VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

poprosím o kontrolu

https://forum.viry.cz:443/viewtopic.php?t=112254

Stránka 3 z 4

Re: poprosím o kontrolu

Napsal: 08 čer 2011 21:28
od fero71
vkladám log z Combofixu :

ComboFix 11-06-08.01 - Fero . 06. 2011 22:17:50.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.4095.1927 [GMT 2:00]
Running from: c:\users\Fero\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\hpe4108.dll
c:\programdata\hpeD632.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-05-08 to 2011-06-08 )))))))))))))))))))))))))))))))
.
.
2011-06-08 20:20 . 2011-06-08 20:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-08 18:34 . 2011-06-08 18:35 -------- d-----w- C:\rsit
2011-06-08 18:34 . 2011-06-08 18:35 -------- d-----w- c:\program files\trend micro
2011-06-08 14:49 . 2011-06-08 14:49 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-06-08 14:48 . 2011-06-08 14:48 -------- d-----w- c:\program files (x86)\Java
2011-06-08 14:43 . 2011-06-08 14:48 476904 ----a-w- c:\program files (x86)\Mozilla Firefox\Plugins\npdeployJava1.dll
2011-06-07 21:08 . 2011-06-07 21:08 -------- d-----w- c:\users\Fero\AppData\Roaming\Malwarebytes
2011-06-07 21:08 . 2011-05-29 07:11 39984 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-06-07 21:08 . 2011-06-07 21:08 -------- d-----w- c:\programdata\Malwarebytes
2011-06-07 21:08 . 2011-06-07 21:08 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-06-07 21:08 . 2011-05-29 07:11 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-07 18:02 . 2011-06-07 18:02 -------- d-----w- c:\users\Fero\AppData\Local\Secunia CSI
2011-06-07 17:23 . 2011-06-07 17:23 -------- d-----w- c:\program files (x86)\Common Files\Skype
2011-06-07 17:23 . 2011-06-07 17:23 -------- d-----r- c:\program files (x86)\Skype
2011-06-07 16:37 . 2011-06-07 16:40 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-06-07 16:36 . 2011-06-07 16:36 -------- d-----w- c:\users\Fero\AppData\Local\Secunia PSI
2011-06-07 16:35 . 2011-06-07 18:06 -------- d-----w- c:\program files (x86)\Secunia
2011-06-07 15:16 . 2011-05-24 17:12 8718160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7D92F8EF-92FB-4D23-A1A6-0871846C7D3B}\mpengine.dll
2011-06-06 21:48 . 2011-06-06 21:48 -------- d-----w- c:\program files (x86)\Common Files\McAfee
2011-06-06 21:48 . 2011-06-07 15:14 -------- d-----w- c:\program files (x86)\McAfee
2011-06-06 19:24 . 2011-06-06 20:25 -------- d-----w- c:\program files (x86)\TrojanHunter 4.2
2011-06-06 17:37 . 2011-05-10 12:10 253888 ----a-w- c:\windows\system32\aswBoot.exe
2011-06-06 17:36 . 2011-06-06 17:36 -------- d-----w- c:\programdata\AVAST Software
2011-06-06 17:36 . 2011-06-06 17:36 -------- d-----w- c:\program files\AVAST Software
2011-06-05 22:28 . 2011-06-08 16:19 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-06-05 22:28 . 2011-06-07 20:59 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2011-06-05 20:08 . 2011-06-05 20:11 -------- d-----w- c:\program files (x86)\trend micro
2011-06-05 19:58 . 2011-06-05 19:58 -------- d-----w- c:\programdata\McAfee Security Scan
2011-06-05 19:58 . 2011-06-05 19:58 -------- d-----w- c:\program files (x86)\McAfee Security Scan
2011-06-03 18:25 . 2011-06-03 18:25 -------- d-----w- c:\program files (x86)\PulsPlayer
2011-06-03 17:55 . 2011-06-03 17:55 -------- d-----w- c:\program files (x86)\Nexus Radio
2011-06-03 17:55 . 2011-06-03 17:55 -------- d-----w- c:\windows\SysWow64\Nexus Radio
2011-06-03 17:55 . 2011-06-03 17:55 -------- d-----w- C:\My Plugins
2011-06-03 17:55 . 2011-06-03 17:55 -------- d-----w- C:\My Saved Files
2011-06-03 17:55 . 2011-06-03 17:55 -------- d-----w- C:\My Recorded Files
2011-06-03 16:14 . 2007-04-11 13:35 414632 ------w- c:\windows\difxapi.dll
2011-06-03 16:14 . 2011-06-03 16:15 -------- d-----w- c:\program files (x86)\VIA
2011-06-03 16:13 . 2010-01-11 16:05 1290752 ----a-w- c:\windows\system32\drivers\viahduaa.sys
2011-06-03 16:13 . 2009-12-08 09:17 1012224 ----a-w- c:\windows\system32\VIAPropPageExt.dll
2011-06-03 16:13 . 2009-11-11 09:33 532480 ----a-w- c:\windows\system32\VIASysFx.dll
2011-06-03 16:13 . 2009-06-01 08:10 242176 ----a-w- c:\windows\system32\Dts2APO.dll
2011-06-03 16:13 . 2009-03-04 14:42 84992 ----a-w- c:\windows\system32\Dts2PropPageExt.dll
2011-06-03 16:13 . 2009-01-19 19:32 76288 ----a-w- c:\windows\system32\ViaMicArrayPropPageExt.dll
2011-06-03 16:13 . 2009-01-19 19:32 193024 ----a-w- c:\windows\system32\ViaMicArrayAPO.dll
2011-06-03 16:13 . 2007-12-04 09:28 86016 ----a-w- c:\windows\system32\nQPropPageExt.dll
2011-06-03 16:13 . 2007-12-04 09:28 82432 ----a-w- c:\windows\system32\nQAPO.dll
2011-06-03 15:19 . 2011-06-03 15:19 -------- d-----w- C:\PCShareManagerUpload
2011-06-03 14:47 . 2011-02-23 14:50 18232 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2011-06-03 14:47 . 2011-02-23 14:50 32136 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2011-05-25 16:59 . 2011-05-25 17:00 -------- d--h--w- c:\program files (x86)\Temp
2011-05-25 16:59 . 2011-02-25 17:37 1284712 ----a-w- c:\windows\RtlExUpd.dll
2011-05-25 16:59 . 2006-02-07 13:44 65024 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe
2011-05-25 16:59 . 2006-02-07 13:40 204800 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll
2011-05-25 16:59 . 2006-02-07 13:40 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll
2011-05-25 16:59 . 2006-02-07 13:40 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll
2011-05-25 16:59 . 2006-02-07 13:45 757760 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll
2011-05-25 16:59 . 2005-11-13 21:19 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2011-05-25 16:59 . 2011-05-25 16:59 331908 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll
2011-05-25 16:59 . 2011-05-25 16:59 200836 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll
2011-05-25 15:33 . 2011-05-25 15:33 -------- d-----w- c:\users\Fero\AppData\Local\VS Revo Group
2011-05-25 15:32 . 2009-12-30 09:21 31800 ----a-w- c:\windows\system32\drivers\revoflt.sys
2011-05-25 15:32 . 2011-05-25 15:32 -------- d-----w- c:\program files\VS Revo Group
2011-05-24 19:31 . 2003-06-12 21:25 7062 ----a-w- c:\windows\SysWow64\audiopid.vxd
2011-05-24 18:19 . 2011-04-22 22:15 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-05-22 10:21 . 2011-05-22 10:21 -------- d-----w- c:\programdata\ATI
2011-05-22 10:21 . 2011-05-22 10:21 -------- d-----w- c:\program files (x86)\AMD APP
2011-05-22 10:21 . 2011-05-22 10:21 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2011-05-22 10:20 . 2011-05-22 10:20 -------- d-----w- c:\program files (x86)\ATI Technologies
2011-05-21 21:40 . 2011-06-08 18:19 -------- d-----w- c:\program files (x86)\HTC Home
2011-05-21 20:34 . 2011-05-21 20:34 -------- d-----w- c:\users\Fero\AppData\Local\Stealth_Software
2011-05-21 20:32 . 2011-05-21 20:32 -------- d-----w- c:\users\Fero\AppData\Roaming\Stealth Software
2011-05-21 20:11 . 2011-06-07 16:57 -------- d-----w- c:\users\Fero\AppData\Roaming\vlc
2011-05-20 19:57 . 2011-05-20 19:57 -------- d-----w- c:\users\Fero\AppData\Roaming\Gmail Notifier Plus
2011-05-16 19:28 . 2011-06-07 17:24 -------- d-----w- c:\programdata\Skype Extras
2011-05-12 15:04 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-05-12 15:04 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2011-05-12 14:50 . 2011-04-09 07:02 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-12 14:49 . 2011-04-09 06:02 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-05-12 14:49 . 2011-04-09 06:02 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-05-12 14:49 . 2011-03-25 03:29 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-12 14:49 . 2011-03-25 03:29 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-12 14:49 . 2011-03-25 03:29 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-12 14:49 . 2011-03-25 03:29 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-12 14:49 . 2011-03-25 03:29 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-05-12 14:49 . 2011-03-25 03:28 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-08 14:48 . 2010-12-25 20:53 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-05-24 17:14 . 2010-12-12 19:17 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-05-04 23:28 . 2011-05-04 23:28 59904 ----a-w- c:\windows\SysWow64\OVDecode.dll
2011-05-04 23:27 . 2011-05-04 23:27 51712 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-05-04 23:27 . 2011-05-04 23:27 12385280 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-04-26 05:58 . 2011-04-26 05:58 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2011-04-20 02:44 . 2011-04-20 02:44 9319936 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-04-20 02:30 . 2011-04-20 02:30 22900736 ----a-w- c:\windows\system32\atio6axx.dll
2011-04-20 02:09 . 2011-04-20 02:09 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-04-20 02:09 . 2011-04-20 02:09 676864 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-04-20 02:07 . 2011-02-19 19:59 795648 ----a-w- c:\windows\system32\aticfx64.dll
2011-04-20 02:07 . 2011-04-20 02:07 17693184 ----a-w- c:\windows\SysWow64\atioglxx.dll
2011-04-20 02:05 . 2011-04-20 02:05 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-04-20 02:04 . 2011-04-20 02:04 480256 ----a-w- c:\windows\system32\atieclxx.exe
2011-04-20 02:04 . 2011-04-20 02:04 203776 ----a-w- c:\windows\system32\atiesrxx.exe
2011-04-20 02:03 . 2011-04-20 02:03 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-04-20 02:02 . 2011-04-20 02:02 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-04-20 02:02 . 2011-04-20 02:02 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-04-20 02:02 . 2011-04-20 02:02 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-04-20 02:02 . 2011-04-20 02:02 16384 ----a-w- c:\windows\system32\atimuixx.dll
2011-04-20 02:02 . 2011-04-20 02:02 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-04-20 02:02 . 2011-04-20 02:02 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2011-04-20 01:59 . 2011-04-20 01:59 4161536 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-04-20 01:49 . 2011-02-19 19:59 4951552 ----a-w- c:\windows\system32\atidxx64.dll
2011-04-20 01:46 . 2011-04-20 01:46 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-04-20 01:46 . 2011-04-20 01:46 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2011-04-20 01:46 . 2011-04-20 01:46 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-04-20 01:46 . 2011-04-20 01:46 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2011-04-20 01:45 . 2011-04-20 01:45 7768064 ----a-w- c:\windows\system32\aticaldd64.dll
2011-04-20 01:42 . 2011-04-20 01:42 6389760 ----a-w- c:\windows\SysWow64\aticaldd.dll
2011-04-20 01:40 . 2011-04-20 01:40 1222656 ----a-w- c:\windows\system32\atiumd6v.dll
2011-04-20 01:40 . 2011-04-20 01:40 1923584 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2011-04-20 01:40 . 2011-02-19 19:59 3868672 ----a-w- c:\windows\system32\atiumd6a.dll
2011-04-20 01:38 . 2011-04-20 01:38 4286464 ----a-w- c:\windows\SysWow64\atiumdag.dll
2011-04-20 01:31 . 2011-02-19 19:59 5440000 ----a-w- c:\windows\system32\atiumd64.dll
2011-04-20 01:30 . 2011-04-20 01:30 4056576 ----a-w- c:\windows\SysWow64\atiumdva.dll
2011-04-20 01:27 . 2011-02-19 19:59 58880 ----a-w- c:\windows\system32\coinst.dll
2011-04-20 01:23 . 2011-04-20 01:23 366080 ----a-w- c:\windows\system32\atiadlxx.dll
2011-04-20 01:23 . 2011-04-20 01:23 262144 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2011-04-20 01:22 . 2011-04-20 01:22 14848 ----a-w- c:\windows\system32\atig6pxx.dll
2011-04-20 01:22 . 2011-04-20 01:22 12800 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2011-04-20 01:22 . 2011-04-20 01:22 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2011-04-20 01:22 . 2011-04-20 01:22 39936 ----a-w- c:\windows\system32\atig6txx.dll
2011-04-20 01:22 . 2011-04-20 01:22 32768 ----a-w- c:\windows\SysWow64\atigktxx.dll
2011-04-20 01:22 . 2011-04-20 01:22 306176 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-04-20 01:21 . 2011-02-19 19:59 40960 ----a-w- c:\windows\system32\atiuxp64.dll
2011-04-20 01:21 . 2011-04-20 01:21 31232 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-04-20 01:21 . 2011-02-19 19:59 38912 ----a-w- c:\windows\system32\atiu9p64.dll
2011-04-20 01:21 . 2011-04-20 01:21 29184 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2011-04-20 01:20 . 2011-04-20 01:20 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-04-20 01:13 . 2011-04-20 01:13 53760 ----a-w- c:\windows\system32\atimpc64.dll
2011-04-20 01:13 . 2011-04-20 01:13 53760 ----a-w- c:\windows\system32\amdpcom64.dll
2011-04-20 01:13 . 2011-04-20 01:13 52736 ----a-w- c:\windows\SysWow64\atimpc32.dll
2011-04-20 01:13 . 2011-04-20 01:13 52736 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2011-04-19 20:10 . 2011-04-19 20:10 61952 ----a-w- c:\windows\system32\OVDecode64.dll
2011-04-19 20:10 . 2011-04-19 20:10 53760 ----a-w- c:\windows\system32\OpenCL.dll
2011-04-19 20:10 . 2011-04-19 20:10 16116224 ----a-w- c:\windows\system32\amdocl64.dll
2011-04-12 20:07 . 2011-04-12 20:07 30208 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-04-12 20:07 . 2011-04-12 20:07 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2011-04-12 20:07 . 2011-04-12 20:07 183296 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-04-12 20:04 . 2011-04-12 20:04 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-04-12 20:04 . 2011-04-12 20:04 367616 ----a-w- c:\windows\system32\atmfd.dll
2011-04-12 20:04 . 2011-04-12 20:04 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-04-12 20:04 . 2011-04-12 20:04 294912 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-04-12 20:04 . 2011-04-12 20:04 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-12 20:04 . 2011-04-12 20:04 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-04-12 20:04 . 2011-04-12 20:04 267776 ----a-w- c:\windows\system32\FXSCOVER.exe
2011-04-12 20:04 . 2011-04-12 20:04 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-04-12 20:04 . 2011-04-12 20:04 287744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-12 20:04 . 2011-04-12 20:04 158208 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-12 20:04 . 2011-04-12 20:04 128000 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-12 20:04 . 2011-04-12 20:04 3135488 ----a-w- c:\windows\system32\win32k.sys
2011-04-12 20:03 . 2011-04-12 20:03 1395712 ----a-w- c:\windows\system32\mfc42.dll
2011-04-12 20:03 . 2011-04-12 20:03 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2011-04-12 20:03 . 2011-04-12 20:03 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-04-12 20:03 . 2011-04-12 20:03 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-04-12 20:03 . 2011-04-12 20:03 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-12 20:03 . 2011-04-12 20:03 411648 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-12 20:03 . 2011-04-12 20:03 167936 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-12 20:03 . 2011-04-12 20:03 642944 ----a-w- c:\windows\system32\winload.efi
2011-04-12 20:03 . 2011-04-12 20:03 605552 ----a-w- c:\windows\system32\winload.exe
2011-04-12 20:03 . 2011-04-12 20:03 566208 ----a-w- c:\windows\system32\winresume.efi
2011-04-12 20:03 . 2011-04-12 20:03 518672 ----a-w- c:\windows\system32\winresume.exe
2011-04-12 20:03 . 2011-04-12 20:03 20352 ----a-w- c:\windows\system32\kdusb.dll
2011-04-12 20:03 . 2011-04-12 20:03 19328 ----a-w- c:\windows\system32\kd1394.dll
2011-04-12 20:03 . 2011-04-12 20:03 17792 ----a-w- c:\windows\system32\kdcom.dll
2011-04-12 20:02 . 2011-04-12 20:02 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-04-12 20:02 . 2011-04-12 20:02 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-04-05 19:45 . 2011-04-05 19:45 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-04-05 19:45 . 2011-04-05 19:45 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-04-05 19:45 . 2011-04-05 19:45 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-04-05 19:45 . 2011-04-05 19:45 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-04-05 19:45 . 2011-04-05 19:45 1797632 ----a-w- c:\windows\SysWow64\jscript9.dll
2011-04-05 19:45 . 2011-04-05 19:45 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-04-05 19:45 . 2011-04-05 19:45 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-04-05 19:45 . 2011-04-05 19:45 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-04-05 19:45 . 2011-04-05 19:45 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-04-05 19:45 . 2011-04-05 19:45 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-04-05 19:45 . 2011-04-05 19:45 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-04-05 19:45 . 2011-04-05 19:45 367104 ----a-w- c:\windows\SysWow64\html.iec
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech SetPoint Event Manager (UNICODE)"="c:\program files\Logitech\SetPoint\SetPoint.exe" [2009-07-20 1207312]
"Clock Widget (HTC Home)"="c:\program files (x86)\HTC Home\Clock.exe" [2011-06-02 2032128]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-09-25 106496]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-05-29 449584]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2011-4-19 291896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"Live Update 5"=c:\program files (x86)\MSI\Live Update 5\LU5.exe /reminder
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
.
R0 fdargq;fdargq;c:\windows\system32\drivers\thkpyfhv.sys [x]
R0 qfedlzha;qfedlzha;c:\windows\system32\drivers\xikmuo.sys [x]
R1 EIO64;EIO Driver;c:\windows\system32\DRIVERS\EIO64.sys [x]
R2 AllShare;SAMSUNG AllShare Service;c:\program files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2010-07-16 6638080]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-19 136176]
R3 ALSysIO;ALSysIO;c:\users\Fero\AppData\Local\Temp\ALSysIO64.sys [x]
R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [x]
R3 esihdrv;esihdrv;c:\users\Fero\AppData\Local\Temp\esihdrv.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-19 136176]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.199\McCHSvc.exe [2011-02-23 237008]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 51445112]
R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys [2010-05-10 33592]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [2010-10-22 14136]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [x]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [x]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [x]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [x]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [x]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [x]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [x]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [x]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [x]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [x]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [x]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [x]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [x]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [2010-07-01 136616]
R4 OMSI download service;Sony Ericsson OMSI download service;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R4 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2011-03-09 92592]
S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [2011-05-28 353168]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-04-19 365568]
S2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x64.sys [x]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-01-12 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-05-29 366640]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [2011-02-16 101048]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2011-04-19 993848]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2011-04-19 399416]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [2011-02-17 27296]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [x]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-06-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-19 17:21]
.
2011-06-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-19 17:21]
.
2011-06-08 c:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job
- c:\program files (x86)\Spybot - Search & Destroy\SpybotSD.exe [2011-06-07 13:31]
.
2011-06-08 c:\windows\Tasks\Spybot - Search & Destroy Updater - Scheduled Task.job
- c:\program files (x86)\Spybot - Search & Destroy\SDUpdate.exe [2011-06-07 13:31]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 2918656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Fero\AppData\Roaming\Mozilla\Firefox\Profiles\mb1woa1s.default\
FF - prefs.js: browser.search.selectedEngine - Zabezpečené vyhľadávanie
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
FF - prefs.js: network.proxy.type - 4
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 600000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AIDA64Driver]
"ImagePath"="\??\c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:d7,1d,68,21,b9,18,cc,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c9,57,42,6e,c5,80,13,41,a2,b0,d4,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c9,57,42,6e,c5,80,13,41,a2,b0,d4,\
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10s_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10s_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0014\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0015\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0016\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0018\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-06-08 22:22:23
ComboFix-quarantined-files.txt 2011-06-08 20:22
.
Pre-Run: 205 172 125 696 bytes free
Post-Run: 204 793 163 776 bytes free
.
- - End Of File - - FB761DBB5BF5D9D9FFE33C8B24A33042

