Chtěl bych prosím zkontrolovat tento log.
Předem děkuji ...
Logfile of random's system information tool 1.08 (written by random/random)
Run by freeco at 2010-11-23 16:37:22
Microsoft Windows 7 Ultimate
System drive C: has 26 GB (13%) free of 196 GB
Total RAM: 3070 MB (38% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:37:41, on 23.11.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\C&E\OSD\osd.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
D:\Programy\Skype\Phone\Skype.exe
D:\Programy\DAEMON Tools Lite\DTLite.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Windows\system32\conhost.exe
C:\Program Files\KONICA MINOLTA\magicolor 1690MF\LinkMagic for magicolor 1690MF\lmmc1690.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Users\freeco\AppData\Roaming\QipGuard\QipGuard.exe
C:\Windows\System32\rundll32.exe
D:\Programy\Skype\Plugin Manager\skypePM.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
D:\QIP Infium JadrisPack\qip.exe
C:\Program Files\RelevantKnowledge\rlvknlg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\freeco\Desktop\RSIT (1).exe
C:\Program Files\trend micro\freeco.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\freeco\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\freeco\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [OSD] C:\Program Files\C&E\OSD\osd.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Programy\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\freeco\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "D:\Programy\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [EPSON Stylus DX9400F Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICFE.EXE /FU "C:\Windows\TEMP\E_SF768.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [LinkMagic for magicolor 1690MF] C:\Program Files\KONICA MINOLTA\magicolor 1690MF\LinkMagic for magicolor 1690MF\lmmc1690.exe -startup
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Users\freeco\AppData\Roaming\QipGuard\QipGuard.exe
O4 - HKCU\..\Run: [krjqypze] rundll32 "C:\Users\freeco\AppData\Roaming\MUNZ__0GQ.dll",Ajodatkur
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Správce úloh aplikace Autodesk Moldflow Inventor Tool Suite Integration 2011 (mitsijm2011) - Unknown owner - D:\Programy\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: OsdService - Unknown owner - C:\Program Files\C&E\OSD\OsdService\OsdService.exe
O23 - Service: RelevantKnowledge - TMRG, Inc. - C:\Program Files\RelevantKnowledge\rlservice.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 11210 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-554790468-410668204-1508303307-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-554790468-410668204-1508303307-1000UA.job
C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG10\avgssie.dll [2010-10-20 2922848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-09-22 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Users\freeco\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-11-01 149968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Nero Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-21 1233288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-21 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Nero Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-21 1233288]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-09-01 13797992]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"OSD"=C:\Program Files\C&E\OSD\osd.exe [2007-09-20 561152]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-09-03 9726568]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2009-05-05 1466368]
"Adobe Reader Speed Launcher"=D:\Programy\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-02-22 500208]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"AVG_TRAY"=C:\Program Files\AVG\AVG10\avgtray.exe [2010-09-15 2745696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\freeco\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-29 136176]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-02-20 1173504]
"Skype"=D:\Programy\Skype\Phone\Skype.exe [2010-09-02 13351304]
"DAEMON Tools Lite"=D:\Programy\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
""= []
"EPSON Stylus DX9400F Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICFE.EXE [2007-03-23 182272]
"LinkMagic for magicolor 1690MF"=C:\Program Files\KONICA MINOLTA\magicolor 1690MF\LinkMagic for magicolor 1690MF\lmmc1690.exe [2008-08-26 5005312]
"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-03-20 213936]
"QIP Internet Guardian"=C:\Users\freeco\AppData\Roaming\QipGuard\QipGuard.exe [2010-11-01 190928]
"krjqypze"=rundll32 C:\Users\freeco\AppData\Roaming\MUNZ__0GQ.dll,Ajodatkur []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 months======
2010-11-23 16:37:22 ----D---- C:\rsit
2010-11-23 16:37:22 ----D---- C:\Program Files\trend micro
2010-11-23 13:20:04 ----D---- C:\Program Files\RelevantKnowledge
2010-11-23 13:20:01 ----D---- C:\Users\freeco\AppData\Roaming\MP3 Cut
2010-11-22 08:15:35 ----HD---- C:\$AVG
2010-11-21 22:57:12 ----D---- C:\Users\freeco\AppData\Roaming\AVG10
2010-11-21 22:56:43 ----HD---- C:\ProgramData\Common Files
2010-11-21 22:56:11 ----D---- C:\Windows\system32\drivers\AVG
2010-11-21 22:56:11 ----D---- C:\ProgramData\AVG10
2010-11-21 22:55:47 ----D---- C:\Program Files\AVG
2010-11-21 22:53:35 ----D---- C:\ProgramData\MFAData
2010-11-21 21:29:17 ----D---- C:\ProgramData\Sun
2010-11-21 21:29:14 ----D---- C:\Program Files\Common Files\Java
2010-11-21 21:28:40 ----A---- C:\Windows\system32\javaws.exe
2010-11-21 21:28:40 ----A---- C:\Windows\system32\javaw.exe
2010-11-21 21:28:40 ----A---- C:\Windows\system32\java.exe
2010-11-21 21:28:40 ----A---- C:\Windows\system32\deployJava1.dll
2010-11-21 21:28:27 ----D---- C:\Program Files\Java
2010-11-19 08:24:00 ----A---- C:\Windows\system32\sbunattend.exe
2010-11-17 11:04:50 ----D---- C:\Users\freeco\AppData\Roaming\BitTorrent
2010-11-17 09:51:38 ----RASH---- C:\Users\freeco\AppData\Roaming\MUNZ__0GQ.dll
2010-11-17 09:28:53 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2010-11-17 09:27:33 ----D---- C:\Program Files\Adobe Media Player
2010-11-17 09:26:56 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-11-17 09:26:56 ----D---- C:\Program Files\Adobe
2010-11-15 15:34:49 ----D---- C:\Users\freeco\AppData\Roaming\KONICA MINOLTA
2010-11-12 17:50:35 ----D---- C:\Users\freeco\AppData\Roaming\QipGuard
2010-11-11 14:19:17 ----D---- C:\Program Files\Microsoft Chart Controls
2010-11-11 14:19:08 ----D---- C:\Program Files\Microsoft WSE
2010-11-11 14:16:31 ----D---- C:\Program Files\Autodesk
2010-11-11 12:06:30 ----D---- C:\ProgramData\FLEXnet
2010-11-11 12:00:47 ----D---- C:\Program Files\Common Files\Macrovision Shared
2010-11-11 11:53:35 ----D---- C:\Program Files\Common Files\Autodesk Shared
2010-11-11 11:49:53 ----D---- C:\Users\freeco\AppData\Roaming\Autodesk
2010-11-11 11:49:53 ----D---- C:\ProgramData\Autodesk
2010-11-11 11:24:19 ----D---- C:\Program Files\Common Files\Akamai
2010-11-09 13:23:16 ----A---- C:\Windows\system32\drivers\pccsmcfd.sys
2010-11-09 13:23:11 ----D---- C:\Program Files\PC Connectivity Solution
2010-11-09 13:21:19 ----D---- C:\ProgramData\Installations
2010-11-07 22:12:56 ----D---- C:\ProgramData\Macrovision
2010-11-07 22:12:31 ----N---- C:\Windows\system32\msvcr70.dll
2010-11-07 22:12:30 ----N---- C:\Windows\system32\mfc70enu.dll
2010-11-07 22:12:30 ----N---- C:\Windows\system32\mfc70.dll
2010-11-07 22:12:30 ----D---- C:\Program Files\Common Files\Macromedia Shared
2010-11-07 22:12:26 ----D---- C:\Program Files\Common Files\Macromedia
2010-11-01 16:01:03 ----D---- C:\Program Files\NVIDIA Corporation
2010-11-01 16:00:22 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-11-01 16:00:14 ----A---- C:\Windows\system32\XAudio2_6.dll
2010-11-01 16:00:14 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2010-11-01 16:00:14 ----A---- C:\Windows\system32\xactengine3_6.dll
2010-11-01 16:00:14 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2010-11-01 16:00:13 ----A---- C:\Windows\system32\XAudio2_5.dll
2010-11-01 16:00:13 ----A---- C:\Windows\system32\xactengine3_5.dll
2010-11-01 16:00:13 ----A---- C:\Windows\system32\d3dcsx_42.dll
2010-11-01 16:00:13 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2010-11-01 16:00:12 ----A---- C:\Windows\system32\D3DX9_42.dll
2010-11-01 16:00:12 ----A---- C:\Windows\system32\d3dx11_42.dll
2010-11-01 16:00:12 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-11-01 16:00:11 ----A---- C:\Windows\system32\D3DX9_41.dll
2010-11-01 16:00:09 ----A---- C:\Windows\system32\XAudio2_4.dll
2010-11-01 16:00:09 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-11-01 16:00:09 ----A---- C:\Windows\system32\xactengine3_4.dll
2010-11-01 16:00:09 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2010-11-01 16:00:09 ----A---- C:\Windows\system32\d3dx10_40.dll
2010-11-01 16:00:09 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2010-11-01 16:00:07 ----A---- C:\Windows\system32\D3DX9_40.dll
2010-11-01 16:00:06 ----A---- C:\Windows\system32\XAudio2_3.dll
