.ini --a---- 41 bytes [01:01 14/07/2009] [20:30 10/06/2009] CBDE63C2B8BB1CB6C3F4BF33C9E4DFD1
C:\Windows\inf\SMSvcHost 3.0.0.0\0409\_SMSvcHostPerfCounters_D.ini --a---- 41 bytes [05:35 14/07/2009] [21:30 10/06/2009] CBDE63C2B8BB1CB6C3F4BF33C9E4DFD1
C:\Windows\inf\SMSvcHost 4.0.0.0\_SMSvcHostPerfCounters.h --a---- 702 bytes [08:14 15/10/2010] [23:46 17/03/2010] 3CC34148EEA74522DCA93B5EB6AAF3B8
C:\Windows\inf\SMSvcHost 4.0.0.0\0001\_SMSvcHostPerfCounters.ini --a---- 133910 bytes [08:14 15/10/2010] [11:00 18/03/2010] 49F00E87B984EAD03CE40DC672F0B8E5
C:\Windows\inf\SMSvcHost 4.0.0.0\0005\_SMSvcHostPerfCounters.ini --a---- 133910 bytes [08:14 15/10/2010] [11:00 18/03/2010] 49F00E87B984EAD03CE40DC672F0B8E5
C:\Windows\inf\SMSvcHost 4.0.0.0\0006\_SMSvcHostPerfCounters.ini --a---- 133910 bytes [08:14 15/10/2010] [11:00 18/03/2010] 49F00E87B984EAD03CE40DC672F0B8E5
C:\Windows\inf\SMSvcHost 4.0.0.0\0007\_SMSvcHostPerfCounters.ini --a---- 133910 bytes [08:14 15/10/2010] [11:00 18/03/2010] 49F00E87B984EAD03CE40DC672F0B8E5
C:\Windows\inf\SMSvcHost 4.0.0.0\0008\_SMSvcHostPerfCounters.ini --a---- 133910 bytes [08:14 15/10/2010] [11:00 18/03/2010] 49F00E87B984EAD03CE40DC672F0B8E5
C:\Windows\inf\SMSvcHost 4.0.0.0\0009\_SMSvcHostPerfCounters.ini --a---- 133910 bytes [08:14 15/10/2010] [11:00 18/03/2010] 49F00E87B984EAD03CE40DC672F0B8E5
C:\Windows\inf\SMSvcHost 4.0.0.0\000A\_SMSvcHostPerfCounters.ini --a---- 133910 bytes [08:14 15/10/2010] [11:00 18/03/2010] 49F00E87B984EAD03CE40DC672F0B8E5
C:\Windows\inf\SMSvcHost 4.0.0.0\000B\_SMSvcHostPerfCounters.ini --a---- 133910 bytes [08:14 15/10/2010] [11:00 18/03/2010] 49F00E87B984EAD03CE40DC672F0B8E5
C:\Windows\inf\SMSvcHost 4.0.0.0\000C\_SMSvcHostPerfCounters.ini --a---- 133910 bytes [08:14 15/10/2010] [11:00 18/03/2010] 49F00E87B984EAD03CE40DC672F0B8E5
C:\Windows\inf\SMSvcHost 4.0.0.0\000D\_SMSvcHostPerfCounters.ini --a---- 133910 bytes [08:14 15/10/2010] [11:00 18/03/2010] 49F00E87B984EAD03CE40DC672F0B8E5
C:\Windows\inf\SMSvcHost 4.0.0.0\000E\_SMSvcHostPerfCounters.ini --a---- 133910 bytes [08:14 15/10/2010] [11:00 18/03/2010] 49F00E87B984EAD03CE40DC672F0B8E5
C:\Windows\inf\SMSvcHost 4.0.0.0\0010\_SMSvcHostPerfCounters.ini --a---- 133910 bytes [08:14 15/10/2010] [11:00 18/03/2010] 49F00E87B984EAD03CE40DC672F0B8E5
C:\Windows\inf\SMSvcHost 4.0.0.0\0011\_SMSvcHostPerfCounters.ini --a---- 133910 bytes [08:14 15/10/2010] [11:00 18/03/2010] 49F00E87B984EAD03CE40DC672F0B8E5
C:\Windows\inf\SMSvcHost 4.0.0.0\0012\_SMSvcHostPerfCounters.ini --a---- 133910 bytes [08:14 15/10/2010] [11:00 18/03/2010] 49F00E87B984EAD03CE40DC672F0B8E5
C:\Windows\inf\SMSvcHost 4.0.0.0\0013\_SMSvcHostPerfCounters.ini --a---- 133910 bytes [08:14 15/10/2010] [11:00 18/03/2010] 49F00E87B984EAD03CE40DC672F0B8E5
C:\Windows\inf\SMSvcHost 4.0.0.0\0014\_SMSvcHostPerfCounters.ini --a---- 133910 bytes [08:14 15/10/2010] [11:00 18/03/2010] 49F00E87B984EAD03CE40DC672F0B8E5
C:\Windows\inf\SMSvcHost 4.0.0.0\0015\_SMSvcHostPerfCounters.ini --a---- 133910 bytes [08:14 15/10/2010] [11:00 18/03/2010] 49F00E87B984EAD03CE40DC672F0B8E5
C:\Windows\inf\SMSvcHost 4.0.0.0\0019\_SMSvcHostPerfCounters.ini --a---- 133910 bytes [08:14 15/10/2010] [11:00 18/03/2010] 49F00E87B984EAD03CE40DC672F0B8E5
C:\Windows\inf\SMSvcHost 4.0.0.0\001D\_SMSvcHostPerfCounters.ini --a---- 133910 bytes [08:14 15/10/2010] [11:00 18/03/2010] 49F00E87B984EAD03CE40DC672F0B8E5
C:\Windows\inf\SMSvcHost 4.0.0.0\001F\_SMSvcHostPerfCounters.ini --a---- 133910 bytes [08:14 15/10/2010] [11:00 18/03/2010] 49F00E87B984EAD03CE40DC672F0B8E5
C:\Windows\inf\SMSvcHost 4.0.0.0\0404\_SMSvcHostPerfCounters.ini --a---- 133910 bytes [08:14 15/10/2010] [11:00 18/03/2010] 49F00E87B984EAD03CE40DC672F0B8E5
C:\Windows\inf\SMSvcHost 4.0.0.0\0416\_SMSvcHostPerfCounters.ini --a---- 133910 bytes [08:14 15/10/2010] [11:00 18/03/2010] 49F00E87B984EAD03CE40DC672F0B8E5
C:\Windows\inf\SMSvcHost 4.0.0.0\0804\_SMSvcHostPerfCounters.ini --a---- 133910 bytes [08:14 15/10/2010] [11:00 18/03/2010] 49F00E87B984EAD03CE40DC672F0B8E5
C:\Windows\inf\SMSvcHost 4.0.0.0\0816\_SMSvcHostPerfCounters.ini --a---- 133910 bytes [08:14 15/10/2010] [11:00 18/03/2010] 49F00E87B984EAD03CE40DC672F0B8E5
C:\Windows\Microsoft.NET\assembly\GAC_MSIL\WcfSvcHost\v4.0_10.0.0.0__31bf3856ad364e35\WcfSvcHost.exe --a---- 164176 bytes [13:03 02/10/2010] [13:03 02/10/2010] DE2233F22109F42737B07A8C82826044
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe --a---- 128848 bytes [00:36 14/07/2009] [21:14 10/06/2009] FE2AA5A684B0DD9B1FAE57B7817C198B
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe.config --a---- 1951 bytes [05:32 14/07/2009] [05:32 14/07/2009] 757BC33428B870035A16FD96B9DDB7FA
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\_SMSvcHostPerfCounters.reg --a---- 3779 bytes [00:36 14/07/2009] [21:13 10/06/2009] 8A53EE0F775CBFABF1385FB58EF0FFBA
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\_SMSvcHostPerfCounters.vrg --a---- 3777 bytes [05:32 14/07/2009] [05:32 14/07/2009] 0708A95C3252EDD95FCD86D93CE47E76
C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe --a---- 124240 bytes [11:16 18/03/2010] [11:16 18/03/2010] D22CD77D4F0D63D1169BB35911BFF12D
C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe.config --a---- 2262 bytes [22:10 17/03/2010] [22:10 17/03/2010] A9E7E2A3A82362D180CEA7EA1EDFA81A
C:\Windows\Microsoft.NET\Framework\v4.0.30319\_SMSvcHostPerfCounters.h --a---- 702 bytes [23:46 17/03/2010] [23:46 17/03/2010] 3CC34148EEA74522DCA93B5EB6AAF3B8
C:\Windows\Microsoft.NET\Framework\v4.0.30319\_SMSvcHostPerfCounters.ini --a---- 133910 bytes [11:00 18/03/2010] [11:00 18/03/2010] 49F00E87B984EAD03CE40DC672F0B8E5
C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe --a---- 116560 bytes [01:01 14/07/2009] [20:30 10/06/2009] 3E5A36127E201DDF663176B66828FAFE
C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe.config --a---- 1951 bytes [05:32 14/07/2009] [05:32 14/07/2009] 757BC33428B870035A16FD96B9DDB7FA
C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\_SMSvcHostPerfCounters.reg --a---- 3779 bytes [01:01 14/07/2009] [20:30 10/06/2009] 8A53EE0F775CBFABF1385FB58EF0FFBA
C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\_SMSvcHostPerfCounters.vrg --a---- 3777 bytes [05:32 14/07/2009] [05:32 14/07/2009] 0708A95C3252EDD95FCD86D93CE47E76
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe --a---- 124240 bytes [11:16 18/03/2010] [11:16 18/03/2010] D22CD77D4F0D63D1169BB35911BFF12D
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe.config --a---- 2262 bytes [22:10 17/03/2010] [22:10 17/03/2010] A9E7E2A3A82362D180CEA7EA1EDFA81A
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\_SMSvcHostPerfCounters.h --a---- 702 bytes [23:46 17/03/2010] [23:46 17/03/2010] 3CC34148EEA74522DCA93B5EB6AAF3B8
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\_SMSvcHostPerfCounters.ini --a---- 133910 bytes [11:00 18/03/2010] [11:00 18/03/2010] 49F00E87B984EAD03CE40DC672F0B8E5
C:\Windows\System32\svchost.exe --a---- 20992 bytes [23:19 13/07/2009] [01:14 14/07/2009] 54A47F6B5E09A77E61649109C6A08866
C:\Windows\System32\sk-SK\svchost.exe.mui --a---- 2048 bytes [23:23 03/02/2010] [23:23 03/02/2010] EFA0F3F9A726C4F5C59B67D60CC0FB06
C:\Windows\SysWOW64\svchost.exe --a---- 20992 bytes [23:19 13/07/2009] [01:14 14/07/2009] 54A47F6B5E09A77E61649109C6A08866