Re: poprosím o kontrolu

Napsal: 08 čer 2011 21:48
od chodnik74
:arrow: Otevřeme si Poznámkový blok Obrázek
  • (stiskneme klávesovou kombinaci WIN+R a napíšeme ,,notepad,, bez úvozovek a dáme enter)
  • Vložíme do něj následující script:

    Kód: Vybrat vše

    
KillAll::

RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\00009\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0014\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0015\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0016\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0017\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0018\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

Driver::
fdargq
qfedlzha

File::
c:\windows\system32\drivers\thkpyfhv.sys
c:\windows\system32\drivers\xikmuo.sys

Registry::
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"=-
"StartCCC"=-
"Live Update 5"=-
"Adobe Reader Speed Launcher"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes' Anti-Malware"=-

Reboot::
  • Soubor uložíme na Plochu jako CFScript.txt
  • Poté tento soubor uchopíme levým tlačítkem myši a přetáhneme na ikonu Combofixu a upustíme

    Obrázek
  • Poté Combofix provede všechny operace a udělá nový log,který sem vložte

Re: poprosím o kontrolu

Napsal: 08 čer 2011 22:06
od fero71
vkladám další log:

ComboFix 11-06-08.01 - Fero . 06. 2011 22:56:31.3.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.4095.2534 [GMT 2:00]
Running from: c:\users\Fero\Desktop\ComboFix.exe
Command switches used :: c:\users\Fero\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\drivers\thkpyfhv.sys"
"c:\windows\system32\drivers\xikmuo.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_fdargq
-------\Service_qfedlzha
.
.
((((((((((((((((((((((((( Files Created from 2011-05-08 to 2011-06-08 )))))))))))))))))))))))))))))))
.
.
2011-06-08 18:34 . 2011-06-08 18:35 -------- d-----w- C:\rsit
2011-06-08 18:34 . 2011-06-08 18:35 -------- d-----w- c:\program files\trend micro
2011-06-08 14:49 . 2011-06-08 14:49 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-06-08 14:48 . 2011-06-08 14:48 -------- d-----w- c:\program files (x86)\Java
2011-06-08 14:43 . 2011-06-08 14:48 476904 ----a-w- c:\program files (x86)\Mozilla Firefox\Plugins\npdeployJava1.dll
2011-06-07 21:08 . 2011-06-07 21:08 -------- d-----w- c:\users\Fero\AppData\Roaming\Malwarebytes
2011-06-07 21:08 . 2011-05-29 07:11 39984 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-06-07 21:08 . 2011-06-07 21:08 -------- d-----w- c:\programdata\Malwarebytes
2011-06-07 21:08 . 2011-06-07 21:08 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-06-07 21:08 . 2011-05-29 07:11 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-07 18:02 . 2011-06-07 18:02 -------- d-----w- c:\users\Fero\AppData\Local\Secunia CSI
2011-06-07 17:23 . 2011-06-07 17:23 -------- d-----w- c:\program files (x86)\Common Files\Skype
2011-06-07 17:23 . 2011-06-07 17:23 -------- d-----r- c:\program files (x86)\Skype
2011-06-07 16:37 . 2011-06-07 16:40 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-06-07 16:36 . 2011-06-07 16:36 -------- d-----w- c:\users\Fero\AppData\Local\Secunia PSI
2011-06-07 16:35 . 2011-06-07 18:06 -------- d-----w- c:\program files (x86)\Secunia
2011-06-07 15:16 . 2011-05-24 17:12 8718160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7D92F8EF-92FB-4D23-A1A6-0871846C7D3B}\mpengine.dll
2011-06-06 21:48 . 2011-06-06 21:48 -------- d-----w- c:\program files (x86)\Common Files\McAfee
2011-06-06 21:48 . 2011-06-07 15:14 -------- d-----w- c:\program files (x86)\McAfee
2011-06-06 19:24 . 2011-06-06 20:25 -------- d-----w- c:\program files (x86)\TrojanHunter 4.2
2011-06-06 17:37 . 2011-05-10 12:10 253888 ----a-w- c:\windows\system32\aswBoot.exe
2011-06-06 17:36 . 2011-06-06 17:36 -------- d-----w- c:\programdata\AVAST Software
2011-06-06 17:36 . 2011-06-06 17:36 -------- d-----w- c:\program files\AVAST Software
2011-06-05 22:28 . 2011-06-08 16:19 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-06-05 22:28 . 2011-06-07 20:59 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2011-06-05 20:08 . 2011-06-05 20:11 -------- d-----w- c:\program files (x86)\trend micro
2011-06-05 19:58 . 2011-06-05 19:58 -------- d-----w- c:\programdata\McAfee Security Scan
2011-06-05 19:58 . 2011-06-05 19:58 -------- d-----w- c:\program files (x86)\McAfee Security Scan
2011-06-03 18:25 . 2011-06-03 18:25 -------- d-----w- c:\program files (x86)\PulsPlayer
2011-06-03 17:55 . 2011-06-03 17:55 -------- d-----w- c:\program files (x86)\Nexus Radio
2011-06-03 17:55 . 2011-06-03 17:55 -------- d-----w- c:\windows\SysWow64\Nexus Radio
2011-06-03 17:55 . 2011-06-03 17:55 -------- d-----w- C:\My Plugins
2011-06-03 17:55 . 2011-06-03 17:55 -------- d-----w- C:\My Saved Files
2011-06-03 17:55 . 2011-06-03 17:55 -------- d-----w- C:\My Recorded Files
2011-06-03 16:14 . 2007-04-11 13:35 414632 ------w- c:\windows\difxapi.dll
2011-06-03 16:14 . 2011-06-03 16:15 -------- d-----w- c:\program files (x86)\VIA
2011-06-03 16:13 . 2010-01-11 16:05 1290752 ----a-w- c:\windows\system32\drivers\viahduaa.sys
2011-06-03 16:13 . 2009-12-08 09:17 1012224 ----a-w- c:\windows\system32\VIAPropPageExt.dll
2011-06-03 16:13 . 2009-11-11 09:33 532480 ----a-w- c:\windows\system32\VIASysFx.dll
2011-06-03 16:13 . 2009-06-01 08:10 242176 ----a-w- c:\windows\system32\Dts2APO.dll
2011-06-03 16:13 . 2009-03-04 14:42 84992 ----a-w- c:\windows\system32\Dts2PropPageExt.dll
2011-06-03 16:13 . 2009-01-19 19:32 76288 ----a-w- c:\windows\system32\ViaMicArrayPropPageExt.dll
2011-06-03 16:13 . 2009-01-19 19:32 193024 ----a-w- c:\windows\system32\ViaMicArrayAPO.dll
2011-06-03 16:13 . 2007-12-04 09:28 86016 ----a-w- c:\windows\system32\nQPropPageExt.dll
2011-06-03 16:13 . 2007-12-04 09:28 82432 ----a-w- c:\windows\system32\nQAPO.dll
2011-06-03 15:19 . 2011-06-03 15:19 -------- d-----w- C:\PCShareManagerUpload
2011-06-03 14:47 . 2011-02-23 14:50 18232 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2011-06-03 14:47 . 2011-02-23 14:50 32136 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2011-05-25 16:59 . 2011-05-25 17:00 -------- d--h--w- c:\program files (x86)\Temp
2011-05-25 16:59 . 2011-02-25 17:37 1284712 ----a-w- c:\windows\RtlExUpd.dll
2011-05-25 16:59 . 2006-02-07 13:44 65024 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe
2011-05-25 16:59 . 2006-02-07 13:40 204800 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll
2011-05-25 16:59 . 2006-02-07 13:40 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll
2011-05-25 16:59 . 2006-02-07 13:40 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll
2011-05-25 16:59 . 2006-02-07 13:45 757760 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll
2011-05-25 16:59 . 2005-11-13 21:19 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2011-05-25 16:59 . 2011-05-25 16:59 331908 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll
2011-05-25 16:59 . 2011-05-25 16:59 200836 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll
2011-05-25 15:33 . 2011-05-25 15:33 -------- d-----w- c:\users\Fero\AppData\Local\VS Revo Group
2011-05-25 15:32 . 2009-12-30 09:21 31800 ----a-w- c:\windows\system32\drivers\revoflt.sys
2011-05-25 15:32 . 2011-05-25 15:32 -------- d-----w- c:\program files\VS Revo Group
2011-05-24 19:31 . 2003-06-12 21:25 7062 ----a-w- c:\windows\SysWow64\audiopid.vxd
2011-05-24 18:19 . 2011-04-22 22:15 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-05-22 10:21 . 2011-05-22 10:21 -------- d-----w- c:\programdata\ATI
2011-05-22 10:21 . 2011-05-22 10:21 -------- d-----w- c:\program files (x86)\AMD APP
2011-05-22 10:21 . 2011-05-22 10:21 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2011-05-22 10:20 . 2011-05-22 10:20 -------- d-----w- c:\program files (x86)\ATI Technologies
2011-05-21 21:40 . 2011-06-08 21:01 -------- d-----w- c:\program files (x86)\HTC Home
2011-05-21 20:34 . 2011-05-21 20:34 -------- d-----w- c:\users\Fero\AppData\Local\Stealth_Software
2011-05-21 20:32 . 2011-05-21 20:32 -------- d-----w- c:\users\Fero\AppData\Roaming\Stealth Software
2011-05-21 20:11 . 2011-06-07 16:57 -------- d-----w- c:\users\Fero\AppData\Roaming\vlc
2011-05-20 19:57 . 2011-05-20 19:57 -------- d-----w- c:\users\Fero\AppData\Roaming\Gmail Notifier Plus
2011-05-16 19:28 . 2011-06-07 17:24 -------- d-----w- c:\programdata\Skype Extras
2011-05-12 15:04 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-05-12 15:04 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2011-05-12 14:50 . 2011-04-09 07:02 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-12 14:49 . 2011-04-09 06:02 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-05-12 14:49 . 2011-04-09 06:02 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-05-12 14:49 . 2011-03-25 03:29 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-12 14:49 . 2011-03-25 03:29 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-12 14:49 . 2011-03-25 03:29 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-12 14:49 . 2011-03-25 03:29 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-12 14:49 . 2011-03-25 03:29 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-05-12 14:49 . 2011-03-25 03:28 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-08 14:48 . 2010-12-25 20:53 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-05-24 17:14 . 2010-12-12 19:17 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-05-04 23:28 . 2011-05-04 23:28 59904 ----a-w- c:\windows\SysWow64\OVDecode.dll
2011-05-04 23:27 . 2011-05-04 23:27 51712 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-05-04 23:27 . 2011-05-04 23:27 12385280 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-04-26 05:58 . 2011-04-26 05:58 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2011-04-20 02:44 . 2011-04-20 02:44 9319936 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-04-20 02:30 . 2011-04-20 02:30 22900736 ----a-w- c:\windows\system32\atio6axx.dll
2011-04-20 02:09 . 2011-04-20 02:09 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-04-20 02:09 . 2011-04-20 02:09 676864 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-04-20 02:07 . 2011-02-19 19:59 795648 ----a-w- c:\windows\system32\aticfx64.dll
2011-04-20 02:07 . 2011-04-20 02:07 17693184 ----a-w- c:\windows\SysWow64\atioglxx.dll
2011-04-20 02:05 . 2011-04-20 02:05 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-04-20 02:04 . 2011-04-20 02:04 480256 ----a-w- c:\windows\system32\atieclxx.exe
2011-04-20 02:04 . 2011-04-20 02:04 203776 ----a-w- c:\windows\system32\atiesrxx.exe
2011-04-20 02:03 . 2011-04-20 02:03 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-04-20 02:02 . 2011-04-20 02:02 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-04-20 02:02 . 2011-04-20 02:02 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-04-20 02:02 . 2011-04-20 02:02 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-04-20 02:02 . 2011-04-20 02:02 16384 ----a-w- c:\windows\system32\atimuixx.dll
2011-04-20 02:02 . 2011-04-20 02:02 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-04-20 02:02 . 2011-04-20 02:02 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2011-04-20 01:59 . 2011-04-20 01:59 4161536 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-04-20 01:49 . 2011-02-19 19:59 4951552 ----a-w- c:\windows\system32\atidxx64.dll
2011-04-20 01:46 . 2011-04-20 01:46 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-04-20 01:46 . 2011-04-20 01:46 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2011-04-20 01:46 . 2011-04-20 01:46 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-04-20 01:46 . 2011-04-20 01:46 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2011-04-20 01:45 . 2011-04-20 01:45 7768064 ----a-w- c:\windows\system32\aticaldd64.dll
2011-04-20 01:42 . 2011-04-20 01:42 6389760 ----a-w- c:\windows\SysWow64\aticaldd.dll
2011-04-20 01:40 . 2011-04-20 01:40 1222656 ----a-w- c:\windows\system32\atiumd6v.dll
2011-04-20 01:40 . 2011-04-20 01:40 1923584 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2011-04-20 01:40 . 2011-02-19 19:59 3868672 ----a-w- c:\windows\system32\atiumd6a.dll
2011-04-20 01:38 . 2011-04-20 01:38 4286464 ----a-w- c:\windows\SysWow64\atiumdag.dll
