Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola logu,thx

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
ManSlayer
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 29 bře 2011 17:13

Kontrola logu,thx

#1 Příspěvek od ManSlayer »

Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrator at 2011-03-29 18:04:39
Microsoft Windows XP Professional Service Pack 3
System drive C: has 2 GB (8%) free of 20 GB
Total RAM: 511 MB (29% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:11:35, on 29.3.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Tunngle\TnglCtrl.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\IObit\Game Booster\gbtray.exe
C:\Documents and Settings\Administrator\Desktop\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - (no file)
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - (no file)
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Lišta Centrum.cz Toolbar - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [RDReminder] C:\Program Files\RegClean Pro\RegCleanPro.exe -rem
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.4\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Styler.lnk = ?
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 2523020625
O18 - Protocol: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - (no file)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe

--
End of file - 10458 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AWC Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cbeb10dbec0bb8.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Regclean Pro_MONTHLY.job
C:\WINDOWS\tasks\Regclean Pro_UPDATES.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}]
CentrumczToolbar BHO

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll [2010-08-12 149968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-12-09 3911776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-02-09 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D5D47440-0750-463D-BAEF-A47D02414806} -
{D4027C7F-154A-4066-A1AD-4243D8127440} -
{D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - StylerToolBar - C:\Program Files\Styler\TB\StylerTB.dll [2006-05-02 102400]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-12-09 3911776]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-04-14 13684736]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-04-14 86016]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-02 153136]
"SecurDisc"=C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [2007-05-16 1628208]
"InCD"=C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2007-05-16 1057328]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-24 56928]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-06 54832]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-01-30 35736]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2011-01-12 2219184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-04-19 484904]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"RDReminder"=C:\Program Files\RegClean Pro\RegCleanPro.exe [2011-01-13 1429888]
"Advanced SystemCare 3"=C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2011-03-25 2402512]
"ICQ"=C:\Program Files\ICQ7.4\ICQ.exe [2011-03-08 119608]

C:\Documents and Settings\Administrator\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Styler.lnk - C:\Documents and Settings\Administrator\Application Data\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-02-12 190976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro35]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro35.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro35Crusader]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\totalcmd\TOTALCMD.EXE"="D:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\WinSCP\WinSCP.exe"="C:\Program Files\WinSCP\WinSCP.exe:*:Enabled:SFTP, FTP and SCP client"
"C:\Documents and Settings\Administrator\Desktop\Vsetko\win server\samp-server.exe"="C:\Documents and Settings\Administrator\Desktop\Vsetko\win server\samp-server.exe:*:Enabled:SA-MP dedicated server"
"D:\CandyLongju Client 3.8\CandyLongju.exe"="D:\CandyLongju Client 3.8\CandyLongju.exe:*:Enabled:CandyLongju"
"C:\Program Files\BitSpirit\BitSpirit.exe"="C:\Program Files\BitSpirit\BitSpirit.exe:*:Enabled:The powerful and easy-to-use BitTorrent Client"
"D:\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-Downloader.exe"="D:\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-Downloader.exe:*:Enabled:Blizzard Downloader"
"D:\World of Warcraft\Launcher.exe"="D:\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\Tunngle\TnglCtrl.exe"="C:\Program Files\Tunngle\TnglCtrl.exe:*:Enabled:Tunngle Service"
"C:\Program Files\Tunngle\Tunngle.exe"="C:\Program Files\Tunngle\Tunngle.exe:*:Enabled:Tunngle Client"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"
"D:\EA Games\BattleField 2\BF2.exe"="D:\EA Games\BattleField 2\BF2.exe:*:Enabled:Battlefield 2"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"
"C:\Program Files\Valve\Garry's Mod\hl2.exe"="C:\Program Files\Valve\Garry's Mod\hl2.exe:*:Enabled:Garry's_Mod"
"C:\Program Files\Valve\Garry's Mod\srcds.exe"="C:\Program Files\Valve\Garry's Mod\srcds.exe:*:Enabled:Garry's_Mod_Dedicated_Server"
"D:\Celestial-World\Celestial-World.exe"="D:\Celestial-World\Celestial-World.exe:*:Enabled:Customizable 2010 Client Launcher"
"D:\ryse of natyons\thrones.exe"="D:\ryse of natyons\thrones.exe:*:Enabled:Rise of Nations"
"D:\Counter Strike\hl.exe"="D:\Counter Strike\hl.exe:*:Enabled:Half-Life Launcher"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"

