Prosim o kontrolu malware a virus - RSTI x64

[Lilly [FR]]

Dobry vecer pomuze mi nekdo zkontrolovat a ohodnotit tento log z RST?

Nainstalovala jsem si na system 7 v 64 bit verzi COMODO Internet Security verze 5.4 v ceskem jazyku a udelala jsem po aktualizaci virove databaze hloubkovy sken a nasel mi 2836 virusu, trojan hourse, keyloger a kryptik

Pocitac mi bezel velice divnym zpusobem v klidnem rezimu se mi prehrivala graficka karta na vice jak 100 stupnu a cpu 94-97 stupnu.Vetracky jsou v poradku a uvnitr byl cisty od prachu /Mam nato specialni pc sprej/

Odinstalovala jsem avast a nainstalovala jsem comodo aj ze stitem a tohle mi vsechno nasel.Nevim, ale z komoda vytahnout zpravu co vsechno odstranil, jeste tam mam zpravu, ale od te doby se zlepsil beh systemu 7 zadne spomalovani a grafika a cpu, uz jsou v poradku teplota 50-55 stupnu .Nikdy bych tomu neuveřila, ze nejaky malware umi udelat takovou neplechu.

Po dukladne kontrole a odstraneni viru, spyware a malware jsem vypnula nastroj sledovani systemu teda ochranu a restartovala pc.

Po nabehu systemu 7 jsem zapnula zase ochranu na hdd C:a udelala jeste jednou sken na comodu, uz nenasel nic, ale nejsem si jista zda je 7 v poradku a jeste tam neco nezutalo proto posilam tento log

Predem dekuji moderatorovi nebo radcovi, ktery se me ujme a pomuze mi

[Lilly [FR]]

Log z RSTIx 64

Logfile of random's system information tool 1.08 (written by random/random)
Run by Admin-7 at 2011-05-20 20:35:05
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 13 GB (22%) free of 62 GB
Total RAM: 6142 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:35:45, on 20.5.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
D:\Pocitacove Programy\Pohybove Tapety\coolwpc.exe
C:\Program Files (x86)\O2\O2CZ\EMMSN.exe
C:\Program Files (x86)\O2\Nori\Nori.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\Admin-7.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mojebanka.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Norton Safe Web Lite BHO - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.6\coIEPlg.dll
O3 - Toolbar: Norton Safe Web Lite - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.6\coIEPlg.dll
O4 - HKCU\..\Run: [CooLWPC3] D:\Pocitacove Programy\Pohybove Tapety\coolwpc.exe /boot
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://D:\POCITA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\POCITA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/ ... 10.115.cab
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.co ... .3.1.0.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3188147C-8852-49D4-86F1-92F37415633A}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B68B522-4E42-4F42-B77F-38C9357D06D9}: NameServer = 160.218.161.60 194.228.211.33
O17 - HKLM\System\CS2\Services\Tcpip\..\{1D20FA70-AC32-4013-B83E-F4C4779C92B0}: NameServer = 78.136.128.4 78.136.128.12
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
O23 - Service: COMODO Internet Security Helper Service (cmdagent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - D:\Pocitacove Programy\Ad-Aware\AAWService.exe
O23 - Service: MBAMService - Malwarebytes Corporation - D:\Pocitacove Programy\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Safe Web Lite (NSL) - Symantec Corporation - C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - Unknown owner - C:\Windows\
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 8222 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe"
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe" /s "NSL" /m "C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.6\diMaster.dll" /prefetch:1
C:\Windows\SysWOW64\PnkBstrA.exe
"D:\Pocitacove Programy\Alcohol-120%\StarWind\StarWindServiceAE.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8d92c676-73fd-44b3-98e9-c24d593425ee -SystemEventPortName:HostProcess-8487e243-c1c7-4b1d-bdca-b3d8ed842dda -IoCancelEventPortName:HostProcess-df330fd8-3d50-4ec1-abc1-c33035364b6a -NonStateChangingEventPortName:HostProcess-3dc3d8c3-f1fa-478a-a8bb-38e4a0409ece -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:cd9e07ac-1538-45a5-88f3-28a261e76afb
WLIDSvcM.exe 1256
C:\Windows\System32\svchost.exe -k secsvcs
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
"D:\Pocitacove Programy\Pohybove Tapety\coolwpc.exe" /boot
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\O2\O2CZ\EMMSN.exe"
"C:\Program Files (x86)\O2\Nori\Nori.exe" -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://www.O2pripojse.cz
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4076.90f1a20.914458794 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" "Mozilla.Firefox.4.0.1" -omnijar C:\Program Files (x86)\Mozilla Firefox\omni.jar 4076 \\.\pipe\gecko-crash-server-pipe.4076 plugin
taskeng.exe {B40BAE45-8967-4AC0-B029-D1E243EE4289}
"C:\Users\Admin-7\4-Postova Schranka\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1199152559-4133112281-3821606878-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1199152559-4133112281-3821606878-1000UA.job
C:\Windows\tasks\Windows 7 Manager - Logon Background Changer.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3}]
Norton Safe Web Lite BHO - C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.6\coIEPlg.dll [2010-12-08 433592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - Norton Safe Web Lite - C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.6\coIEPlg.dll [2010-12-08 433592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2011-05-09 9057608]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CooLWPC3"=D:\Pocitacove Programy\Pohybove Tapety\coolwpc.exe [2003-04-06 1008128]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
D:\Pocitacove Programy\Adobe Reader\Reader\Reader_sl.exe [2011-01-31 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
D:\Pocitacove Programy\Alcohol-120%\axcmd.exe [2009-09-18 205976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [2010-04-02 75048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CooLWPC3]
D:\Pocitacove Programy\Pohybove Tapety\coolwpc.exe [2003-04-06 1008128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
D:\Pocitacove Programy\Daemon-7 Virtualna Mechanika\DTLite.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverFinder]
C:\PROGRAM FILES (X86)\DRIVERFINDER\DRIVERFINDER.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GAINWARD]
d:\pocitacove programy\monitor-grafika gts-250\tbpanel.exe [2010-11-08 2181744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Admin-7\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-23 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegClean Expert Scheduler]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
D:\Pocitacove Programy\Prehravač - Power DVD-10\PowerDVD10\PDVD10Serv.exe [2010-02-03 87336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Java\jre6\bin\jusched.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall Adobe Download Manager]
C:\Program Files (x86)\NOS\bin\getPlusUninst_Adobe.exe [2011-03-01 34592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePDRShortCut]
D:\Pocitacove Programy\Power Director-8\PowerDirector\MUITransfer\MUIStartMenu.exe [2008-12-03 218408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VolPanel]
C:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe [2009-07-07 241789]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
D:\POCITA~2\MICROS~1\Office\OSA9.EXE -b -l []