C:\Windows\SysWOW64\sk-SK\svchost.exe.mui --a---- 2048 bytes [23:23 03/02/2010] [23:23 03/02/2010] EFA0F3F9A726C4F5C59B67D60CC0FB06
C:\Windows\winsxs\amd64_microsoft-windows-s..s-svchost.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_9579fee2074997e8\svchost.exe.mui --a---- 2048 bytes [23:23 03/02/2010] [23:23 03/02/2010] 71477171AD99936F0AFCAC5B87108E65
C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe --a---- 27136 bytes [23:31 13/07/2009] [01:39 14/07/2009] C78655BC80301D76ED4FEF1C1EA40A7D
C:\Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_en-us_fcbf4f94532a3c60\_SMSvcHostPerfCounters_D.ini --a---- 41 bytes [05:35 14/07/2009] [21:30 10/06/2009] CBDE63C2B8BB1CB6C3F4BF33C9E4DFD1
C:\Windows\winsxs\amd64_wcf-m_smsvchost_exe_cnf_31bf3856ad364e35_6.1.7600.16385_none_50a8efa432beeea2\SMSvcHost.exe.config --a---- 1951 bytes [01:01 14/07/2009] [20:30 10/06/2009] 757BC33428B870035A16FD96B9DDB7FA
C:\Windows\winsxs\amd64_wcf-m_smsvchost_perf_c_h_31bf3856ad364e35_6.1.7600.16385_none_9f53e08173260b26\_SMSvcHostPerfCounters.h --a---- 702 bytes [01:01 14/07/2009] [20:30 10/06/2009] 3CC34148EEA74522DCA93B5EB6AAF3B8
C:\Windows\winsxs\amd64_wcf-m_smsvchost_perf_c_ini_31bf3856ad364e35_6.1.7600.16385_none_902b82bc25e07ac6\_SMSvcHostPerfCounters.ini --a---- 132292 bytes [01:01 14/07/2009] [20:30 10/06/2009] 520B0DCB5E08CA780373C558BE7F336B
C:\Windows\winsxs\amd64_wcf-m_smsvchost_perf_c_ini_31bf3856ad364e35_6.1.7600.16385_none_902b82bc25e07ac6\_SMSvcHostPerfCounters_D.ini --a---- 41 bytes [01:01 14/07/2009] [20:30 10/06/2009] CBDE63C2B8BB1CB6C3F4BF33C9E4DFD1
C:\Windows\winsxs\amd64_wcf-m_smsvchost_perf_c_reg_31bf3856ad364e35_6.1.7600.16385_none_8c4294ee286200ce\_SMSvcHostPerfCounters.reg --a---- 3779 bytes [01:01 14/07/2009] [20:30 10/06/2009] 8A53EE0F775CBFABF1385FB58EF0FFBA
C:\Windows\winsxs\amd64_wcf-m_smsvchost_perf_c_vrg_31bf3856ad364e35_6.1.7600.16385_none_9206172424ada22d\_SMSvcHostPerfCounters.vrg --a---- 3777 bytes [01:01 14/07/2009] [20:30 10/06/2009] 0708A95C3252EDD95FCD86D93CE47E76
C:\Windows\winsxs\amd64_wcf-smsvchost_b03f5f7f11d50a3a_6.1.7600.16385_none_c7f13af70ac77b22\SMSvcHost.exe --a---- 116560 bytes [01:01 14/07/2009] [20:30 10/06/2009] 3E5A36127E201DDF663176B66828FAFE
C:\Windows\winsxs\FileMaps\$$_inf_smsvchost_3.0.0.0_0000_2d6d90735cb61780.cdf-ms --a---- 604 bytes [05:32 14/07/2009] [05:32 14/07/2009] 4D30ADFCEDFA1BA019303F626249C58D
C:\Windows\winsxs\FileMaps\$$_inf_smsvchost_3.0.0.0_0409_2d6da1915cb5fdbb.cdf-ms --a---- 668 bytes [05:37 14/07/2009] [05:37 14/07/2009] 8BCCDCFC6BB3102D71FF5D52444EE502
C:\Windows\winsxs\Manifests\amd64_microsoft-windows-peertopeersvchostreg_31bf3856ad364e35_6.1.7600.16385_none_2032b51ef12abd20.manifest --a---- 1760 bytes [02:34 14/07/2009] [02:11 14/07/2009] 4E5199541D8DD7B328B41413A59201A5
C:\Windows\winsxs\Manifests\amd64_microsoft-windows-s..s-svchost.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_9579fee2074997e8.manifest --a---- 2279 bytes [23:22 03/02/2010] [23:22 03/02/2010] AA9048EC9645ACB8A84278E75CCB4D37
C:\Windows\winsxs\Manifests\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c.manifest --a---- 6467 bytes [02:33 14/07/2009] [02:26 14/07/2009] 045411317E00563A2748AEB944EC6E14
C:\Windows\winsxs\Manifests\amd64_wcf-m_smsvchost_exe_cnf_31bf3856ad364e35_6.1.7600.16385_none_50a8efa432beeea2.manifest --a---- 2113 bytes [02:12 14/07/2009] [02:12 14/07/2009] A6FF37F60B321EC86032ADD616313B57
C:\Windows\winsxs\Manifests\amd64_wcf-m_smsvchost_perf_c_h_31bf3856ad364e35_6.1.7600.16385_none_9f53e08173260b26.manifest --a---- 1727 bytes [02:27 14/07/2009] [02:27 14/07/2009] 1CDDB5D0D6F91A488EC2004E043B4390
C:\Windows\winsxs\Manifests\amd64_wcf-m_smsvchost_perf_c_ini_31bf3856ad364e35_6.1.7600.16385_none_902b82bc25e07ac6.manifest --a---- 3061 bytes [02:13 14/07/2009] [02:13 14/07/2009] 135A7587B00B24DF6202F76734D3F12F
C:\Windows\winsxs\Manifests\amd64_wcf-m_smsvchost_perf_c_reg_31bf3856ad364e35_6.1.7600.16385_none_8c4294ee286200ce.manifest --a---- 2082 bytes [02:15 14/07/2009] [02:15 14/07/2009] 3B7E1DE0EA782F07A6009FE1C1D61099
C:\Windows\winsxs\Manifests\amd64_wcf-m_smsvchost_perf_c_vrg_31bf3856ad364e35_6.1.7600.16385_none_9206172424ada22d.manifest --a---- 1820 bytes [02:16 14/07/2009] [02:16 14/07/2009] 60272E392322AFE717EBD5703E46E655
C:\Windows\winsxs\Manifests\amd64_wcf-smsvchost_b03f5f7f11d50a3a_6.1.7600.16385_none_c7f13af70ac77b22.manifest --a---- 2153 bytes [02:18 14/07/2009] [02:18 14/07/2009] F5551DA5837C8245A1C501E9F54824B4
C:\Windows\winsxs\Manifests\msil_smsvchost.resources_b03f5f7f11d50a3a_6.1.7600.16385_en-us_c9a8fb43c97ca5db.manifest --a---- 493 bytes [05:35 14/07/2009] [02:42 14/07/2009] 0E96C4B16CB641045D3A9832777327F7
C:\Windows\winsxs\Manifests\msil_smsvchost_b03f5f7f11d50a3a_6.1.7600.16385_none_e6e1153910bdcce8.manifest --a---- 2635 bytes [01:54 14/07/2009] [01:54 14/07/2009] DF40F6A3D4F4E4F2076A656261765A7A
C:\Windows\winsxs\Manifests\x86_microsoft-windows-s..s-svchost.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_395b635e4eec26b2.manifest --a---- 2277 bytes [23:21 03/02/2010] [23:21 03/02/2010] AB86B642128976928F1C4F969F02F970
C:\Windows\winsxs\Manifests\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356.manifest --a---- 6333 bytes [02:33 14/07/2009] [01:57 14/07/2009] 7F022A0569EB657173EFCD79865259A0
C:\Windows\winsxs\Manifests\x86_wcf-m_smsvchost_exe_cnf_31bf3856ad364e35_6.1.7600.16385_none_f48a54207a617d6c.manifest --a---- 2109 bytes [01:47 14/07/2009] [01:47 14/07/2009] BEE6F1B0245D57F2421D04E875F291C0
C:\Windows\winsxs\Manifests\x86_wcf-m_smsvchost_perf_c_reg_31bf3856ad364e35_6.1.7600.16385_none_3023f96a70048f98.manifest --a---- 2078 bytes [01:49 14/07/2009] [01:49 14/07/2009] 221A96B91BB69D882E7903010B3131EE
C:\Windows\winsxs\Manifests\x86_wcf-m_smsvchost_perf_c_vrg_31bf3856ad364e35_6.1.7600.16385_none_35e77ba06c5030f7.manifest --a---- 1816 bytes [01:50 14/07/2009] [01:50 14/07/2009] 06AF46ACF73D5D155F5E343D869A6133
C:\Windows\winsxs\msil_smsvchost_b03f5f7f11d50a3a_6.1.7600.16385_none_e6e1153910bdcce8\SMSvcHost.exe --a---- 128848 bytes [00:36 14/07/2009] [21:14 10/06/2009] FE2AA5A684B0DD9B1FAE57B7817C198B
C:\Windows\winsxs\x86_microsoft-windows-s..s-svchost.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_395b635e4eec26b2\svchost.exe.mui --a---- 2048 bytes [23:23 03/02/2010] [23:23 03/02/2010] EFA0F3F9A726C4F5C59B67D60CC0FB06
C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe --a---- 20992 bytes [23:19 13/07/2009] [01:14 14/07/2009] 54A47F6B5E09A77E61649109C6A08866
C:\Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a0a0b4109acccb2a\_SMSvcHostPerfCounters_D.ini --a---- 41 bytes [05:35 14/07/2009] [22:13 10/06/2009] CBDE63C2B8BB1CB6C3F4BF33C9E4DFD1
C:\Windows\winsxs\x86_wcf-m_smsvchost_exe_cnf_31bf3856ad364e35_6.1.7600.16385_none_f48a54207a617d6c\SMSvcHost.exe.config --a---- 1951 bytes [00:36 14/07/2009] [21:14 10/06/2009] 757BC33428B870035A16FD96B9DDB7FA
C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_reg_31bf3856ad364e35_6.1.7600.16385_none_3023f96a70048f98\_SMSvcHostPerfCounters.reg --a---- 3779 bytes [00:36 14/07/2009] [21:13 10/06/2009] 8A53EE0F775CBFABF1385FB58EF0FFBA
C:\Windows\winsxs\x86_wcf-m_smsvchost_perf_c_vrg_31bf3856ad364e35_6.1.7600.16385_none_35e77ba06c5030f7\_SMSvcHostPerfCounters.vrg --a---- 3777 bytes [00:36 14/07/2009] [21:14 10/06/2009] 0708A95C3252EDD95FCD86D93CE47E76