======List of files/folders created in the last 1 months======

2011-03-29 18:05:29 ----D---- C:\Program Files\trend micro
2011-03-29 18:04:39 ----D---- C:\rsit
2011-03-27 10:44:32 ----A---- C:\WINDOWS\system32\bootdelete.exe
2011-03-27 10:04:32 ----A---- C:\WINDOWS\system32\drivers\hitmanpro35.sys
2011-03-27 10:04:31 ----D---- C:\Program Files\Hitman Pro 3.5
2011-03-27 10:03:26 ----D---- C:\Documents and Settings\All Users\Application Data\Hitman Pro
2011-03-27 09:20:52 ----D---- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
2011-03-27 09:20:40 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2011-03-26 19:40:42 ----D---- C:\Program Files\ESET
2011-03-26 19:40:42 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2011-03-26 13:41:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2524375$
2011-03-23 16:25:04 ----D---- C:\Documents and Settings\Administrator\Application Data\Microsoft Games
2011-03-17 20:41:13 ----A---- C:\WINDOWS\system32\drivers\wstcodec.sys
2011-03-17 20:41:13 ----A---- C:\WINDOWS\system32\drivers\streamip.sys
2011-03-17 20:41:12 ----A---- C:\WINDOWS\system32\psisdecd.dll
2011-03-17 20:41:12 ----A---- C:\WINDOWS\system32\drivers\slip.sys
2011-03-17 20:41:12 ----A---- C:\WINDOWS\system32\drivers\ndisip.sys
2011-03-17 20:41:12 ----A---- C:\WINDOWS\system32\drivers\nabtsfec.sys
2011-03-17 20:41:10 ----A---- C:\WINDOWS\system32\drivers\msdv.sys
2011-03-17 20:41:10 ----A---- C:\WINDOWS\system32\drivers\mpe.sys
2011-03-17 20:41:10 ----A---- C:\WINDOWS\system32\drivers\ccdecode.sys
2011-03-17 20:41:10 ----A---- C:\WINDOWS\system32\drivers\bdasup.sys
2011-03-17 20:41:04 ----A---- C:\WINDOWS\system32\drivers\mstee.sys
2011-03-17 20:40:57 ----A---- C:\WINDOWS\system32\dxdllreg.exe
2011-03-17 18:19:33 ----D---- C:\Program Files\Conduit
2011-03-17 18:19:27 ----D---- C:\Program Files\ConduitEngine
2011-03-17 18:19:21 ----D---- C:\Program Files\uTorrentBar
2011-03-16 09:21:41 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$
2011-03-11 00:12:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$
2011-03-11 00:09:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$
2011-03-10 21:07:01 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield
2011-03-10 21:06:51 ----D---- C:\Program Files\CZ
2011-03-10 21:06:19 ----D---- C:\WINDOWS\Downloaded Installations
2011-03-10 21:00:55 ----D---- C:\WINDOWS\system32\URTTEMP
2011-03-10 19:32:57 ----D---- C:\Documents and Settings\Administrator\Application Data\ViGlance
2011-03-10 19:32:56 ----D---- C:\Program Files\ViGlance
2011-03-10 19:09:43 ----D---- C:\Documents and Settings\Administrator\Application Data\Styler
2011-03-10 17:02:42 ----D---- C:\Program Files\Valve
2011-03-10 15:39:57 ----D---- C:\Program Files\AVAST Software
2011-03-10 15:39:57 ----D---- C:\Documents and Settings\All Users\Application Data\AVAST Software
2011-03-08 20:06:13 ----D---- C:\Program Files\ICQ7.4
2011-03-08 12:12:12 ----D---- C:\Program Files\Common Files\Java
2011-03-08 12:11:50 ----A---- C:\WINDOWS\system32\javaws.exe
2011-03-08 12:11:50 ----A---- C:\WINDOWS\system32\javaw.exe
2011-03-08 12:11:50 ----A---- C:\WINDOWS\system32\java.exe
2011-03-08 12:10:44 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2011-03-06 17:14:48 ----D---- C:\Program Files\Microsoft Windows 7 Upgrade Advisor
2011-03-03 20:04:00 ----D---- C:\Program Files\Zrychlenie PC
2011-03-02 17:46:34 ----D---- C:\WINDOWS\system32\VIRepair
2011-03-02 16:46:52 ----D---- C:\Program Files\ViSplore
2011-03-02 16:46:48 ----D---- C:\Program Files\TrueTransparency
2011-03-02 16:46:45 ----D---- C:\Program Files\WinFlip
2011-03-02 16:46:36 ----D---- C:\Program Files\Styler
2011-03-02 16:46:27 ----D---- C:\Program Files\Vista Rainbar
2011-03-02 16:41:06 ----D---- C:\WINDOWS\system32\VITrans
2011-03-02 16:41:04 ----D---- C:\VTPFiles
2011-03-02 16:41:04 ----A---- C:\WINDOWS\system32\Uharc.exe
2011-03-02 16:41:04 ----A---- C:\WINDOWS\system32\reico.exe
2011-03-02 16:41:04 ----A---- C:\WINDOWS\system32\modifype.exe
2011-03-02 16:41:03 ----A---- C:\WINDOWS\system32\pskill.exe
2011-03-02 16:41:03 ----A---- C:\WINDOWS\system32\moveex.exe
2011-03-02 16:40:10 ----A---- C:\WINDOWS\system32\scrnrdr.exe

======List of files/folders modified in the last 1 months======

2011-03-29 18:11:39 ----D---- C:\WINDOWS\Temp
2011-03-29 18:05:29 ----RD---- C:\Program Files
2011-03-29 17:04:14 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-03-29 14:11:28 ----D---- C:\Documents and Settings\Administrator\Application Data\ICQ
2011-03-28 20:04:05 ----D---- C:\Documents and Settings\Administrator\Application Data\Skype
2011-03-28 19:20:35 ----D---- C:\Documents and Settings\Administrator\Application Data\skypePM
2011-03-27 19:30:52 ----D---- C:\Program Files\Mozilla Firefox
2011-03-27 18:54:27 ----D---- C:\WINDOWS\system32
2011-03-27 16:01:54 ----D---- C:\Documents and Settings\Administrator\Application Data\.minecraft
2011-03-27 10:04:32 ----D---- C:\WINDOWS\system32\drivers
2011-03-27 09:39:30 ----D---- C:\WINDOWS
2011-03-26 22:01:18 ----D---- C:\WINDOWS\system32\CatRoot2
2011-03-26 19:44:23 ----SHD---- C:\WINDOWS\Installer
2011-03-26 19:43:02 ----HD---- C:\WINDOWS\inf
2011-03-26 13:40:53 ----HD---- C:\WINDOWS\$hf_mig$
2011-03-25 19:22:51 ----D---- C:\Program Files\Google
2011-03-25 19:19:55 ----SD---- C:\WINDOWS\Tasks
2011-03-23 17:56:48 ----D---- C:\WINDOWS\WinSxS
2011-03-23 17:53:28 ----D---- C:\Documents and Settings\Administrator\Application Data\uTorrent
2011-03-23 17:50:46 ----D---- C:\Program Files\GameSpy Arcade
2011-03-22 21:34:55 ----A---- C:\WINDOWS\NeroDigital.ini
2011-03-22 20:36:25 ----RSD---- C:\WINDOWS\Fonts
2011-03-21 23:34:27 ----D---- C:\WINDOWS\system32\CatRoot
2011-03-17 20:42:34 ----D---- C:\WINDOWS\system32\DirectX
2011-03-17 20:42:19 ----D---- C:\WINDOWS\RegisteredPackages
2011-03-17 20:42:10 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-03-17 18:18:43 ----D---- C:\Program Files\uTorrent
2011-03-17 15:05:42 ----D---- C:\Program Files\Microsoft Silverlight
2011-03-13 19:20:14 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2011-03-11 00:09:21 ----A---- C:\WINDOWS\system32\MRT.exe
2011-03-11 00:09:16 ----A---- C:\WINDOWS\imsins.BAK
2011-03-10 21:07:08 ----HD---- C:\Program Files\InstallShield Installation Information
2011-03-10 21:06:57 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-03-10 21:06:51 ----D---- C:\Program Files\Common Files\InstallShield
2011-03-10 21:05:37 ----D---- C:\WINDOWS\Registration
2011-03-10 21:05:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-03-10 21:02:17 ----RSD---- C:\WINDOWS\assembly
2011-03-10 19:04:09 ----SD---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2011-03-08 14:05:21 ----D---- C:\WINDOWS\system32\config
2011-03-08 12:12:12 ----D---- C:\Program Files\Common Files
2011-03-08 12:11:44 ----D---- C:\Program Files\Java
2011-03-02 17:48:24 ----D---- C:\WINDOWS\system32\Restore
2011-03-02 17:48:24 ----D---- C:\Program Files\Windows Media Player
2011-03-02 17:48:24 ----D---- C:\Program Files\Outlook Express
2011-03-02 17:48:24 ----D---- C:\Program Files\Internet Explorer
2011-03-02 17:46:18 ----D---- C:\WINDOWS\Media
2011-03-02 17:46:18 ----D---- C:\WINDOWS\Cursors

