VIRY.CZ

ahoji,
tak vsechno provedeno na jejim notasku, tak snad nebude dlouho zadny problem

A ten muj je vic zabrzdeny nez jeji opet

Pritom by to melo byt papirove rychle

AMD Turion64 X2 1.6GHz (TL52), paměť 2048MB RAM, 15.4" širokoúhlý WXGA TFT displej, 120GB disk, DVD/RW/RAM mechanika, grafika nVidia 7600 256MB, WiFi, BT.

Popravde ani uz nevim, jak to vypada bez sekani.

Tady je log z meho:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Laydenka at 2010-08-20 17:03:54
Microsoft Windows 7 Ultimate
System drive C: has 2 GB (1%) free of 153 GB
Total RAM: 2047 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:04:05 PM, on 8/20/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Users\Laydenka\AppData\Local\Google\Update\1.2.183.29\GoogleCrashHandler.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Laydenka\Desktop\Virus Removal Tool\setup_9.0.0.722_15.09.2010_16-24\setup_9.0.0.722_15.09.2010_16-24.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\Laydenka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [GrpConv] grpconv -o
O4 - HKCU\..\Run: [Google Update] "C:\Users\Laydenka\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - Startup: setup_9.0.0.722_15.09.2010_16-24.lnk = C:\Users\Laydenka\Desktop\Virus Removal Tool\setup_9.0.0.722_15.09.2010_16-24\startup.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8551 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000005b0
\??\C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2012
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\rundll32.exe C:\Windows\system32\NVSVC64.DLL,nvsvcInitialize -first
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\rundll32.exe" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
"C:\Users\Laydenka\AppData\Local\Google\Update\1.2.183.29\GoogleCrashHandler.exe" /crashhandler
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\RocketDock\RocketDock.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\Laydenka\Desktop\Virus Removal Tool\setup_9.0.0.722_15.09.2010_16-24\setup_9.0.0.722_15.09.2010_16-24.exe"
"C:\Windows\system32\taskmgr.exe" /4
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=2784.6837ec0.1211417015 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 2784 plugin \\.\pipe\gecko-crash-server-pipe.2784
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\Laydenka\Desktop\RSITx64(2).exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1270311530-2584071053-1987869603-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1270311530-2584071053-1987869603-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2010-04-28 132456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-07-17 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2009-10-26 1702400]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-07-28 11101800]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2009-03-06 82464]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-03-06 15960096]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Laydenka\AppData\Local\Google\Update\GoogleUpdate.exe [2010-06-19 136176]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"RocketDock"=C:\Program Files (x86)\RocketDock\RocketDock.exe [2007-09-02 495616]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"=grpconv -o []

C:\Users\Laydenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
setup_9.0.0.722_15.09.2010_16-24.lnk - C:\Users\Laydenka\Desktop\Virus Removal Tool\setup_9.0.0.722_15.09.2010_16-24\startup.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktopChanges"=1
"NoDriveTypeAutoRun"=153