-= EOF =-

#6 Příspěvek od **stell** » 03 pro 2010 18:28

zapnut zobrazovanie skrytych a systemovych suborov.
najdi tento subor a zmaz.
C:\Users\Majo\AppData\Roaming\windows update\svchost.EXE

Vypnut obnovu systemu restart, a zapnut spat.

a napis ako sa chova pc.

Luigy88 · #7 Příspěvek od **Luigy88** » 03 pro 2010 19:04

Nedari sa mi odstranit subor svchost.EXE

Akciu nemozno dokoncit , pretoze subor je otvoreny v programe wtf Module.

V spravci uloh ak dam procesy je 3* schvost .exe * 32 a tam je popis wtf Module.
Ale neda sa to ukoncit , akonahla ukoncim proces hned sa znova nastartuje

co s tym mozem urobit??

#8 Příspěvek od **stell** » 03 pro 2010 19:07

skus to zmazat v nudzovom rezime, ak nepojde tak zmazeme s OTL.

Luigy88 · #9 Příspěvek od **Luigy88** » 04 pro 2010 12:45

Dakujem , v nudzovom rezime sa mi to podarilo

Nasledne som este raz dal kontrolu ESET om , nasiel mi dalsie 2 viry.
Pocitac sa mi zda este stale troska pribrzdeny , mohli by sme s tym este nieco spravit?

#10 Příspěvek od **stell** » 04 pro 2010 12:52

Stahni OTListIt2>> OTL
Označ položku Pro všechny uživatele.
Označ položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
do okna >vloz zeleny text a klik Klikn na tlačítko Prohledat
Po dokončení, sem vlož logy OTL.Txt a Extras.txt

Kód: Vybrat vše

msconfig
safebootminimal
activex
drivers32
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\drivers\*.sys /90

Luigy88 · #11 Příspěvek od **Luigy88** » 04 pro 2010 14:52

OTL logfile created on: 04/12/2010 14:20:49 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Majo\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000809 | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 54.00% Memory free
8.00 Gb Paging File | 5.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.43 Gb Total Space | 251.64 Gb Free Space | 55.74% Space Free | Partition Type: NTFS

Computer Name: MAJO-VAIO | User Name: Majo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/04 14:19:36 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Majo\Desktop\OTL.exe
PRC - [2010/10/27 19:11:43 | 000,304,304 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2010/10/19 21:10:30 | 002,480,048 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2010/10/07 11:31:09 | 000,219,952 | ---- | M] () -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2010/08/26 11:18:34 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2010/08/12 14:15:34 | 000,081,296 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Care\VCSpt.exe
PRC - [2010/08/04 16:09:28 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/07/20 15:41:26 | 000,231,888 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10h_ActiveX.exe
PRC - [2010/05/28 10:14:24 | 000,205,168 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
PRC - [2010/05/21 12:27:04 | 000,173,352 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2010/05/18 12:38:46 | 000,075,776 | ---- | M] (Sony of America Corporation) -- C:\Program Files\Sony\VAIO Care\listener.exe
PRC - [2010/05/05 13:06:54 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\U8300 Utilities\CONRCtl.exe
PRC - [2010/03/24 20:31:50 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2010/02/19 19:19:24 | 000,529,776 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
PRC - [2010/02/17 08:10:37 | 000,026,624 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe
PRC - [2010/02/17 07:44:13 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2010/02/02 23:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2009/12/14 21:06:24 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009/12/14 21:06:08 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/12/01 23:03:52 | 000,112,488 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe
PRC - [2009/11/26 16:45:54 | 000,361,976 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Plán2\schedhlp.exe
PRC - [2009/11/26 16:44:46 | 005,129,128 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2009/11/24 10:32:22 | 000,234,792 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames2.exe
PRC - [2009/11/21 00:25:24 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009/11/21 00:25:22 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009/10/30 12:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2009/10/24 04:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\PMB\PMBDeviceInfoProvider.exe
PRC - [2009/10/24 04:18:52 | 000,597,792 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe
PRC - [2009/10/15 17:34:36 | 000,427,304 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
PRC - [2009/10/15 17:34:36 | 000,091,432 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
PRC - [2009/10/15 17:34:36 | 000,075,048 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
PRC - [2009/10/15 17:34:34 | 000,120,104 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
PRC - [2009/10/15 17:34:34 | 000,099,624 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
PRC - [2009/10/15 17:34:34 | 000,070,952 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
PRC - [2009/09/14 20:24:08 | 000,206,336 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2009/09/14 19:53:48 | 000,642,416 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2009/08/26 20:24:00 | 000,320,880 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe
PRC - [2008/09/18 11:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2007/11/05 04:32:38 | 000,061,440 | R--- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Adobe Photoshop Lightroom 1.3\apdproxy.exe
PRC - [2003/12/26 03:02:06 | 000,184,320 | ---- | M] (InterVideo Inc.) -- C:\Program Files (x86)\InterVideo\Common\Bin\WinCinemaMgr.exe
PRC - [2003/12/26 02:49:14 | 000,245,760 | ---- | M] () -- C:\Program Files (x86)\Common Files\InterVideo\FastTVSync\FastTVSync.exe
PRC - [2003/12/26 02:48:46 | 000,143,360 | ---- | M] (InterVideo Inc.) -- C:\Program Files (x86)\InterVideo\DVD5R\SchSvr.exe

