Strata dát.

Zpráva

Doduško · #1 Příspěvek od **Doduško** » 25 srp 2010 20:59

Keď sťahujem, robím kontrolu v ESET Smart Security, alebo hrám SA:MP keď sa odhlásim a chce sa prihlásiť niekto iný napíše sa normálne: Vitajte! a potom naskočí: Pripravuje sa pracovná plocha. keď ho to prihlási ide mú všetko odznova 2 ikony Tento Počítač a Kôš a v pravo dole vyskočí bublina a je v nej niečo po anglicky no onedlho zmizne. Ak aj jeho odhlásim napíše sa že sa to nedá že práve pracuje nejaká aplikácia, ale nestihnem to prečítať zmizne zto za sekundu a odhlási ho to. Keď sa znova prihlásim opakuje sa to. Keď to chcem vrátiť musím obnoviť systém. Raz som takýto problém už mal ale ručne som zmazal podozrivý súbor a bolo to v poriadku. Teraz tam taký súbor nemám

. Neviete čo je s tým a ako sa to dá opraviť?

#2 Příspěvek od **Rudy** » 25 srp 2010 21:02

Dejte log z RSIT: http://viry.cz/forum/viewtopic.php?f=24&t=81939 .

Doduško · #3 Příspěvek od **Doduško** » 25 srp 2010 21:07

Logfile of random's system information tool 1.08 (written by random/random)
Run by Jojo at 2010-08-25 22:06:49
Microsoft Windows 7 Home Premium
System drive C: has 24 GB (24%) free of 100 GB
Total RAM: 3326 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:06:53, on 25. 8. 2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Jojo\Downloads\RSIT.exe
C:\Program Files\trend micro\Jojo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1708250
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Free Lunch Design Toolbar - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFree.dll
O2 - BHO: Free Lunch Design Toolbar - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFree.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Free Lunch Design Toolbar - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFree.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [reset] regedit /s reset.reg
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: RollerCoaster Tycoon 3 Registration.lnk = Jojo\AppData\Local\Temp\{6D335775-A22E-46F5-BC63-68B659261B7B}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{92EAFE1C-75B1-46F8-8050-65FEB530FAC5}: NameServer = 172.16.0.2,195.168.1.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{92EAFE1C-75B1-46F8-8050-65FEB530FAC5}: NameServer = 172.16.0.2,195.168.1.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{92EAFE1C-75B1-46F8-8050-65FEB530FAC5}: NameServer = 172.16.0.2,195.168.1.4
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 5933 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec}]
Free Lunch Design Toolbar - C:\Program Files\Free_Lunch_Design\tbFree.dll [2009-05-20 2085400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-06-29 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2009-06-01 962808]
{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - Free Lunch Design Toolbar - C:\Program Files\Free_Lunch_Design\tbFree.dll [2009-05-20 2085400]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-06-25 7547424]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2004-08-20 45056]
"reset"=regedit /s reset.reg []
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-02-26 2140880]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]