2010-11-01 16:00:06 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-11-01 16:00:06 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2010-11-01 16:00:06 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-11-01 16:00:06 ----A---- C:\Windows\system32\xactengine3_3.dll
2010-11-01 16:00:06 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2010-11-01 16:00:05 ----A---- C:\Windows\system32\XAudio2_1.dll
2010-11-01 16:00:05 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2010-11-01 16:00:05 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-11-01 16:00:05 ----A---- C:\Windows\system32\D3DX9_39.dll
2010-11-01 16:00:05 ----A---- C:\Windows\system32\d3dx10_39.dll
2010-11-01 16:00:05 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2010-11-01 16:00:04 ----A---- C:\Windows\system32\xactengine3_1.dll
2010-11-01 16:00:04 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2010-11-01 16:00:04 ----A---- C:\Windows\system32\D3DX9_38.dll
2010-11-01 16:00:04 ----A---- C:\Windows\system32\d3dx10_38.dll
2010-11-01 16:00:04 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2010-11-01 16:00:03 ----A---- C:\Windows\system32\XAudio2_0.dll
2010-11-01 16:00:03 ----A---- C:\Windows\system32\xactengine3_0.dll
2010-11-01 16:00:03 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2010-11-01 16:00:03 ----A---- C:\Windows\system32\D3DX9_37.dll
2010-11-01 16:00:03 ----A---- C:\Windows\system32\d3dx10_37.dll
2010-11-01 16:00:03 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2010-11-01 16:00:02 ----A---- C:\Windows\system32\xactengine2_10.dll
2010-11-01 16:00:02 ----A---- C:\Windows\system32\d3dx10_36.dll
2010-11-01 16:00:02 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2010-11-01 16:00:01 ----A---- C:\Windows\system32\d3dx9_36.dll
2010-11-01 16:00:00 ----A---- C:\Windows\system32\xactengine2_9.dll
2010-11-01 16:00:00 ----A---- C:\Windows\system32\d3dx10_35.dll
2010-11-01 16:00:00 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2010-11-01 15:59:59 ----A---- C:\Windows\system32\xactengine2_8.dll
2010-11-01 15:59:59 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2010-11-01 15:59:59 ----A---- C:\Windows\system32\d3dx9_35.dll
2010-11-01 15:59:59 ----A---- C:\Windows\system32\d3dx9_34.dll
2010-11-01 15:59:59 ----A---- C:\Windows\system32\d3dx10_34.dll
2010-11-01 15:59:59 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2010-11-01 15:59:58 ----A---- C:\Windows\system32\xinput1_3.dll
2010-11-01 15:59:58 ----A---- C:\Windows\system32\xactengine2_7.dll
2010-11-01 15:59:57 ----A---- C:\Windows\system32\d3dx9_33.dll
2010-11-01 15:59:57 ----A---- C:\Windows\system32\d3dx10_33.dll
2010-11-01 15:59:57 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2010-11-01 15:59:56 ----A---- C:\Windows\system32\xactengine2_6.dll
2010-11-01 15:59:56 ----A---- C:\Windows\system32\xactengine2_5.dll
2010-11-01 15:59:56 ----A---- C:\Windows\system32\d3dx10.dll
2010-11-01 15:59:55 ----A---- C:\Windows\system32\xactengine2_4.dll
2010-11-01 15:59:55 ----A---- C:\Windows\system32\x3daudio1_1.dll
2010-11-01 15:59:55 ----A---- C:\Windows\system32\d3dx9_32.dll
2010-11-01 15:59:54 ----A---- C:\Windows\system32\xactengine2_3.dll
2010-11-01 15:59:54 ----A---- C:\Windows\system32\d3dx9_31.dll
2010-11-01 15:59:53 ----A---- C:\Windows\system32\xinput1_2.dll
2010-11-01 15:59:53 ----A---- C:\Windows\system32\xinput1_1.dll
2010-11-01 15:59:53 ----A---- C:\Windows\system32\xactengine2_2.dll
2010-11-01 15:59:52 ----A---- C:\Windows\system32\xactengine2_1.dll
2010-11-01 15:59:39 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-11-01 15:59:37 ----A---- C:\Windows\system32\xactengine2_0.dll
2010-11-01 15:59:37 ----A---- C:\Windows\system32\x3daudio1_0.dll
2010-11-01 15:59:37 ----A---- C:\Windows\system32\d3dx9_29.dll
2010-11-01 15:59:36 ----A---- C:\Windows\system32\d3dx9_28.dll
2010-11-01 15:59:35 ----A---- C:\Windows\system32\d3dx9_27.dll
2010-11-01 15:59:34 ----A---- C:\Windows\system32\d3dx9_26.dll
2010-11-01 15:59:33 ----A---- C:\Windows\system32\d3dx9_25.dll
2010-11-01 15:59:32 ----A---- C:\Windows\system32\d3dx9_24.dll
2010-11-01 14:45:36 ----D---- C:\Users\freeco\AppData\Roaming\Windows Live Writer
2010-10-28 10:58:44 ----D---- C:\Users\freeco\AppData\Roaming\Nero
2010-10-28 10:57:16 ----D---- C:\Program Files\Nero
2010-10-28 10:56:51 ----D---- C:\ProgramData\Nero
2010-10-28 10:56:41 ----D---- C:\Program Files\Common Files\Nero
2010-10-28 10:52:43 ----D---- C:\Program Files\Ask.com
2010-10-27 06:44:16 ----A---- C:\Windows\system32\msdri.dll
2010-10-27 06:44:16 ----A---- C:\Windows\system32\CPFilters.dll
2010-10-27 06:44:10 ----A---- C:\Windows\system32\drivers\Diskdump.sys
======List of files/folders modified in the last 1 months======
2010-11-23 16:37:38 ----D---- C:\Windows\Temp
2010-11-23 16:37:22 ----RD---- C:\Program Files
2010-11-23 16:36:01 ----D---- C:\Users\freeco\AppData\Roaming\Skype
2010-11-23 16:09:16 ----D---- C:\Users\freeco\AppData\Roaming\skypePM
2010-11-23 13:19:00 ----D---- C:\Windows\System32
2010-11-23 12:22:42 ----D---- C:\Windows\system32\config
2010-11-23 12:15:03 ----D---- C:\Windows\inf
2010-11-23 12:15:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-23 09:28:41 ----D---- C:\Windows\system32\catroot2
2010-11-22 08:23:03 ----SHD---- C:\Windows\Installer
2010-11-22 08:22:18 ----D---- C:\Windows\system32\drivers
2010-11-22 08:22:13 ----D---- C:\Windows\system32\DriverStore
2010-11-22 08:22:13 ----D---- C:\Windows\system32\catroot
2010-11-22 08:15:35 ----D---- C:\Windows
2010-11-22 08:15:23 ----D---- C:\Windows\system32\Tasks
2010-11-22 08:15:22 ----D---- C:\Windows\Tasks
2010-11-21 22:57:22 ----D---- C:\Windows\Prefetch
2010-11-21 22:56:43 ----HD---- C:\ProgramData
2010-11-21 22:55:58 ----SHD---- C:\System Volume Information
2010-11-21 22:02:42 ----D---- C:\Windows\Minidump
2010-11-21 22:02:42 ----D---- C:\Windows\debug
2010-11-21 21:29:14 ----D---- C:\Program Files\Common Files
2010-11-21 19:56:59 ----D---- C:\Users\freeco\AppData\Roaming\vlc
2010-11-19 08:25:43 ----D---- C:\Windows\winsxs
2010-11-19 08:24:40 ----D---- C:\Program Files\Windows Sidebar
2010-11-18 08:33:47 ----D---- C:\ProgramData\Adobe
2010-11-17 09:33:22 ----D---- C:\Users\freeco\AppData\Roaming\Adobe
2010-11-17 09:28:43 ----D---- C:\Program Files\Common Files\Adobe
2010-11-17 09:27:58 ----RSD---- C:\Windows\Fonts
2010-11-15 19:49:57 ----D---- C:\Users\freeco\AppData\Roaming\Macromedia
2010-11-11 15:35:21 ----D---- C:\Windows\Microsoft.NET
2010-11-11 15:30:25 ----RSD---- C:\Windows\assembly
2010-11-11 14:20:25 ----D---- C:\Windows\Downloaded Program Files
2010-11-11 14:15:41 ----D---- C:\Program Files\Common Files\DESIGNER
2010-11-11 14:15:31 ----D---- C:\Program Files\Microsoft Office
2010-11-11 14:15:31 ----D---- C:\Program Files\Common Files\microsoft shared
2010-11-10 18:16:00 ----D---- C:\ProgramData\Microsoft Help
2010-11-10 18:11:11 ----A---- C:\Windows\system32\MRT.exe
2010-11-09 13:23:16 ----DC---- C:\Windows\system32\DRVSTORE
2010-11-09 13:22:37 ----D---- C:\Program Files\Nokia
2010-11-07 22:12:10 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-02 19:28:53 ----D---- C:\Windows\system32\NDF
2010-11-02 19:20:07 ----D---- C:\Windows\system32\drivers\etc
2010-10-31 10:18:35 ----D---- C:\Windows\rescache
2010-10-27 06:46:08 ----D---- C:\Windows\ehome
2010-10-27 06:45:59 ----D---- C:\Windows\AppPatch
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2010-09-13 25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2010-09-07 26064]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2007-06-13 48256]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 Si3531;SiI-3531 SATA Controller; C:\Windows\system32\DRIVERS\Si3531.sys [2009-02-05 212520]
R0 SiFilter;SATALink driver accelerator; C:\Windows\system32\DRIVERS\SiWinAcc.sys [2009-02-05 17064]
R0 SiRemFil;SATALink External Device Filter; C:\Windows\system32\DRIVERS\SiRemFil.sys [2009-02-05 12200]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-09-29 691696]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6x.sys [2010-07-12 54112]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2010-09-07 249424]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2010-09-07 34384]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2010-09-07 298448]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2010-08-19 123472]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2010-08-19 30288]
R3 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\AVGIDSShim.Sys [2010-08-19 21072]
R3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
R3 CEBFilter;CEBFilter; \??\C:\Program Files\C&E\OSD\OsdService\cebuffer.sys [2007-09-04 5120]
R3 CEIO;CEIO; \??\C:\Program Files\C&E\OSD\OsdService\ceio.sys [2007-08-31 4608]
R3 cKBFilter;cKBFilter; \??\C:\Program Files\C&E\OSD\OsdService\kbfiltr.sys [2007-08-31 7168]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-09-03 3185640]
R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2007-01-08 46592]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2009-07-14 18432]