========== Modules (SafeList) ==========

MOD - [2010/12/04 14:19:36 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Majo\Desktop\OTL.exe
MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/08/12 14:15:34 | 000,257,936 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV:64bit: - [2010/07/22 16:17:24 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010/04/09 12:37:36 | 001,223,024 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe -- (VUAgent)
SRV:64bit: - [2010/03/24 20:39:50 | 000,042,336 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2010/03/24 20:31:50 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2010/02/19 19:19:28 | 000,115,568 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV:64bit: - [2010/02/19 19:19:24 | 000,529,776 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:64bit: - [2010/01/27 21:10:56 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/11/30 20:51:18 | 000,571,248 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:64bit: - [2009/11/25 20:06:06 | 000,821,760 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV:64bit: - [2009/09/04 22:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/09/01 22:42:00 | 000,361,840 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/10/19 21:10:30 | 002,480,048 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2010/07/22 16:17:20 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/05/28 10:14:24 | 000,205,168 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2010/05/21 12:27:04 | 000,173,352 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/12/14 21:06:24 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009/12/14 21:06:08 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009/11/26 16:47:06 | 000,894,480 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Plán2\schedul2.exe -- (AcrSch2Svc)
SRV - [2009/11/21 00:25:24 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2009/10/24 04:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009/10/15 17:34:36 | 000,427,304 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2009/10/15 17:34:36 | 000,091,432 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe -- (SOHPlMgr)
SRV - [2009/10/15 17:34:36 | 000,075,048 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2009/10/15 17:34:34 | 000,120,104 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2009/10/15 17:34:34 | 000,070,952 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe -- (SOHDBSvr)
SRV - [2009/09/14 20:24:08 | 000,206,336 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2009/09/14 20:24:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2009/09/14 19:53:48 | 000,642,416 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2009/08/31 02:59:30 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)
SRV - [2009/08/31 02:59:18 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/09/18 11:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2007/05/31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/10/19 21:10:32 | 000,251,488 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2010/10/19 21:10:27 | 001,477,728 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpm258.sys -- (tdrpman258) Acronis Try&Decide and Restore Points filter (build 258)
DRV:64bit: - [2010/10/19 21:10:20 | 000,943,712 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2010/10/19 21:10:16 | 000,257,120 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2010/05/15 19:30:50 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2010/05/14 19:09:53 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/03/24 20:34:18 | 000,050,600 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2010/03/24 20:34:14 | 000,169,592 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2010/03/24 20:34:14 | 000,033,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\epfwndis.sys -- (Epfwndis)
DRV:64bit: - [2010/03/24 20:31:12 | 000,139,704 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010/03/24 20:24:00 | 000,163,888 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010/01/27 21:10:59 | 006,106,624 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/12/16 21:03:59 | 000,244,736 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2009/12/16 21:03:04 | 007,778,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/12/16 03:49:48 | 000,213,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009/12/14 21:06:07 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009/11/24 20:43:10 | 000,416,000 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cxpolar64.sys -- (CXPOLARIS)
DRV:64bit: - [2009/11/21 00:09:48 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/11/18 05:30:44 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/11/18 05:30:32 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/11/18 05:30:32 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/11/18 05:30:21 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2009/11/18 05:23:46 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009/11/13 21:08:21 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/11/12 21:16:19 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/11/12 21:06:44 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/11/06 21:27:30 | 000,093,696 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci)
DRV:64bit: - [2009/11/04 10:59:59 | 000,253,488 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/10/09 03:47:00 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/09/15 21:09:08 | 000,075,776 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe)
DRV:64bit: - [2009/08/19 21:09:21 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2009/08/06 00:24:16 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2009/07/14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/06/10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 21:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/26 15:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2009/05/20 11:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/04/23 19:25:46 | 000,044,544 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\cxcir64.sys -- (CXIR)
DRV - [2010/08/26 11:18:24 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/10/23 22:07:52] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
DRV - [2008/08/14 06:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3281548022-4250810235-489721878-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=EU01
IE - HKU\S-1-5-21-3281548022-4250810235-489721878-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3281548022-4250810235-489721878-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
IE - HKU\S-1-5-21-3281548022-4250810235-489721878-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/08/04 16:09:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010/05/14 10:02:19 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3:64bit: - HKU\S-1-5-21-3281548022-4250810235-489721878-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-3281548022-4250810235-489721878-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-3281548022-4250810235-489721878-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKU\S-1-5-21-3281548022-4250810235-489721878-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Služba Acronis Scheduler2] C:\Program Files (x86)\Common Files\Acronis\Plán2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files (x86)\Adobe\Adobe Photoshop Lightroom 1.3\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [FastTVSync] C:\Program Files (x86)\Common Files\InterVideo\FastTVSync\FastTVSync.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [MarketingTools] C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe (Sony Corporation)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe (Sony Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3281548022-4250810235-489721878-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3281548022-4250810235-489721878-1000..\Run: [HKCU] C:\Users\Majo\AppData\Roaming\windows update\svchost.EXE File not found
O4 - HKU\S-1-5-21-3281548022-4250810235-489721878-1000..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/v ... .2.5.7.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.252
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{483300e2-5f84-11df-99c0-54424909be56}\Shell - "" = AutoRun
O33 - MountPoints2\{483300e2-5f84-11df-99c0-54424909be56}\Shell\AutoRun\command - "" = H:\autorun_data.exe -- File not found
O33 - MountPoints2\{e02a7518-5fe5-11df-acc5-506313b21989}\Shell - "" = AutoRun
O33 - MountPoints2\{e02a7518-5fe5-11df-acc5-506313b21989}\Shell\AutoRun\command - "" = G:\autorun_data.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: mcmscsvc - Service
SafeBootMin:64bit: MCODS - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: mcmscsvc - Service
SafeBootMin: MCODS - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {9F3676AA-1087-17A4-2215-BC25CCB265F0} - Microsoft Windows Media Player
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {F9BF8AC2-2D54-E7BC-7B1E-991EEA99743E} - Browser Customizations
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} -
ActiveX:64bit: >{851F367A-7D90-4A99-85E5-A4D3A3CD37B6} - RunDLL32 IEDKCS32.DLL,BrandIE4 CUSTOM
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {7CC5E859-A12E-4534-B052-537E55AC4E33} - msiexec /fauvs {7CC5E859-A12E-4534-B052-537E55AC4E33} /qb
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {B286C78A-A2DE-EDFF-739D-99008CCBE3D6} - Themes Setup
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ac3filter - C:\Windows\SysWow64\ac3filter.acm ()
Drivers32: msacm.avis - C:\Windows\SysWow64\ff_acm.acm ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
========== Files/Folders - Created Within 30 Days ==========
[2010/12/04 14:19:34 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Majo\Desktop\OTL.exe
[2010/12/04 10:52:22 | 000,000,000 | ---D | C] -- C:\Users\Majo\Desktop\SKOLA_tyzdne
[2010/12/04 10:43:14 | 000,000,000 | ---D | C] -- C:\Users\Majo\Desktop\programovanie
[2010/12/03 21:53:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MediaInfo
[2010/12/03 15:46:25 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/12/02 12:31:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XericDesign
[2010/11/25 12:25:57 | 000,000,000 | ---D | C] -- C:\Users\Majo\Documents\Readon Player
[2010/11/19 10:46:14 | 000,000,000 | ---D | C] -- C:\Users\Majo\.thumbnails
[2010/11/19 10:30:28 | 000,000,000 | ---D | C] -- C:\Users\Majo\Documents\gegl-0.0
[2010/11/19 10:30:28 | 000,000,000 | ---D | C] -- C:\Users\Majo\.gimp-2.6
[2010/11/19 10:29:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIMP-2.0
[2010/11/19 10:19:07 | 000,000,000 | ---D | C] -- C:\Users\Majo\AppData\Roaming\Thinstall
[2010/11/19 10:19:07 | 000,000,000 | ---D | C] -- C:\Users\Majo\AppData\Local\Thinstall
[2010/11/10 17:31:18 | 000,000,000 | ---D | C] -- C:\Users\Majo\AppData\Local\assembly
[2010/05/15 19:30:50 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Majo\AppData\Roaming\pcouffin.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/04 14:19:36 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Majo\Desktop\OTL.exe
[2010/12/04 14:10:00 | 000,001,026 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/04 11:50:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/04 10:37:33 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/04 10:37:33 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/04 10:30:24 | 000,000,437 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2010/12/04 10:30:16 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/04 10:29:41 | 3106,455,552 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/03 19:45:30 | 000,010,154 | -H-- | M] () -- C:\Users\Majo\AppData\Roaming\logs.dat
[2010/12/03 09:34:00 | 000,615,033 | ---- | M] () -- C:\test.xml
[2010/12/03 08:43:06 | 000,879,310 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/12/03 08:43:06 | 000,721,702 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/12/03 08:43:06 | 000,149,532 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/11/30 11:22:20 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/11/30 11:22:08 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/11/29 22:45:47 | 000,013,870 | ---- | M] () -- C:\Users\Public\Documents\Luigy19880720.docx
[2010/11/19 10:46:14 | 000,000,844 | ---- | M] () -- C:\Users\Majo\.recently-used.xbel
[2010/11/10 22:10:08 | 000,712,202 | ---- | M] () -- C:\Users\Majo\Desktop\Vietor ako obnoviteľný zdroj energie_bioenergetika_szabo.pptx
[2010/11/10 20:39:54 | 000,011,776 | ---- | M] () -- C:\Users\Majo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/10 20:30:30 | 000,002,102 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Remote Control.lnk
[2010/11/07 20:19:52 | 000,009,895 | ---- | M] () -- C:\Users\Public\Documents\dedline.docx
[2010/11/05 14:55:37 | 000,367,112 | ---- | M] () -- C:\Windows\_175C520.TTF
[2010/11/05 14:55:37 | 000,001,409 | ---- | M] () -- C:\Windows\_175C520.FOT
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/03 09:33:59 | 000,615,033 | ---- | C] () -- C:\test.xml
[2010/11/29 22:45:46 | 000,013,870 | ---- | C] () -- C:\Users\Public\Documents\Luigy19880720.docx
[2010/11/19 10:46:14 | 000,000,844 | ---- | C] () -- C:\Users\Majo\.recently-used.xbel
[2010/11/10 22:10:07 | 000,712,202 | ---- | C] () -- C:\Users\Majo\Desktop\Vietor ako obnoviteľný zdroj energie_bioenergetika_szabo.pptx
[2010/11/07 20:19:52 | 000,009,895 | ---- | C] () -- C:\Users\Public\Documents\dedline.docx
[2010/10/02 13:59:53 | 000,864,730 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/06/28 09:33:40 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010/06/21 18:37:20 | 000,000,014 | ---- | C] () -- C:\Windows\SysWow64\systeminfo3.dll
[2010/06/21 13:42:55 | 000,000,600 | ---- | C] () -- C:\Users\Majo\AppData\Local\PUTTY.RND
[2010/05/25 13:46:20 | 000,011,776 | ---- | C] () -- C:\Users\Majo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/24 17:57:25 | 000,000,055 | ---- | C] () -- C:\Windows\videotoaudio.ini
[2010/05/15 21:19:35 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeW7.dll
[2010/05/15 21:19:35 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeA6.dll
[2010/05/15 21:19:35 | 000,192,512 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeP6.dll
[2010/05/15 21:19:35 | 000,192,512 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeM6.dll
[2010/05/15 21:19:35 | 000,188,416 | ---- | C] () -- C:\Windows\SysWow64\IVIresizePX.dll
[2010/05/15 21:19:35 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\IVIresize.dll
[2010/05/15 19:33:19 | 000,001,173 | ---- | C] () -- C:\Users\Majo\AppData\Roaming\vso_ts_preview.xml
[2010/05/15 19:32:17 | 000,000,034 | ---- | C] () -- C:\Users\Majo\AppData\Roaming\pcouffin.log
[2010/05/15 19:30:50 | 000,099,384 | ---- | C] () -- C:\Users\Majo\AppData\Roaming\inst.exe
[2010/05/15 19:30:50 | 000,007,859 | ---- | C] () -- C:\Users\Majo\AppData\Roaming\pcouffin.cat
[2010/05/15 19:30:50 | 000,001,167 | ---- | C] () -- C:\Users\Majo\AppData\Roaming\pcouffin.inf
[2010/05/14 20:57:50 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/02/14 14:47:40 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/02/03 23:13:24 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/02/03 23:13:24 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2009/08/16 09:08:36 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/05/29 14:52:26 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2007/02/05 18:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2005/10/14 10:56:50 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2005/10/14 10:56:50 | 000,921,600 | ---- | C] () -- C:\Windows\SysWow64\VorbisEnc.dll
[2005/10/14 10:56:50 | 000,761,856 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2005/10/14 10:56:50 | 000,344,064 | ---- | C] () -- C:\Windows\SysWow64\xvid.dll
[2005/10/14 10:56:50 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\OggDS.dll
[2005/10/14 10:56:50 | 000,188,416 | ---- | C] () -- C:\Windows\SysWow64\vorbis.dll
[2005/10/14 10:56:50 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\ogg.dll
[2005/10/14 10:56:48 | 000,077,824 | ---- | C] () -- C:\Windows\SysWow64\MMSwitch.dll
[2005/04/08 03:16:43 | 000,010,154 | -H-- | C] () -- C:\Users\Majo\AppData\Roaming\logs.dat