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
R0 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-13 46464]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2004-11-25 46080]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2004-10-28 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2004-11-29 19648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-10-10 691696]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-12-21 94872]
R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2007-05-16 37040]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2007-05-16 38576]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 vmm;Virtual Machine Monitor; \??\C:\WINDOWS\system32\Drivers\vmm.sys []
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-12-21 141264]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-04-14 6308032]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\WINDOWS\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VPCNetS2;Virtual Machine Network Services Driver; C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys [2008-02-05 59960]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2007-05-16 118576]
S1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-10 36352]
S3 a8e68ydt;a8e68ydt; C:\WINDOWS\system32\drivers\a8e68ydt.sys []
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-08-04 701440]
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 Revolution1;Revolution1; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX01.672\Trade Hack 8.3\Trade Hack 8.3\SHAK3.sys []
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 RsFx0103;RsFx0103 Driver; C:\WINDOWS\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2011-01-12 810144]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-05-16 1550896]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-02-02 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-04-19 75304]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 43010392]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-04-14 163908]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-02-19 75064]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-08-08 167936]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 98840]
R2 TunngleService;TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [2010-11-22 718072]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-25 136176]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-11-13 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2011-01-12 33584]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-14 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-09 271920]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-29 89136]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-23 47128]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe []

-----------------EOF-----------------

PC je strašne pomalý..
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Kontrola logu,thx

#2 Příspěvek od vyosek »

Zdravim a pekny den preji :)

:arrow: Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit

:arrow: Predpokladam ze ten NOD32 mate legalni = zakoupena licence :???:
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
ManSlayer
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 29 bře 2011 17:13

Re: Kontrola logu,thx

#3 Příspěvek od ManSlayer »

Taky preji pekny den , eset mam free , pred tim sem mel aviru.. , sem slepej :D log je zde : info.txt logfile of random's system information tool 1.08 2011-03-29 18:11:47