GoogleUpdateTaskMachineCore.job
GoogleUpdateTaskMachineUA.job
GoogleUpdateTaskUserS-1-5-21-1199152559-4133112281-3821606878-1000Core.job
GoogleUpdateTaskUserS-1-5-21-1199152559-4133112281-3821606878-1000UA.job
SA.DAT
SCHEDLGU(132).TXT
SCHEDLGU(27).TXT
SCHEDLGU.TXT
Windows 7 Manager - Logon Background Changer.job


GoogleUpdateTaskMachineCore.job
GoogleUpdateTaskMachineUA.job
GoogleUpdateTaskUserS-1-5-21-1199152559-4133112281-3821606878-1000Core.job
GoogleUpdateTaskUserS-1-5-21-1199152559-4133112281-3821606878-1000UA.job
SA.DAT
SCHEDLGU(132).TXT
SCHEDLGU(27).TXT
SCHEDLGU.TXT
Windows 7 Manager - Logon Background Changer.job

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\Windows\system32\guard64.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\system32\wpdshserviceobj.dll [2010-11-20 115200]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CLPSLS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktopChanges"=1
"NoDrives"=2

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-05-20 20:35:05 ----D---- C:\rsit
2011-05-20 07:15:50 ----HD---- C:\VritualRoot
2011-05-19 06:58:14 ----D---- C:\Program Files (x86)\Acoustica Mixcraft 4
2011-05-19 05:59:04 ----D---- C:\Program Files (x86)\Acoustica Mixcraft
2011-05-19 03:54:25 ----D---- C:\Users\Admin-7\AppData\Roaming\SynthMaker
2011-05-19 03:26:41 ----D---- C:\ProgramData\Acoustica
2011-05-19 03:26:32 ----D---- C:\Program Files (x86)\VST
2011-05-19 01:36:14 ----HDC---- C:\ProgramData\{AA5544E4-9BBC-419B-9204-40B5924D26AA}
2011-05-19 01:36:04 ----D---- C:\ProgramData\Lavasoft
2011-05-18 21:24:09 ----D---- C:\ProgramData\Comodo Downloader
2011-05-18 21:17:09 ----D---- C:\ProgramData\Comodo
2011-05-18 21:17:08 ----D---- C:\Program Files\COMODO
2011-05-18 21:17:08 ----A---- C:\Windows\SYSWOW64\gdiplus.dll
2011-05-18 01:40:03 ----D---- C:\Program Files (x86)\Acoustica Mixcraft 3
2011-05-14 01:20:47 ----D---- C:\Windows\SYSWOW64\WindowsSecureUpdate_KB1219
2011-05-13 23:03:10 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2011-05-13 23:03:10 ----A---- C:\Windows\system32\poqexec.exe
2011-05-11 12:27:37 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-05-11 12:27:36 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2011-05-11 12:27:35 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2011-05-11 12:27:29 ----A---- C:\Windows\system32\drivers\usbport.sys
2011-05-11 12:27:29 ----A---- C:\Windows\system32\drivers\usbohci.sys
2011-05-11 12:27:29 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-05-11 12:27:29 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-05-11 12:27:29 ----A---- C:\Windows\system32\drivers\usbd.sys
2011-05-11 12:27:29 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2011-05-10 17:37:58 ----D---- C:\Users\Admin-7\AppData\Roaming\PunkBuster