========== LOP Check ==========

[2010/06/21 18:29:47 | 000,000,000 | -HSD | M] -- C:\Users\Majo\AppData\Roaming\.#
[2010/10/19 21:14:18 | 000,000,000 | ---D | M] -- C:\Users\Majo\AppData\Roaming\Acronis
[2010/07/02 08:55:54 | 000,000,000 | ---D | M] -- C:\Users\Majo\AppData\Roaming\Azureus
[2010/06/28 09:54:19 | 000,000,000 | ---D | M] -- C:\Users\Majo\AppData\Roaming\Canneverbe Limited
[2010/05/14 19:15:07 | 000,000,000 | ---D | M] -- C:\Users\Majo\AppData\Roaming\DAEMON Tools Lite
[2010/05/14 10:02:46 | 000,000,000 | ---D | M] -- C:\Users\Majo\AppData\Roaming\ESET
[2010/08/26 19:36:57 | 000,000,000 | ---D | M] -- C:\Users\Majo\AppData\Roaming\EuroTalk
[2010/06/06 14:31:17 | 000,000,000 | ---D | M] -- C:\Users\Majo\AppData\Roaming\FileZilla
[2010/06/30 19:54:13 | 000,000,000 | ---D | M] -- C:\Users\Majo\AppData\Roaming\GHISLER
[2010/11/29 22:47:33 | 000,000,000 | ---D | M] -- C:\Users\Majo\AppData\Roaming\ICQ
[2010/05/16 07:24:01 | 000,000,000 | ---D | M] -- C:\Users\Majo\AppData\Roaming\InterVideo
[2010/07/09 10:03:15 | 000,000,000 | ---D | M] -- C:\Users\Majo\AppData\Roaming\TeamViewer
[2010/11/19 10:19:07 | 000,000,000 | ---D | M] -- C:\Users\Majo\AppData\Roaming\Thinstall
[2010/12/04 14:25:39 | 000,000,000 | ---D | M] -- C:\Users\Majo\AppData\Roaming\uTorrent
[2010/10/10 10:17:13 | 000,000,000 | ---D | M] -- C:\Users\Majo\AppData\Roaming\Vso
[2010/05/16 07:50:40 | 000,000,000 | ---D | M] -- C:\Users\Majo\AppData\Roaming\Win7codecs
[2010/12/03 19:50:17 | 000,000,000 | RHSD | M] -- C:\Users\Majo\AppData\Roaming\windows update
[2010/12/03 19:51:53 | 000,032,568 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: AGP440.SYS >
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

Luigy88 · #12 Příspěvek od **Luigy88** » 04 pro 2010 14:53

< MD5 for: ATAPI.SYS >
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: IASTOR.SYS >
[2009/11/21 00:09:48 | 000,537,112 | ---- | M] (Intel Corporation) MD5=073A606333B6F7BBF20AA856DF7F0997 -- C:\Windows\SysWow64\DriverStore\FileRepository\iaahci.inf_amd64_neutral_53f33454d751d4bd\iaStor.sys

< MD5 for: IASTORV.SYS >
[2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009/07/14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009/07/14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009/07/14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\drivers\*.sys /90 >
[2010/11/30 11:22:20 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 24 bytes -> C:\Windows:2601D7F487BA98A4

< End of report >

Luigy88 · #13 Příspěvek od **Luigy88** » 04 pro 2010 15:05

OTL Extras logfile created on: 04/12/2010 14:20:49 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Majo\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000809 | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 54.00% Memory free
8.00 Gb Paging File | 5.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.43 Gb Total Space | 251.64 Gb Free Space | 55.74% Space Free | Partition Type: NTFS