======Uninstall list======

-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\NuNInst.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-1033-0000-0000-000000000001}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_Plugin.exe -maintain plugin
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader X (10.0.1) - Slovak-->MsiExec.exe /I{AC76BA86-7AD7-1051-7B44-AA0000000001}
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
Advanced SystemCare 3-->"C:\Program Files\IObit\Advanced SystemCare 3\unins000.exe"
Ask Toolbar-->MsiExec.exe /X{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Battlefield 2(TM)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}\setup.exe" -l0x9 -removeonly
BitSpirit v3.6.0.500 Stable-->"C:\Program Files\BitSpirit\unins000.exe"
CamStudio-->C:\Program Files\CamStudio\uninstall.exe
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Conduit Engine-->C:\PROGRA~1\CONDUI~1\ConduitEngineUninstall.exe
Counter-Strike 1.6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{13B792AA-C078-43A4-8A3A-8B12D629940D}\Setup.exe" -l0x19
CZ Bind Maker-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{FD907BDB-CFCF-4C26-9CE7-C32507F32756}
Čeština na program Game Maker 6.1 CZ-->"D:\game maker\unins000.exe"
DVD Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
EVEREST Ultimate Edition v5.50-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
FileZilla Client 3.3.5.1-->C:\Program Files\FileZilla FTP Client\uninstall.exe
Game Booster-->"C:\Program Files\IObit\Game Booster\unins000.exe"
Game Cam 2.2-->C:\Program Files\Game Cam V2\uninst.exe
Game Maker 8.0-->D:\game maker\Uninstal.exe
GameSpy Arcade-->C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
Google Earth-->MsiExec.exe /X{4286E640-B5FB-11DF-AC4B-005056C00008}
Google Chrome-->"C:\Program Files\Google\Chrome\Application\10.0.648.204\Installer\setup.exe" --uninstall --chrome --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB2158563)-->"C:\WINDOWS\$NtUninstallKB2158563$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB2443685)-->"C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB942288-v3)-->"C:\WINDOWS\$NtUninstallKB942288-v3$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB958655-v2)-->"C:\WINDOWS\$NtUninstallKB958655-v2$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"
ICQ7.4-->"C:\Program Files\InstallShield Installation Information\{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
Java(TM) 6 Update 24-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216022FF}
Microsoft .NET Framework 1.1 Security Update (KB2416447)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2416447\M2416447Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft .NET Framework 4 Extended-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{0A0CADCF-78DA-33C4-A350-CD51849B9702}
Microsoft .NET Framework 4 Multi-Targeting Pack-->MsiExec.exe /I{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}
Microsoft Help Viewer 1.0-->C:\Program Files\Microsoft Help Viewer\v1.0\Microsoft Help Viewer 1.0\install.exe
Microsoft Help Viewer 1.0-->MsiExec.exe /X{47C39E4A-28F2-33B1-B9B7-97F24E52D917}
Microsoft Office PowerPoint Viewer 2007 (Czech)-->MsiExec.exe /X{95120000-00AF-0405-0000-0000000FF1CE}
Microsoft Office Standard Edition 2003-->MsiExec.exe /I{9012041B-6000-11D3-8CFE-0150048383C9}
Microsoft Rise Of Nations-->"D:\ryse of natyons\UNINSTAL.EXE" /runtemp /addremove
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2008 Browser-->MsiExec.exe /X{C688457E-03FD-4941-923B-A27F4D42A7DD}
Microsoft SQL Server 2008 Common Files-->MsiExec.exe /I{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}
Microsoft SQL Server 2008 Common Files-->MsiExec.exe /I{4A6F34E2-09E5-4616-B227-4A26A488A6F9}
Microsoft SQL Server 2008 Database Engine Services-->MsiExec.exe /I{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}
Microsoft SQL Server 2008 Database Engine Services-->MsiExec.exe /I{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}
Microsoft SQL Server 2008 Database Engine Shared-->MsiExec.exe /I{4815BD99-96A4-49FE-A885-DCF06E9E4E78}
Microsoft SQL Server 2008 Database Engine Shared-->MsiExec.exe /I{F3494AB6-6900-41C6-AF57-823626827ED8}
Microsoft SQL Server 2008 Native Client-->MsiExec.exe /I{4F44B5AE-82A6-4A8A-A3E3-E24D489728E3}
Microsoft SQL Server 2008 R2 Management Objects-->MsiExec.exe /I{4E968D9C-21A7-4915-B698-F7AEB913541D}
Microsoft SQL Server 2008 RsFx Driver-->MsiExec.exe /I{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}
Microsoft SQL Server 2008 Setup Support Files -->MsiExec.exe /X{D441BD04-E548-4F8E-97A4-1B66135BAAA8}
Microsoft SQL Server 2008-->"C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Release\x86\SetupARP.exe" /x86
Microsoft SQL Server 2008-->"C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Release\x86\SetupARP.exe" /X86
Microsoft SQL Server Compact 3.5 Design Tools ENU-->MsiExec.exe /X{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}
Microsoft SQL Server Compact 3.5 SP2 ENU-->MsiExec.exe /I{3A9FC03D-C685-4831-94CF-4EDFD3749497}
Microsoft SQL Server System CLR Types-->MsiExec.exe /I{2A2F3AE8-246A-4252-BB26-1BEB45627074}
Microsoft SQL Server VSS Writer-->MsiExec.exe /I{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Virtual PC 2007 SP1-->MsiExec.exe /X{AD483998-2E9A-4405-83FF-6E503AF49CBB}
Microsoft Visual C# 2008 Express Edition - ENU-->MsiExec.exe /X{2D07422C-CA35-375A-A3A8-3631AB85BFE5}
Microsoft Visual C# 2010 Express - ENU-->MsiExec.exe /X{59F24743-2EA1-3A45-B8C2-6E0E1E078FA8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974-->MsiExec.exe /X{B7E38540-E355-3503-AFD7-635B2F2F76E1}
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools-->MsiExec.exe /X{14DD7530-CCD2-3798-B37D-3839ED6A441C}
Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework-->MsiExec.exe /X{B4C0A315-07FB-39F9-85CD-8CE20C019350}
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32-->MsiExec.exe /X{07FCBED5-94C3-4F94-B9D3-360FA27C7B06}
Minecraft 1.2.0_02-->C:\Documents and Settings\Administrator\Application Data\Uninstal.exe
Mozilla Firefox (3.6.16)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 6 Service Pack 2 (KB973686)-->MsiExec.exe /I{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}
MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
MTA:SA 1.0-->C:\Program Files\MTA San Andreas\Uninstall.exe
NCsoft Launcher-->C:\Program Files\InstallShield Installation Information\{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}\setup.exe -runfromtemp -l0x0009 -removeonly
Nero 7 Essentials-->MsiExec.exe /X{A2104078-AAA5-449E-95DD-55C9443A1051}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
OpenOffice.org 3.2-->MsiExec.exe /I{FAB43061-FEFB-46E8-A159-96710395DB5E}
Opera 11.01-->"C:\Program Files\Opera\Opera.exe" /uninstall
Penumbra - Overture-->C:\Program Files\InstallShield Installation Information\{656422DA-E1F7-4331-9EBE-BBF6E88580A9}\setup.exe -runfromtemp -l0x0005 -removeonly
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
PowerProducer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
QuadCoreM2-->D:\QuadCore\Uninstal.exe
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x9 -removeonly
RegClean Pro-->"C:\Program Files\RegClean Pro\unins000.exe" /silent
Rise of Nations Thrones and Patriots-->"D:\ryse of natyons\UNINSTLX.EXE" /runtemp /uninstall
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7A2C18A1-D2A2-3177-82F1-5FE9CC08ECB0} /parameterfolder Extended
Security Update for Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB979402)-->"C:\WINDOWS\$NtUninstallKB979402_WM9L$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2259922)-->"C:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2279986)-->"C:\WINDOWS\$NtUninstallKB2279986$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2296199)-->"C:\WINDOWS\$NtUninstallKB2296199$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2360131)-->"C:\WINDOWS\$NtUninstallKB2360131$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2416400)-->"C:\WINDOWS\$NtUninstallKB2416400$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2436673)-->"C:\WINDOWS\$NtUninstallKB2436673$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2476687)-->"C:\WINDOWS\$NtUninstallKB2476687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2479628)-->"C:\WINDOWS\$NtUninstallKB2479628$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2482017)-->"C:\WINDOWS\$NtUninstallKB2482017$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2485376)-->"C:\WINDOWS\$NtUninstallKB2485376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2524375)-->"C:\WINDOWS\$NtUninstallKB2524375$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Security Update for Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"
Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Security Update for Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"
Security Update for Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"
Security Update for Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"
Security Update for Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"
Security Update for Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"
Security Update for Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"
Security Update for Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"
Security Update for Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"
Security Update for Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"
Security Update for Windows XP (KB981349)-->"C:\WINDOWS\$NtUninstallKB981349$\spuninst\spuninst.exe"
Security Update for Windows XP (KB981852)-->"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe"
Security Update for Windows XP (KB981957)-->"C:\WINDOWS\$NtUninstallKB981957$\spuninst\spuninst.exe"
Security Update for Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"
Security Update for Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe"
Security Update for Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe"
Security Update for Windows XP (KB982381)-->"C:\WINDOWS\$NtUninstallKB982381$\spuninst\spuninst.exe"
Security Update for Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"
Service Pack 1 for SQL Server 2008 (KB968369)-->"C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack\setup.exe" /Action=RemovePatch /AllInstances
Skype Toolbars-->MsiExec.exe /I{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Skype™ 5.1-->MsiExec.exe /X{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}
Sql Server Customer Experience Improvement Program-->MsiExec.exe /I{C965F01C-76EA-4BD7-973E-46236AE312D7}
StillLife-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\StillLife\Uninstall\setup.exe" -l0x9
Styler-->MsiExec.exe /I{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}
TeamViewer 5-->C:\Program Files\TeamViewer\Version5\uninstall.exe
Total Commander (Remove or Repair)-->D:\totalcmd\tcuninst.exe
Tunngle beta-->"C:\Program Files\Tunngle\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD988F49-E1C8-3C84-9683-0448B6BB8E20} /parameterfolder Client
Update for Windows XP (KB2141007)-->"C:\WINDOWS\$NtUninstallKB2141007$\spuninst\spuninst.exe"
Update for Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe"
Update for Windows XP (KB2467659)-->"C:\WINDOWS\$NtUninstallKB2467659$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update for Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe"
Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
uTorrentBar Toolbar-->C:\PROGRA~1\UTORRE~1\UNWISE.EXE /U C:\PROGRA~1\UTORRE~1\INSTALL.LOG
Vegas Pro 9.0-->MsiExec.exe /X{6E5AB107-172B-4F17-8ABB-357C59EF1B08}
ViGlance-->C:\Program Files\ViGlance\KillMe.exe
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU-->MsiExec.exe /X{112C23F2-C036-4D40-BED4-0CB47BF5555C}
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows 7 Upgrade Advisor-->MsiExec.exe /I{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
WinSCP 4.1.9-->"C:\Program Files\WinSCP\unins000.exe"
World of Warcraft-->C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe

======Security center information======

AV: ESET NOD32 Antivirus 4.2

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\DTS\Binn\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0409
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

Myslim 30 dnovou verzi..
Naposledy upravil(a) ManSlayer dne 29 bře 2011 17:57, celkem upraveno 1 x.
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Kontrola logu,thx

#4 Příspěvek od vyosek »

eset ale neni free, za jeho pouzivani je nutne platit, nebo jak to mate?

nedavejte log do code, spatne se to cte a boli z toho oci
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Kontrola logu,thx

#5 Příspěvek od vyosek »

:arrow: Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)
  • Provedte aktualizaci - treti zalozka
  • Provedte uplny sken - nic nemazte :!:
  • MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
ManSlayer
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 29 bře 2011 17:13

Re: Kontrola logu,thx

#6 Příspěvek od ManSlayer »