C:\Users\Jojo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
RollerCoaster Tycoon 3 Registration.lnk - C:\Users\Jojo\AppData\Local\Temp\{6D335775-A22E-46F5-BC63-68B659261B7B}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-08-25 22:05:07 ----D---- C:\rsit
2010-08-25 22:05:07 ----D---- C:\Program Files\trend micro
2010-08-25 10:34:47 ----A---- C:\Windows\system32\oleaut32.dll
2010-08-22 15:46:43 ----D---- C:\Program Files\Vivendi Universal Games
2010-08-16 11:15:49 ----D---- C:\CNS
2010-08-15 16:14:32 ----A---- C:\Windows\system32\CmdLineExt.dll
2010-08-13 06:36:21 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-13 06:36:11 ----A---- C:\Windows\system32\ir32_32.dll
2010-08-13 06:36:11 ----A---- C:\Windows\system32\iccvid.dll
2010-08-13 06:36:09 ----A---- C:\Windows\system32\rtutils.dll
2010-08-13 06:36:05 ----A---- C:\Windows\system32\msxml3.dll
2010-08-13 06:36:02 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-08-13 06:36:02 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-08-13 06:36:02 ----A---- C:\Windows\system32\drivers\srv.sys
2010-08-13 06:35:53 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-08-13 06:35:52 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-13 06:35:46 ----A---- C:\Windows\system32\mshtml.dll
2010-08-13 06:35:44 ----A---- C:\Windows\system32\ieframe.dll
2010-08-13 06:35:43 ----A---- C:\Windows\system32\wininet.dll
2010-08-13 06:35:43 ----A---- C:\Windows\system32\urlmon.dll
2010-08-13 06:35:43 ----A---- C:\Windows\system32\mstime.dll
2010-08-13 06:35:43 ----A---- C:\Windows\system32\iepeers.dll
2010-08-13 06:35:43 ----A---- C:\Windows\system32\iedkcs32.dll
2010-08-13 06:35:42 ----A---- C:\Windows\system32\msfeedssync.exe
2010-08-13 06:35:42 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-08-13 06:35:42 ----A---- C:\Windows\system32\jsproxy.dll
2010-08-13 06:35:42 ----A---- C:\Windows\system32\ieui.dll
2010-08-13 06:35:39 ----A---- C:\Windows\system32\schannel.dll
2010-08-13 06:35:38 ----A---- C:\Windows\system32\win32k.sys
2010-08-11 20:28:03 ----D---- C:\Program Files\Disney Interactive Studios
2010-08-03 07:24:22 ----A---- C:\Windows\system32\shell32.dll
2010-08-02 16:36:31 ----D---- C:\Users\Jojo\AppData\Roaming\Atari
2010-08-02 16:33:36 ----D---- C:\Users\Jojo\AppData\Roaming\Leadertech
2010-08-02 16:28:56 ----D---- C:\Program Files\Atari

======List of files/folders modified in the last 1 months======

2010-08-25 22:06:53 ----D---- C:\Windows\Temp
2010-08-25 22:05:07 ----RD---- C:\Program Files
2010-08-25 20:28:08 ----D---- C:\Windows\system32\config
2010-08-25 20:20:45 ----D---- C:\Windows\System32
2010-08-25 20:20:44 ----D---- C:\Windows\inf
2010-08-25 20:20:44 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-08-25 20:16:36 ----D---- C:\ProgramData\NVIDIA
2010-08-25 17:26:41 ----SHD---- C:\System Volume Information
2010-08-25 17:22:45 ----RD---- C:\Users
2010-08-25 15:32:59 ----D---- C:\Windows\winsxs
2010-08-25 15:32:50 ----D---- C:\Windows
2010-08-25 15:09:06 ----D---- C:\Windows\AppPatch
2010-08-25 11:28:05 ----D---- C:\Windows\debug
2010-08-25 11:24:32 ----D---- C:\Windows\Prefetch
2010-08-25 10:34:26 ----D---- C:\Windows\system32\catroot
2010-08-25 10:34:13 ----D---- C:\Windows\system32\catroot2
2010-08-24 20:10:13 ----D---- C:\Users\Jojo\AppData\Roaming\vlc
2010-08-24 10:31:26 ----D---- C:\Program Files\Rockstar Games
2010-08-24 10:21:46 ----HD---- C:\Program Files\InstallShield Installation Information
2010-08-24 10:14:58 ----D---- C:\Windows\system32\wbem
2010-08-24 10:09:31 ----D---- C:\Windows\system32\wfp
2010-08-24 10:08:34 ----D---- C:\Windows\Tasks
2010-08-24 10:08:34 ----D---- C:\Windows\system32\CodeIntegrity
2010-08-23 22:49:31 ----D---- C:\Users\Jojo\AppData\Roaming\uTorrent
2010-08-23 14:07:33 ----D---- C:\Users\Jojo\AppData\Roaming\dvdcss
2010-08-13 12:12:16 ----D---- C:\Program Files\uTorrent
2010-08-13 09:47:41 ----D---- C:\Windows\Microsoft.NET
2010-08-13 09:47:23 ----RSD---- C:\Windows\assembly
2010-08-13 07:45:46 ----D---- C:\Windows\system32\drivers
2010-08-13 07:45:45 ----D---- C:\Windows\system32\migration
2010-08-13 07:45:45 ----D---- C:\Program Files\Internet Explorer
2010-08-13 06:59:03 ----SHD---- C:\Windows\Installer
2010-08-13 06:59:01 ----D---- C:\ProgramData\Microsoft Help
2010-08-11 20:31:08 ----A---- C:\Windows\disney.ini
2010-08-03 20:09:31 ----A---- C:\Windows\system32\MRT.exe
2010-08-03 13:15:34 ----D---- C:\Program Files\LG PC Suite II
2010-08-02 12:26:06 ----D---- C:\Program Files\Mozilla Firefox
2010-07-28 14:05:18 ----D---- C:\Users\Jojo\AppData\Roaming\Audacity

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-02-20 691696]
R0 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2004-09-02 22656]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-02-26 114984]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-02-26 133512]
R2 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2004-07-21 9856]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-02-26 134488]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-02-26 41312]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 ElbyDelay;ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [2004-02-12 3968]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-02-26 32584]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2010-08-25 17488]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-06-25 2375776]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-30 187392]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 ayhpaiht;ayhpaiht; C:\Windows\system32\drivers\ayhpaiht.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-02-26 810120]
R2 ES lite Service;ES lite Service for program management.; C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE [2009-03-02 68136]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-09-27 215656]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2009-09-27 240232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-19 135664]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-02-26 33560]
S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-02 1343400]

-----------------EOF-----------------

Doduško · #4 Příspěvek od **Doduško** » 25 srp 2010 21:08

Logfile of random's system information tool 1.08 (written by random/random)
Run by Jojo at 2010-08-25 22:06:49
Microsoft Windows 7 Home Premium
System drive C: has 24 GB (24%) free of 100 GB
Total RAM: 3326 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:06:53, on 25. 8. 2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Jojo\Downloads\RSIT.exe
C:\Program Files\trend micro\Jojo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1708250
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Free Lunch Design Toolbar - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFree.dll
O2 - BHO: Free Lunch Design Toolbar - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFree.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Free Lunch Design Toolbar - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFree.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [reset] regedit /s reset.reg
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: RollerCoaster Tycoon 3 Registration.lnk = Jojo\AppData\Local\Temp\{6D335775-A22E-46F5-BC63-68B659261B7B}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{92EAFE1C-75B1-46F8-8050-65FEB530FAC5}: NameServer = 172.16.0.2,195.168.1.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{92EAFE1C-75B1-46F8-8050-65FEB530FAC5}: NameServer = 172.16.0.2,195.168.1.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{92EAFE1C-75B1-46F8-8050-65FEB530FAC5}: NameServer = 172.16.0.2,195.168.1.4
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 5933 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec}]
Free Lunch Design Toolbar - C:\Program Files\Free_Lunch_Design\tbFree.dll [2009-05-20 2085400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-06-29 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2009-06-01 962808]
{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - Free Lunch Design Toolbar - C:\Program Files\Free_Lunch_Design\tbFree.dll [2009-05-20 2085400]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-06-25 7547424]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2004-08-20 45056]
"reset"=regedit /s reset.reg []
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-02-26 2140880]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]