2011-05-10 17:17:19 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2011-05-10 17:15:14 ----D---- C:\ProgramData\DAEMON Tools Lite
2011-05-08 16:38:34 ----A---- C:\Windows\SYSWOW64\vbuzip10.dll
2011-05-07 16:17:52 ----A---- C:\Windows\system32\drivers\inspect.sys
2011-05-04 16:36:05 ----A---- C:\Windows\unvise32.exe
2011-05-04 16:36:03 ----D---- C:\Program Files (x86)\LooksBuilderSE
2011-05-04 16:32:54 ----D---- C:\ProgramData\Pinnacle Studio Ultimate Collection
2011-05-04 16:30:17 ----D---- C:\ProgramData\Studio 14
2011-05-04 16:30:17 ----D---- C:\ProgramData\Pinnacle Studio Plus
2011-05-04 16:21:43 ----D---- C:\Program Files (x86)\Pinnacle
2011-05-04 15:58:09 ----D---- C:\ProgramData\Pinnacle
2011-05-04 14:24:16 ----D---- C:\Program Files (x86)\Microsoft Works
2011-05-04 14:24:12 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2011-05-04 14:23:01 ----D---- C:\Program Files\Microsoft Office
2011-05-04 14:22:45 ----D---- C:\ProgramData\Microsoft Help
2011-05-02 20:36:48 ----A---- C:\Windows\system32\drivers\cmdhlp.sys
2011-05-02 20:36:48 ----A---- C:\Windows\system32\drivers\cmdGuard.sys
2011-05-02 20:36:46 ----A---- C:\Windows\system32\drivers\cmderd.sys
2011-05-02 20:36:04 ----A---- C:\Windows\SYSWOW64\guard32.dll
2011-05-02 20:36:02 ----A---- C:\Windows\system32\guard64.dll
2011-04-29 22:57:01 ----D---- C:\Users\Admin-7\AppData\Roaming\Malwarebytes
2011-04-29 22:55:05 ----D---- C:\ProgramData\Malwarebytes
2011-04-29 22:55:05 ----A---- C:\Windows\SYSWOW64\drivers\mbamswissarmy.sys
2011-04-29 22:55:02 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-04-27 06:26:46 ----A---- C:\Windows\SYSWOW64\explorer.exe
2011-04-27 06:26:46 ----A---- C:\Windows\explorer.exe
2011-04-27 06:26:44 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2011-04-27 06:26:44 ----A---- C:\Windows\system32\XpsPrint.dll
2011-04-27 06:26:20 ----A---- C:\Windows\SYSWOW64\esent.dll
2011-04-27 06:26:20 ----A---- C:\Windows\system32\fsutil.exe
2011-04-27 06:26:20 ----A---- C:\Windows\system32\esent.dll
2011-04-27 06:26:20 ----A---- C:\Windows\system32\drivers\ntfs.sys
2011-04-27 06:26:19 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2011-04-27 06:26:19 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2011-04-27 06:26:19 ----A---- C:\Windows\system32\drivers\storport.sys
2011-04-27 06:26:19 ----A---- C:\Windows\system32\drivers\nvstor.sys
2011-04-27 06:26:19 ----A---- C:\Windows\system32\drivers\nvraid.sys
2011-04-27 06:26:19 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2011-04-27 06:26:19 ----A---- C:\Windows\system32\drivers\amdxata.sys
2011-04-27 06:26:19 ----A---- C:\Windows\system32\drivers\amdsata.sys
2011-04-27 06:26:14 ----A---- C:\Windows\system32\prevhost.exe
2011-04-27 06:26:13 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2011-04-21 23:16:41 ----A---- C:\Windows\system32\drivers\SBREDrv.sys