To sem skousel.. Nic..
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Kontrola logu,thx

#7 Příspěvek od vyosek »

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
:arrow: Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
  • Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
  • Pokud mate Win XP spustte pod uctem Spravce\Administratora
  • Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
  • Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
  • Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
  • Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
  • Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
  • Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
  • Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
ManSlayer
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 29 bře 2011 17:13

Re: Kontrola logu,thx

#8 Příspěvek od ManSlayer »

Toto ? :
ComboFix 11-03-28.05 - Administrator 29.03.2011 19:28:19.1.1 - x86
Running from: C:\Documents and Settings\Administrator\Desktop\ComboFix.exe


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Documents and Settings\Administrator\Application Data\Uninstal.exe
D:\install.exe


((((((((((((((((((((((((( Files Created from 2011-02-28 to 2011-03-29 )))))))))))))))))))))))))))))))


2011-03-29 16:05:29 . 2011-03-29 16:49:13 -------- d-----w- C:\Program Files\trend micro
2011-03-29 16:04:39 . 2011-03-29 16:11:47 -------- d-----w- C:\rsit
2011-03-27 08:49:12 . 2003-09-03 00:27:22 69715 ----a-w- C:\Program Files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\ctor.dll
2011-03-27 08:49:12 . 2003-09-03 00:26:36 266240 ----a-w- C:\Program Files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iscript.dll
2011-03-27 08:49:12 . 2003-09-03 00:26:06 192512 ----a-w- C:\Program Files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iuser.dll
2011-03-27 08:49:12 . 2003-09-03 00:25:54 5632 ----a-w- C:\Program Files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe
2011-03-27 08:49:10 . 2003-09-03 00:28:38 724992 ----a-w- C:\Program Files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iKernel.dll
2011-03-27 08:49:08 . 2011-03-27 08:49:08 311428 ----a-w- C:\Program Files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\Setup.dll
2011-03-27 08:49:08 . 2011-03-27 08:49:08 184452 ----a-w- C:\Program Files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iGdi.dll
2011-03-27 08:44:32 . 2011-03-27 08:44:32 12872 ----a-w- C:\WINDOWS\system32\bootdelete.exe
2011-03-27 08:04:32 . 2011-03-27 08:04:33 16968 ----a-w- C:\WINDOWS\system32\drivers\hitmanpro35.sys
2011-03-27 08:04:31 . 2011-03-27 08:04:31 -------- d-----w- C:\Program Files\Hitman Pro 3.5
2011-03-27 08:03:26 . 2011-03-27 08:44:48 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Hitman Pro
2011-03-27 07:20:52 . 2011-03-27 07:20:52 -------- d-----w- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
2011-03-27 07:20:40 . 2011-03-27 07:20:40 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2011-03-26 17:40:42 . 2011-03-26 17:40:42 -------- d-----w- C:\Program Files\ESET
2011-03-26 17:40:42 . 2011-03-26 17:40:42 -------- d-----w- C:\Documents and Settings\All Users\Application Data\ESET
2011-03-23 14:25:04 . 2011-03-23 14:25:04 -------- d-----w- C:\Documents and Settings\Administrator\Application Data\Microsoft Games
2011-03-17 18:40:59 . 2004-07-09 03:27:28 181248 -c--a-w- C:\WINDOWS\system32\dllcache\dmime.dll
2011-03-17 18:40:59 . 2002-12-11 23:14:32 98816 -c--a-w- C:\WINDOWS\system32\dllcache\dmstyle.dll
2011-03-17 18:40:59 . 2002-12-11 23:14:32 76800 -c--a-w- C:\WINDOWS\system32\dllcache\dmscript.dll
2011-03-17 18:40:59 . 2002-12-11 23:14:32 58368 -c--a-w- C:\WINDOWS\system32\dllcache\dmcompos.dll
2011-03-17 18:40:59 . 2002-12-11 23:14:32 33280 -c--a-w- C:\WINDOWS\system32\dllcache\dmloader.dll
2011-03-17 18:40:59 . 2002-12-11 23:14:32 27136 -c--a-w- C:\WINDOWS\system32\dllcache\dmband.dll
2011-03-17 18:40:59 . 2002-12-11 23:14:32 186880 -c--a-w- C:\WINDOWS\system32\dllcache\dsdmo.dll
2011-03-17 18:40:59 . 2002-12-11 23:14:32 1294336 -c--a-w- C:\WINDOWS\system32\dllcache\dsound3d.dll
2011-03-17 18:40:59 . 2002-12-11 23:14:32 100864 -c--a-w- C:\WINDOWS\system32\dllcache\dmsynth.dll
2011-03-17 18:40:57 . 2002-12-11 23:14:32 46592 ----a-w- C:\WINDOWS\system32\dxdllreg.exe
2011-03-17 16:19:33 . 2011-03-17 16:19:33 -------- d-----w- C:\Program Files\Conduit
2011-03-17 16:19:33 . 2011-03-17 16:19:33 -------- d-----w- C:\Documents and Settings\Administrator\Local Settings\Application Data\Conduit
2011-03-17 16:19:31 . 2011-03-17 16:19:31 -------- d-----w- C:\Documents and Settings\Administrator\Local Settings\Application Data\uTorrentBar
2011-03-17 16:19:21 . 2011-03-17 16:19:33 -------- d-----w- C:\Program Files\uTorrentBar
2011-03-10 19:07:01 . 2011-03-10 19:07:01 -------- d-----w- C:\Documents and Settings\All Users\Application Data\InstallShield
2011-03-10 19:06:51 . 2011-03-10 19:06:51 -------- d-----w- C:\Program Files\CZ
2011-03-10 19:06:19 . 2011-03-10 19:06:19 -------- d-----w- C:\WINDOWS\Downloaded Installations
2011-03-10 19:06:05 . 2011-03-14 13:10:39 -------- d-----w- C:\Documents and Settings\Administrator\Local Settings\Application Data\ApplicationHistory
2011-03-10 19:00:55 . 2011-03-10 19:00:55 -------- d-----w- C:\WINDOWS\system32\URTTEMP
2011-03-10 17:32:57 . 2011-03-10 17:33:27 -------- d-----w- C:\Documents and Settings\Administrator\Application Data\ViGlance
2011-03-10 17:32:56 . 2011-03-10 17:32:56 -------- d-----w- C:\Program Files\ViGlance
2011-03-10 17:09:43 . 2011-03-10 17:09:43 -------- d-----w- C:\Documents and Settings\Administrator\Application Data\Styler
2011-03-10 15:02:42 . 2011-03-26 11:19:47 -------- d-----w- C:\Program Files\Valve
2011-03-10 13:39:57 . 2011-03-26 17:37:05 -------- d-----w- C:\Documents and Settings\All Users\Application Data\AVAST Software
2011-03-10 13:39:57 . 2011-03-10 13:39:57 -------- d-----w- C:\Program Files\AVAST Software
2011-03-08 18:06:13 . 2011-03-08 18:07:40 -------- d-----w- C:\Program Files\ICQ7.4
2011-03-08 10:12:12 . 2011-03-08 10:12:12 -------- d-----w- C:\Program Files\Common Files\Java
2011-03-08 10:10:44 . 2011-03-08 10:10:44 -------- d-----w- C:\Documents and Settings\All Users\Application Data\McAfee
2011-03-06 15:14:48 . 2011-03-06 15:14:51 -------- d-----w- C:\Program Files\Microsoft Windows 7 Upgrade Advisor
2011-03-03 18:04:00 . 2011-03-03 18:12:21 -------- d-----w- C:\Program Files\Zrychlenie PC
2011-03-02 15:46:34 . 2011-03-02 15:46:34 -------- d-----w- C:\WINDOWS\system32\VIRepair
2011-03-02 14:46:52 . 2011-03-02 14:46:52 -------- d-----w- C:\Program Files\ViSplore
2011-03-02 14:46:48 . 2011-03-02 14:46:49 -------- d-----w- C:\Program Files\TrueTransparency
2011-03-02 14:46:45 . 2011-03-02 14:46:48 -------- d-----w- C:\Program Files\WinFlip
2011-03-02 14:46:36 . 2011-03-10 17:09:46 -------- d-----w- C:\Program Files\Styler
2011-03-02 14:46:27 . 2011-03-02 14:46:29 -------- d-----w- C:\Program Files\Vista Rainbar
2011-03-02 14:41:06 . 2011-03-02 15:48:24 -------- d-----w- C:\WINDOWS\system32\VITrans
2011-03-02 14:41:04 . 2011-03-02 14:50:26 -------- d-----w- C:\VTPFiles
2011-03-02 14:41:04 . 2006-12-03 16:15:34 111104 ----a-w- C:\WINDOWS\system32\Uharc.exe
2011-03-02 14:41:04 . 2006-12-03 16:15:22 19968 ----a-w- C:\WINDOWS\system32\reico.exe
2011-03-02 14:41:04 . 2006-12-03 16:14:24 8636 ----a-w- C:\WINDOWS\system32\modifype.exe
2011-03-02 14:41:03 . 2006-12-03 16:15:14 69632 ----a-w- C:\WINDOWS\system32\moveex.exe
2011-03-02 14:41:03 . 2004-11-27 18:00:00 94208 ----a-w- C:\WINDOWS\system32\pskill.exe
2011-03-02 14:40:10 . 2008-11-11 22:22:54 20480 ----a-w- C:\WINDOWS\system32\scrnrdr.exe