R3 NETw4v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-26 2251776]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-06-23 275048]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2009-05-05 1095808]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 9216]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 aqxz8rrq;aqxz8rrq; C:\Windows\system32\drivers\aqxz8rrq.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 Cam5603D;WebCam; C:\Windows\System32\Drivers\BisonCam.sys [2007-06-01 753456]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 39272]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-04-30 81408]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;Nokia USB Serial Port; C:\Windows\system32\drivers\usbser.sys [2009-07-14 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-10-11 6104656]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG10\avgwdsvc.exe [2010-09-10 265400]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 mitsijm2011;Správce úloh aplikace Autodesk Moldflow Inventor Tool Suite Integration 2011; D:\Programy\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe [2010-01-23 462336]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-09-01 211560]
R2 RelevantKnowledge;RelevantKnowledge; C:\Program Files\RelevantKnowledge\rlservice.exe [2010-04-15 49792]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
S2 avgfws;AVG Firewall; C:\Program Files\AVG\AVG10\avgfws.exe [2010-09-10 3210176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 OsdService;OsdService; C:\Program Files\C&E\OSD\OsdService\OsdService.exe [2007-09-03 53248]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-11-11 1045256]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]
S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [2010-11-07 68096]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-30 1343400]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Relevant Knowledge a jeho odstranění
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119428
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Relevant Knowledge a jeho odstranění
Dejte log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Relevant Knowledge a jeho odstranění
No mám naistalované AVG a takže musím ještě odinstalovat tohle abych mohl ComboFix spustit ... chvilku strpení 
díky
díkyRe: Relevant Knowledge a jeho odstranění
Mám menší problém s Combofixem, teď sem ho nechal jet cca 30minut a nic se neděje, jen je tam napsáno že test může trvat 10min případně 2x tolik.
-
Rudy
- Site Admin
- Příspěvky: 119428
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Relevant Knowledge a jeho odstranění
Zkuste to v nouz. režimu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Relevant Knowledge a jeho odstranění
Při pokusu o přechod do nouzového režimu mi naskočí obrazovka Windows, Vítejte, následuje jakkdyby restart a následně klasické najetí do windows.
-
Rudy
- Site Admin
- Příspěvky: 119428
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Relevant Knowledge a jeho odstranění
OK. Udělejte kompletní sken MBAM a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Relevant Knowledge a jeho odstranění
Asi po 2 hodinách ... uf tady to je
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verze databáze: 4052
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
24.11.2010 0:58:16
mbam-log-2010-11-24 (00-58-16).txt
Typ skenu: Úplný sken (C:\|D:\|E:\|)
Skenované objekty: 324328
Uplynulý čas: 2 hodina(y), 11 minuta(y), 12 sekunda(y)
Infikované procesy v paměti: 2
Infikované moduly v paměti: 3
Infikované klíče registru: 1
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 2
Infikované soubory: 19
Infikované procesy v paměti:
C:\Program Files\RelevantKnowledge\rlservice.exe (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\rlvknlg.exe (Spyware.MarketScore) -> No action taken.
Infikované moduly v paměti:
C:\Program Files\RelevantKnowledge\MSVCP71.DLL (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\MSVCR71.DLL (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\rlls.dll (Spyware.MarketScore) -> No action taken.
Infikované klíče registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{d08d9f98-1c78-4704-87e6-368b0023d831} (Adware.RelevantKnowledge) -> No action taken.
Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
C:\Program Files\RelevantKnowledge (Spyware.MarketScore) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge (Spyware.MarketScore) -> No action taken.
Infikované soubory:
C:\Users\freeco\AppData\Local\Install.exe (Rogue.Removeit) -> No action taken.
C:\Users\freeco\Desktop\Škola\VŠB\1.semestr\Autodesk\Autodesk_2010_all\x64\xf-a2010.exe (Trojan.Agent.CK) -> No action taken.
C:\Users\freeco\Desktop\Škola\VŠB\1.semestr\Autodesk\Autodesk_2010_all\x86\xf-a2010.exe (Trojan.Agent) -> No action taken.
C:\Users\freeco\Desktop\Škola\VŠB\1.semestr\Autodesk\AUTODESK_KEY_2010\x64\xf-a2010.exe (Trojan.Agent.CK) -> No action taken.
C:\Users\freeco\Desktop\Škola\VŠB\1.semestr\Autodesk\AUTODESK_KEY_2010\x86\xf-a2010.exe (Trojan.Agent) -> No action taken.
D:\QIP Infium JadrisPack\QIP Infium JadrisPack.exe (Trojan.Downloader) -> No action taken.
C:\Program Files\RelevantKnowledge\MSVCP71.DLL (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\MSVCR71.DLL (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\rlls.dll (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\rlls64.dll (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\rloci.bin (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\rlservice.exe (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\rlvknlg.exe (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\rlvknlg64.exe (Spyware.MarketScore) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\About RelevantKnowledge.lnk (Spyware.MarketScore) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Privacy Policy and User License Agreement.lnk (Spyware.MarketScore) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Support.lnk (Spyware.MarketScore) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Uninstall Instructions.lnk (Spyware.MarketScore) -> No action taken.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> No action taken.
tady to je Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verze databáze: 4052
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
24.11.2010 0:58:16
mbam-log-2010-11-24 (00-58-16).txt
Typ skenu: Úplný sken (C:\|D:\|E:\|)
Skenované objekty: 324328
Uplynulý čas: 2 hodina(y), 11 minuta(y), 12 sekunda(y)
Infikované procesy v paměti: 2
Infikované moduly v paměti: 3
Infikované klíče registru: 1
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 2
Infikované soubory: 19
Infikované procesy v paměti:
C:\Program Files\RelevantKnowledge\rlservice.exe (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\rlvknlg.exe (Spyware.MarketScore) -> No action taken.
Infikované moduly v paměti:
C:\Program Files\RelevantKnowledge\MSVCP71.DLL (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\MSVCR71.DLL (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\rlls.dll (Spyware.MarketScore) -> No action taken.
Infikované klíče registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{d08d9f98-1c78-4704-87e6-368b0023d831} (Adware.RelevantKnowledge) -> No action taken.
Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
C:\Program Files\RelevantKnowledge (Spyware.MarketScore) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge (Spyware.MarketScore) -> No action taken.
Infikované soubory:
C:\Users\freeco\AppData\Local\Install.exe (Rogue.Removeit) -> No action taken.
C:\Users\freeco\Desktop\Škola\VŠB\1.semestr\Autodesk\Autodesk_2010_all\x64\xf-a2010.exe (Trojan.Agent.CK) -> No action taken.
C:\Users\freeco\Desktop\Škola\VŠB\1.semestr\Autodesk\Autodesk_2010_all\x86\xf-a2010.exe (Trojan.Agent) -> No action taken.
C:\Users\freeco\Desktop\Škola\VŠB\1.semestr\Autodesk\AUTODESK_KEY_2010\x64\xf-a2010.exe (Trojan.Agent.CK) -> No action taken.
C:\Users\freeco\Desktop\Škola\VŠB\1.semestr\Autodesk\AUTODESK_KEY_2010\x86\xf-a2010.exe (Trojan.Agent) -> No action taken.
D:\QIP Infium JadrisPack\QIP Infium JadrisPack.exe (Trojan.Downloader) -> No action taken.
C:\Program Files\RelevantKnowledge\MSVCP71.DLL (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\MSVCR71.DLL (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\rlls.dll (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\rlls64.dll (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\rloci.bin (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\rlservice.exe (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\rlvknlg.exe (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\rlvknlg64.exe (Spyware.MarketScore) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\About RelevantKnowledge.lnk (Spyware.MarketScore) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Privacy Policy and User License Agreement.lnk (Spyware.MarketScore) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Support.lnk (Spyware.MarketScore) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Uninstall Instructions.lnk (Spyware.MarketScore) -> No action taken.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> No action taken.
-
Rudy
- Site Admin
- Příspěvky: 119428
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Relevant Knowledge a jeho odstranění
Vše, co MBAM nalezl, smažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Relevant Knowledge a jeho odstranění
Vše jsem smazal v MBAM ... mám hodit log z RSIT?