======List of files/folders modified in the last 1 months======

2011-05-20 20:35:43 ----D---- C:\Program Files\Trend micro
2011-05-20 20:35:39 ----D---- C:\Windows\Prefetch
2011-05-20 20:35:29 ----D---- C:\Windows\Temp
2011-05-20 19:47:04 ----D---- C:\Windows\system32\config
2011-05-20 19:32:40 ----SHD---- C:\System Volume Information
2011-05-20 19:10:04 ----D---- C:\Windows\tracing
2011-05-20 19:05:21 ----D---- C:\Windows\System32
2011-05-20 19:05:21 ----D---- C:\Windows\inf
2011-05-20 19:05:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-05-20 19:01:11 ----D---- C:\ProgramData\NVIDIA
2011-05-20 19:01:04 ----D---- C:\Windows
2011-05-20 09:39:36 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-05-20 07:21:34 ----SHD---- C:\Windows\Installer
2011-05-20 05:59:49 ----HD---- C:\ProgramData
2011-05-20 05:02:47 ----D---- C:\Windows\system32\Tasks
2011-05-19 07:16:46 ----D---- C:\Windows\SysWOW64
2011-05-19 06:58:14 ----RD---- C:\Program Files (x86)
2011-05-18 21:19:05 ----D---- C:\Windows\system32\drivers
2011-05-18 21:18:52 ----D---- C:\Windows\system32\DriverStore
2011-05-18 21:18:52 ----D---- C:\Windows\system32\catroot2
2011-05-18 21:18:52 ----D---- C:\Windows\system32\catroot
2011-05-18 21:17:08 ----RD---- C:\Program Files
2011-05-18 19:13:28 ----D---- C:\ProgramData\Ubisoft
2011-05-18 18:55:03 ----DC---- C:\Windows\system32\DRVSTORE
2011-05-18 18:47:30 ----D---- C:\Windows\Tasks
2011-05-15 17:16:36 ----D---- C:\Windows\SYSWOW64\drivers
2011-05-14 01:34:06 ----D---- C:\Windows\debug
2011-05-13 13:51:57 ----A---- C:\Windows\NeroDigital.ini
2011-05-12 07:18:32 ----D---- C:\Windows\winsxs
2011-05-12 03:00:36 ----A---- C:\Windows\system32\MRT.exe
2011-05-11 00:51:49 ----RSD---- C:\Windows\assembly
2011-05-10 17:38:02 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2011-05-10 17:38:00 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2011-05-10 14:10:44 ----A---- C:\Windows\system32\aswBoot.exe
2011-05-08 21:07:56 ----D---- C:\Windows\system32\NDF
2011-05-06 20:15:11 ----SD---- C:\Users\Admin-7\AppData\Roaming\Microsoft
2011-05-06 13:32:33 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2011-05-04 20:46:45 ----RSD---- C:\Windows\Fonts
2011-05-04 20:46:02 ----A---- C:\Windows\win.ini
2011-05-04 16:33:29 ----D---- C:\Program Files (x86)\Common Files
2011-05-04 14:24:08 ----SD---- C:\ProgramData\Microsoft
2011-05-04 14:23:45 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-05-04 14:22:58 ----D---- C:\Windows\ShellNew
2011-05-04 13:39:17 ----RSD---- C:\Windows\Media
2011-05-02 08:54:30 ----D---- C:\Users\Admin-7\AppData\Roaming\DivX
2011-04-30 00:11:57 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-04-28 06:38:11 ----D---- C:\Windows\rescache
2011-04-28 03:17:32 ----D---- C:\Windows\AppPatch
2011-04-28 03:17:31 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-04-28 03:17:31 ----D---- C:\Windows\system32\cs-CZ
2011-04-21 16:25:12 ----D---- C:\Program Files (x86)\Microsoft Silverlight