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2011-03-13 17:20:14 . 2011-02-19 11:33:00 234536 ----a-w- C:\WINDOWS\system32\PnkBstrB.exe
2011-03-13 17:20:14 . 2011-02-19 11:32:53 234536 ----a-w- C:\WINDOWS\system32\PnkBstrB.xtr
2011-03-11 17:50:26 . 2011-02-19 11:33:10 138520 ----a-w- C:\WINDOWS\system32\drivers\PnkBstrK.sys
2011-02-19 11:32:38 . 2011-02-19 11:32:38 75064 ----a-w- C:\WINDOWS\system32\PnkBstrA.exe
2011-02-09 13:53:52 . 2004-08-04 12:00:00 270848 ----a-w- C:\WINDOWS\system32\sbe.dll
2011-02-09 13:53:52 . 2004-08-04 12:00:00 186880 ----a-w- C:\WINDOWS\system32\encdec.dll
2011-02-08 19:35:51 . 2011-02-08 19:35:51 107888 ----a-w- C:\WINDOWS\system32\CmdLineExt.dll
2011-02-08 19:28:15 . 2011-02-08 19:28:15 444952 ----a-w- C:\WINDOWS\system32\wrap_oal.dll
2011-02-08 19:28:15 . 2011-02-08 19:28:15 109080 ----a-w- C:\WINDOWS\system32\OpenAL32.dll
2011-02-02 20:40:23 . 2010-10-23 14:58:09 472808 ----a-w- C:\WINDOWS\system32\deployJava1.dll
2011-02-02 18:19:39 . 2010-10-23 14:58:09 73728 ----a-w- C:\WINDOWS\system32\javacpl.cpl
2011-02-02 07:58:35 . 2010-08-19 01:34:30 2067456 ----a-w- C:\WINDOWS\system32\mstscax.dll
2011-01-28 12:36:59 . 2011-01-28 12:12:26 188128 ----a-w- C:\Documents and Settings\All Users\Application Data\Microsoft\VCSExpress\10.0\1033\ResourceCache.dll
2011-01-27 11:57:06 . 2010-08-19 01:34:30 677888 ----a-w- C:\WINDOWS\system32\mstsc.exe
2011-01-21 14:44:38 . 2004-08-04 12:00:00 439296 ----a-w- C:\WINDOWS\system32\shimgvw.dll
2011-01-13 18:03:50 . 2011-01-13 18:03:56 795632 ----a-w- C:\MediaBuild40.dll
2011-01-13 18:03:50 . 2011-01-13 18:03:56 480248 ----a-w- C:\ISTools.dll
2011-01-13 18:03:50 . 2011-01-13 18:03:56 111536 ----a-w- C:\iscab.exe
2011-01-13 10:48:52 . 2011-02-07 16:44:59 17280 ----a-w- C:\WINDOWS\system32\roboot.exe
2011-01-07 14:09:02 . 2004-08-04 12:00:00 290048 ----a-w- C:\WINDOWS\system32\atmfd.dll
2010-12-31 13:10:33 . 2004-08-04 12:00:00 1854976 ----a-w- C:\WINDOWS\system32\win32k.sys

Sorry , myslel sem ze se lagl pc tak sem ho restartl,log neni cely.. do 20 minut poslu cely
Nahoru
ManSlayer
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 29 bře 2011 17:13

Re: Kontrola logu,thx

#9 Příspěvek od ManSlayer »