A mám ještě jeden takový zajímavý problém, mám naistalovaný Microsoft Security Essentials, pokud ho chci spustit tak jen problikne. Chci se podívat do system tray, rozkliknu a vidím ho, jakmile na něj chci najet zmizí. To samé když se dívám na spuštěné procesy. Když ho zapnu tak tam jen problikne msseces.exe a tím to končí. Windows se tváří jakože je chráněn, ale přitom žádný program, který by poskytoval ochranu neběží.
A mám ještě jeden takový zajímavý problém, mám naistalovaný Microsoft Security Essentials, pokud ho chci spustit tak jen problikne. Chci se podívat do system tray, rozkliknu a vidím ho, jakmile na něj chci najet zmizí. To samé když se dívám na spuštěné procesy. Když ho zapnu tak tam jen problikne msseces.exe a tím to končí. Windows se tváří jakože je chráněn, ale přitom žádný program, který by poskytoval ochranu neběží.
-
Rudy
- Site Admin
- Příspěvky: 119428
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Relevant Knowledge a jeho odstranění
Log z RSIT dát můžete a AV zkuste přeinstalovat.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Relevant Knowledge a jeho odstranění
Tady je RSIT .... reinstall AV sem zkoušel, stejný problém.
Logfile of random's system information tool 1.08 (written by random/random)
Run by freeco at 2010-11-24 19:41:29
Microsoft Windows 7 Ultimate
System drive C: has 25 GB (13%) free of 196 GB
Total RAM: 3070 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:41:50, on 24.11.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\C&E\OSD\osd.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
D:\Programy\Skype\Phone\Skype.exe
D:\Programy\DAEMON Tools Lite\DTLite.exe
C:\Program Files\KONICA MINOLTA\magicolor 1690MF\LinkMagic for magicolor 1690MF\lmmc1690.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Windows\System32\rundll32.exe
D:\Programy\Skype\Plugin Manager\skypePM.exe
D:\QIP Infium JadrisPack\qip.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
D:\Programy\VideoLAN\VLC\vlc.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\Desktop\RSIT.exe
C:\Program Files\trend micro\freeco.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\freeco\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\freeco\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [OSD] C:\Program Files\C&E\OSD\osd.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Programy\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [Google Update] "C:\Users\freeco\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "D:\Programy\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [EPSON Stylus DX9400F Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICFE.EXE /FU "C:\Windows\TEMP\E_SF768.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [LinkMagic for magicolor 1690MF] C:\Program Files\KONICA MINOLTA\magicolor 1690MF\LinkMagic for magicolor 1690MF\lmmc1690.exe -startup
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Users\freeco\AppData\Roaming\QipGuard\QipGuard.exe
O4 - HKCU\..\Run: [krjqypze] rundll32 "C:\Users\freeco\AppData\Roaming\MUNZ__0GQ.dll",Ajodatkur
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Správce úloh aplikace Autodesk Moldflow Inventor Tool Suite Integration 2011 (mitsijm2011) - Unknown owner - D:\Programy\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: OsdService - Unknown owner - C:\Program Files\C&E\OSD\OsdService\OsdService.exe
O23 - Service: RelevantKnowledge - Unknown owner - C:\Program Files\RelevantKnowledge\rlservice.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 10068 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-554790468-410668204-1508303307-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-554790468-410668204-1508303307-1000UA.job
C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-09-22 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Users\freeco\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-11-01 149968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Nero Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-21 1233288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-21 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Nero Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-21 1233288]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-09-01 13797992]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"OSD"=C:\Program Files\C&E\OSD\osd.exe [2007-09-20 561152]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-09-03 9726568]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2009-05-05 1466368]
"Adobe Reader Speed Launcher"=D:\Programy\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-02-22 500208]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952]
"MSSE"=C:\Program Files\Microsoft Security Essentials\msseces.exe [2010-09-15 1094224]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\freeco\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-29 136176]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-02-20 1173504]
"Skype"=D:\Programy\Skype\Phone\Skype.exe [2010-09-02 13351304]
"DAEMON Tools Lite"=D:\Programy\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
""= []
"EPSON Stylus DX9400F Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICFE.EXE [2007-03-23 182272]
"LinkMagic for magicolor 1690MF"=C:\Program Files\KONICA MINOLTA\magicolor 1690MF\LinkMagic for magicolor 1690MF\lmmc1690.exe [2008-08-26 5005312]
"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-03-20 213936]
"QIP Internet Guardian"=C:\Users\freeco\AppData\Roaming\QipGuard\QipGuard.exe [2010-11-01 190928]
"krjqypze"=rundll32 C:\Users\freeco\AppData\Roaming\MUNZ__0GQ.dll,Ajodatkur []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 months======
2010-11-24 14:39:35 ----D---- C:\Program Files\Microsoft Security Essentials
2010-11-24 14:38:03 ----SHD---- C:\Config.Msi
2010-11-23 22:46:29 ----D---- C:\Users\freeco\AppData\Roaming\Malwarebytes
2010-11-23 22:46:20 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2010-11-23 22:46:18 ----D---- C:\ProgramData\Malwarebytes
2010-11-23 22:46:18 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-11-23 22:46:18 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-11-23 22:28:42 ----SD---- C:\ComboFix
2010-11-23 22:28:24 ----A---- C:\Windows\SWXCACLS.exe
2010-11-23 21:51:00 ----A---- C:\Windows\ntbtlog.txt
2010-11-23 20:48:07 ----A---- C:\Windows\zip.exe
2010-11-23 20:48:07 ----A---- C:\Windows\SWSC.exe
2010-11-23 20:48:07 ----A---- C:\Windows\SWREG.exe
2010-11-23 20:48:07 ----A---- C:\Windows\sed.exe
2010-11-23 20:48:07 ----A---- C:\Windows\PEV.exe
2010-11-23 20:48:07 ----A---- C:\Windows\NIRCMD.exe
2010-11-23 20:48:07 ----A---- C:\Windows\MBR.exe
2010-11-23 20:48:07 ----A---- C:\Windows\grep.exe
2010-11-23 20:47:59 ----D---- C:\Windows\ERDNT
2010-11-23 20:11:45 ----D---- C:\Qoobox
2010-11-23 16:37:22 ----D---- C:\rsit
2010-11-23 16:37:22 ----D---- C:\Program Files\trend micro
2010-11-23 13:20:01 ----D---- C:\Users\freeco\AppData\Roaming\MP3 Cut
2010-11-22 08:15:35 ----HD---- C:\$AVG
2010-11-21 22:57:12 ----D---- C:\Users\freeco\AppData\Roaming\AVG10
2010-11-21 22:56:43 ----HD---- C:\ProgramData\Common Files
2010-11-21 22:53:35 ----D---- C:\ProgramData\MFAData
2010-11-21 21:29:17 ----D---- C:\ProgramData\Sun
2010-11-21 21:29:14 ----D---- C:\Program Files\Common Files\Java
2010-11-21 21:28:40 ----A---- C:\Windows\system32\javaws.exe
2010-11-21 21:28:40 ----A---- C:\Windows\system32\javaw.exe
2010-11-21 21:28:40 ----A---- C:\Windows\system32\java.exe
2010-11-21 21:28:40 ----A---- C:\Windows\system32\deployJava1.dll
2010-11-21 21:28:27 ----D---- C:\Program Files\Java
2010-11-19 08:24:00 ----A---- C:\Windows\system32\sbunattend.exe
2010-11-17 11:04:50 ----D---- C:\Users\freeco\AppData\Roaming\BitTorrent
2010-11-17 09:51:38 ----RASH---- C:\Users\freeco\AppData\Roaming\MUNZ__0GQ.dll
2010-11-17 09:28:53 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2010-11-17 09:27:33 ----D---- C:\Program Files\Adobe Media Player
2010-11-17 09:26:56 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-11-17 09:26:56 ----D---- C:\Program Files\Adobe
2010-11-15 15:34:49 ----D---- C:\Users\freeco\AppData\Roaming\KONICA MINOLTA
2010-11-12 17:50:35 ----D---- C:\Users\freeco\AppData\Roaming\QipGuard
2010-11-11 14:19:17 ----D---- C:\Program Files\Microsoft Chart Controls
2010-11-11 14:19:08 ----D---- C:\Program Files\Microsoft WSE
2010-11-11 14:16:31 ----D---- C:\Program Files\Autodesk
2010-11-11 12:06:30 ----D---- C:\ProgramData\FLEXnet
2010-11-11 12:00:47 ----D---- C:\Program Files\Common Files\Macrovision Shared
2010-11-11 11:53:35 ----D---- C:\Program Files\Common Files\Autodesk Shared