2011-04-20 01:31 . 2011-02-19 19:59 5440000 ----a-w- c:\windows\system32\atiumd64.dll
2011-04-20 01:30 . 2011-04-20 01:30 4056576 ----a-w- c:\windows\SysWow64\atiumdva.dll
2011-04-20 01:27 . 2011-02-19 19:59 58880 ----a-w- c:\windows\system32\coinst.dll
2011-04-20 01:23 . 2011-04-20 01:23 366080 ----a-w- c:\windows\system32\atiadlxx.dll
2011-04-20 01:23 . 2011-04-20 01:23 262144 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2011-04-20 01:22 . 2011-04-20 01:22 14848 ----a-w- c:\windows\system32\atig6pxx.dll
2011-04-20 01:22 . 2011-04-20 01:22 12800 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2011-04-20 01:22 . 2011-04-20 01:22 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2011-04-20 01:22 . 2011-04-20 01:22 39936 ----a-w- c:\windows\system32\atig6txx.dll
2011-04-20 01:22 . 2011-04-20 01:22 32768 ----a-w- c:\windows\SysWow64\atigktxx.dll
2011-04-20 01:22 . 2011-04-20 01:22 306176 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-04-20 01:21 . 2011-02-19 19:59 40960 ----a-w- c:\windows\system32\atiuxp64.dll
2011-04-20 01:21 . 2011-04-20 01:21 31232 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-04-20 01:21 . 2011-02-19 19:59 38912 ----a-w- c:\windows\system32\atiu9p64.dll
2011-04-20 01:21 . 2011-04-20 01:21 29184 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2011-04-20 01:20 . 2011-04-20 01:20 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-04-20 01:13 . 2011-04-20 01:13 53760 ----a-w- c:\windows\system32\atimpc64.dll
2011-04-20 01:13 . 2011-04-20 01:13 53760 ----a-w- c:\windows\system32\amdpcom64.dll
2011-04-20 01:13 . 2011-04-20 01:13 52736 ----a-w- c:\windows\SysWow64\atimpc32.dll
2011-04-20 01:13 . 2011-04-20 01:13 52736 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2011-04-19 20:10 . 2011-04-19 20:10 61952 ----a-w- c:\windows\system32\OVDecode64.dll
2011-04-19 20:10 . 2011-04-19 20:10 53760 ----a-w- c:\windows\system32\OpenCL.dll
2011-04-19 20:10 . 2011-04-19 20:10 16116224 ----a-w- c:\windows\system32\amdocl64.dll
2011-04-12 20:07 . 2011-04-12 20:07 30208 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-04-12 20:07 . 2011-04-12 20:07 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2011-04-12 20:07 . 2011-04-12 20:07 183296 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-04-12 20:04 . 2011-04-12 20:04 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-04-12 20:04 . 2011-04-12 20:04 367616 ----a-w- c:\windows\system32\atmfd.dll
2011-04-12 20:04 . 2011-04-12 20:04 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-04-12 20:04 . 2011-04-12 20:04 294912 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-04-12 20:04 . 2011-04-12 20:04 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-12 20:04 . 2011-04-12 20:04 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-04-12 20:04 . 2011-04-12 20:04 267776 ----a-w- c:\windows\system32\FXSCOVER.exe
2011-04-12 20:04 . 2011-04-12 20:04 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-04-12 20:04 . 2011-04-12 20:04 287744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-12 20:04 . 2011-04-12 20:04 158208 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-12 20:04 . 2011-04-12 20:04 128000 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-12 20:04 . 2011-04-12 20:04 3135488 ----a-w- c:\windows\system32\win32k.sys
2011-04-12 20:03 . 2011-04-12 20:03 1395712 ----a-w- c:\windows\system32\mfc42.dll
2011-04-12 20:03 . 2011-04-12 20:03 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2011-04-12 20:03 . 2011-04-12 20:03 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-04-12 20:03 . 2011-04-12 20:03 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-04-12 20:03 . 2011-04-12 20:03 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-12 20:03 . 2011-04-12 20:03 411648 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-12 20:03 . 2011-04-12 20:03 167936 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-12 20:03 . 2011-04-12 20:03 642944 ----a-w- c:\windows\system32\winload.efi
2011-04-12 20:03 . 2011-04-12 20:03 605552 ----a-w- c:\windows\system32\winload.exe
2011-04-12 20:03 . 2011-04-12 20:03 566208 ----a-w- c:\windows\system32\winresume.efi
2011-04-12 20:03 . 2011-04-12 20:03 518672 ----a-w- c:\windows\system32\winresume.exe
2011-04-12 20:03 . 2011-04-12 20:03 20352 ----a-w- c:\windows\system32\kdusb.dll
2011-04-12 20:03 . 2011-04-12 20:03 19328 ----a-w- c:\windows\system32\kd1394.dll
2011-04-12 20:03 . 2011-04-12 20:03 17792 ----a-w- c:\windows\system32\kdcom.dll
2011-04-12 20:02 . 2011-04-12 20:02 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-04-12 20:02 . 2011-04-12 20:02 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-04-05 19:45 . 2011-04-05 19:45 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-04-05 19:45 . 2011-04-05 19:45 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-04-05 19:45 . 2011-04-05 19:45 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-04-05 19:45 . 2011-04-05 19:45 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-04-05 19:45 . 2011-04-05 19:45 1797632 ----a-w- c:\windows\SysWow64\jscript9.dll
2011-04-05 19:45 . 2011-04-05 19:45 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-04-05 19:45 . 2011-04-05 19:45 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-04-05 19:45 . 2011-04-05 19:45 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-04-05 19:45 . 2011-04-05 19:45 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-04-05 19:45 . 2011-04-05 19:45 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-04-05 19:45 . 2011-04-05 19:45 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-04-05 19:45 . 2011-04-05 19:45 367104 ----a-w- c:\windows\SysWow64\html.iec
.
.
((((((((((((((((((((((((((((( SnapShot@2011-06-08_20.20.56 )))))))))))))))))))))))))))))))))))))))))
.
- 2011-05-31 20:20 . 2011-06-08 18:19 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2011-05-31 20:20 . 2011-06-08 21:00 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 04:54 . 2011-06-08 18:19 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-06-08 21:00 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-06-08 21:00 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-06-08 18:19 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-06-08 21:00 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-06-08 18:19 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-12 19:01 . 2011-06-08 20:26 57780 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2011-06-08 18:21 47646 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-06-08 20:26 47646 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2010-12-12 18:44 . 2011-06-08 18:21 12426 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2246895130-20985891-140968521-1001_UserData.bin
+ 2010-12-12 18:44 . 2011-06-08 20:26 12426 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2246895130-20985891-140968521-1001_UserData.bin
- 2011-06-08 18:19 . 2011-06-08 18:19 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-06-08 21:00 . 2011-06-08 21:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:01 . 2011-06-08 18:18 382576 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-06-08 20:59 382576 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-02-19 16:26 . 2011-06-08 20:23 3751964 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2246895130-20985891-140968521-1001-12288.dat
- 2011-02-19 16:26 . 2011-06-08 18:18 3751964 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2246895130-20985891-140968521-1001-12288.dat
+ 2011-01-16 15:41 . 2011-06-08 20:59 14392717 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2246895130-20985891-140968521-1001-8192.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech SetPoint Event Manager (UNICODE)"="c:\program files\Logitech\SetPoint\SetPoint.exe" [2009-07-20 1207312]
"Clock Widget (HTC Home)"="c:\program files (x86)\HTC Home\Clock.exe" [2011-06-02 2032128]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-09-25 106496]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2011-4-19 291896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R1 EIO64;EIO Driver;c:\windows\system32\DRIVERS\EIO64.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-19 136176]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-05-29 366640]
R3 ALSysIO;ALSysIO;c:\users\Fero\AppData\Local\Temp\ALSysIO64.sys [x]
R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [x]
R3 esihdrv;esihdrv;c:\users\Fero\AppData\Local\Temp\esihdrv.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-19 136176]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.199\McCHSvc.exe [2011-02-23 237008]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 51445112]
R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files (x86)\MSI\Live Update 5\msibios64_100507.sys [2010-05-10 33592]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [2010-10-22 14136]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [x]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [x]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [x]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [x]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [x]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [x]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [x]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [x]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [x]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [x]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [x]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [x]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [x]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [2010-07-01 136616]
R4 OMSI download service;Sony Ericsson OMSI download service;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R4 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2011-03-09 92592]
S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [2011-05-28 353168]
S2 AllShare;SAMSUNG AllShare Service;c:\program files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2010-07-16 6638080]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-04-19 365568]
S2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x64.sys [x]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-01-12 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [2011-02-16 101048]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2011-04-19 993848]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2011-04-19 399416]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [2011-02-17 27296]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [x]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-06-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-19 17:21]
.
2011-06-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-19 17:21]
.
2011-06-08 c:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job
- c:\program files (x86)\Spybot - Search & Destroy\SpybotSD.exe [2011-06-07 13:31]
.
2011-06-08 c:\windows\Tasks\Spybot - Search & Destroy Updater - Scheduled Task.job
- c:\program files (x86)\Spybot - Search & Destroy\SDUpdate.exe [2011-06-07 13:31]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF29500.cfxxe" [X]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 2918656]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Fero\AppData\Roaming\Mozilla\Firefox\Profiles\mb1woa1s.default\
FF - prefs.js: browser.search.selectedEngine - Zabezpečené vyhľadávanie
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
FF - prefs.js: network.proxy.type - 4
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 600000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AIDA64Driver]
"ImagePath"="\??\c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe
c:\program files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe
c:\program files\Logitech\SetPoint\x86\SetPoint32.exe
.
**************************************************************************
.
Completion time: 2011-06-08 23:03:11 - machine was rebooted
ComboFix-quarantined-files.txt 2011-06-08 21:03
ComboFix2.txt 2011-06-08 20:22
.
Pre-Run: 204 747 710 464 bytes free
Post-Run: 204 222 656 512 bytes free
.
- - End Of File - - 540EF71C3274416B0BEB6AC83168E259