C:\Users\Jojo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
RollerCoaster Tycoon 3 Registration.lnk - C:\Users\Jojo\AppData\Local\Temp\{6D335775-A22E-46F5-BC63-68B659261B7B}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-08-25 22:05:07 ----D---- C:\rsit
2010-08-25 22:05:07 ----D---- C:\Program Files\trend micro
2010-08-25 10:34:47 ----A---- C:\Windows\system32\oleaut32.dll
2010-08-22 15:46:43 ----D---- C:\Program Files\Vivendi Universal Games
2010-08-16 11:15:49 ----D---- C:\CNS
2010-08-15 16:14:32 ----A---- C:\Windows\system32\CmdLineExt.dll
2010-08-13 06:36:21 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-13 06:36:11 ----A---- C:\Windows\system32\ir32_32.dll
2010-08-13 06:36:11 ----A---- C:\Windows\system32\iccvid.dll
2010-08-13 06:36:09 ----A---- C:\Windows\system32\rtutils.dll
2010-08-13 06:36:05 ----A---- C:\Windows\system32\msxml3.dll
2010-08-13 06:36:02 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-08-13 06:36:02 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-08-13 06:36:02 ----A---- C:\Windows\system32\drivers\srv.sys
2010-08-13 06:35:53 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-08-13 06:35:52 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-13 06:35:46 ----A---- C:\Windows\system32\mshtml.dll
2010-08-13 06:35:44 ----A---- C:\Windows\system32\ieframe.dll
2010-08-13 06:35:43 ----A---- C:\Windows\system32\wininet.dll
2010-08-13 06:35:43 ----A---- C:\Windows\system32\urlmon.dll
2010-08-13 06:35:43 ----A---- C:\Windows\system32\mstime.dll
2010-08-13 06:35:43 ----A---- C:\Windows\system32\iepeers.dll
2010-08-13 06:35:43 ----A---- C:\Windows\system32\iedkcs32.dll
2010-08-13 06:35:42 ----A---- C:\Windows\system32\msfeedssync.exe
2010-08-13 06:35:42 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-08-13 06:35:42 ----A---- C:\Windows\system32\jsproxy.dll
2010-08-13 06:35:42 ----A---- C:\Windows\system32\ieui.dll
2010-08-13 06:35:39 ----A---- C:\Windows\system32\schannel.dll
2010-08-13 06:35:38 ----A---- C:\Windows\system32\win32k.sys
2010-08-11 20:28:03 ----D---- C:\Program Files\Disney Interactive Studios
2010-08-03 07:24:22 ----A---- C:\Windows\system32\shell32.dll
2010-08-02 16:36:31 ----D---- C:\Users\Jojo\AppData\Roaming\Atari
2010-08-02 16:33:36 ----D---- C:\Users\Jojo\AppData\Roaming\Leadertech
2010-08-02 16:28:56 ----D---- C:\Program Files\Atari

======List of files/folders modified in the last 1 months======

2010-08-25 22:06:53 ----D---- C:\Windows\Temp
2010-08-25 22:05:07 ----RD---- C:\Program Files
2010-08-25 20:28:08 ----D---- C:\Windows\system32\config
2010-08-25 20:20:45 ----D---- C:\Windows\System32
2010-08-25 20:20:44 ----D---- C:\Windows\inf
2010-08-25 20:20:44 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-08-25 20:16:36 ----D---- C:\ProgramData\NVIDIA
2010-08-25 17:26:41 ----SHD---- C:\System Volume Information
2010-08-25 17:22:45 ----RD---- C:\Users
2010-08-25 15:32:59 ----D---- C:\Windows\winsxs
2010-08-25 15:32:50 ----D---- C:\Windows
2010-08-25 15:09:06 ----D---- C:\Windows\AppPatch
2010-08-25 11:28:05 ----D---- C:\Windows\debug
2010-08-25 11:24:32 ----D---- C:\Windows\Prefetch
2010-08-25 10:34:26 ----D---- C:\Windows\system32\catroot
2010-08-25 10:34:13 ----D---- C:\Windows\system32\catroot2
2010-08-24 20:10:13 ----D---- C:\Users\Jojo\AppData\Roaming\vlc
2010-08-24 10:31:26 ----D---- C:\Program Files\Rockstar Games
2010-08-24 10:21:46 ----HD---- C:\Program Files\InstallShield Installation Information
2010-08-24 10:14:58 ----D---- C:\Windows\system32\wbem
2010-08-24 10:09:31 ----D---- C:\Windows\system32\wfp
2010-08-24 10:08:34 ----D---- C:\Windows\Tasks
2010-08-24 10:08:34 ----D---- C:\Windows\system32\CodeIntegrity
2010-08-23 22:49:31 ----D---- C:\Users\Jojo\AppData\Roaming\uTorrent
2010-08-23 14:07:33 ----D---- C:\Users\Jojo\AppData\Roaming\dvdcss
2010-08-13 12:12:16 ----D---- C:\Program Files\uTorrent
2010-08-13 09:47:41 ----D---- C:\Windows\Microsoft.NET
2010-08-13 09:47:23 ----RSD---- C:\Windows\assembly
2010-08-13 07:45:46 ----D---- C:\Windows\system32\drivers
2010-08-13 07:45:45 ----D---- C:\Windows\system32\migration
2010-08-13 07:45:45 ----D---- C:\Program Files\Internet Explorer
2010-08-13 06:59:03 ----SHD---- C:\Windows\Installer
2010-08-13 06:59:01 ----D---- C:\ProgramData\Microsoft Help
2010-08-11 20:31:08 ----A---- C:\Windows\disney.ini
2010-08-03 20:09:31 ----A---- C:\Windows\system32\MRT.exe
2010-08-03 13:15:34 ----D---- C:\Program Files\LG PC Suite II
2010-08-02 12:26:06 ----D---- C:\Program Files\Mozilla Firefox
2010-07-28 14:05:18 ----D---- C:\Users\Jojo\AppData\Roaming\Audacity

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-02-20 691696]
R0 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2004-09-02 22656]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-02-26 114984]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-02-26 133512]
R2 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2004-07-21 9856]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-02-26 134488]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-02-26 41312]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 ElbyDelay;ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [2004-02-12 3968]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-02-26 32584]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2010-08-25 17488]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-06-25 2375776]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-30 187392]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 ayhpaiht;ayhpaiht; C:\Windows\system32\drivers\ayhpaiht.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-02-26 810120]
R2 ES lite Service;ES lite Service for program management.; C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE [2009-03-02 68136]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-09-27 215656]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2009-09-27 240232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-19 135664]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-02-26 33560]
S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-02 1343400]

-----------------EOF-----------------

Doduško · #5 Příspěvek od **Doduško** » 25 srp 2010 21:10

sory nechtiac som to tu dal 2 krat

#6 Příspěvek od **Rudy** » 25 srp 2010 21:51

Nevidím nic nebezpečného. Zkuste obnovu systému k datu, kdy korektně fungoval.

Doduško · #7 Příspěvek od **Doduško** » 26 srp 2010 08:26

ako prosím?

Doduško · #8 Příspěvek od **Doduško** » 26 srp 2010 09:18

aha no to sa nedá, mám windows 7 a obnoviť sa na taký čas už nedá

viem že to sa nehodí na túto stránku ale nemôže to byť len nejaké nastavenie alebo mi chýba nejaký program?

Doduško · #9 Příspěvek od **Doduško** » 26 srp 2010 11:37

nikto neodpoveda takze som asi beznadejny pripad tak este ak by vam mohlo pomoct info.txt co mi spralil RSIT:

nfo.txt logfile of random's system information tool 1.08 2010-08-25 22:05:23

======Uninstall list======

-->MsiExec /X{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
123 Free Puzzle-->C:\PROGRA~1\123FRE~1\UNWISE.EXE C:\PROGRA~1\123FRE~1\INSTALL.LOG
Adobe Download Manager-->"C:\Windows\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->C:\Windows\system32\Macromed\Flash\UninstFl.exe -q
Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
Ashampoo Burning Studio 6 FREE-->"C:\Program Files\Ashampoo\Ashampoo Burning Studio 6 FREE\unins000.exe"
Audacity 1.3.9 (Unicode)-->"C:\Program Files\Audacity 1.3 Beta (Unicode)\unins000.exe"
Battlefield 1942: Secret Weapons of WWII-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B73B4A99-4173-4747-BBEC-0F05E966F9D2}\Setup.exe" -l0x9
Battlefield 1942: The Road To Rome-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D057AA08-8CBF-42E3-9EAB-23B8FED1C279}\Setup.exe" -l0x9
Battlefield 1942-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}\Setup.exe" -l0x9
Bejeweled-->"C:\Program Files\MSN Games\Bejeweled\Uninstall.exe" "C:\Program Files\MSN Games\Bejeweled\install.log"
Call of Duty(R) 2-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{D0A05794-48C2-4424-A15A-9F20FCFDD374} /l2057
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CoD 2 čeština-->"C:\Program Files\Activision\Call of Duty 2\unins000.exe"
Člověče nezlob se-->C:\CNS\unins000.exe
Diskito-->"C:\Program Files\Diskito v Južnej Amerike\unins000.exe"
EasySaver B9.0610.1 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{07300F01-89CA-4CF8-92BD-2A605EB83C95}\setup.exe" -l0x9 -removeonly
Euro Truck Simulator-->C:\Program Files\Euro Truck Simulator\Uninstal_EuroTruckSimulator.exe
Flyonoid-->C:\Program Files\Flyonoid\uninstal.exe
Free YouTube Download 2.3-->"C:\Program Files\DVDVideoSoft\Free YouTube Download\unins000.exe"
Free_Lunch_Design Toolbar-->C:\PROGRA~1\FREE_L~1\UNWISE.EXE /U C:\PROGRA~1\FREE_L~1\INSTALL.LOG
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Zem-->MsiExec.exe /X{F7B0939E-58DF-11DF-B3A6-005056806466}
Grand Theft Auto Vice City-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}\Setup.exe" -l0x9
GTA III CZ-->C:\Program Files\Rockstar Games\GTAIII\uninstx.exe C:\Program Files\Rockstar Games\GTAIII\Uninstall.log
GTA San Andreas-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x9 -removeonly
GTA:Vice City_SK-->C:\Program Files\Rockstar Games\Grand Theft Auto Vice City\uninstx.exe C:\Program Files\Rockstar Games\Grand Theft Auto Vice City\GTAVCSK_uninst.log
GTAIII-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F2DDE4A8-A062-4D58-AE08-FAC1182955AF}\setup.exe" -l0x1b
Hospital Tycoon-->"C:\Program Files\Codemasters\Hospital Tycoon\unins000.exe"
ICQ Toolbar-->C:\Program Files\ICQ6Toolbar\ICQUnToolbar.exe
ICQ6.5-->"C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
Java(TM) 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216018FF}
Kobra 11 Nitro-->"C:\Program Files\Kobra 11 Nitro\unins000.exe"
LG PC Suite II-->C:\Program Files\InstallShield Installation Information\{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}\setup.exe -runfromtemp -l0x001b -removeonly
LG USB Modem driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C3ABE126-2BB2-4246-BFE1-6797679B3579}\setup.exe" -l0x1b LG -removeonly
Luxor-->"C:\Program Files\MSN Games\Luxor\Uninstall.exe" "C:\Program Files\MSN Games\Luxor\install.log"
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {294B4278-CF7B-40B9-86A1-2D3FF0C2C524}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {10EC59E5-9BCE-4884-BB1A-E28627220232}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Zoo Tycoon-->"C:\Program Files\Microsoft Games\Zoo Tycoon\UNINSTAL.EXE" /runtemp /addremove
Moorhuhn Winter-Edition-->C:\Windows\IsUn0407.exe -f"C:\Program Files\Phenomedia AG\Moorhuhn Winter-Edition\Uninst.isu"
Mozilla Firefox (3.6.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Need For Speed Hot Pursuit 2-->C:\Program Files\EA Games\Need For Speed Hot Pursuit 2\EAUninstall.exe
No Man's Land Demo-->C:\PROGRA~1\NOMAN'~1\UNWISE.EXE C:\PROGRA~1\NOMAN'~1\INSTALL.LOG
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
NVIDIA PhysX-->MsiExec.exe /X{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}
Opera 10.10-->MsiExec.exe /X{FB8148DD-C575-4B0A-9F6C-0CFC46937930}
PhotoFiltre Studio-->"C:\Program Files\PhotoFiltre Studio\Uninst.exe"
PhotoScape-->"C:\Program Files\PhotoScape\uninstall.exe"
Realtek Ethernet Controller Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.Exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.EXE" -removeonly
Robinsonovi-->C:\Program Files\InstallShield Installation Information\{651C1EF2-3B74-4195-AD78-107FA85DAF8B}\Setup.exe -runfromtemp -l0x0005 Robinsonovi -removeonly
RollerCoaster Tycoon 2: Time Twister-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BA1E1AFD-D1F2-4C52-88C3-186FC5E61604}\setup.exe" -l0x9
RollerCoaster Tycoon 2: Wacky Worlds-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B1AD83A0-DC92-41E3-B111-E9472349768C}\setup.exe" -l0x9
RollerCoaster Tycoon 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}\setup.exe" -l0x9
RollerCoaster Tycoon 3 Platinum-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\SETUP.exe" -l0x9 -removeonly
Security Update for 2007 Microsoft Office System (KB2277947)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5857EE21-03D0-482E-9620-5A30B314A2AE}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for 2007 Microsoft Office System (KB982312)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B0EC5722-241F-4CDA-83B4-AA5846B6F9F4}
Security Update for 2007 Microsoft Office System (KB982331)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E8766951-2B6C-4022-86E8-80D2D1762B76}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}
Security Update for Microsoft Office Excel 2007 (KB982308)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C3F9A0DC-A5D1-4BB6-870E-2953E5A2487B}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office Outlook 2007 (KB980376)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {48113C06-9BA2-4D54-A731-D1D2C5B3144A}
Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
Security Update for Microsoft Office Publisher 2007 (KB982124)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {289FA8BC-6A8E-4341-B194-EB26B49E9F5D}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2251419)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7E9103DA-253F-41FF-9E83-7C83806C77DA}
Stalingrad-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{432756CE-6400-4901-9F7C-66A9E63CFF5D}\setup.exe" -l0x5
Swap & Fall 2-->"C:\Program Files\Realore\Swap & Fall 2\unins000.exe"
Terrorist Takedown War In Colombia-->"C:\Program Files\City Interactive\Terrorist Takedown - War In Colombia\unins000.exe"
The Golden Compass-->"D:\Hry a podobne\The Golden Compass\uninstall.exe"
The Simpsons Hit & Run(TM)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F79AAB3A-B8B4-4AC7-94AB-1C4C076C6A89}\setup.exe" -l0x9
The Sims 2 Noční život-->C:\Program Files\EA GAMES\The Sims 2 Noční život\EAUninstall.exe
The Sims 2 Pro rodinnou zábavu - Kolekce-->C:\Program Files\EA GAMES\The Sims 2 Pro rodinnou zábavu - Kolekce\EAUninstall.exe
The Sims 2 Ve světě podnikání-->C:\Program Files\EA GAMES\The Sims 2 Ve světě podnikání\EAUninstall.exe
The Sims 2-->C:\Program Files\EA GAMES\The Sims 2\EAUninstall.exe
The Sims™ 2 H&M® Móda Kolekce-->C:\Program Files\EA GAMES\The Sims 2 H&M® Móda Kolekce\EAUninstall.exe
The Sims™ 2 IKEA® Domov Kolekce-->C:\Program Files\EA GAMES\The Sims 2 IKEA® Domov Kolekce\EAUninstall.exe
The Sims™ 2 Koupelny a kuchyně Interiérový design Kolekce-->C:\Program Files\EA GAMES\The Sims 2 Koupelny a kuchyně Interiérový design Kolekce\EAUninstall.exe
The Sims™ 2 Mazlíčci-->C:\Program Files\EA GAMES\The Sims 2 Mazlíčci\EAUninstall.exe
The Sims™ 2 Roční období-->C:\Program Files\EA GAMES\The Sims 2 Roční období\EAUninstall.exe
The Sims™ 2 Volný čas-->C:\Program Files\EA GAMES\The Sims 2 Volný čas\EAUninstall.exe
Tiny Cars 2-->"C:\Program Files\Realore\Tiny Cars 2\unins000.exe"
Total Commander (Remove or Repair)-->C:\Program Files\totalcmd\tcuninst.exe
TRS2006-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5ED9E38C-9A96-49D8-89B3-92E278003FCF}\Setup.exe" -l0x5
Uninstall 1.0.0.1-->"C:\Program Files\Common Files\DVDVideoSoft\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update for Outlook 2007 Junk Email Filter (kb2279264)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {01D475AB-57B1-44CC-8A8F-3A6B0FA4989F}
Vietcong & Vietcong: Fist Alpha-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\Cenega Czech\VIETCONG\Uninstall\setup.exe" -l0x5
VirtualCloneDrive-->"C:\Program Files\Elaborate Bytes\VirtualCloneDrive\vcd-uninst.exe" /D="C:\Program Files\Elaborate Bytes\VirtualCloneDrive"
VLC media player 1.0.0-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WinRAR archivátor-->C:\Program Files\WinRAR\uninstall.exe

======System event log======

Computer Name: PC01
Event Code: 7016
Message: Služba NVIDIA Display Driver Service oznámila neplatný aktuálny stav 32.
Record Number: 72630
Source Name: Service Control Manager
Time Written: 20100512201808.655591-000
Event Type: Error
User:

Computer Name: PC01
Event Code: 4001
Message: Služba automatickej konfigurácie siete WLAN sa úspešne zastavila.

Record Number: 72512
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20100512174505.115949-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: PC01
Event Code: 7016
Message: Služba NVIDIA Display Driver Service oznámila neplatný aktuálny stav 32.
Record Number: 72490
Source Name: Service Control Manager
Time Written: 20100512174504.772749-000
Event Type: Error
User:

Computer Name: PC01
Event Code: 4001
Message: Služba automatickej konfigurácie siete WLAN sa úspešne zastavila.

Record Number: 72370
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20100512143801.036645-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: PC01
Event Code: 7016
Message: Služba NVIDIA Display Driver Service oznámila neplatný aktuálny stav 32.
Record Number: 72351
Source Name: Service Control Manager
Time Written: 20100512143800.849445-000
Event Type: Error
User:

=====Application event log=====

Computer Name: PC01
Event Code: 3006
Message: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Record Number: 223
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20100202102008.451267-000
Event Type: Error
User: NT AUTHORITY\SYSTEM

Computer Name: PC01
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-116419315-2074483726-2640039216-1000:
Process 452 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-116419315-2074483726-2640039216-1000

Record Number: 188
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20100202101334.956577-000
Event Type: Warning
U

#10 Příspěvek od **Rudy** » 26 srp 2010 17:26

Log vypadá čistý a domnívám se, že problém nemá s viry nic společného. Pro jistotu ještě udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte. Co jste instaloval těsně před tím, než se problém objevil?

Doduško · #11 Příspěvek od **Doduško** » 26 srp 2010 18:19

ked sa mi to stalo 2 krat tak The Simpsons Hit and run (ale tam nic neni) a ked sa mi to stalo 1 krat stiahol som infikovane SA-MP ale ja som ho aj odinstaloval a robilo to a musel som dat prec instalacku, ale eset mi nasiel jeden vir dal ho do karanteny dôvod: JS/TrojanDownloader.FakeAlert.NAC trojský kôň Počet 2 Zmazať ho či čo? v karantene je bezmocny

#12 Příspěvek od **Rudy** » 26 srp 2010 19:02

Pokud AV přesune vir do karantény, je bezmocný. Karanténa se pak dá smazat.

Doduško · #13 Příspěvek od **Doduško** » 27 srp 2010 10:09

ale keď som teraz len otvoril okno esetu tak sa to zas zopakovalo ze som musel obnovovat tak by to eset mohol odinstalovat lebo si aj ja myslilm už ze to neni vir ale iba nejake nastavenie a dat tam cosi ine co by si odporucal? eset licencia sa mi konci uz za par tyzdnov

Doduško · #14 Příspěvek od **Doduško** » 27 srp 2010 16:03

Robil som len rýchlu kontrolu lebo na kompletku teraz nemam čas kolko bude kompletná asi trvať?

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verzia databázy: 4489

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

27. 8. 2010 17:01:16
mbam-log-2010-08-27 (17-01-16).txt

Typ kontroly: Rýchla kontrola
Objektov kontrolovaných: 163133
Uplynulý čas: 4 min, 18 sek

Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 0
Infikované registračné hodnoty: 0
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 0

Infikované služby pamäte:
(Škodlivé položky neboli zistené)

Infikované moduly pamäte:
(Škodlivé položky neboli zistené)

Infikované registračné kľúče:
(Škodlivé položky neboli zistené)

Infikované registračné hodnoty:
(Škodlivé položky neboli zistené)

Infikované položky registračných dát:
(Škodlivé položky neboli zistené)

Infikované priečinky:
(Škodlivé položky neboli zistené)

Infikované súbory:
(Škodlivé položky neboli zistené)

#15 Příspěvek od **Rudy** » 27 srp 2010 17:33

Vir už to nebude. Zkuste reinstalovat Eset.

VIRY.CZ

Strata dát.

Strata dát.

Re: Strata dát.

Re: Strata dát.

Re: Strata dát.

Re: Strata dát.

Re: Strata dát.

Re: Strata dát.

Re: Strata dát.

Re: Strata dát.

Re: Strata dát.

Re: Strata dát.

Re: Strata dát.

Re: Strata dát.

Re: Strata dát.

Re: Strata dát.