2010-11-11 11:49:53 ----D---- C:\Users\freeco\AppData\Roaming\Autodesk
2010-11-11 11:49:53 ----D---- C:\ProgramData\Autodesk
2010-11-11 11:24:19 ----D---- C:\Program Files\Common Files\Akamai
2010-11-09 13:23:16 ----A---- C:\Windows\system32\drivers\pccsmcfd.sys
2010-11-09 13:23:11 ----D---- C:\Program Files\PC Connectivity Solution
2010-11-09 13:21:19 ----D---- C:\ProgramData\Installations
2010-11-07 22:12:56 ----D---- C:\ProgramData\Macrovision
2010-11-07 22:12:31 ----N---- C:\Windows\system32\msvcr70.dll
2010-11-07 22:12:30 ----N---- C:\Windows\system32\mfc70enu.dll
2010-11-07 22:12:30 ----N---- C:\Windows\system32\mfc70.dll
2010-11-07 22:12:30 ----D---- C:\Program Files\Common Files\Macromedia Shared
2010-11-07 22:12:26 ----D---- C:\Program Files\Common Files\Macromedia
2010-11-01 16:01:03 ----D---- C:\Program Files\NVIDIA Corporation
2010-11-01 16:00:22 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-11-01 16:00:14 ----A---- C:\Windows\system32\XAudio2_6.dll
2010-11-01 16:00:14 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2010-11-01 16:00:14 ----A---- C:\Windows\system32\xactengine3_6.dll
2010-11-01 16:00:14 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2010-11-01 16:00:13 ----A---- C:\Windows\system32\XAudio2_5.dll
2010-11-01 16:00:13 ----A---- C:\Windows\system32\xactengine3_5.dll
2010-11-01 16:00:13 ----A---- C:\Windows\system32\d3dcsx_42.dll
2010-11-01 16:00:13 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2010-11-01 16:00:12 ----A---- C:\Windows\system32\D3DX9_42.dll
2010-11-01 16:00:12 ----A---- C:\Windows\system32\d3dx11_42.dll
2010-11-01 16:00:12 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-11-01 16:00:11 ----A---- C:\Windows\system32\D3DX9_41.dll
2010-11-01 16:00:09 ----A---- C:\Windows\system32\XAudio2_4.dll
2010-11-01 16:00:09 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-11-01 16:00:09 ----A---- C:\Windows\system32\xactengine3_4.dll
2010-11-01 16:00:09 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2010-11-01 16:00:09 ----A---- C:\Windows\system32\d3dx10_40.dll
2010-11-01 16:00:09 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2010-11-01 16:00:07 ----A---- C:\Windows\system32\D3DX9_40.dll
2010-11-01 16:00:06 ----A---- C:\Windows\system32\XAudio2_3.dll
2010-11-01 16:00:06 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-11-01 16:00:06 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2010-11-01 16:00:06 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-11-01 16:00:06 ----A---- C:\Windows\system32\xactengine3_3.dll
2010-11-01 16:00:06 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2010-11-01 16:00:05 ----A---- C:\Windows\system32\XAudio2_1.dll
2010-11-01 16:00:05 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2010-11-01 16:00:05 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-11-01 16:00:05 ----A---- C:\Windows\system32\D3DX9_39.dll
2010-11-01 16:00:05 ----A---- C:\Windows\system32\d3dx10_39.dll
2010-11-01 16:00:05 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2010-11-01 16:00:04 ----A---- C:\Windows\system32\xactengine3_1.dll
2010-11-01 16:00:04 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2010-11-01 16:00:04 ----A---- C:\Windows\system32\D3DX9_38.dll
2010-11-01 16:00:04 ----A---- C:\Windows\system32\d3dx10_38.dll
2010-11-01 16:00:04 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2010-11-01 16:00:03 ----A---- C:\Windows\system32\XAudio2_0.dll
2010-11-01 16:00:03 ----A---- C:\Windows\system32\xactengine3_0.dll
2010-11-01 16:00:03 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2010-11-01 16:00:03 ----A---- C:\Windows\system32\D3DX9_37.dll
2010-11-01 16:00:03 ----A---- C:\Windows\system32\d3dx10_37.dll
2010-11-01 16:00:03 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2010-11-01 16:00:02 ----A---- C:\Windows\system32\xactengine2_10.dll
2010-11-01 16:00:02 ----A---- C:\Windows\system32\d3dx10_36.dll
2010-11-01 16:00:02 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2010-11-01 16:00:01 ----A---- C:\Windows\system32\d3dx9_36.dll
2010-11-01 16:00:00 ----A---- C:\Windows\system32\xactengine2_9.dll
2010-11-01 16:00:00 ----A---- C:\Windows\system32\d3dx10_35.dll
2010-11-01 16:00:00 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2010-11-01 15:59:59 ----A---- C:\Windows\system32\xactengine2_8.dll
2010-11-01 15:59:59 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2010-11-01 15:59:59 ----A---- C:\Windows\system32\d3dx9_35.dll
2010-11-01 15:59:59 ----A---- C:\Windows\system32\d3dx9_34.dll
2010-11-01 15:59:59 ----A---- C:\Windows\system32\d3dx10_34.dll
2010-11-01 15:59:59 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2010-11-01 15:59:58 ----A---- C:\Windows\system32\xinput1_3.dll
2010-11-01 15:59:58 ----A---- C:\Windows\system32\xactengine2_7.dll
2010-11-01 15:59:57 ----A---- C:\Windows\system32\d3dx9_33.dll
2010-11-01 15:59:57 ----A---- C:\Windows\system32\d3dx10_33.dll
2010-11-01 15:59:57 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2010-11-01 15:59:56 ----A---- C:\Windows\system32\xactengine2_6.dll
2010-11-01 15:59:56 ----A---- C:\Windows\system32\xactengine2_5.dll
2010-11-01 15:59:56 ----A---- C:\Windows\system32\d3dx10.dll
2010-11-01 15:59:55 ----A---- C:\Windows\system32\xactengine2_4.dll
2010-11-01 15:59:55 ----A---- C:\Windows\system32\x3daudio1_1.dll
2010-11-01 15:59:55 ----A---- C:\Windows\system32\d3dx9_32.dll
2010-11-01 15:59:54 ----A---- C:\Windows\system32\xactengine2_3.dll
2010-11-01 15:59:54 ----A---- C:\Windows\system32\d3dx9_31.dll
2010-11-01 15:59:53 ----A---- C:\Windows\system32\xinput1_2.dll
2010-11-01 15:59:53 ----A---- C:\Windows\system32\xinput1_1.dll
2010-11-01 15:59:53 ----A---- C:\Windows\system32\xactengine2_2.dll
2010-11-01 15:59:52 ----A---- C:\Windows\system32\xactengine2_1.dll
2010-11-01 15:59:39 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-11-01 15:59:37 ----A---- C:\Windows\system32\xactengine2_0.dll
2010-11-01 15:59:37 ----A---- C:\Windows\system32\x3daudio1_0.dll
2010-11-01 15:59:37 ----A---- C:\Windows\system32\d3dx9_29.dll
2010-11-01 15:59:36 ----A---- C:\Windows\system32\d3dx9_28.dll
2010-11-01 15:59:35 ----A---- C:\Windows\system32\d3dx9_27.dll
2010-11-01 15:59:34 ----A---- C:\Windows\system32\d3dx9_26.dll
2010-11-01 15:59:33 ----A---- C:\Windows\system32\d3dx9_25.dll
2010-11-01 15:59:32 ----A---- C:\Windows\system32\d3dx9_24.dll
2010-11-01 14:45:36 ----D---- C:\Users\freeco\AppData\Roaming\Windows Live Writer
2010-10-28 10:58:44 ----D---- C:\Users\freeco\AppData\Roaming\Nero
2010-10-28 10:57:16 ----D---- C:\Program Files\Nero
2010-10-28 10:56:51 ----D---- C:\ProgramData\Nero
2010-10-28 10:56:41 ----D---- C:\Program Files\Common Files\Nero
2010-10-28 10:52:43 ----D---- C:\Program Files\Ask.com
2010-10-27 06:44:16 ----A---- C:\Windows\system32\msdri.dll
2010-10-27 06:44:16 ----A---- C:\Windows\system32\CPFilters.dll
2010-10-27 06:44:10 ----A---- C:\Windows\system32\drivers\Diskdump.sys
======List of files/folders modified in the last 1 months======
2010-11-24 19:41:47 ----D---- C:\Windows\Prefetch
2010-11-24 19:24:57 ----D---- C:\Users\freeco\AppData\Roaming\Skype
2010-11-24 18:57:44 ----D---- C:\Windows\Temp
2010-11-24 16:33:10 ----SHD---- C:\System Volume Information
2010-11-24 16:07:18 ----D---- C:\Users\freeco\AppData\Roaming\skypePM
2010-11-24 16:06:05 ----D---- C:\Windows\system32\config
2010-11-24 14:39:47 ----SHD---- C:\Windows\Installer
2010-11-24 14:39:38 ----D---- C:\Windows\system32\drivers
2010-11-24 14:39:38 ----D---- C:\Windows\system32\catroot
2010-11-24 14:39:35 ----RD---- C:\Program Files
2010-11-24 14:13:20 ----D---- C:\Windows\System32
2010-11-24 14:13:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-24 14:13:19 ----D---- C:\Windows\inf
2010-11-24 14:06:31 ----D---- C:\Windows\L2Schemas
2010-11-24 13:53:49 ----D---- C:\Windows\Tasks
2010-11-24 13:53:49 ----D---- C:\Windows\system32\Tasks
2010-11-24 07:54:26 ----D---- C:\Program Files\Internet Explorer
2010-11-24 07:54:25 ----D---- C:\Windows\winsxs
2010-11-23 22:46:18 ----HD---- C:\ProgramData
2010-11-23 22:29:23 ----D---- C:\Windows
2010-11-23 20:38:18 ----D---- C:\Windows\system32\DriverStore
2010-11-23 09:28:41 ----D---- C:\Windows\system32\catroot2
2010-11-21 22:02:42 ----D---- C:\Windows\Minidump
2010-11-21 22:02:42 ----D---- C:\Windows\debug
2010-11-21 21:29:14 ----D---- C:\Program Files\Common Files
2010-11-21 19:56:59 ----D---- C:\Users\freeco\AppData\Roaming\vlc
2010-11-19 08:24:40 ----D---- C:\Program Files\Windows Sidebar
2010-11-18 08:33:47 ----D---- C:\ProgramData\Adobe
2010-11-17 09:33:22 ----D---- C:\Users\freeco\AppData\Roaming\Adobe
2010-11-17 09:28:43 ----D---- C:\Program Files\Common Files\Adobe