Re: poprosím o kontrolu

Napsal: 08 čer 2011 22:15
od chodnik74
:arrow: Odinstalovat Spybot - Search & Destroy a nahradit SUPERAntispyware(viz můj podpis)
:arrow: Vypněte Ochranu v reálném čase od Malwarebytes :)

:arrow: Stiskněte klávesovou kombinaci WIN+R( nebo start-spustit ),čímž se vám otevře okno pro zadání příkazu pro spuštění a zkopírujte a vložte sem následujíci text: Combofix /Unintall a dejte enter



:arrow: Obrázek TFC
  • Stáhneme a spustíme program
  • Klikneme na Start a potvrdíme OK
  • Program začne uklízet,poté restartuje pc
  • po použití program smažte

:arrow: ObrázekCcleaner
  • Vyčistěte pc dle návodu
  • Program používat 1x za 14 dní
:arrow: Poprosím nový RSIT
Až mi ho sem vložíte,tak uklidíme po utilitách...

:arrow: Obrázek OTC
  • Spustíme,zmáčkneme CleanUp a potvrdíme YES :) Program uklidí a následně restartuje
Jak se PC chová?

Re: poprosím o kontrolu

Napsal: 08 čer 2011 22:25
od fero71
ok,

superu tam práve instalujem,PC rozhodne reaguje lepšie a rýchlejšie,akorát sem tam pracuje HD,ako keby niečo stále stahoval,tak nejak.

Re: poprosím o kontrolu

Napsal: 09 čer 2011 05:09
od chodnik74
Uvidíme :) tak tedy čekám na provedení všech kroků :)

Re: poprosím o kontrolu

Napsal: 09 čer 2011 17:10
od fero71
zdravím,
vkladám RSIT: všetky úkony vykonané podla návodu,

Logfile of random's system information tool 1.08 (written by random/random)
Run by Fero at 2011-06-09 18:05:20
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 194 GB (78%) free of 250 GB
Total RAM: 4095 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:05:25, on 9. 6. 2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\Fero.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKCU\..\Run: [Logitech SetPoint Event Manager (UNICODE)] C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - HKCU\..\Run: [Clock Widget (HTC Home)] "C:\Program Files (x86)\HTC Home\Clock.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} (PCPitstop AntiVirus) - http://utilities.pcpitstop.com/Extermin ... iVirus.dll
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package 1) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: SAMSUNG AllShare Service (AllShare) - Unknown owner - C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.199\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9322 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe"
\??\C:\Windows\system32\conhost.exe
taskeng.exe {9D491BC0-0EED-4592-9336-E07F0F7B2F77}
"C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe" -b
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
"C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --start-service
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll" saHooker_Initialize_and_Wait
"C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll" saHooker_Initialize_and_Wait
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\Logitech\SetPoint\SetPoint.exe"
"C:\Program Files (x86)\HTC Home\Clock.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Secunia\PSI\psi_tray.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe"
"C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe"
KHALMNPR.EXE /API
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Secunia\PSI\sua.exe" --start-service
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=2808.c9bfba0.2112281714 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" "Mozilla.Firefox.4.0.1" -omnijar C:\Program Files (x86)\Mozilla Firefox\omni.jar 2808 \\.\pipe\gecko-crash-server-pipe.2808 plugin
C:\Windows\system32\AUDIODG.EXE 0x2ec
"C:\Users\Fero\Downloads\RSITx64(1).exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-01-21 6723984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2011-04-08 309096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-01-16 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\progra~2\mcafee\sitead~1\mcieplg.dll [2011-04-08 251928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-01-16 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-06-08 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2011-04-08 309096]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\progra~2\mcafee\sitead~1\mcieplg.dll [2011-04-08 251928]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2011-01-12 2918656]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Logitech SetPoint Event Manager (UNICODE)"=C:\Program Files\Logitech\SetPoint\SetPoint.exe [2009-07-20 1207312]
"Clock Widget (HTC Home)"=C:\Program Files (x86)\HTC Home\Clock.exe [2011-06-02 2032128]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2009-09-25 106496]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2009-07-20 76816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-04-05 249344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-01-21 6723984]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-06-08 23:56:59 ----SHD---- C:\$RECYCLE.BIN
2011-06-08 23:55:32 ----D---- C:\Windows\temp
2011-06-08 23:55:31 ----A---- C:\ComboFix.txt
2011-06-08 23:11:27 ----D---- C:\Users\Fero\AppData\Roaming\SUPERAntiSpyware.com
2011-06-08 23:11:27 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2011-06-08 23:11:20 ----D---- C:\ProgramData\!SASCORE
2011-06-08 23:11:19 ----D---- C:\Program Files\SUPERAntiSpyware
2011-06-08 22:07:51 ----A---- C:\Windows\zip.exe
2011-06-08 22:07:51 ----A---- C:\Windows\SWSC.exe
2011-06-08 22:07:51 ----A---- C:\Windows\SWREG.exe
2011-06-08 22:07:51 ----A---- C:\Windows\sed.exe
2011-06-08 22:07:51 ----A---- C:\Windows\PEV.exe
2011-06-08 22:07:51 ----A---- C:\Windows\NIRCMD.exe
2011-06-08 22:07:51 ----A---- C:\Windows\MBR.exe
2011-06-08 22:07:51 ----A---- C:\Windows\grep.exe
2011-06-08 22:07:47 ----D---- C:\Windows\ERDNT
2011-06-08 22:07:45 ----D---- C:\Qoobox
2011-06-08 20:34:55 ----D---- C:\rsit
2011-06-08 20:34:55 ----D---- C:\Program Files\trend micro
2011-06-08 19:55:54 ----A---- C:\Windows\vmxl.txt
2011-06-08 19:34:49 ----A---- C:\Windows\SYSWOW64\xgsfthlu.txt
2011-06-08 16:49:03 ----A---- C:\Windows\SYSWOW64\javaws.exe
2011-06-08 16:49:03 ----A---- C:\Windows\SYSWOW64\javaw.exe
2011-06-08 16:49:03 ----A---- C:\Windows\SYSWOW64\java.exe
2011-06-08 16:48:46 ----D---- C:\Program Files (x86)\Java
2011-06-07 23:08:16 ----D---- C:\Users\Fero\AppData\Roaming\Malwarebytes
2011-06-07 23:08:11 ----A---- C:\Windows\SYSWOW64\drivers\mbamswissarmy.sys
2011-06-07 23:08:10 ----D---- C:\ProgramData\Malwarebytes
2011-06-07 23:08:07 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-06-07 23:08:07 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-06-07 19:23:04 ----RD---- C:\Program Files (x86)\Skype
2011-06-07 18:35:59 ----D---- C:\Program Files (x86)\Secunia
2011-06-06 23:48:03 ----D---- C:\Program Files (x86)\McAfee
2011-06-06 21:24:19 ----D---- C:\Program Files (x86)\TrojanHunter 4.2
2011-06-06 19:37:41 ----A---- C:\Windows\system32\aswBoot.exe
2011-06-06 19:36:57 ----D---- C:\ProgramData\AVAST Software
2011-06-06 19:36:57 ----D---- C:\Program Files\AVAST Software
2011-06-06 00:28:40 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-06-05 22:08:58 ----D---- C:\Program Files (x86)\trend micro
2011-06-05 21:58:53 ----D---- C:\ProgramData\McAfee Security Scan
2011-06-05 21:58:42 ----D---- C:\Program Files (x86)\McAfee Security Scan
2011-06-03 20:25:16 ----D---- C:\Program Files (x86)\PulsPlayer
2011-06-03 19:55:23 ----D---- C:\Windows\SYSWOW64\Nexus Radio
2011-06-03 19:55:23 ----D---- C:\Program Files (x86)\Nexus Radio
2011-06-03 19:55:23 ----D---- C:\My Saved Files
2011-06-03 19:55:23 ----D---- C:\My Recorded Files
2011-06-03 19:55:23 ----D---- C:\My Plugins
2011-06-03 18:14:31 ----N---- C:\Windows\difxapi.dll
2011-06-03 18:14:30 ----D---- C:\Program Files (x86)\VIA
2011-06-03 18:13:59 ----A---- C:\Windows\system32\VIASysFx.dll
2011-06-03 18:13:59 ----A---- C:\Windows\system32\VIAPropPageExt.dll
2011-06-03 18:13:59 ----A---- C:\Windows\system32\ViaMicArrayPropPageExt.dll
2011-06-03 18:13:59 ----A---- C:\Windows\system32\ViaMicArrayAPO.dll
2011-06-03 18:13:59 ----A---- C:\Windows\system32\nQPropPageExt.dll
2011-06-03 18:13:59 ----A---- C:\Windows\system32\nQAPO.dll
2011-06-03 18:13:59 ----A---- C:\Windows\system32\Dts2PropPageExt.dll
2011-06-03 18:13:59 ----A---- C:\Windows\system32\Dts2APO.dll
2011-06-03 18:13:59 ----A---- C:\Windows\system32\drivers\viahduaa.sys
2011-06-03 17:19:16 ----D---- C:\PCShareManagerUpload
2011-06-03 16:47:30 ----A---- C:\Windows\system32\SmartDefragBootTime.exe
2011-06-03 16:47:30 ----A---- C:\Windows\system32\drivers\SmartDefragDriver.sys
2011-05-25 18:59:21 ----HD---- C:\Program Files (x86)\Temp
2011-05-25 18:59:21 ----A---- C:\Windows\RtlExUpd.dll
2011-05-25 17:32:58 ----A---- C:\Windows\system32\drivers\revoflt.sys
2011-05-25 17:32:55 ----D---- C:\Program Files\VS Revo Group
2011-05-24 20:19:38 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-05-22 12:21:16 ----D---- C:\ProgramData\ATI
2011-05-22 12:21:13 ----D---- C:\Program Files (x86)\AMD APP
2011-05-22 12:20:44 ----D---- C:\Program Files (x86)\ATI Technologies
2011-05-21 23:40:21 ----D---- C:\Program Files (x86)\HTC Home
2011-05-21 22:32:29 ----D---- C:\Users\Fero\AppData\Roaming\Stealth Software
2011-05-21 22:11:43 ----D---- C:\Users\Fero\AppData\Roaming\vlc
2011-05-20 21:57:48 ----D---- C:\Users\Fero\AppData\Roaming\Gmail Notifier Plus
2011-05-16 21:28:23 ----D---- C:\ProgramData\Skype Extras
2011-05-12 17:04:24 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2011-05-12 17:04:24 ----A---- C:\Windows\system32\poqexec.exe
2011-05-12 16:50:01 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-05-12 16:49:59 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2011-05-12 16:49:58 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2011-05-12 16:49:53 ----A---- C:\Windows\system32\drivers\usbport.sys
2011-05-12 16:49:53 ----A---- C:\Windows\system32\drivers\usbohci.sys
2011-05-12 16:49:53 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-05-12 16:49:53 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-05-12 16:49:53 ----A---- C:\Windows\system32\drivers\usbd.sys
2011-05-12 16:49:53 ----A---- C:\Windows\system32\drivers\usbccgp.sys