Computer Name: MAJO-VAIO | User Name: Majo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- "C:\Program Files (x86)\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- "C:\Program Files (x86)\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{034106B5-54B7-467F-B477-5B7DBB492624}" = Microsoft Sync Framework Services v1.0 SP1 (x64)
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B}" = Microsoft Team Foundation Server 2010 Object Model - ENU
"{1CB6C387-65A7-327F-B4A5-7DDC75A291AF}" = Microsoft Visual Studio 2010 Office Developer Tools (x64)
"{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
"{26A24AE4-039D-4CA4-87B4-2F86416016FF}" = Java(TM) 6 Update 16 (64-bit)
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D3CFE3F-E465-4D5E-A78A-723C6FB69ABB}" = ESET Smart Security
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program
"{393A9268-A428-4F5A-9B20-BD753309A98E}" = Click to Disc MergeModules x64
"{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}" = Microsoft SQL Server System CLR Types (x64)
"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files
"{5D068141-189F-39E2-A052-E40D4B561256}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum zariadení Windows Mobile
"{662014D2-0450-37ED-ABAE-157C88127BEB}" = Visual Studio 2010 Prerequisites - English
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}" = Microsoft SQL Server 2008 RsFx Driver
"{8438EC02-B8A9-462D-AC72-1B521349C001}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64)
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{893F27E6-D6BE-4B9F-80E6-0ADA694A31A8}" = Microsoft SQL Server 2008 Common Files
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8D1163BE-5ECD-0303-87F7-35ED38BBB2E1}" = ATI Catalyst Install Manager
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-041B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovak) 2007
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{B40EE88B-400A-4266-A17B-E3DE64E94431}" = Microsoft SQL Server 2008 Setup Support Files
"{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}" = Microsoft SQL Server 2008 Native Client
"{BCA26999-EC22-3007-BB79-638913079C9A}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{BF456ADA-407C-BFA2-52DA-08ECE9E18549}" = ccc-utility64
"{C37B6246-7D4A-4E5C-BFB4-11C8660BDC99}" = VAIO Movie Story MergeModules x64
"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{DA67488A-2689-4F10-B90F-D2F6977509D6}" = Microsoft SQL Server 2008 R2 Management Objects (x64)
"{DF167CE3-60E7-44EA-99EC-2507C51F37AE}" = Microsoft SQL Server 2008 Database Engine Shared
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{F5079164-1DB9-3BDA-853B-F78AF67CE071}" = Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F7513E19-6224-485E-988D-9BF45BE64B53}" = Windows Live Family Safety
"{FA7394B8-CE65-4F9E-AC99-F372AD365424}" = Microsoft SQL Server 2008 Database Engine Services
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"930E4792BDAEAFB62A9514EE7578775658A5D07C" = Windows Driver Package - Broadcom Bluetooth (09/09/2009 6.2.0.9405)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)
"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"WinRAR archiver" = WinRAR archivátor

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{08096C0A-B9B2-7F42-3760-BD9A1CBA9A6E}" = Catalyst Control Center Graphics Full Existing
"{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0B168FED-B9EC-4DA8-AC17-9A41F284640B}" = InterVideo WinDVD Recorder 5
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DDCEC37-369C-484B-B16D-B4413FD42FB9}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
"{0E26DB99-1564-4635-8749-DCF7E4F2514B}" = HTML kódy
"{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}" = Microsoft Sync Framework SDK v1.0 SP1
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{10014C6B-F482-991B-8865-32BFEA347CE1}" = CCC Help Hungarian
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{12D0BE8D-538C-4AB1-86DE-C540308F50DA}" = VAIO Content Metadata Manager Settings
"{1404E04F-C98C-5195-251E-9CED867E37D7}" = CCC Help French
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.4
"{1AA0193C-398B-D400-A156-C060CFDDF132}" = Catalyst Control Center Core Implementation
"{1E450972-E996-4EC1-A4C3-1518A46928D0}" = VAIO Content Metadata Intelligent Network Service Manager
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{1FD416D0-CC16-41D1-A25C-C9986CD8BBAB}" = VAIO Content Metadata Intelligent Analyzing Manager
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{208345BE-27BB-4367-B245-A5B6E764FDD0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{2110ECBD-BF15-4673-8852-8C68DDEB26AC}" = Media Gallery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{233C14B1-D05F-96A7-1509-C87417F899F8}" = CCC Help Turkish
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Monitoring Settings
"{2637552C-A1EE-D6C9-3D9E-716BCB76081D}" = ccc-core-static
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 20
"{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}" = VAIO Content Metadata XML Interface Library
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2D9FEBEE-F1B7-344F-BFDF-760E18332D96}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{345370F1-5D76-4AF8-BD75-BCC9296A861E}" = ToolBook 10.5
"{34DC654E-6E43-4BFA-9E00-6C16CFA7B9F0}" = VAIO Data Restore Tool
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{37531547-B1F4-45E6-98FC-8AF5F2F0EAA4}" = VAIO Content Metadata Manager Settings
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A9C37A6-AD4C-443D-0098-6B0A1865DEE2}" = FIFA 07
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}" = Dotfuscator Software Services - Community Edition
"{4427F384-B5BE-4769-B7D0-C784FC321EB1}" = VAIO Content Metadata Intelligent Network Service Manager
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4882EBF5-CA37-4EF4-BCB8-9B0E78B907D0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{49939C5A-7835-120D-1195-7374E1AE1CAB}" = CCC Help Spanish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{554E34DB-1EDD-4CE4-B63D-9E9973C6FFA5}" = VAIO Care
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5810367F-CB89-1257-0283-EC37270741E7}" = CCC Help Russian
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data
"{59F24743-2EA1-3A45-B8C2-6E0E1E078FA8}" = Microsoft Visual C# 2010 Express - ENU
"{5A4C0B1D-2379-AAE0-4907-56E83D6D8A8C}" = CCC Help Italian
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO Transfer Support
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6297F8EC-D821-4B33-B845-8A8D1A0DF472}" = Lightroom
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{650CF18F-629C-3CF1-307D-5C93321B41CD}" = Catalyst Control Center Graphics Full New
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works
"{67ED38A3-4882-448B-B44D-3428AB00D7D5}" = Acronis True Image Home
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69131367-6458-6271-8277-25E408572433}" = CCC Help German
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{6D8ED20E-E792-4DAC-BB66-009836CBD80B}" = VAIO Content Monitoring Settings
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime
"{72A6B2E5-3286-4D77-8AAC-A4BE2A8FCB90}" = CCC Help Finnish
"{7392AA60-133D-4761-94DB-8FBC9B6CD5EA}" = VAIO Content Metadata Intelligent Network Service Manager
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{78C3657E-742C-40B1-9F53-E5A921D40F17}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{7CC5E859-A12E-4534-B052-537E55AC4E33}" = SumTotal Publish to ToolBook 10.5
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" = VAIO Power Management
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{87A29380-9FFF-6D32-BBF1-61569DFD5BEA}" = CCC Help Portuguese
"{88C252C8-A7EE-4B60-BF74-8E5919A8048F}" = PMB VAIO Edition Guide
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8D047BB8-0D97-4163-27CE-351BDF225D00}" = Catalyst Control Center Localization All
"{8F862B8C-D3F7-74F5-6C08-F0F70F744FF7}" = CCC Help Japanese
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{931FE23C-BB40-4C7A-A594-DB35908D8E83}" = VAIO Quick Web Access
"{935B5086-C002-0FBC-0723-5741D2478EE7}" = Catalyst Control Center InstallProxy
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{96D8E26D-70CB-44DE-AE50-43095A39E5B2}" = VAIO Entertainment Platform
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9B163B82-3B46-4CE5-BF01-A53E550A8E58}" = Sony Home Network Library
"{9DA53D22-D922-494C-B1D7-51CD9BCB9E4A}" = VAIO Hardware Diagnostics
"{9EAC0E21-510E-4259-A9C6-F5D5B8969036}" = Catalyst Control Center - Branding
"{A0F4F993-C4A7-F093-CF8D-5F03B39252F2}" = CCC Help Thai
"{A3563827-B0DB-44DC-B037-15CC4E5E692F}" = VAIO Content Metadata XML Interface Library
"{A477F82B-F291-5BB0-74FF-6654A27B311A}" = CCC Help Dutch
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A4EFAC49-5605-E9FA-5C1B-75D8AACF6139}" = Catalyst Control Center Graphics Light
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Settings
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A95187EF-BCF4-4468-B501-C0BAB976ADD1}" = VAIO Personalization Manager
"{AA668097-C081-B41E-DEDA-83BB12B7E85F}" = CCC Help Korean
"{AC050677-EAFC-4B57-8F83-8205F65134D2}" = VAIO Content Metadata XML Interface Library
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC76BA86-7AD7-1051-7B44-A93000000001}" = Adobe Reader 9.3.4 - Slovak
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{B1DADBEB-7F82-4B29-84D6-5F14A020F0A0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B2F0AAB1-8C1C-1EFE-6594-417BBB023D6B}" = CCC Help Czech
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BCA907B6-5A0F-473E-8C63-0FF0CFAEB7B7}" = VAIO Personalization Manager
"{C0618520-5C63-1583-B78A-CEE1139EF1E6}" = CCC Help Polish
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C6E4C9C5-61B3-4639-AEA8-C3C7B570458E}" = nCore Movie Info
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C84E8865-5E2B-5A46-99F2-B8A35917B8BF}" = Catalyst Control Center Graphics Previews Common
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}" = Sony Home Network Library
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D36B6249-71E7-9E85-A9D6-E2239783301E}" = CCC Help Norwegian
"{D5DC1775-F67A-6399-BE1D-960FC2254F91}" = CCC Help Chinese Standard
"{D604D3C7-337D-FE67-09DE-A641D3B4D886}" = CCC Help Danish
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D6B15AE6-B052-363E-B6BB-C4714CBA6509}" = Microsoft Visual Studio 2010 Professional - ENU
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DA60AB6B-6C9C-4B5F-BC61-3B0D9BCBD50B}" = GIGABYTE Remote Utilities
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.9.322
"{DD23714B-A2C6-A6D2-9309-75AFAFF1F8E6}" = CCC Help English
"{DD88F979-FA58-41AC-980C-A6E1A82B61D9}" = Media Gallery
"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3DC1111-5D32-40F9-BB81-64E31294C1A4}" = VAIO Personalization Manager
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5AE9031-79A5-4627-9641-BEFA82819B08}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{E7D5D189-E71D-EA01-419F-699F57B1ED65}" = Catalyst Control Center Graphics Previews Vista
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1432614-6183-49E6-98E8-674485463CFE}" = VAIO Original Function Settings
"{F2894826-BF35-CE79-5EA6-7BAD1DF6F8BF}" = CCC Help Greek
"{F392063E-8736-7812-47E7-7598F0B56D9D}" = CCC Help Swedish
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"{FF4EB4E5-55BB-D9AF-B5A2-3D6F359E7472}" = CCC Help Chinese Traditional
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Carousel_is1" = Carousel
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Durexlogo" = Durexlogo Screen Saver
"DVDFab 8_is1" = DVDFab 8.0.0.2 (23/08/2010)
"Easy CD-DA Extractor 2010" = Easy CD-DA Extractor 2010
"EuroTalk Talk Now Plus!" = EuroTalk Talk Now Plus!
"FarmingSimulator2011DE_is1" = Landwirtschafts Simulator 2011
"Festo Fluidsim_is1" = Festo FluidSim 3.6
"FIFA 10-DVD5" = FIFA 10-DVD5
"FileZilla Client" = FileZilla Client 3.3.2.1
"Google Chrome" = Google Chrome
"InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"InstallShield_{88C252C8-A7EE-4B60-BF74-8E5919A8048F}" = PMB VAIO Edition Guide
"InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"IrfanView" = IrfanView (remove only)
"JavaScript Calendar Builder Trial_is1" = JavaScript Calendar Builder Trial
"Lexicon 4.0" = Lingea Lexicon 2002
"MainApp.exe_is1" = CloneDVD 4.1.0.23
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MarketingTools" = VAIO Marketing Tools
"MediaInfo" = MediaInfo 0.7.36 (32-bit)
"Microsoft Visual C# 2010 Express - ENU" = Microsoft Visual C# 2010 Express - ENU
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Microsoft Visual Studio 2005 Tools for Office Runtime
"Microsoft Visual Studio 2010 Professional - ENU" = Microsoft Visual Studio 2010 Professional - ENU
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"PES2010-HunPatch" = PES2010-HunPatch
"Pro Evolution Soccer 2010-DVD5" = Pro Evolution Soccer 2010-DVD5
"PROPLUS" = Microsoft Office Professional Plus 2007
"RealPlayer 12.0" = RealPlayer
"SevenSeconds" = SevenSeconds Screen Saver
"Škola_is1" = SPU_JAK_ABSOLVOVAT
"splashtop" = VAIO Quick Web Access
"TeamViewer 5" = TeamViewer 5
"Totalcmd" = Total Commander (Remove or Repair)
"TVCONDrv" = GIGABYTE U8300 BDA Device
"VAIO Help and Support" =
"VAIO Premium Partners" = VAIO Premium Partners
"VAIO screensaver" = VAIO screensaver
"VLC media player" = VLC media player 1.0.5
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3281548022-4250810235-489721878-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 20/11/2010 12:35:33 | Computer Name = Majo-VAIO | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)