2010-11-17 09:27:58 ----RSD---- C:\Windows\Fonts
2010-11-15 19:49:57 ----D---- C:\Users\freeco\AppData\Roaming\Macromedia
2010-11-11 15:35:21 ----D---- C:\Windows\Microsoft.NET
2010-11-11 15:30:25 ----RSD---- C:\Windows\assembly
2010-11-11 14:20:25 ----D---- C:\Windows\Downloaded Program Files
2010-11-11 14:15:41 ----D---- C:\Program Files\Common Files\DESIGNER
2010-11-11 14:15:31 ----D---- C:\Program Files\Microsoft Office
2010-11-11 14:15:31 ----D---- C:\Program Files\Common Files\microsoft shared
2010-11-10 18:16:00 ----D---- C:\ProgramData\Microsoft Help
2010-11-10 18:11:11 ----A---- C:\Windows\system32\MRT.exe
2010-11-09 13:23:16 ----DC---- C:\Windows\system32\DRVSTORE
2010-11-09 13:22:37 ----D---- C:\Program Files\Nokia
2010-11-07 22:12:10 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-02 19:28:53 ----D---- C:\Windows\system32\NDF
2010-11-02 19:20:07 ----D---- C:\Windows\system32\drivers\etc
2010-10-31 10:18:35 ----D---- C:\Windows\rescache
2010-10-27 06:46:08 ----D---- C:\Windows\ehome
2010-10-27 06:45:59 ----D---- C:\Windows\AppPatch
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2007-06-13 48256]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 Si3531;SiI-3531 SATA Controller; C:\Windows\system32\DRIVERS\Si3531.sys [2009-02-05 212520]
R0 SiFilter;SATALink driver accelerator; C:\Windows\system32\DRIVERS\SiWinAcc.sys [2009-02-05 17064]
R0 SiRemFil;SATALink External Device Filter; C:\Windows\system32\DRIVERS\SiRemFil.sys [2009-02-05 12200]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-09-29 691696]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-03-25 151216]
R3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
R3 CEBFilter;CEBFilter; \??\C:\Program Files\C&E\OSD\OsdService\cebuffer.sys [2007-09-04 5120]
R3 CEIO;CEIO; \??\C:\Program Files\C&E\OSD\OsdService\ceio.sys [2007-08-31 4608]
R3 cKBFilter;cKBFilter; \??\C:\Program Files\C&E\OSD\OsdService\kbfiltr.sys [2007-08-31 7168]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-09-03 3185640]
R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2007-01-08 46592]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2009-07-14 18432]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
R3 NETw4v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-26 2251776]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-06-23 275048]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2009-05-05 1095808]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 9216]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aayuh7w0;aayuh7w0; C:\Windows\system32\drivers\aayuh7w0.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 Cam5603D;WebCam; C:\Windows\System32\Drivers\BisonCam.sys [2007-06-01 753456]
S3 catchme;catchme; \??\C:\Users\freeco\AppData\Local\Temp\catchme.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 39272]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 PROCEXP113;PROCEXP113; \??\C:\Windows\system32\Drivers\PROCEXP113.SYS []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-04-30 81408]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;Nokia USB Serial Port; C:\Windows\system32\drivers\usbser.sys [2009-07-14 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
S4 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\AVGIDSShim.Sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 mitsijm2011;Správce úloh aplikace Autodesk Moldflow Inventor Tool Suite Integration 2011; D:\Programy\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe [2010-01-23 462336]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17904]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-09-01 211560]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 OsdService;OsdService; C:\Program Files\C&E\OSD\OsdService\OsdService.exe [2007-09-03 53248]
S2 RelevantKnowledge;RelevantKnowledge; C:\Program Files\RelevantKnowledge\rlservice.exe /service []
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-11-11 1045256]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]
S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [2010-11-07 68096]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-30 1343400]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
-----------------EOF-----------------
Logfile of random's system information tool 1.08 (written by random/random)
Run by freeco at 2010-11-24 19:41:29
Microsoft Windows 7 Ultimate
System drive C: has 25 GB (13%) free of 196 GB
Total RAM: 3070 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:41:50, on 24.11.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\C&E\OSD\osd.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
D:\Programy\Skype\Phone\Skype.exe
D:\Programy\DAEMON Tools Lite\DTLite.exe
C:\Program Files\KONICA MINOLTA\magicolor 1690MF\LinkMagic for magicolor 1690MF\lmmc1690.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Windows\System32\rundll32.exe
D:\Programy\Skype\Plugin Manager\skypePM.exe
D:\QIP Infium JadrisPack\qip.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
D:\Programy\VideoLAN\VLC\vlc.exe
C:\Users\freeco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\freeco\Desktop\RSIT.exe
C:\Program Files\trend micro\freeco.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\freeco\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\freeco\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [OSD] C:\Program Files\C&E\OSD\osd.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Programy\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [Google Update] "C:\Users\freeco\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "D:\Programy\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [EPSON Stylus DX9400F Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICFE.EXE /FU "C:\Windows\TEMP\E_SF768.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [LinkMagic for magicolor 1690MF] C:\Program Files\KONICA MINOLTA\magicolor 1690MF\LinkMagic for magicolor 1690MF\lmmc1690.exe -startup
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Users\freeco\AppData\Roaming\QipGuard\QipGuard.exe
O4 - HKCU\..\Run: [krjqypze] rundll32 "C:\Users\freeco\AppData\Roaming\MUNZ__0GQ.dll",Ajodatkur
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Správce úloh aplikace Autodesk Moldflow Inventor Tool Suite Integration 2011 (mitsijm2011) - Unknown owner - D:\Programy\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: OsdService - Unknown owner - C:\Program Files\C&E\OSD\OsdService\OsdService.exe
O23 - Service: RelevantKnowledge - Unknown owner - C:\Program Files\RelevantKnowledge\rlservice.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 10068 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-554790468-410668204-1508303307-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-554790468-410668204-1508303307-1000UA.job
C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-09-22 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Users\freeco\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-11-01 149968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Nero Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-21 1233288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-21 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Nero Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-21 1233288]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-09-01 13797992]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"OSD"=C:\Program Files\C&E\OSD\osd.exe [2007-09-20 561152]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-09-03 9726568]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2009-05-05 1466368]
"Adobe Reader Speed Launcher"=D:\Programy\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-02-22 500208]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952]
"MSSE"=C:\Program Files\Microsoft Security Essentials\msseces.exe [2010-09-15 1094224]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\freeco\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-29 136176]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-02-20 1173504]
"Skype"=D:\Programy\Skype\Phone\Skype.exe [2010-09-02 13351304]
"DAEMON Tools Lite"=D:\Programy\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
""= []
"EPSON Stylus DX9400F Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICFE.EXE [2007-03-23 182272]
"LinkMagic for magicolor 1690MF"=C:\Program Files\KONICA MINOLTA\magicolor 1690MF\LinkMagic for magicolor 1690MF\lmmc1690.exe [2008-08-26 5005312]
"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-03-20 213936]