Tak , a tu je cely log :
ComboFix 11-03-28.05 - Administrator 29.03.2011 20:24:55.2.1 - x86
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\documents and settings\Administrator\Application Data\Uninstal.exe
D:\install.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-02-28 to 2011-03-29 )))))))))))))))))))))))))))))))
.
.
2011-03-29 16:05 . 2011-03-29 16:49 -------- d-----w- c:\program files\trend micro
2011-03-29 16:04 . 2011-03-29 16:11 -------- d-----w- C:\rsit
2011-03-27 08:49 . 2003-09-03 00:27 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\ctor.dll
2011-03-27 08:49 . 2003-09-03 00:26 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iscript.dll
2011-03-27 08:49 . 2003-09-03 00:26 192512 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iuser.dll
2011-03-27 08:49 . 2003-09-03 00:25 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe
2011-03-27 08:49 . 2003-09-03 00:28 724992 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iKernel.dll
2011-03-27 08:49 . 2011-03-27 08:49 311428 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\Setup.dll
2011-03-27 08:49 . 2011-03-27 08:49 184452 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iGdi.dll
2011-03-27 08:44 . 2011-03-27 08:44 12872 ----a-w- c:\windows\system32\bootdelete.exe
2011-03-27 08:04 . 2011-03-27 08:04 16968 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-03-27 08:04 . 2011-03-27 08:04 -------- d-----w- c:\program files\Hitman Pro 3.5
2011-03-27 08:03 . 2011-03-27 08:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Hitman Pro
2011-03-27 07:20 . 2011-03-27 07:20 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2011-03-27 07:20 . 2011-03-27 07:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2011-03-26 17:40 . 2011-03-26 17:40 -------- d-----w- c:\program files\ESET
2011-03-26 17:40 . 2011-03-26 17:40 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2011-03-23 14:25 . 2011-03-23 14:25 -------- d-----w- c:\documents and settings\Administrator\Application Data\Microsoft Games
2011-03-17 18:40 . 2004-07-09 03:27 181248 -c--a-w- c:\windows\system32\dllcache\dmime.dll
2011-03-17 18:40 . 2002-12-11 23:14 98816 -c--a-w- c:\windows\system32\dllcache\dmstyle.dll
2011-03-17 18:40 . 2002-12-11 23:14 76800 -c--a-w- c:\windows\system32\dllcache\dmscript.dll
2011-03-17 18:40 . 2002-12-11 23:14 58368 -c--a-w- c:\windows\system32\dllcache\dmcompos.dll
2011-03-17 18:40 . 2002-12-11 23:14 33280 -c--a-w- c:\windows\system32\dllcache\dmloader.dll
2011-03-17 18:40 . 2002-12-11 23:14 27136 -c--a-w- c:\windows\system32\dllcache\dmband.dll
2011-03-17 18:40 . 2002-12-11 23:14 186880 -c--a-w- c:\windows\system32\dllcache\dsdmo.dll
2011-03-17 18:40 . 2002-12-11 23:14 1294336 -c--a-w- c:\windows\system32\dllcache\dsound3d.dll
2011-03-17 18:40 . 2002-12-11 23:14 100864 -c--a-w- c:\windows\system32\dllcache\dmsynth.dll
2011-03-17 18:40 . 2002-12-11 23:14 46592 ----a-w- c:\windows\system32\dxdllreg.exe
2011-03-17 16:19 . 2011-03-17 16:19 -------- d-----w- c:\program files\Conduit
2011-03-17 16:19 . 2011-03-17 16:19 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Conduit
2011-03-17 16:19 . 2011-03-17 16:19 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\uTorrentBar
2011-03-17 16:19 . 2011-03-17 16:19 -------- d-----w- c:\program files\uTorrentBar
2011-03-10 19:07 . 2011-03-10 19:07 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallShield
2011-03-10 19:06 . 2011-03-10 19:06 -------- d-----w- c:\program files\CZ
2011-03-10 19:06 . 2011-03-10 19:06 -------- d-----w- c:\windows\Downloaded Installations
2011-03-10 19:06 . 2011-03-14 13:10 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\ApplicationHistory
2011-03-10 19:00 . 2011-03-10 19:00 -------- d-----w- c:\windows\system32\URTTEMP
2011-03-10 17:32 . 2011-03-10 17:33 -------- d-----w- c:\documents and settings\Administrator\Application Data\ViGlance
2011-03-10 17:32 . 2011-03-10 17:32 -------- d-----w- c:\program files\ViGlance
2011-03-10 17:09 . 2011-03-10 17:09 -------- d-----w- c:\documents and settings\Administrator\Application Data\Styler
2011-03-10 15:02 . 2011-03-26 11:19 -------- d-----w- c:\program files\Valve
2011-03-10 13:39 . 2011-03-26 17:37 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software
2011-03-10 13:39 . 2011-03-10 13:39 -------- d-----w- c:\program files\AVAST Software
2011-03-08 18:06 . 2011-03-08 18:07 -------- d-----w- c:\program files\ICQ7.4
2011-03-08 10:12 . 2011-03-08 10:12 -------- d-----w- c:\program files\Common Files\Java
2011-03-08 10:10 . 2011-03-08 10:10 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2011-03-06 15:14 . 2011-03-06 15:14 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor
2011-03-03 18:04 . 2011-03-03 18:12 -------- d-----w- c:\program files\Zrychlenie PC
2011-03-02 15:46 . 2011-03-02 15:46 -------- d-----w- c:\windows\system32\VIRepair
2011-03-02 14:46 . 2011-03-02 14:46 -------- d-----w- c:\program files\ViSplore
2011-03-02 14:46 . 2011-03-02 14:46 -------- d-----w- c:\program files\TrueTransparency
2011-03-02 14:46 . 2011-03-02 14:46 -------- d-----w- c:\program files\WinFlip
2011-03-02 14:46 . 2011-03-10 17:09 -------- d-----w- c:\program files\Styler
2011-03-02 14:46 . 2011-03-02 14:46 -------- d-----w- c:\program files\Vista Rainbar
2011-03-02 14:41 . 2011-03-02 15:48 -------- d-----w- c:\windows\system32\VITrans
2011-03-02 14:41 . 2011-03-02 14:50 -------- d-----w- C:\VTPFiles
2011-03-02 14:41 . 2006-12-03 16:15 111104 ----a-w- c:\windows\system32\Uharc.exe
2011-03-02 14:41 . 2006-12-03 16:15 19968 ----a-w- c:\windows\system32\reico.exe
2011-03-02 14:41 . 2006-12-03 16:14 8636 ----a-w- c:\windows\system32\modifype.exe
2011-03-02 14:41 . 2006-12-03 16:15 69632 ----a-w- c:\windows\system32\moveex.exe
2011-03-02 14:41 . 2004-11-27 18:00 94208 ----a-w- c:\windows\system32\pskill.exe
2011-03-02 14:40 . 2008-11-11 22:22 20480 ----a-w- c:\windows\system32\scrnrdr.exe
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-13 17:20 . 2011-02-19 11:33 234536 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-03-13 17:20 . 2011-02-19 11:32 234536 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-03-11 17:50 . 2011-02-19 11:33 138520 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-02-19 11:32 . 2011-02-19 11:32 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-02-09 13:53 . 2004-08-04 12:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2004-08-04 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 19:35 . 2011-02-08 19:35 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-02-08 19:28 . 2011-02-08 19:28 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2011-02-08 19:28 . 2011-02-08 19:28 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-02-02 20:40 . 2010-10-23 14:58 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-02 18:19 . 2010-10-23 14:58 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-02-02 07:58 . 2010-08-19 01:34 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-28 12:36 . 2011-01-28 12:12 188128 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\VCSExpress\10.0\1033\ResourceCache.dll
2011-01-27 11:57 . 2010-08-19 01:34 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44 . 2004-08-04 12:00 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-13 18:03 . 2011-01-13 18:03 795632 ----a-w- C:\MediaBuild40.dll
2011-01-13 18:03 . 2011-01-13 18:03 480248 ----a-w- C:\ISTools.dll
2011-01-13 18:03 . 2011-01-13 18:03 111536 ----a-w- C:\iscab.exe
2011-01-13 10:48 . 2011-02-07 16:44 17280 ----a-w- c:\windows\system32\roboot.exe
2011-01-07 14:09 . 2004-08-04 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:10 . 2004-08-04 12:00 1854976 ----a-w- c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 11:51 3911776 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2010-12-09 11:51 3911776 ----a-w- c:\program files\uTorrentBar\tbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-04-19 484904]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"RDReminder"="c:\program files\RegClean Pro\RegCleanPro.exe" [2011-01-13 1429888]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2011-03-25 2402512]
"ICQ"="c:\program files\ICQ7.4\ICQ.exe" [2011-03-08 119608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2006-11-17 577536]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-04-14 13684736]
"nwiz"="nwiz.exe" [2009-04-14 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-04-14 86016]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-05-15 1628208]
"InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-05-15 1057328]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 56928]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-06 54832]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 2219184]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Administrator\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
Styler.lnk - c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe [2011-3-10 15086]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\WinSCP\\WinSCP.exe"=
"c:\\Documents and Settings\\Administrator\\Desktop\\Vsetko\\win server\\samp-server.exe"=
"d:\\CandyLongju Client 3.8\\CandyLongju.exe"=
"c:\\Program Files\\BitSpirit\\BitSpirit.exe"=
"d:\\World of Warcraft\\WoW-x.x.x.x-4.0.0.12911-Downloader.exe"=
"d:\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\Tunngle\\TnglCtrl.exe"=
"c:\\Program Files\\Tunngle\\Tunngle.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"d:\\EA Games\\BattleField 2\\BF2.exe"=
"c:\\Program Files\\ICQ7.4\\ICQ.exe"=
"c:\\Program Files\\Valve\\Garry's Mod\\hl2.exe"=
"c:\\Program Files\\Valve\\Garry's Mod\\srcds.exe"=
"d:\\Celestial-World\\Celestial-World.exe"=
"d:\\ryse of natyons\\thrones.exe"=
"d:\\Counter Strike\\hl.exe"=
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-03-25 136176]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x]
R3 Revolution1;Revolution1;c:\docume~1\ADMINI~1\LOCALS~1\Temp\Rar$EX01.672\Trade Hack 8.3\Trade Hack 8.3\SHAK3.sys [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-23 47128]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-10-10 691696]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
S1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys [2010-12-21 94872]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2011-01-12 810144]
S2 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [2010-11-22 718072]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-04-19 20:23 452136 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-02-23 c:\windows\Tasks\AWC Update.job
- c:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe [2011-02-19 13:24]
.
2011-03-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cbeb10dbec0bb8.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-03-25 17:19]
.
2011-03-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-03-25 17:19]
.
2011-02-07 c:\windows\Tasks\Regclean Pro_MONTHLY.job
- c:\program files\RegClean Pro\RegCleanPro.exe [2011-02-07 10:48]
.
2011-02-16 c:\windows\Tasks\Regclean Pro_UPDATES.job
- c:\program files\RegClean Pro\RegCleanPro.exe [2011-02-07 10:48]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.windowsxlive.net
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru/ie
IE: Download Using &BitSpirit - c:\program files\BitSpirit\bsurl.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\lidm6xf2.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: QipAuthorizer: {32a1fd71-835e-4b11-8e54-886fda0b4c89} - %profile%\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: uTorrentBar Community Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - %profile%\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 4095
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 1000000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 1000000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 1000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-KB968369 - c:\program files\Microsoft SQL Server\100\Setup Bootstrap\Update Cache\KB968369\ServicePack\setup.exe
AddRemove-Microsoft SQL Server 10 - c:\program files\Microsoft SQL Server\100\Setup Bootstrap\Release\x86\SetupARP.exe
AddRemove-Microsoft SQL Server 10 Release - c:\program files\Microsoft SQL Server\100\Setup Bootstrap\Release\x86\SetupARP.exe
AddRemove-Minecraft 1.2.0_02 - c:\documents and settings\Administrator\Application Data\Uninstal.exe
AddRemove-NCsoft-AionEU - c:\program files\ncsoft\launcher\NCLauncher.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-29 20:42
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(4068)
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2011-03-29 20:52:49
ComboFix-quarantined-files.txt 2011-03-29 18:52
.
Pre-Run: 1 597 702 144 bytes free
Post-Run: 1 558 716 416 voľných bajtov
.
- - End Of File - - 331560434A3D9FA6B2590CA7BA625B28
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Kontrola logu,thx