Error - 20/11/2010 14:31:04 | Computer Name = Majo-VAIO | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})(Error
code = 0x80042000)

Error - 20/11/2010 14:31:05 | Computer Name = Majo-VAIO | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)

Error - 21/11/2010 08:06:08 | Computer Name = Majo-VAIO | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})(Error
code = 0x80042000)

Error - 21/11/2010 08:06:08 | Computer Name = Majo-VAIO | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)

Error - 21/11/2010 08:29:56 | Computer Name = Majo-VAIO | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: splwow64.exe, verzia: 6.1.7600.16385, časová
značka: 0x4a5bd3ca Názov chybového modulu: ntdll.dll, verzia: 6.1.7600.16559, časová
značka: 0x4ba9b802 Kód výnimky: 0xc0000374 Odstup chyby: 0x00000000000c6df2 Identifikácia
chybného procesu: 0x1408 Čas spustenia chybnej aplikácie: 0x01cb8977a4436e4c Cesta
chybnej aplikácie: C:\Windows\splwow64.exe Cesta chybného modulu: C:\Windows\SYSTEM32\ntdll.dll
Identifikácia
hlásenia: 0bf8d7c5-f56b-11df-907e-b1b5d1dbe956

Error - 21/11/2010 08:30:08 | Computer Name = Majo-VAIO | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: splwow64.exe, verzia: 6.1.7600.16385, časová
značka: 0x4a5bd3ca Názov chybového modulu: GDI32.dll, verzia: 6.1.7600.16385, časová
značka: 0x4a5bdf01 Kód výnimky: 0xc0000005 Odstup chyby: 0x000000000001567a Identifikácia
chybného procesu: 0x1cd4 Čas spustenia chybnej aplikácie: 0x01cb8977d56d9996 Cesta
chybnej aplikácie: C:\Windows\splwow64.exe Cesta chybného modulu: C:\Windows\system32\GDI32.dll
Identifikácia
hlásenia: 1333afef-f56b-11df-907e-b1b5d1dbe956

Error - 21/11/2010 08:31:05 | Computer Name = Majo-VAIO | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: WINWORD.EXE, verzia: 12.0.4518.1014, časová
značka: 0x45428028 Názov chybového modulu: ntdll.dll, verzia: 6.1.7600.16559, časová
značka: 0x4ba9b29c Kód výnimky: 0xc0000005 Odstup chyby: 0x0002e1fe Identifikácia
chybného procesu: 0x1f28 Čas spustenia chybnej aplikácie: 0x01cb8977ef702745 Cesta
chybnej aplikácie: C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
Cesta
chybného modulu: C:\Windows\SysWOW64\ntdll.dll Identifikácia hlásenia: 34f0a7e6-f56b-11df-907e-b1b5d1dbe956

Error - 21/11/2010 08:32:54 | Computer Name = Majo-VAIO | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: WINWORD.EXE, verzia: 12.0.4518.1014, časová
značka: 0x45428028 Názov chybového modulu: OGL.DLL, verzia: 12.0.6420.1000, časová
značka: 0x498ace0c Kód výnimky: 0xc0000005 Odstup chyby: 0x000a4a41 Identifikácia
chybného procesu: 0x1aa8 Čas spustenia chybnej aplikácie: 0x01cb89782f0f1880 Cesta
chybnej aplikácie: C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
Cesta
chybného modulu: C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\OGL.DLL
Identifikácia
hlásenia: 75fdfb8e-f56b-11df-907e-b1b5d1dbe956

Error - 21/11/2010 15:19:39 | Computer Name = Majo-VAIO | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})(Error
code = 0x80042000)

[ Media Center Events ]
Error - 28/11/2010 09:34:22 | Computer Name = Majo-VAIO | Source = MCUpdate | ID = 0
Description = 14:34:22 - Chyba pripájania na Internet. 14:34:22 - Nebolo možné
spojiť sa so serverom..