"QIP Internet Guardian"=C:\Users\freeco\AppData\Roaming\QipGuard\QipGuard.exe [2010-11-01 190928]
"krjqypze"=rundll32 C:\Users\freeco\AppData\Roaming\MUNZ__0GQ.dll,Ajodatkur []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 months======
2010-11-24 14:39:35 ----D---- C:\Program Files\Microsoft Security Essentials
2010-11-24 14:38:03 ----SHD---- C:\Config.Msi
2010-11-23 22:46:29 ----D---- C:\Users\freeco\AppData\Roaming\Malwarebytes
2010-11-23 22:46:20 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2010-11-23 22:46:18 ----D---- C:\ProgramData\Malwarebytes
2010-11-23 22:46:18 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-11-23 22:46:18 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-11-23 22:28:42 ----SD---- C:\ComboFix
2010-11-23 22:28:24 ----A---- C:\Windows\SWXCACLS.exe
2010-11-23 21:51:00 ----A---- C:\Windows\ntbtlog.txt
2010-11-23 20:48:07 ----A---- C:\Windows\zip.exe
2010-11-23 20:48:07 ----A---- C:\Windows\SWSC.exe
2010-11-23 20:48:07 ----A---- C:\Windows\SWREG.exe
2010-11-23 20:48:07 ----A---- C:\Windows\sed.exe
2010-11-23 20:48:07 ----A---- C:\Windows\PEV.exe
2010-11-23 20:48:07 ----A---- C:\Windows\NIRCMD.exe
2010-11-23 20:48:07 ----A---- C:\Windows\MBR.exe
2010-11-23 20:48:07 ----A---- C:\Windows\grep.exe
2010-11-23 20:47:59 ----D---- C:\Windows\ERDNT
2010-11-23 20:11:45 ----D---- C:\Qoobox
2010-11-23 16:37:22 ----D---- C:\rsit
2010-11-23 16:37:22 ----D---- C:\Program Files\trend micro
2010-11-23 13:20:01 ----D---- C:\Users\freeco\AppData\Roaming\MP3 Cut
2010-11-22 08:15:35 ----HD---- C:\$AVG
2010-11-21 22:57:12 ----D---- C:\Users\freeco\AppData\Roaming\AVG10
2010-11-21 22:56:43 ----HD---- C:\ProgramData\Common Files
2010-11-21 22:53:35 ----D---- C:\ProgramData\MFAData
2010-11-21 21:29:17 ----D---- C:\ProgramData\Sun
2010-11-21 21:29:14 ----D---- C:\Program Files\Common Files\Java
2010-11-21 21:28:40 ----A---- C:\Windows\system32\javaws.exe
2010-11-21 21:28:40 ----A---- C:\Windows\system32\javaw.exe
2010-11-21 21:28:40 ----A---- C:\Windows\system32\java.exe
2010-11-21 21:28:40 ----A---- C:\Windows\system32\deployJava1.dll
2010-11-21 21:28:27 ----D---- C:\Program Files\Java
2010-11-19 08:24:00 ----A---- C:\Windows\system32\sbunattend.exe
2010-11-17 11:04:50 ----D---- C:\Users\freeco\AppData\Roaming\BitTorrent
2010-11-17 09:51:38 ----RASH---- C:\Users\freeco\AppData\Roaming\MUNZ__0GQ.dll
2010-11-17 09:28:53 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2010-11-17 09:27:33 ----D---- C:\Program Files\Adobe Media Player
2010-11-17 09:26:56 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-11-17 09:26:56 ----D---- C:\Program Files\Adobe
2010-11-15 15:34:49 ----D---- C:\Users\freeco\AppData\Roaming\KONICA MINOLTA
2010-11-12 17:50:35 ----D---- C:\Users\freeco\AppData\Roaming\QipGuard
2010-11-11 14:19:17 ----D---- C:\Program Files\Microsoft Chart Controls
2010-11-11 14:19:08 ----D---- C:\Program Files\Microsoft WSE
2010-11-11 14:16:31 ----D---- C:\Program Files\Autodesk
2010-11-11 12:06:30 ----D---- C:\ProgramData\FLEXnet
2010-11-11 12:00:47 ----D---- C:\Program Files\Common Files\Macrovision Shared
2010-11-11 11:53:35 ----D---- C:\Program Files\Common Files\Autodesk Shared
2010-11-11 11:49:53 ----D---- C:\Users\freeco\AppData\Roaming\Autodesk
2010-11-11 11:49:53 ----D---- C:\ProgramData\Autodesk
2010-11-11 11:24:19 ----D---- C:\Program Files\Common Files\Akamai
2010-11-09 13:23:16 ----A---- C:\Windows\system32\drivers\pccsmcfd.sys
2010-11-09 13:23:11 ----D---- C:\Program Files\PC Connectivity Solution
2010-11-09 13:21:19 ----D---- C:\ProgramData\Installations
2010-11-07 22:12:56 ----D---- C:\ProgramData\Macrovision
2010-11-07 22:12:31 ----N---- C:\Windows\system32\msvcr70.dll
2010-11-07 22:12:30 ----N---- C:\Windows\system32\mfc70enu.dll
2010-11-07 22:12:30 ----N---- C:\Windows\system32\mfc70.dll
2010-11-07 22:12:30 ----D---- C:\Program Files\Common Files\Macromedia Shared
2010-11-07 22:12:26 ----D---- C:\Program Files\Common Files\Macromedia
2010-11-01 16:01:03 ----D---- C:\Program Files\NVIDIA Corporation
2010-11-01 16:00:22 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-11-01 16:00:14 ----A---- C:\Windows\system32\XAudio2_6.dll
2010-11-01 16:00:14 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2010-11-01 16:00:14 ----A---- C:\Windows\system32\xactengine3_6.dll
2010-11-01 16:00:14 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2010-11-01 16:00:13 ----A---- C:\Windows\system32\XAudio2_5.dll
2010-11-01 16:00:13 ----A---- C:\Windows\system32\xactengine3_5.dll
2010-11-01 16:00:13 ----A---- C:\Windows\system32\d3dcsx_42.dll
2010-11-01 16:00:13 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2010-11-01 16:00:12 ----A---- C:\Windows\system32\D3DX9_42.dll
2010-11-01 16:00:12 ----A---- C:\Windows\system32\d3dx11_42.dll
2010-11-01 16:00:12 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-11-01 16:00:11 ----A---- C:\Windows\system32\D3DX9_41.dll
2010-11-01 16:00:09 ----A---- C:\Windows\system32\XAudio2_4.dll
2010-11-01 16:00:09 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-11-01 16:00:09 ----A---- C:\Windows\system32\xactengine3_4.dll
2010-11-01 16:00:09 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2010-11-01 16:00:09 ----A---- C:\Windows\system32\d3dx10_40.dll
2010-11-01 16:00:09 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2010-11-01 16:00:07 ----A---- C:\Windows\system32\D3DX9_40.dll
2010-11-01 16:00:06 ----A---- C:\Windows\system32\XAudio2_3.dll
2010-11-01 16:00:06 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-11-01 16:00:06 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2010-11-01 16:00:06 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-11-01 16:00:06 ----A---- C:\Windows\system32\xactengine3_3.dll
2010-11-01 16:00:06 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2010-11-01 16:00:05 ----A---- C:\Windows\system32\XAudio2_1.dll
2010-11-01 16:00:05 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2010-11-01 16:00:05 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-11-01 16:00:05 ----A---- C:\Windows\system32\D3DX9_39.dll
2010-11-01 16:00:05 ----A---- C:\Windows\system32\d3dx10_39.dll
2010-11-01 16:00:05 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2010-11-01 16:00:04 ----A---- C:\Windows\system32\xactengine3_1.dll
2010-11-01 16:00:04 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2010-11-01 16:00:04 ----A---- C:\Windows\system32\D3DX9_38.dll
2010-11-01 16:00:04 ----A---- C:\Windows\system32\d3dx10_38.dll
2010-11-01 16:00:04 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2010-11-01 16:00:03 ----A---- C:\Windows\system32\XAudio2_0.dll
2010-11-01 16:00:03 ----A---- C:\Windows\system32\xactengine3_0.dll
2010-11-01 16:00:03 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2010-11-01 16:00:03 ----A---- C:\Windows\system32\D3DX9_37.dll
2010-11-01 16:00:03 ----A---- C:\Windows\system32\d3dx10_37.dll
2010-11-01 16:00:03 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2010-11-01 16:00:02 ----A---- C:\Windows\system32\xactengine2_10.dll
2010-11-01 16:00:02 ----A---- C:\Windows\system32\d3dx10_36.dll
2010-11-01 16:00:02 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2010-11-01 16:00:01 ----A---- C:\Windows\system32\d3dx9_36.dll
2010-11-01 16:00:00 ----A---- C:\Windows\system32\xactengine2_9.dll
2010-11-01 16:00:00 ----A---- C:\Windows\system32\d3dx10_35.dll
2010-11-01 16:00:00 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2010-11-01 15:59:59 ----A---- C:\Windows\system32\xactengine2_8.dll
2010-11-01 15:59:59 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2010-11-01 15:59:59 ----A---- C:\Windows\system32\d3dx9_35.dll
2010-11-01 15:59:59 ----A---- C:\Windows\system32\d3dx9_34.dll
2010-11-01 15:59:59 ----A---- C:\Windows\system32\d3dx10_34.dll
2010-11-01 15:59:59 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2010-11-01 15:59:58 ----A---- C:\Windows\system32\xinput1_3.dll
2010-11-01 15:59:58 ----A---- C:\Windows\system32\xactengine2_7.dll
2010-11-01 15:59:57 ----A---- C:\Windows\system32\d3dx9_33.dll
2010-11-01 15:59:57 ----A---- C:\Windows\system32\d3dx10_33.dll
2010-11-01 15:59:57 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2010-11-01 15:59:56 ----A---- C:\Windows\system32\xactengine2_6.dll
2010-11-01 15:59:56 ----A---- C:\Windows\system32\xactengine2_5.dll
2010-11-01 15:59:56 ----A---- C:\Windows\system32\d3dx10.dll
2010-11-01 15:59:55 ----A---- C:\Windows\system32\xactengine2_4.dll
2010-11-01 15:59:55 ----A---- C:\Windows\system32\x3daudio1_1.dll
2010-11-01 15:59:55 ----A---- C:\Windows\system32\d3dx9_32.dll
2010-11-01 15:59:54 ----A---- C:\Windows\system32\xactengine2_3.dll
2010-11-01 15:59:54 ----A---- C:\Windows\system32\d3dx9_31.dll