#10 Příspěvek od vyosek »

:arrow: Nasledujici soubory otestujte na VirusTotalu (viz muj podpis)
  • c:\windows\system32\bootdelete.exe
  • Kliknete na Prochazet
  • Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
  • Kliknete na Send File
  • Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
    Obrázek
  • Vysledek analyzy sem vlozte (jako odkaz)
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
ManSlayer
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 29 bře 2011 17:13

Re: Kontrola logu,thx

#11 Příspěvek od ManSlayer »

http://www.virustotal.com/file-scan/rep ... 1301425625
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Kontrola logu,thx

#12 Příspěvek od vyosek »

:arrow: Uvolnete volne misto na disku alespon na 5 giga, jinak se windows dusi

:arrow: Odinstalujte Combofix
  • Start - Spustit (nebo pouzijte klavesobou zkratku Win+R)
  • Napiste ComboFix /Uninstall
  • Stisknete Enter
  • Tohle smaze Combofix a jeho slozky
:arrow: T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: Stahnete OTL (viz muj podpis) a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
  • Zaskrtnete okenko Pro vsechny uzivatele
  • Zaskrtnete okenko Kontrola na havet "LOP"
  • Zaskrtnete okenko Kontrola na havet "Purity"
  • Stari souboru zmente z 30 dnu na 7 dnu
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
  • Kliknete na tlacitko Prohledat
  • Po dokonceni skenu (cca 5 az 10 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
ManSlayer
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 29 bře 2011 17:13

Re: Kontrola logu,thx

#13 Příspěvek od ManSlayer »

Mam anglickou verzi..Ktere mám dát? Run Scan , Quick Scan , CleanUp? Run scan skenuje celej hdd..
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Kontrola logu,thx

#14 Příspěvek od vyosek »

Ano, dejte Run Scan
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
ManSlayer
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 29 bře 2011 17:13

Re: Kontrola logu,thx

#15 Příspěvek od ManSlayer »

vyosek píše:Ano, dejte Run Scan
Sakra..Dal som Quick Scan,nevadí? Stejne to trvá dlouho ( už asi 20 min..)
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“