Error - 28/11/2010 09:34:36 | Computer Name = Majo-VAIO | Source = MCUpdate | ID = 0
Description = 14:34:27 - Chyba pripájania na Internet. 14:34:27 - Nebolo možné
spojiť sa so serverom..

Error - 02/12/2010 15:42:09 | Computer Name = Majo-VAIO | Source = MCUpdate | ID = 0
Description = 20:42:09 - Chyba pripájania na Internet. 20:42:09 - Nebolo možné
spojiť sa so serverom..

Error - 02/12/2010 15:42:23 | Computer Name = Majo-VAIO | Source = MCUpdate | ID = 0
Description = 20:42:14 - Chyba pripájania na Internet. 20:42:14 - Nebolo možné
spojiť sa so serverom..

Error - 03/12/2010 03:33:42 | Computer Name = Majo-VAIO | Source = MCUpdate | ID = 0
Description = 8:33:42 - Chyba pripájania na Internet. 8:33:42 - Nebolo možné
spojiť sa so serverom..

Error - 03/12/2010 03:34:03 | Computer Name = Majo-VAIO | Source = MCUpdate | ID = 0
Description = 8:33:48 - Chyba pripájania na Internet. 8:33:48 - Nebolo možné
spojiť sa so serverom..

Error - 03/12/2010 04:34:52 | Computer Name = Majo-VAIO | Source = MCUpdate | ID = 0
Description = 9:34:52 - Chyba pripájania na Internet. 9:34:52 - Nebolo možné
spojiť sa so serverom..

Error - 03/12/2010 04:35:01 | Computer Name = Majo-VAIO | Source = MCUpdate | ID = 0
Description = 9:34:57 - Chyba pripájania na Internet. 9:34:57 - Nebolo možné
spojiť sa so serverom..

Error - 03/12/2010 06:23:55 | Computer Name = Majo-VAIO | Source = MCUpdate | ID = 0
Description = 11:23:55 - Chyba pripájania na Internet. 11:23:55 - Nebolo možné
spojiť sa so serverom..

Error - 03/12/2010 06:24:08 | Computer Name = Majo-VAIO | Source = MCUpdate | ID = 0
Description = 11:24:01 - Chyba pripájania na Internet. 11:24:01 - Nebolo možné
spojiť sa so serverom..

[ OSession Events ]
Error - 21/11/2010 08:31:04 | Computer Name = Majo-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.6425.1000. This session lasted 12
seconds with 0 seconds of active time. This session ended with a crash.

Error - 21/11/2010 08:32:54 | Computer Name = Majo-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.6425.1000. This session lasted 15
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 04/12/2010 08:56:14 | Computer Name = Majo-VAIO | Source = ipnathlp | ID = 31004
Description =

Error - 04/12/2010 09:07:27 | Computer Name = Majo-VAIO | Source = ipnathlp | ID = 31004
Description =

Error - 04/12/2010 09:13:33 | Computer Name = Majo-VAIO | Source = ipnathlp | ID = 31004
Description =

Error - 04/12/2010 09:14:38 | Computer Name = Majo-VAIO | Source = ipnathlp | ID = 31004
Description =

Error - 04/12/2010 09:18:21 | Computer Name = Majo-VAIO | Source = ipnathlp | ID = 31004
Description =

Error - 04/12/2010 09:19:51 | Computer Name = Majo-VAIO | Source = ipnathlp | ID = 31004
Description =

Error - 04/12/2010 09:21:13 | Computer Name = Majo-VAIO | Source = ipnathlp | ID = 31004
Description =

Error - 04/12/2010 09:23:41 | Computer Name = Majo-VAIO | Source = ipnathlp | ID = 31004
Description =

Error - 04/12/2010 09:24:11 | Computer Name = Majo-VAIO | Source = ipnathlp | ID = 31004
Description =

Error - 04/12/2010 09:38:24 | Computer Name = Majo-VAIO | Source = ipnathlp | ID = 31004
Description =

< End of report >

#14 Příspěvek od **stell** » 04 pro 2010 15:26

Spust OTL-do okna zkopiruj zeleny text a klikni na OPRAVIT-RunFix
Po restarte vloz sem log.

Kód: Vybrat vše

:OTL
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3:64bit: - HKU\S-1-5-21-3281548022-4250810235-489721878-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKU\S-1-5-21-3281548022-4250810235-489721878-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKU\S-1-5-21-3281548022-4250810235-489721878-1000..\Run: [HKCU] C:\Users\Majo\AppData\Roaming\windows update\svchost.EXE File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O33 - MountPoints2\{483300e2-5f84-11df-99c0-54424909be56}\Shell - "" = AutoRun
O33 - MountPoints2\{483300e2-5f84-11df-99c0-54424909be56}\Shell\AutoRun\command - "" = H:\autorun_data.exe -- File not found
O33 - MountPoints2\{e02a7518-5fe5-11df-acc5-506313b21989}\Shell - "" = AutoRun
O33 - MountPoints2\{e02a7518-5fe5-11df-acc5-506313b21989}\Shell\AutoRun\command - "" = G:\autorun_data.exe -- File not found
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2010/06/21 18:37:20 | 000,000,014 | ---- | C] () -- C:\Windows\SysWow64\systeminfo3.dll
[2010/06/21 18:29:47 | 000,000,000 | -HSD | M] -- C:\Users\Majo\AppData\Roaming\.#
@Alternate Data Stream - 24 bytes -> C:\Windows:2601D7F487BA98A4
:commands
[purity]
[emptytemp]
[emptyflash]
[ClearAllRestorePoints]
[start explorer]

Luigy88 · #15 Příspěvek od **Luigy88** » 04 pro 2010 17:58

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll moved successfully.
64bit-Registry value HKEY_USERS\S-1-5-21-3281548022-4250810235-489721878-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-3281548022-4250810235-489721878-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-3281548022-4250810235-489721878-1000\Software\Microsoft\Windows\CurrentVersion\Run\\HKCU deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-itss\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A9007C0-4076-11D3-8789-0000F8105754}\ not found.
File {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}\ not found.
File {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}\ not found.
File {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03C514A3-1EFB-4856-9F99-10D7BE1653C0}\ not found.
File {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{483300e2-5f84-11df-99c0-54424909be56}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{483300e2-5f84-11df-99c0-54424909be56}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{483300e2-5f84-11df-99c0-54424909be56}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{483300e2-5f84-11df-99c0-54424909be56}\ not found.
File H:\autorun_data.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e02a7518-5fe5-11df-acc5-506313b21989}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e02a7518-5fe5-11df-acc5-506313b21989}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e02a7518-5fe5-11df-acc5-506313b21989}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e02a7518-5fe5-11df-acc5-506313b21989}\ not found.
File G:\autorun_data.exe not found.
C:\Windows\msdownld.tmp folder deleted successfully.
C:\Windows\SysWOW64\systeminfo3.dll moved successfully.
C:\Users\Majo\AppData\Roaming\.# folder moved successfully.
ADS C:\Windows:2601D7F487BA98A4 deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Majo
->Temp folder emptied: 1060024927 bytes
->Temporary Internet Files folder emptied: 210463930 bytes
->Java cache emptied: 32288744 bytes
->Flash cache emptied: 63496 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 24369008 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 616906 bytes
RecycleBin emptied: 226177484 bytes

Total Files Cleaned = 1,482.00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Majo
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.17.3 log created on 12042010_175007

Files\Folders moved on Reboot...
C:\Users\Majo\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Majo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\UXTISFCS\honeypot_export[1].htm moved successfully.
C:\Users\Majo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TF5D0IIT\afr[2].htm moved successfully.
C:\Users\Majo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TF5D0IIT\viewtopic[1].htm moved successfully.
File\Folder C:\Users\Majo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\69KUJTS8\afr[1].htm not found!
C:\Users\Majo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\69KUJTS8\ie[1].htc moved successfully.
File\Folder C:\Users\Majo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5FBHN6WU\like[1].htm not found!
File\Folder C:\Users\Majo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\12XV3W4A\afr[1].htm not found!
C:\Users\Majo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\12XV3W4A\zimmer-feri-p165294[1].html moved successfully.
C:\Users\Majo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

Registry entries deleted on Reboot...

VIRY.CZ

Zachytené vírusy NOD kou

Zachytené vírusy NOD kou

Re: Zachytené vírusy NOD kou

Re: Zachytené vírusy NOD kou

Re: Zachytené vírusy NOD kou

Re: Zachytené vírusy NOD kou

Re: Zachytené vírusy NOD kou

Re: Zachytené vírusy NOD kou

Re: Zachytené vírusy NOD kou

Re: Zachytené vírusy NOD kou

Re: Zachytené vírusy NOD kou

Re: Zachytené vírusy NOD kou

Re: Zachytené vírusy NOD kou

Re: Zachytené vírusy NOD kou

Re: Zachytené vírusy NOD kou

Re: Zachytené vírusy NOD kou