2010-11-01 15:59:53 ----A---- C:\Windows\system32\xinput1_2.dll
2010-11-01 15:59:53 ----A---- C:\Windows\system32\xinput1_1.dll
2010-11-01 15:59:53 ----A---- C:\Windows\system32\xactengine2_2.dll
2010-11-01 15:59:52 ----A---- C:\Windows\system32\xactengine2_1.dll
2010-11-01 15:59:39 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-11-01 15:59:37 ----A---- C:\Windows\system32\xactengine2_0.dll
2010-11-01 15:59:37 ----A---- C:\Windows\system32\x3daudio1_0.dll
2010-11-01 15:59:37 ----A---- C:\Windows\system32\d3dx9_29.dll
2010-11-01 15:59:36 ----A---- C:\Windows\system32\d3dx9_28.dll
2010-11-01 15:59:35 ----A---- C:\Windows\system32\d3dx9_27.dll
2010-11-01 15:59:34 ----A---- C:\Windows\system32\d3dx9_26.dll
2010-11-01 15:59:33 ----A---- C:\Windows\system32\d3dx9_25.dll
2010-11-01 15:59:32 ----A---- C:\Windows\system32\d3dx9_24.dll
2010-11-01 14:45:36 ----D---- C:\Users\freeco\AppData\Roaming\Windows Live Writer
2010-10-28 10:58:44 ----D---- C:\Users\freeco\AppData\Roaming\Nero
2010-10-28 10:57:16 ----D---- C:\Program Files\Nero
2010-10-28 10:56:51 ----D---- C:\ProgramData\Nero
2010-10-28 10:56:41 ----D---- C:\Program Files\Common Files\Nero
2010-10-28 10:52:43 ----D---- C:\Program Files\Ask.com
2010-10-27 06:44:16 ----A---- C:\Windows\system32\msdri.dll
2010-10-27 06:44:16 ----A---- C:\Windows\system32\CPFilters.dll
2010-10-27 06:44:10 ----A---- C:\Windows\system32\drivers\Diskdump.sys
======List of files/folders modified in the last 1 months======
2010-11-24 19:41:47 ----D---- C:\Windows\Prefetch
2010-11-24 19:24:57 ----D---- C:\Users\freeco\AppData\Roaming\Skype
2010-11-24 18:57:44 ----D---- C:\Windows\Temp
2010-11-24 16:33:10 ----SHD---- C:\System Volume Information
2010-11-24 16:07:18 ----D---- C:\Users\freeco\AppData\Roaming\skypePM
2010-11-24 16:06:05 ----D---- C:\Windows\system32\config
2010-11-24 14:39:47 ----SHD---- C:\Windows\Installer
2010-11-24 14:39:38 ----D---- C:\Windows\system32\drivers
2010-11-24 14:39:38 ----D---- C:\Windows\system32\catroot
2010-11-24 14:39:35 ----RD---- C:\Program Files
2010-11-24 14:13:20 ----D---- C:\Windows\System32
2010-11-24 14:13:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-24 14:13:19 ----D---- C:\Windows\inf
2010-11-24 14:06:31 ----D---- C:\Windows\L2Schemas
2010-11-24 13:53:49 ----D---- C:\Windows\Tasks
2010-11-24 13:53:49 ----D---- C:\Windows\system32\Tasks
2010-11-24 07:54:26 ----D---- C:\Program Files\Internet Explorer
2010-11-24 07:54:25 ----D---- C:\Windows\winsxs
2010-11-23 22:46:18 ----HD---- C:\ProgramData
2010-11-23 22:29:23 ----D---- C:\Windows
2010-11-23 20:38:18 ----D---- C:\Windows\system32\DriverStore
2010-11-23 09:28:41 ----D---- C:\Windows\system32\catroot2
2010-11-21 22:02:42 ----D---- C:\Windows\Minidump
2010-11-21 22:02:42 ----D---- C:\Windows\debug
2010-11-21 21:29:14 ----D---- C:\Program Files\Common Files
2010-11-21 19:56:59 ----D---- C:\Users\freeco\AppData\Roaming\vlc
2010-11-19 08:24:40 ----D---- C:\Program Files\Windows Sidebar
2010-11-18 08:33:47 ----D---- C:\ProgramData\Adobe
2010-11-17 09:33:22 ----D---- C:\Users\freeco\AppData\Roaming\Adobe
2010-11-17 09:28:43 ----D---- C:\Program Files\Common Files\Adobe
2010-11-17 09:27:58 ----RSD---- C:\Windows\Fonts
2010-11-15 19:49:57 ----D---- C:\Users\freeco\AppData\Roaming\Macromedia
2010-11-11 15:35:21 ----D---- C:\Windows\Microsoft.NET
2010-11-11 15:30:25 ----RSD---- C:\Windows\assembly
2010-11-11 14:20:25 ----D---- C:\Windows\Downloaded Program Files
2010-11-11 14:15:41 ----D---- C:\Program Files\Common Files\DESIGNER
2010-11-11 14:15:31 ----D---- C:\Program Files\Microsoft Office
2010-11-11 14:15:31 ----D---- C:\Program Files\Common Files\microsoft shared
2010-11-10 18:16:00 ----D---- C:\ProgramData\Microsoft Help
2010-11-10 18:11:11 ----A---- C:\Windows\system32\MRT.exe
2010-11-09 13:23:16 ----DC---- C:\Windows\system32\DRVSTORE
2010-11-09 13:22:37 ----D---- C:\Program Files\Nokia
2010-11-07 22:12:10 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-02 19:28:53 ----D---- C:\Windows\system32\NDF
2010-11-02 19:20:07 ----D---- C:\Windows\system32\drivers\etc
2010-10-31 10:18:35 ----D---- C:\Windows\rescache
2010-10-27 06:46:08 ----D---- C:\Windows\ehome
2010-10-27 06:45:59 ----D---- C:\Windows\AppPatch
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2007-06-13 48256]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 Si3531;SiI-3531 SATA Controller; C:\Windows\system32\DRIVERS\Si3531.sys [2009-02-05 212520]
R0 SiFilter;SATALink driver accelerator; C:\Windows\system32\DRIVERS\SiWinAcc.sys [2009-02-05 17064]
R0 SiRemFil;SATALink External Device Filter; C:\Windows\system32\DRIVERS\SiRemFil.sys [2009-02-05 12200]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-09-29 691696]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-03-25 151216]
R3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
R3 CEBFilter;CEBFilter; \??\C:\Program Files\C&E\OSD\OsdService\cebuffer.sys [2007-09-04 5120]
R3 CEIO;CEIO; \??\C:\Program Files\C&E\OSD\OsdService\ceio.sys [2007-08-31 4608]
R3 cKBFilter;cKBFilter; \??\C:\Program Files\C&E\OSD\OsdService\kbfiltr.sys [2007-08-31 7168]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-09-03 3185640]
R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2007-01-08 46592]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2009-07-14 18432]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
R3 NETw4v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-26 2251776]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-06-23 275048]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2009-05-05 1095808]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 9216]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aayuh7w0;aayuh7w0; C:\Windows\system32\drivers\aayuh7w0.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 Cam5603D;WebCam; C:\Windows\System32\Drivers\BisonCam.sys [2007-06-01 753456]
S3 catchme;catchme; \??\C:\Users\freeco\AppData\Local\Temp\catchme.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 39272]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 PROCEXP113;PROCEXP113; \??\C:\Windows\system32\Drivers\PROCEXP113.SYS []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-04-30 81408]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;Nokia USB Serial Port; C:\Windows\system32\drivers\usbser.sys [2009-07-14 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
S4 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\AVGIDSShim.Sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 mitsijm2011;Správce úloh aplikace Autodesk Moldflow Inventor Tool Suite Integration 2011; D:\Programy\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe [2010-01-23 462336]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17904]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-09-01 211560]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 OsdService;OsdService; C:\Program Files\C&E\OSD\OsdService\OsdService.exe [2007-09-03 53248]
S2 RelevantKnowledge;RelevantKnowledge; C:\Program Files\RelevantKnowledge\rlservice.exe /service []
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-11-11 1045256]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]
S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [2010-11-07 68096]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-30 1343400]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119428
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Relevant Knowledge a jeho odstranění
RK tam sice nevidím, ale myslím, že to ještě není čisté. Zkuste znovu ten CF a pokud by nešel, přejmenujte ho třeba na cokoli.com a zkuste spustit. Příp. udělejte sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Dejte log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Relevant Knowledge a jeho odstranění
CF jsem zkoušel, nabídla se nová verze, ta se aktualizovala. Následně ale bohužel to samé, první CF vytvoří bod zálohy, následně se napíše info o scanu, že většinou trvá do 10 minut ale při více nakažením PC může trvat i 2x tolik. Po té jde slyšet a vidět (blikání světýlka ) že PC pracuje, ale po cca 20s nastane ticho a nic se neděje. Opět sem zkoušel nouzový režim a také přejmenování jak ste radil. Bohužel nic nepomohlo tak nyní provádím AVP Tool Scan.
) že PC pracuje, ale po cca 20s nastane ticho a nic se neděje. Opět sem zkoušel nouzový režim a také přejmenování jak ste radil. Bohužel nic nepomohlo tak nyní provádím AVP Tool Scan.-
Rudy
- Site Admin
- Příspěvky: 119428
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Relevant Knowledge a jeho odstranění
OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?