======List of files/folders modified in the last 1 months======

2011-06-09 18:05:15 ----D---- C:\Windows
2011-06-09 17:28:00 ----D---- C:\Users\Fero\AppData\Roaming\Skype
2011-06-09 17:27:44 ----D---- C:\Windows\SYSWOW64\LogFiles
2011-06-09 17:27:44 ----D---- C:\Windows\system32\LogFiles
2011-06-09 17:27:44 ----D---- C:\Windows\Prefetch
2011-06-09 17:27:44 ----D---- C:\Windows\Logs
2011-06-09 17:21:32 ----D---- C:\Windows\system32\config
2011-06-09 16:45:20 ----D---- C:\Windows\System32
2011-06-09 16:45:20 ----D---- C:\Windows\inf
2011-06-09 16:45:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-06-08 23:54:06 ----A---- C:\Windows\system.ini
2011-06-08 23:52:44 ----D---- C:\Windows\SYSWOW64\drivers
2011-06-08 23:52:44 ----D---- C:\Windows\SysWOW64
2011-06-08 23:52:44 ----D---- C:\Windows\system32\drivers
2011-06-08 23:52:44 ----D---- C:\Windows\AppPatch
2011-06-08 23:52:43 ----D---- C:\Program Files\Common Files
2011-06-08 23:52:43 ----D---- C:\Program Files (x86)\Common Files
2011-06-08 23:41:58 ----D---- C:\Windows\Tasks
2011-06-08 23:41:58 ----D---- C:\Windows\system32\Tasks
2011-06-08 23:29:37 ----RD---- C:\Program Files (x86)
2011-06-08 23:27:34 ----SHD---- C:\System Volume Information
2011-06-08 23:11:27 ----D---- C:\ProgramData
2011-06-08 23:11:19 ----RD---- C:\Program Files
2011-06-08 23:00:55 ----D---- C:\Windows\system32\drivers\etc
2011-06-08 22:13:41 ----D---- C:\Windows\system32\NDF
2011-06-08 20:08:01 ----D---- C:\Windows\system32\catroot2
2011-06-08 17:32:51 ----SHD---- C:\Windows\Installer
2011-06-08 16:48:49 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2011-06-07 19:23:04 ----D---- C:\ProgramData\Skype
2011-06-07 19:11:32 ----D---- C:\Program Files\CCleaner
2011-06-07 18:30:11 ----D---- C:\Users\Fero\AppData\Roaming\skypePM
2011-06-07 18:28:49 ----D---- C:\Users\Fero\AppData\Roaming\QuickScan
2011-06-06 23:48:04 ----D---- C:\ProgramData\McAfee
2011-06-06 21:57:57 ----D---- C:\ProgramData\TuneUp Software
2011-06-06 21:24:41 ----R---- C:\Windows\streamhlp.dll
2011-06-06 19:38:11 ----D---- C:\Windows\system32\DriverStore
2011-06-06 19:38:11 ----D---- C:\Windows\system32\catroot
2011-06-06 19:37:32 ----D---- C:\Windows\winsxs
2011-06-06 01:02:24 ----D---- C:\Windows\pss
2011-06-05 22:24:05 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-06-03 19:41:52 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2011-06-03 19:21:10 ----SD---- C:\Users\Fero\AppData\Roaming\Microsoft
2011-06-03 18:15:40 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-06-03 18:14:07 ----A---- C:\Windows\Language_trs.ini
2011-06-03 17:19:17 ----D---- C:\Program Files (x86)\Google
2011-06-03 16:47:31 ----D---- C:\Users\Fero\AppData\Roaming\IObit
2011-06-03 16:47:27 ----D---- C:\Program Files (x86)\IObit
2011-05-27 17:08:32 ----D---- C:\Windows\debug
2011-05-25 18:59:27 ----D---- C:\Program Files (x86)\Realtek
2011-05-25 17:57:01 ----D---- C:\Users\Fero\AppData\Roaming\uTorrent
2011-05-24 23:12:02 ----D---- C:\ProgramData\TOSHIBA
2011-05-24 23:04:21 ----D---- C:\Windows\ModemLogs
2011-05-24 21:36:25 ----D---- C:\Program Files (x86)\Creative
2011-05-24 21:35:08 ----D---- C:\ProgramData\Creative
2011-05-24 21:32:00 ----D---- C:\Windows\Downloaded Program Files
2011-05-24 20:16:52 ----D---- C:\Users\Fero\AppData\Roaming\Toshiba
2011-05-24 19:14:10 ----N---- C:\Windows\system32\MpSigStub.exe
2011-05-22 15:11:41 ----D---- C:\Program Files (x86)\uTorrent
2011-05-22 12:20:51 ----D---- C:\Program Files\ATI Technologies
2011-05-22 12:20:15 ----RSD---- C:\Windows\assembly
2011-05-22 11:56:09 ----D---- C:\ProgramData\IObit
2011-05-22 11:13:06 ----D---- C:\Program Files (x86)\Mozilla Sunbird
2011-05-22 01:13:11 ----D---- C:\Program Files\Windows Media Player
2011-05-22 01:13:11 ----D---- C:\Program Files\Common Files\System
2011-05-22 01:13:11 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-05-22 01:13:11 ----D---- C:\Program Files (x86)\Windows Media Player
2011-05-22 01:13:11 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2011-05-22 01:13:11 ----D---- C:\Program Files (x86)\Electronic Arts
2011-05-22 01:13:11 ----D---- C:\PerfLogs
2011-05-21 22:11:20 ----D---- C:\Program Files (x86)\VideoLAN
2011-05-12 16:47:53 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 mv91xx;mv91xx; C:\Windows\system32\DRIVERS\mv91xx.sys [2009-10-09 291368]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2011-02-23 18232]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-12-13 503352]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2009-08-04 13440]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-12-21 141264]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
R2 cpuz133;cpuz133; \??\C:\Windows\system32\drivers\cpuz133_x64.sys [2010-05-11 20968]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-12-21 170640]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-12-21 125296]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [2011-02-17 27296]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-04-20 9319936]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-04-20 306176]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-03-30 114704]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\system32\DRIVERS\LEqdUsb.Sys [2009-06-17 74256]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\system32\DRIVERS\LHidEqd.Sys [2009-06-17 13328]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2009-06-17 55312]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2009-06-17 57872]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2009-06-17 40976]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2011-05-29 25912]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2009-09-25 73728]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2009-09-25 178688]
R3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys [2010-09-01 17976]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-03-21 452200]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2010-12-25 34032]
R3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\Windows\system32\DRIVERS\snp2sxp.sys [2007-04-09 12342656]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2010-01-11 1290752]
S1 EIO64;EIO Driver; C:\Windows\system32\DRIVERS\EIO64.sys []
S3 ALSysIO;ALSysIO; \??\C:\Users\Fero\AppData\Local\Temp\ALSysIO64.sys []
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-04-08 124944]
S3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 29184]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2010-11-20 552448]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2010-11-20 80384]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 esihdrv;esihdrv; \??\C:\Users\Fero\AppData\Local\Temp\esihdrv.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2010-12-25 13352]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2010-12-25 27176]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; \??\C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys [2010-05-10 33592]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2010-07-30 19456]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2010-07-30 26624]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2010-07-26 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2010-07-26 171008]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [2010-10-22 14136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 115240]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 19496]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 158760]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 137256]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\Windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 34344]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0016obex.sys [2008-05-16 136744]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\Windows\system32\DRIVERS\s0016unic.sys [2008-05-16 151592]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\Windows\system32\DRIVERS\s1018bus.sys [2009-03-25 113704]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 19496]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 153128]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 133160]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 34856]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1018obex.sys [2009-03-25 128552]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1018unic.sys [2009-03-25 146472]
S3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2009-08-28 211560]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 50664]
S3 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-28 81768]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 94336]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2009-08-05 63856]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2009-08-05 58744]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2010-07-30 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2010-07-30 9216]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-05-04 128384]
R2 AdvancedSystemCareService;Advanced SystemCare Service; C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [2011-05-28 353168]
R2 AllShare;SAMSUNG AllShare Service; C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2010-07-16 6638080]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-04-20 203776]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-04-19 365568]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-01-12 810144]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-05-29 366640]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [2011-02-16 101048]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2011-04-19 993848]
R2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2011-04-19 399416]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-19 136176]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2011-01-12 42360]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-19 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2009-07-20 160784]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.199\McCHSvc.exe [2011-02-23 237008]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 51445112]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-12 1255736]
S4 AODService;AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2010-07-01 136616]
S4 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
S4 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2011-03-09 92592]

-----------------EOF-----------------

Re: poprosím o kontrolu

Napsal: 09 čer 2011 19:08
od chodnik74
:arrow: Odinstalovat Advanced SystemCare,McAfee Security Scan + pokud je tam ještě nějaký toolbar :)