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-08-25 06:42:34 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2010-08-25 06:42:34 ----A---- C:\Windows\system32\oleaut32.dll
2010-08-21 12:50:35 ----D---- C:\Users\Laydenka\AppData\Roaming\Avira
2010-08-21 12:46:39 ----A---- C:\Windows\SYSWOW64\drivers\avgntmgr.sys
2010-08-21 12:46:39 ----A---- C:\Windows\SYSWOW64\drivers\avgntdd.sys
2010-08-21 12:46:39 ----A---- C:\Windows\system32\drivers\avipbb.sys
2010-08-21 12:46:39 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2010-08-21 12:46:38 ----D---- C:\ProgramData\Avira
2010-08-21 12:46:38 ----D---- C:\Program Files (x86)\Avira
2010-08-20 23:30:47 ----D---- C:\Users\Laydenka\AppData\Roaming\vlc
2010-08-20 23:30:20 ----D---- C:\Program Files (x86)\VideoLAN
2010-08-20 17:03:54 ----D---- C:\rsit
2010-08-20 16:15:28 ----A---- C:\Windows\system32\drivers\82919902.sys
2010-08-20 16:15:28 ----A---- C:\Windows\system32\drivers\82919901.sys
2010-08-20 16:15:28 ----A---- C:\Windows\system32\drivers\8291990.sys
2010-08-20 16:07:24 ----D---- C:\ProgramData\Kaspersky Lab
2010-08-20 15:23:09 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2010-08-20 15:23:09 ----A---- C:\Windows\system32\iertutil.dll
2010-08-20 15:21:06 ----A---- C:\Windows\system32\spoolsv.exe
2010-08-19 16:48:02 ----AD---- C:\Windows\rundll16.exe
2010-08-19 16:48:02 ----AD---- C:\Windows\logo1_.exe
2010-08-19 16:41:38 ----AD---- C:\Windows\VDLL.DLL
2010-08-19 16:41:38 ----AD---- C:\Windows\SYSWOW64\runouce.exe
2010-08-19 16:41:38 ----AD---- C:\Windows\RUNDL132.EXE
2010-08-19 16:41:38 ----AD---- C:\Windows\logo_1.exe
2010-08-19 16:38:59 ----A---- C:\Windows\SYSWOW64\msvcr80.dll
2010-08-19 16:38:58 ----A---- C:\Windows\SYSWOW64\msvcp80.dll
2010-08-19 16:38:57 ----A---- C:\Windows\SYSWOW64\eEmpty.exe
2010-08-19 16:38:41 ----D---- C:\ProgramData\MicroWorld
2010-08-18 18:34:28 ----D---- C:\Program Files (x86)\QIP Infium PafoPack 9040
2010-08-17 19:05:10 ----D---- C:\Users\Laydenka\AppData\Roaming\Malwarebytes
2010-08-17 19:04:53 ----D---- C:\ProgramData\Malwarebytes
2010-08-17 19:04:53 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-08-17 13:58:33 ----A---- C:\Windows\system32\nvexpbar.dll
2010-08-17 13:56:09 ----A---- C:\Windows\system32\nvwssr.dll
2010-08-17 13:56:09 ----A---- C:\Windows\system32\nvwss.dll
2010-08-17 13:56:09 ----A---- C:\Windows\system32\nvvitvsr.dll
2010-08-17 13:56:09 ----A---- C:\Windows\system32\nvvitvs.dll
2010-08-17 13:56:08 ----A---- C:\Windows\system32\nvmoblsr.dll
2010-08-17 13:56:08 ----A---- C:\Windows\system32\nvmobls.dll
2010-08-17 13:56:08 ----A---- C:\Windows\system32\nvgamesr.dll
2010-08-17 13:56:07 ----A---- C:\Windows\system32\nvgames.dll
2010-08-17 13:56:07 ----A---- C:\Windows\system32\nvdispsr.dll
2010-08-17 13:56:07 ----A---- C:\Windows\system32\nvdisps.dll
2010-08-17 13:56:06 ----A---- C:\Windows\system32\nvcolor.exe
2010-08-17 13:56:06 ----A---- C:\Windows\system32\nvcod100.dll
2010-08-17 13:55:45 ----A---- C:\Windows\Nvidia Omega Drivers v1.169.25 Uninstall.exe
2010-08-17 13:54:54 ----D---- C:\nVidia Forceware
2010-08-16 17:10:42 ----D---- C:\Program Files\trend micro
2010-08-12 21:00:17 ----D---- C:\Users\Laydenka\AppData\Roaming\AnvSoft
2010-08-12 21:00:14 ----D---- C:\Program Files (x86)\AnvSoft
2010-08-11 15:41:23 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-08-11 15:41:22 ----A---- C:\Windows\system32\schannel.dll
2010-08-11 15:41:22 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-08-11 15:41:22 ----A---- C:\Windows\system32\drivers\srv.sys
2010-08-11 15:41:21 ----A---- C:\Windows\SYSWOW64\schannel.dll
2010-08-11 15:41:11 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-11 15:41:08 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2010-08-11 15:41:08 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-11 15:41:07 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2010-08-11 15:40:59 ----A---- C:\Windows\system32\mshtml.dll
2010-08-11 15:40:56 ----A---- C:\Windows\system32\ieframe.dll
2010-08-11 15:40:55 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2010-08-11 15:40:53 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2010-08-11 15:40:53 ----A---- C:\Windows\system32\urlmon.dll
2010-08-11 15:40:52 ----A---- C:\Windows\system32\wininet.dll
2010-08-11 15:40:51 ----A---- C:\Windows\SYSWOW64\wininet.dll
2010-08-11 15:40:51 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2010-08-11 15:40:51 ----A---- C:\Windows\SYSWOW64\mstime.dll
2010-08-11 15:40:51 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2010-08-11 15:40:51 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2010-08-11 15:40:51 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2010-08-11 15:40:51 ----A---- C:\Windows\SYSWOW64\ieui.dll
2010-08-11 15:40:51 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2010-08-11 15:40:51 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2010-08-11 15:40:51 ----A---- C:\Windows\system32\mstime.dll
2010-08-11 15:40:51 ----A---- C:\Windows\system32\msfeedssync.exe
2010-08-11 15:40:51 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-08-11 15:40:51 ----A---- C:\Windows\system32\jsproxy.dll
2010-08-11 15:40:51 ----A---- C:\Windows\system32\ieui.dll
2010-08-11 15:40:51 ----A---- C:\Windows\system32\iepeers.dll
2010-08-11 15:40:51 ----A---- C:\Windows\system32\iedkcs32.dll
2010-08-11 15:40:44 ----A---- C:\Windows\system32\rtutils.dll
2010-08-11 15:40:43 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2010-08-11 15:40:42 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2010-08-11 15:40:40 ----A---- C:\Windows\system32\win32k.sys
2010-08-11 15:40:39 ----A---- C:\Windows\system32\msxml3.dll
2010-08-11 15:40:38 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2010-08-10 12:48:24 ----D---- C:\Program Files (x86)\EasyLanguage
2010-08-09 17:23:24 ----D---- C:\Program Files (x86)\Landi2003
2010-08-09 17:23:18 ----N---- C:\Windows\Setup1.exe
2010-08-09 17:23:14 ----A---- C:\Windows\ST6UNST.EXE
2010-08-07 21:38:19 ----D---- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 2
2010-08-07 21:26:28 ----D---- C:\Program Files\Windows Doctor
2010-08-07 21:26:12 ----D---- C:\Program Files (x86)\Windows Doctor
2010-08-07 20:47:24 ----D---- C:\Program Files\Realtek
2010-08-07 20:47:23 ----D---- C:\Windows\SYSWOW64\RTCOM
2010-08-07 20:46:44 ----A---- C:\Windows\system32\WavesGUILib.dll