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie64.sys [2010-03-10 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-10-26 834544]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2011-05-02 16016]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2011-05-02 252344]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2011-05-02 41712]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-05-10 254528]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2011-05-07 92688]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/12/26 05:22:47]; \??\D:\Pocitacove Programy\Prehravač - Power DVD-10\PowerDVD10\NavFilter\000.fcl [2010-04-02 146928]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
R3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-02-24 2753512]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2010-12-20 24152]
R3 P17;SB Audigy; C:\Windows\system32\drivers\P17.sys [2009-10-16 1309696]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-12-21 38456]
S1 FldSafe;FldSafe; C:\Windows\system32\DRIVERS\FldSafe.sys []
S2 atksgt;atksgt; C:\Windows\system32\drivers\atksgt.sys []
S2 enodpl;enodpl; C:\Windows\system32\DRIVERS\enodpl.sys []
S2 lirsgt;lirsgt; C:\Windows\system32\drivers\lirsgt.sys []
S2 litdpl;litdpl; C:\Windows\system32\DRIVERS\litdpl.sys []
S3 a3m7essu;a3m7essu; C:\Windows\system32\drivers\a3m7essu.sys []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2010-12-05 23080]
S3 Maplom;Maplom; C:\Windows\system32\drivers\Maplom.sys []
S3 MaplomL;MaplomL; C:\Windows\system32\drivers\MaplomL.sys []
S3 TBPanel;TBPanel; C:\Windows\system32\drivers\TBPanel.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 vwmfbus;Vertex Wireless Composite Device driver (WDM); C:\Windows\system32\DRIVERS\vwmfbus.sys [2009-11-11 127488]
S3 vwmfdiag;Vertex Wireless Diagnostic Monitor Port Driver (WDM); C:\Windows\system32\DRIVERS\vwmfdiag.sys [2009-11-11 128512]
S3 vwmfmdfl;~Vertex Wireless CDC Modem Filter~; C:\Windows\system32\DRIVERS\vwmfmdfl.sys [2009-11-11 18944]
S3 vwmfmdm;Vertex Wireless CDC Modem Driver; C:\Windows\system32\DRIVERS\vwmfmdm.sys [2009-11-11 161280]
S3 vwmfserd;Vertex Wireless Device Management Port Driver (WDM); C:\Windows\system32\DRIVERS\vwmfserd.sys [2009-11-11 128512]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CLPSLS;COMODO livePCsupport Service; C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe [2011-05-13 161080]
R2 cmdagent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2011-05-09 2506472]
R2 NSL;Norton Safe Web Lite; C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe [2010-11-24 130000]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-01-20 1005160]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-05-10 75136]
R2 StarWindServiceAE;StarWind AE Service; D:\Pocitacove Programy\Alcohol-120%\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-20 378984]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-23 136176]
S2 MBAMService;MBAMService; D:\Pocitacove Programy\Malwarebytes' Anti-Malware\mbamservice.exe [2010-12-20 363344]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-23 136176]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; D:\Pocitacove Programy\Ad-Aware\AAWService.exe [2011-05-16 2151128]
S3 nosGetPlusHelper;getPlus(R) Helper 3004; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-04-08 403240]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-10-23 1255736]
S4 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-11-30 79360]
S4 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-10-23 79360]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [2009-04-17 247152]

-----------------EOF-----------------

[Rudy]

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

[Lilly [FR]]

Dobry vecer admin, predem vam dekuji, za vasi laskavost a ochotu zkontrolovat muj log.

Malware bytes mam nainstalovanu jako free verzi bez stitu na jednorazove kontroly, tak tady neco nasel 2 infikovane soubory co dal?

MWB-Log:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 6628

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

20.5.2011 23:17:03
mbam-log-2011-05-20 (23-16-40).txt

Typ kontroly: Úplný test (C:\|D:\|)
Testované objekty: 477119
Uplynulý čas: 1 hodin, 2 minut, 28 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 1
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
d:\pocitacove programy\alcohol-120%\Langs\AX_RU.dll (Malware.Packer.GenX) -> No action taken.

[Rudy]

Obě položky smažte.

[Lilly [FR]]

Admin vymazala jsem obe polozky a zopakovala kontrolu scanu na comodo a malware, uz se nenaslo nic malware jsem vypnula to je jednorazovka a comodo nadale hlida muj pocitac, takze system je bez virusu, ovsem objevil se tu dalsi problem.

Program ALCOHOL-120% prestal fungovat, spustit se spusti ovsem vyhodi se chybova hlaska, ze ma problemy se zavedenim virtualnych jednotek po spusteni ALCOHOLU se zobrazi prazdne bile misto a ani jednu virtualku tam neni videt.

Tohle se mi jeste nestalo mame nejake řeseni ? :-)Predem dekuji za pomoc a radu mam nan licenci.Nekde se stal problem s virtualnimy ovladaci spdi nebo tak nejak a sama to neumim opravit..

[Rudy]

Zkuste Alcohol přeinstalovat. Musí ale být oficiální. Odstřelil ho MBAM, neboť našel v jedné knihovně malware.

[Lilly [FR]]

Admin deku za radu a pomoc a ten straveny cas se mnou, alcohol bezi a jsem rada, ze nemam v pc virus a malware, kdyby neco bylo ozvu se zase a zalozim novy topic.

Jeste jednou dekuji

[Rudy]

Rádo se stalo!