:arrow: Otevřeme si Služby Obrázek
  • Stiskněte klávesovou kombinaci WIN+R( nebo start-spustit ),čímž se vám otevře okno pro zadání příkazu pro spuštění. Zkopírujte a vložte sem následujíci text: services.msc a dejte enter
  • Otevře se vám okno se službami vašeho pc,najděte následující služby,dvojklikem rozklikněte,klikneme na Zastavit a dále nastavte Typ spuštění:Zakázano

    Kód: Vybrat vše

    Služba Google Update (gupdate)
Služba Google Update (gupdatem)

Poté nový RSIT + jak se PC chová :???:

Re: poprosím o kontrolu

Napsal: 09 čer 2011 20:14
od fero71
Pridávam RSIT :

Logfile of random's system information tool 1.08 (written by random/random)
Run by Fero at 2011-06-09 21:10:57
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 192 GB (77%) free of 250 GB
Total RAM: 4095 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:11:14, on 9. 6. 2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\Fero.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKCU\..\Run: [Logitech SetPoint Event Manager (UNICODE)] C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - HKCU\..\Run: [Clock Widget (HTC Home)] "C:\Program Files (x86)\HTC Home\Clock.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} (PCPitstop AntiVirus) - http://utilities.pcpitstop.com/Extermin ... iVirus.dll
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package 1) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: SAMSUNG AllShare Service (AllShare) - Unknown owner - C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8191 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe"
\??\C:\Windows\system32\conhost.exe
taskeng.exe {554D2E7F-8232-459E-8F7C-EEAEB58C4165}
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --start-service
"C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe" -b
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\Logitech\SetPoint\SetPoint.exe"
"C:\Program Files (x86)\HTC Home\Clock.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Secunia\PSI\psi_tray.exe"
"C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe"
"C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe"
"C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
KHALMNPR.EXE /API
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Secunia\PSI\sua.exe" --start-service
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=304.15b2a980.1392935598 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" "Mozilla.Firefox.4.0.1" -omnijar C:\Program Files (x86)\Mozilla Firefox\omni.jar 304 \\.\pipe\gecko-crash-server-pipe.304 plugin
C:\Windows\system32\AUDIODG.EXE 0x5c0
"C:\Users\Fero\Downloads\RSITx64(1).exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-01-21 6723984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-01-16 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2010-01-16 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-06-08 42272]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2011-01-12 2918656]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Logitech SetPoint Event Manager (UNICODE)"=C:\Program Files\Logitech\SetPoint\SetPoint.exe [2009-07-20 1207312]
"Clock Widget (HTC Home)"=C:\Program Files (x86)\HTC Home\Clock.exe [2011-06-02 2032128]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2009-09-25 106496]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2009-07-20 76816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-04-05 249344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-01-21 6723984]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-06-09 21:10:56 ----D---- C:\rsit
2011-06-09 20:50:33 ----SHD---- C:\Config.Msi
2011-06-09 20:34:23 ----D---- C:\ProgramData\ESET
2011-06-09 20:34:23 ----D---- C:\Program Files\ESET
2011-06-08 23:56:59 ----SHD---- C:\$RECYCLE.BIN
2011-06-08 23:55:32 ----D---- C:\Windows\temp
2011-06-08 23:11:27 ----D---- C:\Users\Fero\AppData\Roaming\SUPERAntiSpyware.com
2011-06-08 23:11:27 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2011-06-08 23:11:20 ----D---- C:\ProgramData\!SASCORE
2011-06-08 23:11:19 ----D---- C:\Program Files\SUPERAntiSpyware
2011-06-08 22:07:47 ----D---- C:\Windows\ERDNT
2011-06-08 22:07:45 ----D---- C:\Qoobox
2011-06-08 20:34:55 ----D---- C:\Program Files\trend micro
2011-06-08 19:55:54 ----A---- C:\Windows\vmxl.txt
2011-06-08 19:34:49 ----A---- C:\Windows\SYSWOW64\xgsfthlu.txt
2011-06-08 16:49:03 ----A---- C:\Windows\SYSWOW64\javaws.exe
2011-06-08 16:49:03 ----A---- C:\Windows\SYSWOW64\javaw.exe
2011-06-08 16:49:03 ----A---- C:\Windows\SYSWOW64\java.exe
2011-06-08 16:48:46 ----D---- C:\Program Files (x86)\Java
2011-06-07 23:08:16 ----D---- C:\Users\Fero\AppData\Roaming\Malwarebytes
2011-06-07 23:08:11 ----A---- C:\Windows\SYSWOW64\drivers\mbamswissarmy.sys
2011-06-07 23:08:10 ----D---- C:\ProgramData\Malwarebytes
2011-06-07 23:08:07 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-06-07 23:08:07 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-06-07 19:23:04 ----RD---- C:\Program Files (x86)\Skype
2011-06-07 18:35:59 ----D---- C:\Program Files (x86)\Secunia
2011-06-06 21:24:19 ----D---- C:\Program Files (x86)\TrojanHunter 4.2
2011-06-06 19:37:41 ----A---- C:\Windows\system32\aswBoot.exe
2011-06-06 19:36:57 ----D---- C:\ProgramData\AVAST Software
2011-06-06 19:36:57 ----D---- C:\Program Files\AVAST Software
2011-06-06 00:28:40 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-06-05 22:08:58 ----D---- C:\Program Files (x86)\trend micro
2011-06-03 20:25:16 ----D---- C:\Program Files (x86)\PulsPlayer
2011-06-03 19:55:23 ----D---- C:\Windows\SYSWOW64\Nexus Radio
2011-06-03 19:55:23 ----D---- C:\Program Files (x86)\Nexus Radio
2011-06-03 19:55:23 ----D---- C:\My Saved Files
2011-06-03 19:55:23 ----D---- C:\My Recorded Files
2011-06-03 19:55:23 ----D---- C:\My Plugins
2011-06-03 18:14:31 ----N---- C:\Windows\difxapi.dll
2011-06-03 18:14:30 ----D---- C:\Program Files (x86)\VIA
2011-06-03 18:13:59 ----A---- C:\Windows\system32\VIASysFx.dll
2011-06-03 18:13:59 ----A---- C:\Windows\system32\VIAPropPageExt.dll
2011-06-03 18:13:59 ----A---- C:\Windows\system32\ViaMicArrayPropPageExt.dll
2011-06-03 18:13:59 ----A---- C:\Windows\system32\ViaMicArrayAPO.dll
2011-06-03 18:13:59 ----A---- C:\Windows\system32\nQPropPageExt.dll
2011-06-03 18:13:59 ----A---- C:\Windows\system32\nQAPO.dll
2011-06-03 18:13:59 ----A---- C:\Windows\system32\Dts2PropPageExt.dll
2011-06-03 18:13:59 ----A---- C:\Windows\system32\Dts2APO.dll
2011-06-03 18:13:59 ----A---- C:\Windows\system32\drivers\viahduaa.sys
2011-06-03 17:19:16 ----D---- C:\PCShareManagerUpload
2011-06-03 16:47:30 ----A---- C:\Windows\system32\SmartDefragBootTime.exe
2011-06-03 16:47:30 ----A---- C:\Windows\system32\drivers\SmartDefragDriver.sys
2011-05-25 18:59:21 ----HD---- C:\Program Files (x86)\Temp
2011-05-25 18:59:21 ----A---- C:\Windows\RtlExUpd.dll
2011-05-25 17:32:58 ----A---- C:\Windows\system32\drivers\revoflt.sys
2011-05-25 17:32:55 ----D---- C:\Program Files\VS Revo Group
2011-05-24 20:19:38 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-05-22 12:21:16 ----D---- C:\ProgramData\ATI
2011-05-22 12:21:13 ----D---- C:\Program Files (x86)\AMD APP
2011-05-22 12:20:44 ----D---- C:\Program Files (x86)\ATI Technologies
2011-05-21 23:40:21 ----D---- C:\Program Files (x86)\HTC Home
2011-05-21 22:32:29 ----D---- C:\Users\Fero\AppData\Roaming\Stealth Software
2011-05-21 22:11:43 ----D---- C:\Users\Fero\AppData\Roaming\vlc
2011-05-20 21:57:48 ----D---- C:\Users\Fero\AppData\Roaming\Gmail Notifier Plus
2011-05-16 21:28:23 ----D---- C:\ProgramData\Skype Extras
2011-05-12 17:04:24 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2011-05-12 17:04:24 ----A---- C:\Windows\system32\poqexec.exe
2011-05-12 16:50:01 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-05-12 16:49:59 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2011-05-12 16:49:58 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2011-05-12 16:49:53 ----A---- C:\Windows\system32\drivers\usbport.sys
2011-05-12 16:49:53 ----A---- C:\Windows\system32\drivers\usbohci.sys
2011-05-12 16:49:53 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-05-12 16:49:53 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-05-12 16:49:53 ----A---- C:\Windows\system32\drivers\usbd.sys
2011-05-12 16:49:53 ----A---- C:\Windows\system32\drivers\usbccgp.sys