2010-08-07 20:46:44 ----A---- C:\Windows\system32\SRSWOW64.dll
2010-08-07 20:46:44 ----A---- C:\Windows\system32\SRSTSX64.dll
2010-08-07 20:46:44 ----A---- C:\Windows\system32\SRSTSH64.dll
2010-08-07 20:46:44 ----A---- C:\Windows\system32\SRSHP64.dll
2010-08-07 20:46:43 ----A---- C:\Windows\SYSWOW64\SFCOM.dll
2010-08-07 20:46:43 ----A---- C:\Windows\system32\SFNHK64.dll
2010-08-07 20:46:43 ----A---- C:\Windows\system32\SFCOM64.dll
2010-08-07 20:46:43 ----A---- C:\Windows\system32\SFAPO64.dll
2010-08-07 20:46:43 ----A---- C:\Windows\system32\RtPgEx64.dll
2010-08-07 20:46:42 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2010-08-07 20:46:42 ----A---- C:\Windows\system32\RtkCfg64.dll
2010-08-07 20:46:42 ----A---- C:\Windows\system32\RtkAPO64.dll
2010-08-07 20:46:42 ----A---- C:\Windows\system32\RtkApi64.dll
2010-08-07 20:46:42 ----A---- C:\Windows\system32\RTEEP64A.dll
2010-08-07 20:46:42 ----A---- C:\Windows\system32\RTEEL64A.dll
2010-08-07 20:46:42 ----A---- C:\Windows\system32\RTEEG64A.dll
2010-08-07 20:46:42 ----A---- C:\Windows\system32\RTEED64A.dll
2010-08-07 20:46:42 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2010-08-07 20:46:41 ----A---- C:\Windows\system32\RTCOM64.dll
2010-08-07 20:46:41 ----A---- C:\Windows\system32\RP3DHT64.dll
2010-08-07 20:46:41 ----A---- C:\Windows\system32\RP3DAA64.dll
2010-08-07 20:46:41 ----A---- C:\Windows\system32\RCoInst64.dll
2010-08-07 20:46:40 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll
2010-08-07 20:46:40 ----A---- C:\Windows\system32\MaxxAudioRealtek.dll
2010-08-07 20:46:40 ----A---- C:\Windows\system32\MaxxAudioEQ.dll
2010-08-07 20:46:40 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2010-08-07 20:46:40 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2010-08-07 20:46:38 ----A---- C:\Windows\system32\FMAPO64.dll
2010-08-07 20:46:38 ----A---- C:\Windows\system32\DTSVoiceClarityDLL64.dll
2010-08-07 20:46:38 ----A---- C:\Windows\system32\DTSSymmetryDLL64.dll
2010-08-07 20:46:38 ----A---- C:\Windows\system32\DTSS2SpeakerDLL64.dll
2010-08-07 20:46:38 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2010-08-07 20:46:38 ----A---- C:\Windows\system32\DTSNeoPCDLL64.dll
2010-08-07 20:46:38 ----A---- C:\Windows\system32\DTSLimiterDLL64.dll
2010-08-07 20:46:38 ----A---- C:\Windows\system32\DTSLFXAPO64.dll
2010-08-07 20:46:38 ----A---- C:\Windows\system32\DTSGFXAPONS64.dll
2010-08-07 20:46:38 ----A---- C:\Windows\system32\DTSGFXAPO64.dll
2010-08-07 20:46:38 ----A---- C:\Windows\system32\DTSGainCompensatorDLL64.dll
2010-08-07 20:46:37 ----D---- C:\Program Files (x86)\Realtek
2010-08-07 20:46:37 ----A---- C:\Windows\system32\DTSBoostDLL64.dll
2010-08-07 20:46:37 ----A---- C:\Windows\system32\DTSBassEnhancementDLL64.dll
2010-08-07 20:46:37 ----A---- C:\Windows\system32\AERTAR64.dll
2010-08-07 20:46:37 ----A---- C:\Windows\system32\AERTAC64.dll
2010-08-07 20:40:35 ----HD---- C:\Program Files (x86)\Temp
2010-08-07 20:40:35 ----A---- C:\Windows\RtlExUpd.dll
2010-08-07 19:46:24 ----A---- C:\Windows\SYSWOW64\RicohMediadriverVer.dll
2010-08-07 19:46:23 ----A---- C:\Windows\system32\drivers\rimmpx64.sys
2010-08-07 19:46:22 ----A---- C:\Windows\system32\drivers\rimspx64.sys
2010-08-07 19:46:20 ----A---- C:\Windows\system32\snymsico.dll
2010-08-07 19:40:41 ----A---- C:\Windows\SYSWOW64\javaws.exe
2010-08-07 19:40:41 ----A---- C:\Windows\SYSWOW64\javaw.exe
2010-08-07 19:40:41 ----A---- C:\Windows\SYSWOW64\java.exe
2010-08-07 19:29:20 ----D---- C:\Program Files\ATI Technologies
2010-08-07 19:29:16 ----D---- C:\Program Files\ATI
2010-08-07 19:27:53 ----D---- C:\ATI
2010-08-05 22:35:49 ----DC---- C:\Windows\system32\DRVSTORE
2010-08-05 22:35:49 ----A---- C:\Windows\system32\drivers\fssfltr.sys
2010-08-05 22:35:48 ----D---- C:\Program Files\Windows Live
2010-08-05 22:21:39 ----D---- C:\Program Files\Motorola
2010-08-05 22:20:29 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2010-08-05 22:10:06 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2010-08-05 22:10:05 ----A---- C:\Windows\system32\drivers\sdbus.sys
2010-08-05 21:20:39 ----A---- C:\Users\Laydenka\AppData\Roaming\myMPQ.ini
2010-08-05 20:38:39 ----D---- C:\Program Files (x86)\Microsoft Sync Framework
2010-08-05 20:38:29 ----D---- C:\Program Files (x86)\Microsoft
2010-08-05 20:37:39 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2010-08-05 20:37:09 ----D---- C:\Program Files (x86)\Windows Live SkyDrive
2010-08-05 20:37:03 ----D---- C:\Program Files (x86)\Windows Live
2010-08-04 16:06:58 ----D---- C:\Program Files (x86)\ViaVoice
2010-08-04 16:06:58 ----A---- C:\Windows\SYSWOW64\VVRtkReg.dll
2010-08-04 16:06:58 ----A---- C:\Windows\SYSWOW64\vvrtkclients.dll
2010-08-04 16:06:58 ----A---- C:\Windows\SYSWOW64\setresuk.dll
2010-08-04 16:06:58 ----A---- C:\Windows\SYSWOW64\roboex32.dll
2010-08-04 16:06:56 ----A---- C:\Windows\IsUninst.exe
2010-08-04 15:16:45 ----D---- C:\Users\Laydenka\AppData\Roaming\LANGMaster
2010-08-04 15:16:41 ----D---- C:\Program Files (x86)\LANGMaster
2010-08-04 15:16:39 ----D---- C:\ProgramData\LANGMaster
2010-08-03 23:04:48 ----D---- C:\Windows\RegisteredPackages
2010-08-03 12:52:15 ----A---- C:\Windows\system32\shell32.dll
2010-08-03 12:52:14 ----A---- C:\Windows\SYSWOW64\shell32.dll
2010-08-02 15:40:05 ----A---- C:\Windows\Sandboxie.ini
2010-08-01 14:32:37 ----D---- C:\ProgramData\Blizzard Entertainment
2010-07-29 17:17:12 ----D---- C:\Users\Laydenka\AppData\Roaming\HpUpdate
2010-07-29 17:17:08 ----D---- C:\Windows\Hewlett-Packard
2010-07-29 13:01:43 ----D---- C:\ProgramData\NexonEU
2010-07-29 12:03:47 ----D---- C:\Nexon
2010-07-29 12:03:46 ----A---- C:\Windows\NEXON_EU_DownloaderUpdater.exe
2010-07-25 23:22:16 ----D---- C:\ProgramData\Google
2010-07-25 23:21:56 ----D---- C:\Program Files (x86)\Google
2010-07-22 17:51:59 ----D---- C:\ProgramData\WEBREG
2010-07-22 17:51:43 ----D---- C:\Users\Laydenka\AppData\Roaming\HP
2010-07-22 16:09:03 ----D---- C:\ProgramData\HP Product Assistant
2010-07-22 16:08:31 ----D---- C:\Windows\SYSWOW64\spool
2010-07-22 16:04:48 ----D---- C:\Program Files (x86)\HP
2010-07-22 16:04:47 ----HD---- C:\Config.Msi
2010-07-22 16:02:47 ----D---- C:\ProgramData\HP
2010-07-22 16:02:31 ----A---- C:\Windows\system32\hpzids40.dll
2010-07-22 16:02:31 ----A---- C:\Windows\system32\hpowiav1.dll
2010-07-22 16:02:31 ----A---- C:\Windows\system32\hpovst01.dll
2010-07-22 16:02:31 ----A---- C:\Windows\system32\hpotscl1.dll

======List of files/folders modified in the last 1 months======

2010-08-28 05:30:10 ----D---- C:\Windows\system32\NDF
2010-08-28 04:49:25 ----D---- C:\Windows\system32\drivers\etc
2010-08-26 21:45:13 ----D---- C:\Windows\twain_32
2010-08-25 06:46:57 ----D---- C:\Windows\AppPatch
2010-08-20 20:52:11 ----D---- C:\Windows\system32\wdi
2010-08-20 17:04:01 ----D---- C:\Windows\Temp
2010-08-20 16:17:57 ----SHD---- C:\System Volume Information
2010-08-20 16:15:35 ----D---- C:\Windows\system32\drivers
2010-08-20 16:15:31 ----D---- C:\Windows\Prefetch
2010-08-20 16:05:10 ----D---- C:\Program Files (x86)\Steam
2010-08-20 15:54:05 ----D---- C:\Windows\system32\config
2010-08-20 15:40:37 ----D---- C:\Windows\winsxs
2010-08-20 15:38:33 ----D---- C:\Windows\SysWOW64
2010-08-20 15:38:33 ----D---- C:\Windows\System32
2010-08-20 15:33:59 ----D---- C:\Users\Laydenka\AppData\Roaming\AIMP
2010-08-20 15:27:39 ----SHD---- C:\Windows\Installer
2010-08-20 15:27:32 ----D---- C:\ProgramData\Microsoft Help
2010-08-20 15:24:18 ----D---- C:\Windows\debug
2010-08-20 15:24:07 ----A---- C:\Windows\system32\MRT.exe
2010-08-20 15:23:14 ----D---- C:\Windows\system32\catroot
2010-08-20 15:19:53 ----D---- C:\Windows\system32\catroot2
2010-08-20 14:42:34 ----D---- C:\Program Files (x86)\CCleaner
2010-08-19 20:11:31 ----D---- C:\Windows
2010-08-19 19:50:12 ----D---- C:\stazeno
2010-08-19 19:49:10 ----D---- C:\share Utorrent
2010-08-19 19:29:52 ----D---- C:\Users\Laydenka\AppData\Roaming\uTorrent
2010-08-19 17:11:54 ----D---- C:\Windows\inf
2010-08-19 17:11:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-08-19 16:50:04 ----D---- C:\Users\Laydenka\AppData\Roaming\ICQ
2010-08-19 16:38:51 ----D---- C:\Program Files (x86)\Common Files
2010-08-19 16:38:41 ----HD---- C:\ProgramData
2010-08-18 21:19:21 ----D---- C:\Program Files (x86)\uTorrent
2010-08-18 18:34:55 ----RD---- C:\Program Files (x86)
2010-08-17 18:02:23 ----D---- C:\QIP Infium JadrisPack
2010-08-17 14:18:15 ----D---- C:\ProgramData\NVIDIA
2010-08-17 14:13:08 ----D---- C:\Windows\system32\DriverStore
2010-08-16 20:38:16 ----D---- C:\Program Files (x86)\HLSW
2010-08-16 20:34:46 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2010-08-16 14:09:06 ----SHD---- C:\$Recycle.Bin
2010-08-11 17:34:57 ----D---- C:\Windows\Microsoft.NET
2010-08-11 17:34:24 ----RSD---- C:\Windows\assembly
2010-08-11 16:04:27 ----D---- C:\Windows\SYSWOW64\migration
2010-08-11 16:04:27 ----D---- C:\Windows\system32\migration
2010-08-11 16:04:27 ----D---- C:\Program Files\Internet Explorer
2010-08-11 16:04:27 ----D---- C:\Program Files (x86)\Internet Explorer
2010-08-10 20:51:04 ----D---- C:\Program Files (x86)\AIMP2
2010-08-10 09:39:36 ----D---- C:\Windows\Downloaded Program Files
2010-08-09 21:31:08 ----SD---- C:\Users\Laydenka\AppData\Roaming\Microsoft
2010-08-09 11:16:05 ----D---- C:\Windows\SYSWOW64\drivers
2010-08-07 20:47:24 ----RD---- C:\Program Files
2010-08-07 20:46:37 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-08-07 19:40:35 ----D---- C:\Program Files (x86)\Java
2010-08-07 19:34:48 ----D---- C:\NVIDIA
2010-08-07 19:30:04 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-08-07 14:54:12 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-08-05 23:06:35 ----RSD---- C:\Windows\Fonts
2010-08-05 23:05:52 ----D---- C:\Program Files (x86)\Microsoft Works
2010-08-05 22:21:21 ----SD---- C:\ProgramData\Microsoft
2010-08-05 22:01:47 ----A---- C:\Windows\win.ini
2010-08-04 16:07:13 ----D---- C:\Windows\Speech
2010-08-04 15:30:28 ----D---- C:\Windows\system32\Tasks
2010-08-03 23:04:43 ----D---- C:\Windows\Cursors
2010-08-02 16:13:17 ----D---- C:\games
2010-08-02 15:51:38 ----D---- C:\mp3
2010-07-25 23:23:46 ----D---- C:\Windows\Tasks
2010-07-23 18:00:30 ----D---- C:\ProgramData\Adobe
2010-07-23 18:00:06 ----D---- C:\Users\Laydenka\AppData\Roaming\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 82919902;82919902 Boot Guard Driver; C:\Windows\system32\DRIVERS\82919902.sys [2009-10-22 40464]
R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2009-08-04 241696]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-06-19 834544]
R1 82919901;82919901; C:\Windows\system32\DRIVERS\82919901.sys [2009-09-25 157712]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2010-03-02 116568]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 setup_9.0.0.722_15.09.2010_16-24drv;setup_9.0.0.722_15.09.2010_16-24drv; C:\Windows\system32\DRIVERS\8291990.sys [2009-10-09 352784]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-02-16 81072]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2009-11-16 47632]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2009-06-25 67584]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimspx64.sys [2009-06-25 55296]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-05-29 2307584]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-07-28 2445672]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2009-07-14 24064]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2007-08-09 13680]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-10-10 109056]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2009-10-26 1202688]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 ani2cm4d;ani2cm4d; C:\Windows\system32\drivers\ani2cm4d.sys []
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-04-28 61288]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2008-05-02 23552]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2008-05-02 18432]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2008-05-02 8704]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys [2008-05-02 8704]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2010-04-01 267432]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-03-06 364064]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2010-06-26 66872]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-07-25 136176]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 fsssvc;Služba Windows Live Zabezpecení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-04-28 704872]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2010-06-19 395048]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-19 1255736]

-----------------EOF-----------------

Máš spuštěný AVptool, našel něco?
Zkus na zkoušku odinstalovat Daemon, někdy dělá v pc binec.

tak jsem udelala co jsi rikala + googlovala o zivot a zjistila sem, ze ten muj notasek je vlastne smejd :/ Ma naky neduhy a prej za sekani atddd. muze dvd vypalovacka. Chce to novy FW, ktery to opravuje, ale ten za nic na svete nemuzu najit (Matshita UJ-850S).
Asi zesilim

ps: AWPtool nasel, ale nic hroznyho

Můžeš mi prosím dát odkaz na stránku, kde to psali?

Cesky tuu http://forum.zive.cz/viewtopic.php?f=90 ... start=2595
Prispevek od "artim808". Potom dal nekde pisou, ze to funguje i na tu dvd, co mam ja. Akorat nikde nepisou jak to udelat, kde stahnout FW atdd. Hruza hruza.

Jinak je toho plny internet, ale odkaz na stahnuti nikde. A kdyz je, tak plny viru :-X

Uz mam toho pro dnesek dost. Tak si usetrim nervy na zitra

brouu

Já se zeptám kolegu

Dobrý večer. Poznatek uživatele Artim808 se ale týká NB s mechanikou Toshiba-Samsung TS-L632D
Vy máte Matsushita DVD-RAM UJ-850S. Údajně by měl existovat firmware verze RA23, ten se mi ale nepodařilo nikde najít. Takže buď na stránkách výrobce NB nebo je tu taky možnost, že takový firmware nikdy neexistoval. Mě se podařilo najít pouze verzi 1.0.1 a to pouze pro mechaniku UJ-850.
(jestli se opravdu jedná o firmware jsem neprověřoval)
Mrkněte se spíše na teplotu CPU, zda není moc vysoká. To je nejčastější příčina těchto problémů u NB.
Zanese se nečistotami a začne se přehřívat.
Taky by bylo dobré sledovat vytížení CPU procesy např. v ProcessExploreru.

Krasny vecer

,

Tak, precteno, pogooglovano a nenalezeno nic, co by pomohlo. Oni tam pisou i o grafice, ze se prej prehriva a zpusobuje taky sekani. Akorat ze mam teda teplotu CPU 60, GPU 63, HDD 37 a vetracky jedou o106. Novy FW na Bios desky necha zapnuty neustale vetrak, at se deje co se deje. Zaneseny by to byt nemelo. Jsem to mela pred nejakou dobou otevrite :guitar:

Jednou sem tu s vama lecila notasek uz, a po "vyleceni" sel windows stejne do tralala

Jsem vzala instalacni CD windowsu a tralala. Prvni to porad odmitalo instalovat. Tak jsem udelala reset biosu v biosu a rozjelo se to. Akorat ze se seklo u formatu hdd. Po tvrdem restartu uz ani se neslo dostat do Biosu (to zatuhlo u cteni HDD) S odpojenym se slo dostat do Biosu, proto vim, ze to neni zaneradeny ty vetracky atd.

Tak sem vzala cely notasek do servisu, kde se ten clovek dostal do "matrixu" toho HDD a vymazal tam nejake kody. Behem mazani rikal, ze se tohle deje proto, ze chytnu nejaky vir, ktery si alokuje treba 2GB z disku tak, ze to nepozna ani windows a pry ani bios. Promazal "matrix", dal ho zpet do notasku a notas se rozjel.

Taaak se ptam, neni nejaky programek, ktery by dokazal vejit do "matrixu" a tam to zkontroloval, jestli je vsechno v poradku? Ten HDD slysim i ted ze neco dela, a to ho nema co "probrnkavat" kdyz vam tu jen pisu sloh

Pro motji: jsem moc litala po asi nebezpecnych strankach. Mozna nic nemam, ale ty tomu rozumis a umis v tom cist. Tak jestli by si mi zkontrolovala jeste jednou novy log, prosim. Dekujuu tobe a MiliNess za cas :-*

Logfile of random's system information tool 1.08 (written by random/random)
Run by Laydenka at 2010-09-16 19:38:12
Microsoft Windows 7 Ultimate
System drive C: has 3 GB (2%) free of 153 GB
Total RAM: 2047 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:38:16 PM, on 9/16/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Users\Laydenka\AppData\Local\Google\Update\1.2.183.29\GoogleCrashHandler.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\Laydenka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Google Update] "C:\Users\Laydenka\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [NVIDIA nTune] C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe resetprofile
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8478 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\rundll32.exe C:\Windows\system32\NVSVC64.DLL,nvsvcInitialize -first
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000644
\??\C:\Windows\system32\conhost.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe" /StartService
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe" /StartService
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\rundll32.exe" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\RocketDock\RocketDock.exe"
WLIDSvcM.exe 2264
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Users\Laydenka\AppData\Local\Google\Update\1.2.183.29\GoogleCrashHandler.exe" /crashhandler
"C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3116.7d7bc80.1147695450 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 3116 plugin \\.\pipe\gecko-crash-server-pipe.3116
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\Laydenka\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1270311530-2584071053-1987869603-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1270311530-2584071053-1987869603-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2010-04-28 132456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-07-17 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2009-10-26 1702400]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-07-28 11101800]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2009-03-06 82464]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-03-06 15960096]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Laydenka\AppData\Local\Google\Update\GoogleUpdate.exe [2010-06-19 136176]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"RocketDock"=C:\Program Files (x86)\RocketDock\RocketDock.exe [2007-09-02 495616]
"NVIDIA nTune"=C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe [2008-08-18 145408]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktopChanges"=1
"NoDriveTypeAutoRun"=153

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-09-16 18:47:48 ----A---- C:\Windows\SYSWOW64\pi_data.txt
2010-09-16 18:47:29 ----A---- C:\Windows\SYSWOW64\pi_rec.txt
2010-09-16 17:27:19 ----A---- C:\Windows\system32\msvcr71.dll
2010-09-16 17:27:19 ----A---- C:\Windows\system32\msvcp71.dll
2010-09-16 17:27:18 ----A---- C:\Windows\system32\MFC71.dll
2010-09-16 17:26:55 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2010-09-16 17:24:52 ----A---- C:\Windows\system32\NVUNINST.EXE
2010-09-16 16:44:20 ----D---- C:\Program Files (x86)\Lavalys
2010-09-15 21:42:54 ----D---- C:\dell
2010-08-25 06:42:34 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2010-08-25 06:42:34 ----A---- C:\Windows\system32\oleaut32.dll
2010-08-21 12:50:35 ----D---- C:\Users\Laydenka\AppData\Roaming\Avira
2010-08-21 12:46:39 ----A---- C:\Windows\SYSWOW64\drivers\avgntmgr.sys
2010-08-21 12:46:39 ----A---- C:\Windows\SYSWOW64\drivers\avgntdd.sys
2010-08-21 12:46:39 ----A---- C:\Windows\system32\drivers\avipbb.sys
2010-08-21 12:46:39 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2010-08-21 12:46:38 ----D---- C:\ProgramData\Avira
2010-08-21 12:46:38 ----D---- C:\Program Files (x86)\Avira
2010-08-20 23:30:47 ----D---- C:\Users\Laydenka\AppData\Roaming\vlc
2010-08-20 23:30:20 ----D---- C:\Program Files (x86)\VideoLAN
2010-08-20 20:02:19 ----D---- C:\ProgramData\Driver Whiz
2010-08-20 18:35:29 ----A---- C:\Debug.txt
2010-08-20 17:03:54 ----D---- C:\rsit
2010-08-20 16:07:24 ----D---- C:\ProgramData\Kaspersky Lab
2010-08-20 15:23:09 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2010-08-20 15:23:09 ----A---- C:\Windows\system32\iertutil.dll
2010-08-20 15:21:06 ----A---- C:\Windows\system32\spoolsv.exe
2010-08-19 16:48:02 ----AD---- C:\Windows\rundll16.exe
2010-08-19 16:48:02 ----AD---- C:\Windows\logo1_.exe
2010-08-19 16:41:38 ----AD---- C:\Windows\VDLL.DLL
2010-08-19 16:41:38 ----AD---- C:\Windows\SYSWOW64\runouce.exe
2010-08-19 16:41:38 ----AD---- C:\Windows\RUNDL132.EXE
2010-08-19 16:41:38 ----AD---- C:\Windows\logo_1.exe
2010-08-19 16:38:59 ----A---- C:\Windows\SYSWOW64\msvcr80.dll
2010-08-19 16:38:58 ----A---- C:\Windows\SYSWOW64\msvcp80.dll
2010-08-19 16:38:57 ----A---- C:\Windows\SYSWOW64\eEmpty.exe
2010-08-19 16:38:41 ----D---- C:\ProgramData\MicroWorld
2010-08-18 18:34:28 ----D---- C:\Program Files (x86)\QIP Infium PafoPack 9040
2010-08-17 19:05:10 ----D---- C:\Users\Laydenka\AppData\Roaming\Malwarebytes
2010-08-17 19:04:53 ----D---- C:\ProgramData\Malwarebytes
2010-08-17 19:04:53 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-08-17 13:58:33 ----A---- C:\Windows\system32\nvexpbar.dll
2010-08-17 13:56:09 ----A---- C:\Windows\system32\nvwssr.dll
2010-08-17 13:56:09 ----A---- C:\Windows\system32\nvwss.dll
2010-08-17 13:56:09 ----A---- C:\Windows\system32\nvvitvsr.dll
2010-08-17 13:56:09 ----A---- C:\Windows\system32\nvvitvs.dll
2010-08-17 13:56:08 ----A---- C:\Windows\system32\nvmoblsr.dll
2010-08-17 13:56:08 ----A---- C:\Windows\system32\nvmobls.dll
2010-08-17 13:56:08 ----A---- C:\Windows\system32\nvgamesr.dll
2010-08-17 13:56:07 ----A---- C:\Windows\system32\nvgames.dll
2010-08-17 13:56:07 ----A---- C:\Windows\system32\nvdispsr.dll
2010-08-17 13:56:07 ----A---- C:\Windows\system32\nvdisps.dll
2010-08-17 13:56:06 ----A---- C:\Windows\system32\nvcolor.exe
2010-08-17 13:56:06 ----A---- C:\Windows\system32\nvcod100.dll
2010-08-17 13:55:45 ----A---- C:\Windows\Nvidia Omega Drivers v1.169.25 Uninstall.exe
2010-08-17 13:54:54 ----D---- C:\nVidia Forceware

======List of files/folders modified in the last 1 months======

2010-09-16 19:38:16 ----D---- C:\Windows\Temp
2010-09-16 19:38:14 ----D---- C:\Program Files\trend micro
2010-09-16 19:29:05 ----D---- C:\Windows\system32\config
2010-09-16 19:15:01 ----D---- C:\Windows
2010-09-16 19:14:39 ----HD---- C:\Config.Msi
2010-09-16 19:13:09 ----D---- C:\Windows\debug
2010-09-16 19:02:48 ----RD---- C:\Program Files (x86)
2010-09-16 19:02:47 ----D---- C:\Windows\SYSWOW64\drivers
2010-09-16 19:00:08 ----SHD---- C:\System Volume Information
2010-09-16 18:59:16 ----D---- C:\Windows\system32\drivers
2010-09-16 18:58:55 ----SHD---- C:\Windows\Installer
2010-09-16 18:58:51 ----HD---- C:\ProgramData
2010-09-16 18:57:30 ----D---- C:\Program Files (x86)\CCleaner
2010-09-16 18:48:21 ----D---- C:\Windows\SysWOW64
2010-09-16 18:01:43 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-09-16 17:27:19 ----D---- C:\Windows\System32
2010-09-16 17:24:31 ----D---- C:\NVIDIA
2010-09-16 16:22:16 ----D---- C:\Users\Laydenka\AppData\Roaming\AIMP
2010-09-16 15:51:11 ----D---- C:\Program Files (x86)\Steam
2010-09-15 21:51:22 ----D---- C:\Windows\Downloaded Program Files
2010-08-28 05:30:10 ----D---- C:\Windows\system32\NDF
2010-08-28 04:49:25 ----D---- C:\Windows\system32\drivers\etc
2010-08-26 21:45:13 ----D---- C:\Windows\twain_32
2010-08-25 06:46:57 ----D---- C:\Windows\AppPatch
2010-08-22 19:21:23 ----D---- C:\Program Files (x86)\Windows Doctor
2010-08-20 20:52:11 ----D---- C:\Windows\system32\wdi
2010-08-20 20:02:14 ----RSD---- C:\Windows\assembly
2010-08-20 16:15:31 ----D---- C:\Windows\Prefetch
2010-08-20 15:40:37 ----D---- C:\Windows\winsxs
2010-08-20 15:27:32 ----D---- C:\ProgramData\Microsoft Help
2010-08-20 15:24:07 ----A---- C:\Windows\system32\MRT.exe
2010-08-20 15:23:14 ----D---- C:\Windows\system32\catroot
2010-08-20 15:19:53 ----D---- C:\Windows\system32\catroot2
2010-08-19 19:50:12 ----D---- C:\stazeno
2010-08-19 19:49:10 ----D---- C:\share Utorrent
2010-08-19 19:29:52 ----D---- C:\Users\Laydenka\AppData\Roaming\uTorrent
2010-08-19 17:11:54 ----D---- C:\Windows\inf
2010-08-19 17:11:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-08-19 16:50:04 ----D---- C:\Users\Laydenka\AppData\Roaming\ICQ
2010-08-19 16:38:51 ----D---- C:\Program Files (x86)\Common Files
2010-08-19 06:50:58 ----D---- C:\Program Files (x86)\uTorrent
2010-08-17 18:02:23 ----D---- C:\QIP Infium JadrisPack
2010-08-17 14:18:15 ----D---- C:\ProgramData\NVIDIA
2010-08-17 14:13:08 ----D---- C:\Windows\system32\DriverStore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2009-08-04 241696]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-06-19 834544]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2010-03-02 116568]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-02-16 81072]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2009-11-16 47632]
R2 NVR0FLASHDev;NVR0FLASHDev; \??\C:\Windows\nvflsh64.sys [2008-08-01 40480]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2009-06-25 67584]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimspx64.sys [2009-06-25 55296]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-05-29 2307584]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-07-28 2445672]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2009-07-14 24064]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2007-08-09 13680]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
R3 NVR0Dev;NVR0Dev; \??\C:\Windows\nvoclk64.sys [2008-08-18 40480]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-10-10 109056]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2009-10-26 1202688]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
S3 cpuz132;cpuz132; \??\C:\Users\Laydenka\AppData\Local\Temp\cpuz132\cpuz132_x64.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-04-28 61288]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2008-05-02 23552]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2008-05-02 18432]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2008-05-02 8704]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys [2008-05-02 8704]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2010-04-01 267432]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nTuneService;Performance Service; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [2008-08-18 222208]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-03-06 364064]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2010-06-26 66872]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R2 UpdateCenterService;Update Center Service; C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe [2008-08-01 158208]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-07-25 136176]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 fsssvc;Služba Windows Live Zabezpecení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-04-28 704872]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2010-06-19 395048]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-19 1255736]

-----------------EOF-----------------

Log je v pořádku.
Tím matrixem myslíš MBR?
To co popisuješ se mi zdá docela nepravděpodobné

, aby nějaký vir takto blokoval i instalaci OS

Stáhněte Bootkit Remover http://www.esagelab.com/files/bootkit_remover.rar
-uložte ho na plochu a spusťte
- pravým tlačítkem myši klikněte do černého okna, zvolte Vybrat vše, stiskněte CTRL+C a pak zde na foru CTRL+V.

Asi to bylo to MBR. On si to tam pripojil ten disk a vedel co ma hledat. Ja presne nevim ani co delal. Jsem koukala jak vyorana mys, co to provadi

A to si troufam rict, ze uz neco o pocitacich vim.
A neblokovalo to jenom instalaci windows. Po formatu blokl cely notasek, ze sel jen zapnout, ale uz neslo dal. Ani do biosu. Proste nic. Bez disku jo, s diskem ne.

A ten program bootkit haze error.

ATA_PASS_TROUGHT_DIRECT is not supported by your disk controller
SCSI_PASS_TROUGHT_DIRECT will be use for disk I/O

dam Ok na varovani a skoci to do okynka, kde mam zmacknout jakoukoliv klavesnici a ukonci se to

Co teed?

Zkus ho v nouzovém režimu

taky nic

Jeste jsem zapomnela rict, ze ten technik pri leceni toho meho HDD rikal, ze si ten vir alokuje treba ty 2GB, a pres ne tecou data (pedofilni porno atdd. LOL) . Ze mi to vlastne udela neco jako server a windows o tom nevi.

Je to naprostý nesmysl. Vir si nepotřebuje ukrajovat Gigabajty z disku. Maximálně potřebuje schovat svůj kód a na to má na disku volných nepoužívaných sektorů až až. Většinou se ale používají jiné techniky skrývání.
Těžko ale úplně skryjete něco, co potřebuje využívat funkce operačního systému, takže se vždy najde způsob, jak takovou věc odhalit. Navíc tvůrci malwaru málokdy přijdou s nějakou převratnou novinkou. Většinou se využívají stále stejné, mírně poupravené postupy.
To aby něco pracovalo bez vědomí Windows by musel být plnohodnotný operační systém a v tom případě by zase neběžely Windows

Takže jestli tam něco máte, věřte že to Motji najde.
Další věc je, že zatím nevím o rootkitu (jestli má někdo jiný poznatek, tak ať mě opraví)
který by se mohl nainstalovat bez interakce s uživatelem (do Vist nebo W7 se spuštěným UAC)
K zásahům do systému totiž tyto programy potřebují plná administrátorská práva, takže dropper, který rootkit vypouští do systému, musí mít vaše svolení ke spuštění s plnými právy. Při troše opatrnosti tomu tedy předejdete.
Podle toho co říkáte bych si typnul, že jste měla poškozený zaváděcí kód v MBR, možná i partitiční tabulku. Může to samozřejmě způsobit nějaký malware, ale podle problémů s formátováním disku to také můžou být potíže s diskem.
Stáhněte si pro jistotu CrystalDiskInfo a mrkněte se, v jakém stavu máte disk
http://www.slunecnice.cz/sw/crystaldiskinfo/

Asi bych nemela byt tolik naivni verit vsemu

Jsem si prave myslela, ze mam disk v lesiku, tak sem vzala cely ntb, ze si tam koupim novy rychlejsi a lepsi disk. Ale ten technik to vzal do sve laboratore a tam to za 5 minut opravil, pomazal a polecil, takze mi ho dal pry jako kdyby nikdy na nem nic nebylo.
Nemuze to treba delat ten disk, kdyz ma 5400 otacek? 7.2 je 7.2

Kdyz mluv o tom UAC, tak je mozny, ze jsem mu to ve slabe chvilce povolila, nebo nekdo. Ono ten notasek pouziva obcas vic lidi

Ted si nejsem jista, jestli sem nemela XP. Tam UAC neni.
V tom programu mam vysledovat co? Je tam vic udaju ktery nechapu

Radeji prilozim vypis

----------------------------------------------------------------------------
CrystalDiskInfo 3.6.0 (C) 2008-2010 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Ultimate Edition [6.1 Build 7600] (x64)
Date : 2010/09/17 16:14:26

-- Controller Map ----------------------------------------------------------
- Ricoh SD/MMC Host Controller [ATA]
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ NVIDIA nForce Serial ATA Controller [ATA]
- Hitachi HTS541616J9S SCSI Disk Device
- ATA Channel 0 (0) [ATA]
+ ATA Channel 1 (1) [ATA]
- MATSHITA DVD-RAM UJ-850S ATA Device
- Ricoh Memory Stick Controller [ATA]

-- Disk List ---------------------------------------------------------------
(1) Hitachi HTS541616J9SA00 : 160.0 GB [0-2-0, sm]

----------------------------------------------------------------------------
(1) Hitachi HTS541616J9SA00
----------------------------------------------------------------------------
Model : Hitachi HTS541616J9SA00
Firmware : SB4OC70P
Serial Number : SB2441SJC754ZE
Disk Size : 160.0 GB (8.4/137.4/160.0)
Buffer Size : 7516 KB
Queue Depth : 32
# of Sectors : 312581808
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA/ATAPI-7 T13 1532D version 1
Transfer Mode : SATA/150
Power On Hours : 3541 hod.
Power On Count : 876 krát
Temparature : 35 C (95 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 4080h [ON]
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _62 000000000000 Počet chyb čtení
02 100 100 _40 000000000000 Průchodnost disku
03 240 240 _33 000C00000001 Čas na roztočení ploten
04 100 100 __0 000000000379 Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 100 100 _40 000000000000 Čas potřebný na vyhledání
09 _92 _92 __0 000000000DD5 Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 00000000036C Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 00000000002E Počet vypnutí disku
C1 _95 _95 __0 00000000D75F Počet cyklů načítání/vymazání
C2 157 157 __0 0034000A0023 Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 253 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 5A 04 FF 3F 37 C8 10 00 00 00 00 00 3F 00 00 00
010: 00 00 00 00 20 20 20 20 20 20 42 53 34 32 31 34
020: 4A 53 37 43 34 35 45 5A 03 00 B8 3A 04 00 42 53
030: 4F 34 37 43 50 30 69 48 61 74 68 63 20 69 54 48
040: 35 53 31 34 31 36 4A 36 53 39 30 41 20 30 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 10 80
060: 00 00 00 0F 00 40 00 02 00 02 07 00 FF 3F 10 00
070: 3F 00 10 FC FB 00 10 01 FF FF FF 0F 00 00 07 00
080: 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00 00
090: 00 00 00 00 00 00 1F 00 02 07 00 00 5E 00 40 00
0A0: FC 00 1A 00 6B 74 69 7F 63 61 69 74 49 3C 63 61
0B0: 3F 20 29 00 00 00 80 40 FE FF 00 00 FE 80 00 00
0C0: 00 00 00 00 00 00 00 00 B0 9E A1 12 00 00 00 00
0D0: 00 00 00 00 00 00 48 88 00 50 A5 CC C3 25 F8 41
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40
0F0: 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 09 00 0B 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 01 40 00 00 00 80 00 00
130: 4A 34 00 00 00 00 42 42 33 42 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 80 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A5 BC

Tak zase vedle. Disk se zdá být v pořádku.
Docela by mě ještě zajímalo, který proces nejvíce vytěžuje procesor při tom zakousnutí.
Mohla byste to zjistit např. pomocí ProcessExploreru http://technet.microsoft.com/en-us/sysi ... 96653.aspx

VIRY.CZ

prosim o kontrolu- cely se to seka

Re: prosim o kontrolu- cely se to seka

Re: prosim o kontrolu- cely se to seka

Re: prosim o kontrolu- cely se to seka

Re: prosim o kontrolu- cely se to seka

Re: prosim o kontrolu- cely se to seka

Re: prosim o kontrolu- cely se to seka

Re: prosim o kontrolu- cely se to seka

Re: prosim o kontrolu- cely se to seka

Re: prosim o kontrolu- cely se to seka

Re: prosim o kontrolu- cely se to seka

Re: prosim o kontrolu- cely se to seka

Re: prosim o kontrolu- cely se to seka

Re: prosim o kontrolu- cely se to seka

Re: prosim o kontrolu- cely se to seka

Re: prosim o kontrolu- cely se to seka