======List of files/folders modified in the last 1 months======

2011-06-09 21:11:10 ----D---- C:\Windows\Prefetch
2011-06-09 21:07:37 ----D---- C:\Windows\system32\config
2011-06-09 20:56:38 ----D---- C:\Windows\system32\NDF
2011-06-09 20:54:50 ----RD---- C:\Program Files (x86)
2011-06-09 20:54:50 ----D---- C:\ProgramData\McAfee
2011-06-09 20:54:50 ----D---- C:\Program Files (x86)\Common Files
2011-06-09 20:54:33 ----D---- C:\Program Files (x86)\IObit
2011-06-09 20:50:37 ----SHD---- C:\Windows\Installer
2011-06-09 20:50:18 ----SHD---- C:\System Volume Information
2011-06-09 20:47:00 ----D---- C:\ProgramData
2011-06-09 20:34:41 ----D---- C:\Windows\system32\DriverStore
2011-06-09 20:34:41 ----D---- C:\Windows\system32\drivers
2011-06-09 20:34:41 ----D---- C:\Windows\system32\catroot
2011-06-09 20:34:41 ----D---- C:\Windows\inf
2011-06-09 20:34:23 ----RD---- C:\Program Files
2011-06-09 20:31:21 ----D---- C:\Windows\SysWOW64
2011-06-09 18:14:01 ----D---- C:\Windows
2011-06-09 17:28:00 ----D---- C:\Users\Fero\AppData\Roaming\Skype
2011-06-09 17:27:44 ----D---- C:\Windows\SYSWOW64\LogFiles
2011-06-09 17:27:44 ----D---- C:\Windows\system32\LogFiles
2011-06-09 17:27:44 ----D---- C:\Windows\Logs
2011-06-09 16:45:20 ----D---- C:\Windows\System32
2011-06-09 16:45:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-06-08 23:54:06 ----A---- C:\Windows\system.ini
2011-06-08 23:52:44 ----D---- C:\Windows\SYSWOW64\drivers
2011-06-08 23:52:44 ----D---- C:\Windows\AppPatch
2011-06-08 23:52:43 ----D---- C:\Program Files\Common Files
2011-06-08 23:41:58 ----D---- C:\Windows\Tasks
2011-06-08 23:41:58 ----D---- C:\Windows\system32\Tasks
2011-06-08 23:00:55 ----D---- C:\Windows\system32\drivers\etc
2011-06-08 20:08:01 ----D---- C:\Windows\system32\catroot2
2011-06-08 16:48:49 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2011-06-07 19:23:04 ----D---- C:\ProgramData\Skype
2011-06-07 19:11:32 ----D---- C:\Program Files\CCleaner
2011-06-07 18:30:11 ----D---- C:\Users\Fero\AppData\Roaming\skypePM
2011-06-07 18:28:49 ----D---- C:\Users\Fero\AppData\Roaming\QuickScan
2011-06-06 21:57:57 ----D---- C:\ProgramData\TuneUp Software
2011-06-06 21:24:41 ----R---- C:\Windows\streamhlp.dll
2011-06-06 19:37:32 ----D---- C:\Windows\winsxs
2011-06-06 01:02:24 ----D---- C:\Windows\pss
2011-06-05 22:24:05 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-06-03 19:41:52 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2011-06-03 19:21:10 ----SD---- C:\Users\Fero\AppData\Roaming\Microsoft
2011-06-03 18:15:40 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-06-03 18:14:07 ----A---- C:\Windows\Language_trs.ini
2011-06-03 17:19:17 ----D---- C:\Program Files (x86)\Google
2011-06-03 16:47:31 ----D---- C:\Users\Fero\AppData\Roaming\IObit
2011-05-27 17:08:32 ----D---- C:\Windows\debug
2011-05-25 18:59:27 ----D---- C:\Program Files (x86)\Realtek
2011-05-25 17:57:01 ----D---- C:\Users\Fero\AppData\Roaming\uTorrent
2011-05-24 23:12:02 ----D---- C:\ProgramData\TOSHIBA
2011-05-24 23:04:21 ----D---- C:\Windows\ModemLogs
2011-05-24 21:36:25 ----D---- C:\Program Files (x86)\Creative
2011-05-24 21:35:08 ----D---- C:\ProgramData\Creative
2011-05-24 21:32:00 ----D---- C:\Windows\Downloaded Program Files
2011-05-24 20:16:52 ----D---- C:\Users\Fero\AppData\Roaming\Toshiba
2011-05-24 19:14:10 ----N---- C:\Windows\system32\MpSigStub.exe
2011-05-22 15:11:41 ----D---- C:\Program Files (x86)\uTorrent
2011-05-22 12:20:51 ----D---- C:\Program Files\ATI Technologies
2011-05-22 12:20:15 ----RSD---- C:\Windows\assembly
2011-05-22 11:56:09 ----D---- C:\ProgramData\IObit
2011-05-22 11:13:06 ----D---- C:\Program Files (x86)\Mozilla Sunbird
2011-05-22 01:13:11 ----D---- C:\Program Files\Windows Media Player
2011-05-22 01:13:11 ----D---- C:\Program Files\Common Files\System
2011-05-22 01:13:11 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-05-22 01:13:11 ----D---- C:\Program Files (x86)\Windows Media Player
2011-05-22 01:13:11 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2011-05-22 01:13:11 ----D---- C:\Program Files (x86)\Electronic Arts
2011-05-22 01:13:11 ----D---- C:\PerfLogs
2011-05-21 22:11:20 ----D---- C:\Program Files (x86)\VideoLAN
2011-05-12 16:47:53 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 mv91xx;mv91xx; C:\Windows\system32\DRIVERS\mv91xx.sys [2009-10-09 291368]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2011-02-23 18232]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-12-13 503352]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2009-08-04 13440]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-12-21 141264]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
R2 cpuz133;cpuz133; \??\C:\Windows\system32\drivers\cpuz133_x64.sys [2010-05-11 20968]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-12-21 170640]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-12-21 125296]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [2011-02-17 27296]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-04-20 9319936]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-04-20 306176]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-03-30 114704]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\system32\DRIVERS\LEqdUsb.Sys [2009-06-17 74256]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\system32\DRIVERS\LHidEqd.Sys [2009-06-17 13328]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2009-06-17 55312]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2009-06-17 57872]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2009-06-17 40976]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2011-05-29 25912]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2009-09-25 73728]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2009-09-25 178688]
R3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys [2010-09-01 17976]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-03-21 452200]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2010-12-25 34032]
R3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\Windows\system32\DRIVERS\snp2sxp.sys [2007-04-09 12342656]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2010-01-11 1290752]
S1 EIO64;EIO Driver; C:\Windows\system32\DRIVERS\EIO64.sys []
S3 ALSysIO;ALSysIO; \??\C:\Users\Fero\AppData\Local\Temp\ALSysIO64.sys []
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-04-08 124944]
S3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 29184]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2010-11-20 552448]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2010-11-20 80384]
S3 esihdrv;esihdrv; \??\C:\Users\Fero\AppData\Local\Temp\esihdrv.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2010-12-25 13352]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2010-12-25 27176]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; \??\C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys [2010-05-10 33592]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2010-07-30 19456]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2010-07-30 26624]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2010-07-26 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2010-07-26 171008]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [2010-10-22 14136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 115240]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 19496]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 158760]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 137256]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\Windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 34344]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0016obex.sys [2008-05-16 136744]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\Windows\system32\DRIVERS\s0016unic.sys [2008-05-16 151592]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\Windows\system32\DRIVERS\s1018bus.sys [2009-03-25 113704]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 19496]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 153128]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 133160]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 34856]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1018obex.sys [2009-03-25 128552]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1018unic.sys [2009-03-25 146472]
S3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2009-08-28 211560]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 50664]
S3 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-28 81768]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 94336]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2009-08-05 63856]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2009-08-05 58744]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2010-07-30 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2010-07-30 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-05-04 128384]
R2 AllShare;SAMSUNG AllShare Service; C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2010-07-16 6638080]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-04-20 203776]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-04-19 365568]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-01-12 810144]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-05-29 366640]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2011-04-19 993848]
R2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2011-04-19 399416]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2011-01-12 42360]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2009-07-20 160784]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 51445112]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-12 1255736]
S4 AODService;AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2010-07-01 136616]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-19 136176]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-19 136176]
S4 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
S4 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2011-03-09 92592]

-----------------EOF-----------------

Re: poprosím o kontrolu

Napsal: 09 čer 2011 20:20
od fero71
+ pridávam info log :

info.txt logfile of random's system information tool 1.08 2011-06-09 21:11:15

======Uninstall list======

Codecs Video Pack-->MsiExec.exe /I{EB26AB83-D2E8-45E4-B510-CD670C506C74}
µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
Adobe Flash Player 10 ActiveX 64-bit-->C:\Windows\system32\Macromed\Flash\FlashUtil64_10_2_161_ActiveX.exe -maintain activex
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10s_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10s_Plugin.exe -maintain plugin
Adobe Reader 9.4.4 - Slovak-->MsiExec.exe /I{AC76BA86-7AD7-1051-7B44-A94000000001}
Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
AIDA64 Extreme Edition v1.60-->"C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\unins000.exe"
Aktualizácia balíka Microsoft Outlook Social Connector (KB2441641)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-041B-1000-0000000FF1CE}" "{B6414F29-31D6-4915-8FDA-66B69841AC13}" "1051" "0"
AMD APP SDK Runtime-->MsiExec.exe /I{503F672D-6C84-448A-8F8F-4BC35AC83441}
AMD Drag and Drop Transcoding-->MsiExec.exe /X{5DF57DB1-D971-3DA3-B4BB-F6FC7D73A997}
AMD OverDrive-->MsiExec.exe /X{652F3200-5E12-4CAD-BA2E-88EFE0113BCD}
Ashampoo Burning Studio 10.0.7-->"C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 10\unins000.exe"
ASUS Wireless Router WL-520GU Utilities-->C:\Program Files (x86)\InstallShield Installation Information\{B835DEF8-26A7-4E9B-B9F8-8D56F385DEAA}\setup.exe -runfromtemp -l0x0005 -removeonly
ATI AVIVO64 Codecs-->MsiExec.exe /X{DADBFD45-EEDA-E6A4-469C-2F772132E251}
ATI Catalyst Install Manager-->msiexec /q/x{4044201A-8576-2999-1166-96C5593F3CFF} REBOOT=ReallySuppress
Catalyst Control Center - Branding-->MsiExec.exe /I{19A492A0-888F-44A0-9B21-D91700763F62}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CDDRV_Installer-->MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A}
CPUID HWMonitor 1.16-->"C:\Program Files\CPUID\HWMonitor\unins000.exe"
Definition update for Microsoft Office 2010 (KB982726)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{D3F93D50-A2B8-4386-AA58-0D84E3F4AF06}" "1033" "0"
EPU-4 Engine-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}\Setup.exe" -l0x9
erLT-->MsiExec.exe /I{A498D9EB-927B-459B-85D6-DD6EF8C2C564}
FIFA 11-->MsiExec.exe /X{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}
FormatFactory 2.60-->C:\Program Files (x86)\FreeTime\FormatFactory\uninst.exe
Full Video Converter Free 9-->"C:\Program Files (x86)\Full Video Converter Free 9\unins000.exe"
Game Booster-->"C:\Program Files (x86)\IObit\Game Booster\unins000.exe"
Google Earth Plug-in-->MsiExec.exe /X{A9F6CFB0-806D-11E0-8EA1-B8AC6F97B88E}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HTC Home Apis-->C:\Program Files (x86)\HTC Home\uninstall.exe
IrfanView (remove only)-->C:\Program Files (x86)\IrfanView\iv_uninstall.exe
Java(TM) 6 Update 26-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216026FF}
KhalInstallWrapper-->MsiExec.exe /I{F3F18612-7B5D-4C05-86C9-AB50F6F71727}
Liveupdate5-->"C:\Program Files (x86)\MSI\Live Update 5\unins000.exe"
Logitech SetPoint-->"C:\Program Files (x86)\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe" -runfromtemp -l1033 -removeonly
Malwarebytes' Anti-Malware verzia 1.51.0.1200-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Office Access MUI (English) 2010-->MsiExec.exe /X{90140000-0015-0409-1000-0000000FF1CE}
Microsoft Office Access MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0015-041B-1000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2010-->MsiExec.exe /X{90140000-0117-0409-1000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2010-->MsiExec.exe /X{90140000-0016-0409-1000-0000000FF1CE}
Microsoft Office Excel MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0016-041B-1000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2010-->MsiExec.exe /X{90140000-00BA-0409-1000-0000000FF1CE}
Microsoft Office Groove MUI (Slovak) 2010-->MsiExec.exe /X{90140000-00BA-041B-1000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2010-->MsiExec.exe /X{90140000-0044-0409-1000-0000000FF1CE}
Microsoft Office InfoPath MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0044-041B-1000-0000000FF1CE}
Microsoft Office Language Pack 2010 - Slovak/Slovenčina-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall OMUI.SK-SK /dll OSETUP.DLL
Microsoft Office O MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0100-041B-1000-0000000FF1CE}
Microsoft Office Office 32-bit Components 2010-->MsiExec.exe /X{90140000-0043-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2010-->MsiExec.exe /X{90140000-00A1-0409-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Slovak) 2010-->MsiExec.exe /X{90140000-00A1-041B-1000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2010-->MsiExec.exe /X{90140000-001A-0409-1000-0000000FF1CE}
Microsoft Office Outlook MUI (Slovak) 2010-->MsiExec.exe /X{90140000-001A-041B-1000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2010-->MsiExec.exe /X{90140000-0018-0409-1000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0018-041B-1000-0000000FF1CE}
Microsoft Office Professional Plus 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2010-->MsiExec.exe /X{90140000-0011-0000-1000-0000000FF1CE}
Microsoft Office Proof (Czech) 2010-->MsiExec.exe /X{90140000-001F-0405-1000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-1000-0000000FF1CE}
Microsoft Office Proof (French) 2010-->MsiExec.exe /X{90140000-001F-040C-1000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-1000-0000000FF1CE}
Microsoft Office Proof (Hungarian) 2010-->MsiExec.exe /X{90140000-001F-040E-1000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2010-->MsiExec.exe /X{90140000-001F-041B-1000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2010-->MsiExec.exe /X{90140000-001F-0C0A-1000-0000000FF1CE}
Microsoft Office Proofing (English) 2010-->MsiExec.exe /X{90140000-002C-0409-1000-0000000FF1CE}
Microsoft Office Proofing (Slovak) 2010-->MsiExec.exe /X{90140000-002C-041B-1000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2010-->MsiExec.exe /X{90140000-0019-0409-1000-0000000FF1CE}
Microsoft Office Publisher MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0019-041B-1000-0000000FF1CE}
Microsoft Office Shared 32-bit MUI (English) 2010-->MsiExec.exe /X{90140000-0043-0409-1000-0000000FF1CE}
Microsoft Office Shared 32-bit MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0043-041B-1000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2010-->MsiExec.exe /X{90140000-006E-0409-1000-0000000FF1CE}
Microsoft Office Shared MUI (Slovak) 2010-->MsiExec.exe /X{90140000-006E-041B-1000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2010-->MsiExec.exe /X{90140000-0115-0409-1000-0000000FF1CE}
Microsoft Office Word MUI (English) 2010-->MsiExec.exe /X{90140000-001B-0409-1000-0000000FF1CE}
Microsoft Office Word MUI (Slovak) 2010-->MsiExec.exe /X{90140000-001B-041B-1000-0000000FF1CE}
Microsoft Office X MUI (Slovak) 2010-->MsiExec.exe /X{90140000-0101-041B-1000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053-->MsiExec.exe /X{B6E3757B-5E77-3915-866A-CCFC4B8D194C}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable - KB2467175-->MsiExec.exe /X{a0fe116e-9a8a-466f-aee0-625cb7c207e3}
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175-->MsiExec.exe /X{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319-->MsiExec.exe /X{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}
Mozilla Firefox 4.0.1 (x86 sk)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSI Afterburner 2.0.0-->"C:\Program Files (x86)\MSI Afterburner\uninstall.exe"
MSI Kombustor 1.1.3-->"C:\Program Files (x86)\MSI Kombustor\unins000.exe"
MSVC80_x64_v2-->MsiExec.exe /I{4D668D4F-FAA2-4726-834C-31F4614F312E}
MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVC90_x64-->MsiExec.exe /I{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}
MSVC90_x86-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
NEC Electronics USB 3.0 Host Controller Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{D7BF9739-8A68-4335-BBEE-37752AD9E86B}\setup.exe" -runfromtemp -l0x041b -removeonly
NEC Electronics USB 3.0 Host Controller Driver-->MsiExec.exe /I{D7BF9739-8A68-4335-BBEE-37752AD9E86B}
Need for Speed(TM) Hot Pursuit-->MsiExec.exe /X{83A606F5-BF6F-42ED-9F33-B9F74297CDED}
Nexus Radio-->MsiExec.exe /X{51084FF4-1900-44D1-AC43-18F5F47AA731}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{4216D328-0FE8-48B8-85B8-BD300E6F080F}
Nokia Ovi Suite Software Updater-->MsiExec.exe /X{3553E875-F00E-4031-BDEC-75FB1DFEB093}
Nokia Ovi Suite-->C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{3FC42713-B6E7-49AA-A553-A224FE9828A8}\Installer.exe
Nokia Ovi Suite-->MsiExec.exe /X{3FC42713-B6E7-49AA-A553-A224FE9828A8}
Ovi Desktop Sync Engine-->MsiExec.exe /X{28191B83-1D60-44B6-9B08-E854EF6632D5}
OviMPlatform-->MsiExec.exe /I{08600005-5228-4BF6-845E-E9A957AFDCB4}
PC Connectivity Solution-->MsiExec.exe /I{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}
PulsPlayer-->"C:\Program Files (x86)\PulsPlayer\uninstall.EXE"
Realtek Ethernet Controller Driver For Windows 7-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Revo Uninstaller Pro 2.5.3-->"C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe"
SAMSUNG PC Share Manager-->"C:\Program Files (x86)\InstallShield Installation Information\{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}\setup.exe" -runfromtemp -l0x041b -removeonly
SAMSUNG PC Share Manager-->MsiExec.exe /I{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}
Secunia PSI (2.0.0.3003)-->"C:\Program Files (x86)\Secunia\PSI\uninstall.exe"
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F66C3466-1FDB-347C-B3AE-FB6C50627B10} /parameterfolder Client
Skype™ 5.3-->MsiExec.exe /X{5335DADB-34BA-4AE8-A519-648D78498846}
Smart Defrag 2-->"C:\Program Files (x86)\IObit\Smart Defrag 2\unins000.exe"
Sony Ericsson PC Suite 6.011.00-->"C:\Program Files (x86)\InstallShield Installation Information\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}\ISAdmin.exe" -runfromtemp -l0x0009 -removeonly
SUPERAntiSpyware-->"C:\Program Files\SUPERAntiSpyware\Uninstall.exe"
TomTom HOME 2.8.1.2218-->C:\Program Files (x86)\TomTom HOME 2\Uninstall TomTom HOME.exe
TomTom HOME Visual Studio Merge Modules-->MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
Update for Microsoft Office 2010 (KB2494150)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-1000-0000000FF1CE}" "{428CB7A0-1068-4CE1-8835-39C7ECD297ED}" "1033" "0"
VIA Platform Device Manager-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
VLC media player 1.1.10-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Windows 7 Upgrade Advisor-->MsiExec.exe /I{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
WMV9/VC-1 Video Playback-->MsiExec.exe /X{F757A09E-71FB-B75D-20B1-B3E27CD8DEA1}
YouTube Downloader 2.7.3-->"C:\Program Files (x86)\YouTube Downloader\uninstall.exe"

======System event log======

Computer Name: Fero-PC
Event Code: 7001
Message: Spustenie služby Function Discovery Provider Host, od ktorej závisí služba HomeGroup Provider, zlyhalo kvôli nasledujúcej chybe:
Služba sa nedá spustiť, pretože je vypnutá, alebo nemá priradené žiadne zapnuté zariadenia.
Record Number: 152515
Source Name: Service Control Manager
Time Written: 20110507131151.786816-000
Event Type: Error
User:

Computer Name: Fero-PC
Event Code: 7001
Message: Spustenie služby Function Discovery Provider Host, od ktorej závisí služba HomeGroup Provider, zlyhalo kvôli nasledujúcej chybe:
Služba sa nedá spustiť, pretože je vypnutá, alebo nemá priradené žiadne zapnuté zariadenia.
Record Number: 152499
Source Name: Service Control Manager
Time Written: 20110506203137.682361-000
Event Type: Error
User:

Computer Name: Fero-PC
Event Code: 7001
Message: Spustenie služby Function Discovery Provider Host, od ktorej závisí služba HomeGroup Provider, zlyhalo kvôli nasledujúcej chybe:
Služba sa nedá spustiť, pretože je vypnutá, alebo nemá priradené žiadne zapnuté zariadenia.
Record Number: 152480
Source Name: Service Control Manager
Time Written: 20110506193609.784368-000
Event Type: Error
User:

Computer Name: Fero-PC
Event Code: 7001
Message: Spustenie služby Function Discovery Provider Host, od ktorej závisí služba HomeGroup Provider, zlyhalo kvôli nasledujúcej chybe:
Služba sa nedá spustiť, pretože je vypnutá, alebo nemá priradené žiadne zapnuté zariadenia.
Record Number: 152458
Source Name: Service Control Manager
Time Written: 20110506184750.543561-000
Event Type: Error
User:

Computer Name: Fero-PC
Event Code: 7001
Message: Spustenie služby Function Discovery Provider Host, od ktorej závisí služba HomeGroup Provider, zlyhalo kvôli nasledujúcej chybe:
Služba sa nedá spustiť, pretože je vypnutá, alebo nemá priradené žiadne zapnuté zariadenia.
Record Number: 151870
Source Name: Service Control Manager
Time Written: 20110506153917.101530-000
Event Type: Error
User:

=====Application event log=====

Computer Name: Fero-PC
Event Code: 11
Message: Possible Memory Leak. Application (C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted) (PID: 792) has passed a non-NULL pointer to RPC for an [out] parameter marked [allocate(all_nodes)]. [allocate(all_nodes)] parameters are always reallocated; if the original pointer contained the address of valid memory, that memory will be leaked. The call originated on the interface with UUID ({3F31C91E-2545-4B7B-9311-9529E8BFFEF6}), Method number (20). User Action: Contact your application vendor for an updated version of the application.
Record Number: 247
Source Name: Microsoft-Windows-RPC-Events
Time Written: 20101212185058.437674-000
Event Type: Warning
User: NT AUTHORITY\LOCAL SERVICE

Computer Name: Fero-PC
Event Code: 3006
Message: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Record Number: 202
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20101212184219.062624-000
Event Type: Error
User: NT AUTHORITY\SYSTEM

Computer Name: Fero-PC
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-2246895130-20985891-140968521-1001:
Process 412 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-2246895130-20985891-140968521-1001

Record Number: 198
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20101212184212.432621-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Fero-PC
Event Code: 11
Message: Possible Memory Leak. Application (C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted) (PID: 948) has passed a non-NULL pointer to RPC for an [out] parameter marked [allocate(all_nodes)]. [allocate(all_nodes)] parameters are always reallocated; if the original pointer contained the address of valid memory, that memory will be leaked. The call originated on the interface with UUID ({3F31C91E-2545-4B7B-9311-9529E8BFFEF6}), Method number (20). User Action: Contact your application vendor for an updated version of the application.
Record Number: 123
Source Name: Microsoft-Windows-RPC-Events
Time Written: 20101212183934.142009-000
Event Type: Warning
User: NT AUTHORITY\LOCAL SERVICE

Computer Name: Fero-PC
Event Code: 1008
Message: Služba Windows Search sa spúšťa a pokúša sa odstrániť starý index hľadania. {Dôvod: Full Index Reset}.

Record Number: 119
Source Name: Microsoft-Windows-Search
Time Written: 20101212183924.000000-000
Event Type: Warning
User:

=====Security event log=====

Computer Name: 37L4247E29-32
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101212183232.302156-000
Event Type: Audit Success
User:

Computer Name: 37L4247E29-32
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: 37L4247E29-32$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 5

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x1c0
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101212183232.302156-000
Event Type: Audit Success
User:

Computer Name: 37L4247E29-32
Event Code: 4902
Message: The Per-user audit policy table was created.

Number of Elements: 0
Policy ID: 0x31b53
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101212183228.168138-000
Event Type: Audit Success
User:

Computer Name: 37L4247E29-32
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0

Logon Type: 0

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x4
Process Name:

Network Information:
Workstation Name: -
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: -
Authentication Package: -
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101212183227.044933-000
Event Type: Audit Success
User:

Computer Name: 37L4247E29-32
Event Code: 4608
Message: Windows is starting up.

This event is logged when LSASS.EXE starts and the auditing subsystem is initialized.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101212183227.029333-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;C:\Program Files (x86)\PC Connectivity Solution;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 4 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=0402
"AMDAPPSDKROOT"=C:\Program Files (x86)\AMD APP\

-----------------EOF-----------------



PC značne zrýchlil start a aj vypnutie systému,šlape už výrazne lepšie a živšie,ale v klude pracuje HD,a keby niečo sťahoval,hlavne po restarte,ale teraz to už prestalo.

Re: poprosím o kontrolu

Napsal: 09 čer 2011 20:27
od chodnik74
To že pracuje,když zrovna vy nic neděláte,neznamená,že je něco špatně :) Systém může dělat své věci :) Omezuje to nějak počítač či zatěžuje? :)

Re: poprosím o kontrolu

Napsal: 09 čer 2011 20:31
od fero71
ne,ne teraz to je paráda,uplné ticho,krása

-je možné ešte odinstalovat IE,alebo vypnúť ? Používam sice mozillu,ale chcem vyskušať chrome 12-ku.

Re: poprosím o kontrolu

Napsal: 09 čer 2011 20:46
od chodnik74
IE nechte byt a nevšímejte si ho :) Google chrome mohu jen doporučit :) jiný frkot :D

Re: poprosím o kontrolu

Napsal: 09 čer 2011 20:48
od chodnik74
Ještě mám pro vás dárek na závěr :)


Údržba PC:

1)Čištění dočasných složek + neplatné registry
:arrow: ObrázekCcleaner
  • Stáhneme a nainstalujeme program
  • Spustíme program
  • ČISTIČ
    Windows zde necháme vše jak je (pokud používáme IE,tak odškrkneme jeho položky) a zaškrkneme položky Start Menu zástupci a Zástupci na ploše
    Aplikace - necháme jak je,ale pokud používáme nějaký prohlížeč (Google chrome,Firefox,Opera..) tak odškrkneme jeho položky
    >Stiskeneme tlačítko Analyzovat a poté Spustit Cleaner
  • Registry
    >Stiskneme tlačítko Hledej problémy,program začne hledat neplatné registry..podé zvolíme Opravit vybrané problémy..
    >Program se zeptá,zda chceme vytvořit zálohu registrů,zvolíme ano a uložíme si někde zálohu(kdyby byli po opravení registru s něčím problémy,tak zálohu
    obnovíme tak,že spustíme uloženou zálohu a potvrdíme ano),dále zvolíme Opravit všechny problémy a Zavřít
    >opakujte dokud nebude registr bez problémů
  • Program používáme 1x 14dní (záleží na používání pc,můžeme i jednou týdně)
2)Defragmentace disku
:arrow: ObrázekDefraggler
  • Stáhneme a nainstalujeme program
  • Spustíme program
  • Vybereme disk ( C:,D:..prostě který používáme)
  • Pokud je ve sloupci Fragmentace více než 5% dejte Defragmentovat
  • Proveďte se všemi používanými disky
  • Provádíme 1x za měsíc
3)Aktualizace programů
:arrow: ObrázekFileHippo.com Update Checker
  • Stáhneme a nainstalujeme program(Při instalaci odškrkneme volbu Run at Startup )
  • Spustíme program
  • Program vyhledá nainstalované programy v PC a zjistí dostupné aktualizace
  • Poté se vám otevře internetová stránka,kde budou nabídnuté aplikace k aktualizování
    >X Updates Detected..to jsou dostupné aktualizace..
    > klikneme na zelenou šipečku a stáhneme program,poté nainstalujeme jeho aktuální verzi
    > :!: X Beta Updates Detected..tyto aktualizace nestahujte,jedná se o betaverze,které jsou ve vývoji a jsou nestabilní :)
  • Provádíme 1x za 14 dní nebo jednou za měsíc

Re: poprosím o kontrolu

Napsal: 09 čer 2011 20:59
od fero71
ok,
takže už by tam vlastne nemala byť žiadna háveď ?

Aká je momentálne vhodná kombinácia bezpečnosti a čistenia PC na Win 7 64 bit ?

Teraz tam mám Eset NOD 32 + po novom SuperAntispyware + Malwarebytes

CCleaner a Revo Unistaller pro

Uvažujem nad Avastom Internet security,ked mi skončí perioda.
Aký máte na to názor ?


Grande dík za všetky rady,úžasná pomoc,snad to bude už všetko ok.

S pozdravom
Všechny časy jsou v UTC+01:00
Stránka 3 z 4

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz