Run Time Error - Injector.dll (Trojsky Kun)

[MartinStifler]

Brej den , sem uplne noob prez tyhle vecicky vubec nevim co mam udelat a moc bych potreboval poradit,
s jednym problemem je to u instalace jedny hry.
Jedna se o tohle:

Nevim absolutne co stim a moc bych vas chtel poprosit o radu a vyresni tohodle problemu
ps: velka omluva za gramaticke chyby , Jestly je tohle tema spatne zarazeni tak se taky omlouvam.

[Rudy]

Dejte log z RSIT: http://viry.cz/forum/viewtopic.php?f=24&t=81939 .

[MartinStifler]

Logfile of random's system information tool 1.06 (written by random/random)
Run by Soulja Boy at 2010-03-04 19:18:53
Microsoft Windows 7 Professional Service Pack 2
System drive C: has 646 GB (68%) free of 954 GB
Total RAM: 3584 MB (29% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:18:55, on 4.3.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ICQ7.0\ICQ.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\Soulja Boy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Soulja Boy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Soulja Boy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Uniblue\RegistryBooster 2010\registrybooster.exe
C:\Users\Soulja Boy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Soulja Boy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\DAEMON Tools Pro\DTProShellHlp.exe
C:\Users\Soulja Boy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Soulja Boy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Soulja Boy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Opera\opera.exe
C:\Users\Soulja Boy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Soulja Boy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Users\Soulja Boy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Soulja Boy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Soulja Boy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Soulja Boy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Soulja Boy\Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Soulja Boy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=\\.\globalroot\systemroot\system32\userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\Windows\system32\rundll32.exe C:\Users\SOULJA~1\AppData\Local\Temp\256xxx.dll,DllMain
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.0\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" -autorun
O4 - HKCU\..\RunOnce: [UniblueRegistryBooster] "C:\Program Files\Uniblue\RegistryBooster 2010\launcher.exe" delay 20000
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [cbssreg] C:\Windows\TEMP\uxir.tmp\svchost.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [cbssreg] C:\Windows\TEMP\uxir.tmp\svchost.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe (User 'Default user')
O4 - Global Startup: Nokia Nseries PC Suite.lnk = C:\Program Files\Nokia\NNPCS\RunLauncher.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\StylishProfile\ct.htm
O9 - Extra 'Tools' menuitem: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\StylishProfile\ct.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: app_dll.dll
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Služby softwarového nástroje AMD Fusion (AMDFusionSVC) - Advanced Micro Devices - C:\Program Files\AMD\AMD Fusion Utility for Desktops\FusionSVC.exe
O23 - Service: AODService - Unknown owner - C:\Program Files\AMD\OverDrive\AODAssist.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 8712 bytes

======Scheduled tasks folder======

C:\Windows\tasks\At25.job
C:\Windows\tasks\At26.job
C:\Windows\tasks\At27.job
C:\Windows\tasks\At28.job
C:\Windows\tasks\At29.job
C:\Windows\tasks\At30.job
C:\Windows\tasks\At31.job
C:\Windows\tasks\At32.job
C:\Windows\tasks\At33.job
C:\Windows\tasks\At34.job
C:\Windows\tasks\At35.job
C:\Windows\tasks\At36.job
C:\Windows\tasks\At37.job
C:\Windows\tasks\At38.job
C:\Windows\tasks\At39.job
C:\Windows\tasks\At40.job
C:\Windows\tasks\At41.job
C:\Windows\tasks\At42.job
C:\Windows\tasks\At43.job
C:\Windows\tasks\At44.job
C:\Windows\tasks\At45.job
C:\Windows\tasks\At46.job
C:\Windows\tasks\At47.job
C:\Windows\tasks\At48.job
C:\Windows\tasks\RegCure Program Check.job
C:\Windows\tasks\RegCure Startup.job
C:\Windows\tasks\RegCure.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-01-27 1484056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-01-03 1019128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-01-27 2033432]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-02-08 8505888]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-02 98304]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\Users\SOULJA [2010-02-13 1466]
"ICQ"=C:\Program Files\ICQ7.0\ICQ.exe [2010-02-11 133368]
"DAEMON Tools Pro Agent"=C:\Program Files\DAEMON Tools Pro\DTProAgent.exe [2009-12-18 427328]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"UniblueRegistryBooster"=C:\Program Files\Uniblue\RegistryBooster 2010\launcher.exe [2009-09-29 59184]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Nokia Nseries PC Suite.lnk - C:\Program Files\Nokia\NNPCS\RunLauncher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="app_dll.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{52c5f940-aba1-11de-8a41-001fd0b1201b}]
shell\AutoRun\command - F:\setup.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 months======

2010-03-04 19:18:53 ----D---- C:\rsit
2010-03-04 19:09:41 ----D---- C:\Program Files\trend micro
2010-03-04 18:39:44 ----D---- C:\ProgramData\RegCure
2010-03-04 18:39:44 ----D---- C:\Program Files\RegCure
2010-03-01 18:37:49 ----D---- C:\Program Files\DAEMON Tools Pro
2010-03-01 18:37:23 ----D---- C:\Users\Soulja Boy\AppData\Roaming\DAEMON Tools Pro
2010-03-01 18:37:23 ----D---- C:\ProgramData\DAEMON Tools Pro
2010-03-01 16:54:24 ----D---- C:\run
2010-02-28 13:28:33 ----A---- C:\Windows\system32\XAudio2_6.dll
2010-02-28 13:28:33 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2010-02-28 13:28:33 ----A---- C:\Windows\system32\xactengine3_6.dll
2010-02-28 13:28:32 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2010-02-28 13:25:57 ----D---- C:\dirext
2010-02-28 13:22:47 ----D---- C:\ProgramData\ATI
2010-02-24 19:40:29 ----A---- C:\Windows\system32\TURegOpt.exe
2010-02-24 19:40:27 ----A---- C:\Windows\system32\uxtuneup.dll
2010-02-24 19:40:27 ----A---- C:\Windows\system32\authuitu.dll
2010-02-24 19:40:06 ----D---- C:\Users\Soulja Boy\AppData\Roaming\TuneUp Software
2010-02-24 19:40:00 ----D---- C:\Program Files\TuneUp Utilities 2010
2010-02-24 19:39:33 ----D---- C:\ProgramData\TuneUp Software
2010-02-24 19:39:23 ----SHD---- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-02-24 15:12:07 ----A---- C:\Windows\system32\jscript.dll
2010-02-24 15:12:04 ----A---- C:\Windows\system32\psisdecd.dll
2010-02-24 15:12:04 ----A---- C:\Windows\system32\msdri.dll
2010-02-24 15:12:04 ----A---- C:\Windows\system32\CPFilters.dll
2010-02-24 15:11:57 ----A---- C:\Windows\system32\tzres.dll
2010-02-21 18:42:34 ----A---- C:\Windows\SWTFU_1_1_Patch_Log.txt
2010-02-21 18:00:37 ----D---- C:\Program Files\Aspyr
2010-02-20 21:25:56 ----D---- C:\Program Files\Monte Cristo
2010-02-20 10:07:20 ----D---- C:\Windows\system32\RTCOM
2010-02-20 10:06:52 ----A---- C:\Windows\system32\WavesLib.dll
2010-02-20 10:06:52 ----A---- C:\Windows\system32\SRSWOW.dll
2010-02-20 10:06:52 ----A---- C:\Windows\system32\SRSTSXT.dll
2010-02-20 10:06:52 ----A---- C:\Windows\system32\SRSTSHD.dll
2010-02-20 10:06:52 ----A---- C:\Windows\system32\SRSHP360.dll
2010-02-20 10:06:51 ----A---- C:\Windows\system32\RtkPgExt.dll
2010-02-20 10:06:51 ----A---- C:\Windows\system32\RtkCoInst.dll
2010-02-20 10:06:51 ----A---- C:\Windows\system32\RtkApoApi.dll
2010-02-20 10:06:51 ----A---- C:\Windows\system32\RtkAPO.dll
2010-02-20 10:06:50 ----A---- C:\Windows\system32\RTEEP32A.dll
2010-02-20 10:06:50 ----A---- C:\Windows\system32\RTEEL32A.dll
2010-02-20 10:06:50 ----A---- C:\Windows\system32\RTEEG32A.dll
2010-02-20 10:06:50 ----A---- C:\Windows\system32\RTEED32A.dll
2010-02-20 10:06:50 ----A---- C:\Windows\system32\RP3DHT32.dll
2010-02-20 10:06:50 ----A---- C:\Windows\system32\RP3DAA32.dll
2010-02-20 10:06:50 ----A---- C:\Windows\system32\MaxxAudioEQ.dll
2010-02-20 10:06:50 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2010-02-20 10:06:50 ----A---- C:\Windows\system32\MaxxAudioAPO.dll
2010-02-20 10:06:49 ----A---- C:\Windows\system32\FMAPO.dll
2010-02-20 10:06:49 ----A---- C:\Windows\system32\DTSVoiceClarityDLL.dll
2010-02-20 10:06:49 ----A---- C:\Windows\system32\DTSS2SpeakerDLL.dll
2010-02-20 10:06:49 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL.dll
2010-02-20 10:06:49 ----A---- C:\Windows\system32\DTSNeoPCDLL.dll
2010-02-20 10:06:49 ----A---- C:\Windows\system32\DTSLimiterDLL.dll
2010-02-20 10:06:49 ----A---- C:\Windows\system32\DTSLFXAPO.dll
2010-02-20 10:06:48 ----A---- C:\Windows\system32\DTSGFXAPO.dll
2010-02-20 10:06:48 ----A---- C:\Windows\system32\DTSGainCompensatorDLL.dll
2010-02-20 10:06:48 ----A---- C:\Windows\system32\DTSBoostDLL.dll
2010-02-20 10:06:48 ----A---- C:\Windows\system32\DTSBassEnhancementDLL.dll
2010-02-20 10:06:48 ----A---- C:\Windows\system32\AERTARen.dll
2010-02-20 10:06:48 ----A---- C:\Windows\system32\AERTACap.dll
2010-02-20 10:06:45 ----A---- C:\Windows\RtlExUpd.dll
2010-02-16 20:07:48 ----D---- C:\Program Files\3dGirlz
2010-02-11 23:20:25 ----A---- C:\Windows\NeroDigital.ini
2010-02-10 10:41:25 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-02-10 10:41:25 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-02-10 10:41:25 ----A---- C:\Windows\system32\kernel32.dll
2010-02-10 10:41:25 ----A---- C:\Windows\system32\apphelp.dll
2010-02-10 10:41:20 ----A---- C:\Windows\system32\tsbyuv.dll
2010-02-10 10:41:20 ----A---- C:\Windows\system32\quartz.dll
2010-02-10 10:41:20 ----A---- C:\Windows\system32\msyuv.dll
2010-02-10 10:41:20 ----A---- C:\Windows\system32\msvidc32.dll
2010-02-10 10:41:20 ----A---- C:\Windows\system32\msrle32.dll
2010-02-10 10:41:20 ----A---- C:\Windows\system32\mciavi32.dll
2010-02-10 10:41:20 ----A---- C:\Windows\system32\iyuv_32.dll
2010-02-10 10:41:20 ----A---- C:\Windows\system32\avifil32.dll
2010-02-10 10:41:16 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-02-10 10:41:16 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-02-10 10:41:16 ----A---- C:\Windows\system32\secproc_isv.dll
2010-02-10 10:41:16 ----A---- C:\Windows\system32\secproc.dll
2010-02-10 10:41:16 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-02-10 10:41:16 ----A---- C:\Windows\system32\RMActivate.exe
2010-02-10 10:41:15 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-02-10 10:41:15 ----A---- C:\Windows\system32\RMActivate_ssp.exe

======List of files/folders modified in the last 1 months======

2010-03-04 19:09:41 ----RD---- C:\Program Files
2010-03-04 18:39:49 ----D---- C:\Windows\Tasks
2010-03-04 18:39:49 ----D---- C:\Windows\system32\Tasks
2010-03-04 18:39:44 ----HD---- C:\ProgramData
2010-03-04 18:30:28 ----D---- C:\Windows\Prefetch
2010-03-04 18:26:57 ----D---- C:\Windows\Temp
2010-03-04 18:26:55 ----SHD---- C:\$Recycle.Bin
2010-03-04 18:26:49 ----RD---- C:\Users
2010-03-04 16:52:03 ----D---- C:\Windows\System32
2010-03-04 16:52:03 ----D---- C:\Windows\inf
2010-03-04 16:52:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-03-04 16:45:15 ----D---- C:\Windows\system32\config
2010-03-04 15:05:19 ----D---- C:\Users\Soulja Boy\AppData\Roaming\ICQ
2010-03-03 19:39:14 ----SHD---- C:\System Volume Information
2010-03-03 17:24:19 ----D---- C:\Windows\rescache
2010-03-01 20:05:41 ----D---- C:\Windows\Minidump
2010-03-01 19:07:24 ----RSD---- C:\Windows\Fonts
2010-03-01 18:33:01 ----D---- C:\Program Files\DAEMON Tools Lite
2010-03-01 17:09:03 ----D---- C:\Program Files\Uniblue
2010-03-01 16:57:59 ----SHD---- C:\Windows\Installer
2010-03-01 16:57:59 ----SHD---- C:\Config.Msi
2010-03-01 16:47:43 ----D---- C:\ProgramData\Adobe
2010-03-01 16:47:10 ----D---- C:\Users\Soulja Boy\AppData\Roaming\Adobe
2010-03-01 16:46:37 ----D---- C:\Program Files\Common Files\Adobe
2010-03-01 16:46:25 ----D---- C:\Program Files\Adobe
2010-03-01 15:55:53 ----D---- C:\xxx
2010-03-01 15:16:29 ----D---- C:\Windows
2010-02-28 22:32:09 ----D---- C:\Windows\system32\catroot
2010-02-28 13:31:59 ----HD---- C:\Program Files\Temp
2010-02-28 13:28:13 ----RSD---- C:\Windows\assembly
2010-02-28 13:22:45 ----D---- C:\Program Files\ATI
2010-02-28 13:22:24 ----D---- C:\Program Files\ATI Technologies
2010-02-28 13:21:29 ----D---- C:\Windows\system32\drivers
2010-02-28 13:21:27 ----D---- C:\Windows\system32\DriverStore
2010-02-27 18:27:48 ----D---- C:\Users\Soulja Boy\AppData\Roaming\Facebook
2010-02-24 21:47:12 ----D---- C:\Windows\Microsoft.NET
2010-02-24 16:51:36 ----D---- C:\Windows\winsxs
2010-02-24 16:41:26 ----D---- C:\Windows\system32\cs-CZ
2010-02-24 16:41:26 ----D---- C:\Windows\ehome
2010-02-24 16:41:18 ----D---- C:\Users\Soulja Boy\AppData\Roaming\Skype
2010-02-24 16:01:59 ----D---- C:\Users\Soulja Boy\AppData\Roaming\skypePM
2010-02-24 15:44:44 ----D---- C:\Windows\AppPatch
2010-02-24 15:11:52 ----D---- C:\Windows\system32\catroot2
2010-02-21 19:10:52 ----D---- C:\ProgramData\avg9
2010-02-20 10:06:48 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-17 21:28:14 ----D---- C:\Program Files\ICQ7.0
2010-02-17 18:07:22 ----D---- C:\NeedForSpeed-Shift
2010-02-13 00:59:59 ----D---- C:\Windows\system32\NDF
2010-02-11 14:45:55 ----A---- C:\Windows\system32\PnkBstrB.exe
2010-02-10 14:10:07 ----D---- C:\ProgramData\Microsoft Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2010-01-27 333192]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2010-01-27 28424]
R1 AvgTdiX;AVG Free Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2010-01-27 360584]
R1 blbdrive;blbdrive; C:\Windows\system32\DRIVERS\blbdrive.sys [2009-07-14 35328]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 DfsC;@%systemroot%\system32\drivers\dfsc.sys,-101; C:\Windows\System32\Drivers\dfsc.sys [2009-07-14 78336]
R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys [2009-07-14 32256]
R1 nsiproxy;@%SystemRoot%\system32\drivers\nsiproxy.sys,-2; C:\Windows\system32\drivers\nsiproxy.sys [2009-07-14 16896]
R1 RDPENCDD;@%systemroot%\system32\drivers\RDPENCDD.sys,-101; C:\Windows\system32\drivers\rdpencdd.sys [2009-07-14 6656]
R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\Windows\system32\drivers\rdprefmp.sys [2009-07-14 7168]
R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\Windows\system32\DRIVERS\tdx.sys [2009-07-14 74240]
R1 Wanarpv6;@%systemroot%\system32\rascfg.dll,-32012; C:\Windows\system32\DRIVERS\wanarp.sys [2009-07-14 63488]
R1 WfpLwf;WFP Lightweight Filter; C:\Windows\system32\DRIVERS\wfplwf.sys [2009-07-14 9728]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver; C:\Windows\system32\DRIVERS\lltdio.sys [2009-07-14 48128]
R2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; C:\Windows\system32\drivers\luafv.sys [2009-07-14 86528]
R2 PEAUTH;PEAUTH; C:\Windows\system32\drivers\peauth.sys [2009-07-14 586752]
R2 rspndr;Link-Layer Topology Discovery Responder; C:\Windows\system32\DRIVERS\rspndr.sys [2009-07-14 60928]
R2 tcpipreg;TCP/IP Registry Compatibility; C:\Windows\System32\drivers\tcpipreg.sys [2009-07-14 34816]
R3 AmdK8;Ovladač procesoru AMD K8; C:\Windows\system32\DRIVERS\amdk8.sys [2009-07-14 55296]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-02-03 5313536]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-02-03 150016]
R3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys [2009-04-22 42552]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-01-28 100352]
R3 bowser;@%systemroot%\system32\browser.dll,-102; C:\Windows\system32\DRIVERS\bowser.sys [2009-07-14 69632]
R3 cmpci;C-Media PCI Audio Driver (WDM); C:\Windows\system32\drivers\cmaudio.sys [2002-07-16 379726]
R3 CompositeBus;Ovladač rozpoznávacího modulu složené sběrnice; C:\Windows\system32\DRIVERS\CompositeBus.sys [2009-07-14 31232]
R3 DXGKrnl;LDDM Graphics Subsystem; C:\Windows\System32\drivers\dxgkrnl.sys [2009-10-02 728648]
R3 HDAudBus;Ovladač sběrnice Microsoft UAA pro zvuk High Definition Audio; C:\Windows\system32\DRIVERS\HDAudBus.sys [2009-07-14 108544]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-02-08 3019232]
R3 iScsiPrt;Ovladač iScsiPort; C:\Windows\system32\DRIVERS\msiscsi.sys [2009-07-14 186960]
R3 monitor;Služba ovladače funkce třídy monitorů Microsoft; C:\Windows\system32\DRIVERS\monitor.sys [2009-07-14 23552]
R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\Windows\System32\drivers\mpsdrv.sys [2009-07-14 60416]
R3 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; C:\Windows\system32\DRIVERS\mrxsmb10.sys [2010-01-08 221184]
R3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; C:\Windows\system32\DRIVERS\mrxsmb20.sys [2009-07-14 95744]
R3 MSILiveVirtualCamera;MSI Live Virtual Camera; C:\Windows\system32\DRIVERS\MSILiveVirtualCamera.sys [2007-01-29 449408]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
R3 RasAgileVpn;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys [2009-07-14 49152]
R3 RasSstp;@%systemroot%\system32\sstpsvc.dll,-202; C:\Windows\system32\DRIVERS\rassstp.sys [2009-07-14 75264]
R3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\Windows\system32\DRIVERS\rdpbus.sys [2009-07-14 18944]
R3 srv2;@%systemroot%\system32\srvsvc.dll,-104; C:\Windows\System32\DRIVERS\srv2.sys [2009-07-14 306688]
R3 srvnet;srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [2009-12-08 113664]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
R3 tunnel;Microsoft Tunnel Miniport Adapter Driver; C:\Windows\system32\DRIVERS\tunnel.sys [2009-07-14 108544]
R3 umbus;Ovladač sběrnice UMBus Enumerator; C:\Windows\system32\DRIVERS\umbus.sys [2009-07-14 39936]
R3 usbehci;Ovladač miniportu vylepšeného hostitelského řadiče Microsoft USB 2.0; C:\Windows\system32\DRIVERS\usbehci.sys [2009-10-24 41984]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\Windows\system32\DRIVERS\usbhub.sys [2009-10-24 258560]
R3 usbohci;Ovladač miniportu otevřeného hostitelského řadiče Microsoft USB; C:\Windows\system32\DRIVERS\usbohci.sys [2009-07-14 20480]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2009-09-11 22792]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2009-09-11 66056]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
S3 1394ohci;1394 OHCI Compliant Host Controller; C:\Windows\system32\DRIVERS\1394ohci.sys [2009-07-14 163328]
S3 aa7yengp;aa7yengp; C:\Windows\system32\drivers\aa7yengp.sys []
S3 AcpiPmi;ACPI Power Meter Driver; C:\Windows\system32\DRIVERS\acpipmi.sys [2009-07-14 9728]
S3 adp94xx;adp94xx; C:\Windows\system32\DRIVERS\adp94xx.sys [2009-07-14 422976]
S3 adpahci;adpahci; C:\Windows\system32\DRIVERS\adpahci.sys [2009-07-14 297552]
S3 adpu320;adpu320; C:\Windows\system32\DRIVERS\adpu320.sys [2009-07-14 146512]
S3 agp440;Intel AGP Bus Filter; C:\Windows\system32\DRIVERS\agp440.sys [2009-07-14 53312]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 amdide;amdide; C:\Windows\system32\DRIVERS\amdide.sys [2009-07-14 14912]
S3 AmdPPM;AMD Processor Driver; C:\Windows\system32\DRIVERS\amdppm.sys [2009-07-14 52736]
S3 amdsata;amdsata; C:\Windows\system32\DRIVERS\amdsata.sys [2009-07-14 79952]
S3 amdsbs;amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [2009-07-14 159312]
S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys [2009-07-14 50176]
S3 arc;arc; C:\Windows\system32\DRIVERS\arc.sys [2009-07-14 76368]
S3 arcsas;arcsas; C:\Windows\system32\DRIVERS\arcsas.sys [2009-07-14 86608]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-02-03 5313536]
S3 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\DRIVERS\bxvbdx.sys [2009-07-13 430080]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver; C:\Windows\system32\DRIVERS\BrFiltLo.sys [2009-07-13 13568]
S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver; C:\Windows\system32\DRIVERS\BrFiltUp.sys [2009-07-13 5248]
S3 Brserid;Brother MFC Serial Port Interface Driver (WDM); C:\Windows\System32\Drivers\Brserid.sys [2009-07-14 272128]
S3 BrSerWdm;Brother WDM Serial driver; C:\Windows\System32\Drivers\BrSerWdm.sys [2009-07-13 62336]
S3 BrUsbMdm;Brother MFC USB Fax Only Modem; C:\Windows\System32\Drivers\BrUsbMdm.sys [2009-07-13 12160]
S3 BrUsbSer;Brother MFC USB Serial WDM Driver; C:\Windows\System32\Drivers\BrUsbSer.sys [2009-07-13 11904]
S3 BTHMODEM;Bluetooth Serial Communications Driver; C:\Windows\system32\DRIVERS\bthmodem.sys [2009-07-14 56320]
S3 circlass;Consumer IR Devices; C:\Windows\system32\DRIVERS\circlass.sys [2009-07-14 37888]
S3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2009-07-14 14080]
S3 Compbatt;Compbatt; C:\Windows\system32\DRIVERS\compbatt.sys [2009-07-14 19024]
S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\system32\DRIVERS\evbdx.sys [2009-07-13 3100160]
S3 elxstor;elxstor; C:\Windows\system32\DRIVERS\elxstor.sys [2009-07-14 453712]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\DRIVERS\errdev.sys [2009-07-14 7168]
S3 exfat;exFAT File System Driver; C:\Windows\system32\drivers\exfat.sys [2009-07-14 142336]
S3 Filetrace;@%SystemRoot%\system32\drivers\filetrace.sys,-10001; C:\Windows\system32\drivers\filetrace.sys [2009-07-14 28160]
S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys [2009-07-14 46160]
S3 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\Windows\system32\DRIVERS\gagp30kx.sys [2009-07-14 57936]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2009-09-30 15600]
S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\Windows\system32\drivers\hcw85cir.sys [2009-07-13 26624]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-07-14 304128]
S3 HidBatt;HID UPS Battery Driver; C:\Windows\system32\DRIVERS\HidBatt.sys [2009-07-14 21504]
S3 HidBth;Microsoft Bluetooth HID Miniport; C:\Windows\system32\DRIVERS\hidbth.sys [2009-07-14 91136]
S3 HidIr;Microsoft Infrared HID Driver; C:\Windows\system32\DRIVERS\hidir.sys [2009-07-14 37888]
S3 HidUsb;Ovladač třídy standardu HID Microsoft; C:\Windows\system32\DRIVERS\hidusb.sys [2009-07-14 24064]
S3 HpSAMD;HpSAMD; C:\Windows\system32\DRIVERS\HpSAMD.sys [2009-07-14 67152]
S3 iaStorV;iaStorV; C:\Windows\system32\DRIVERS\iaStorV.sys [2009-07-14 332352]
S3 iirsp;iirsp; C:\Windows\system32\DRIVERS\iirsp.sys [2009-07-14 41040]
S3 intelide;intelide; C:\Windows\system32\DRIVERS\intelide.sys [2009-07-14 15424]
S3 intelppm;Intel Processor Driver; C:\Windows\system32\DRIVERS\intelppm.sys [2009-07-14 53760]
S3 IPMIDRV;IPMIDRV; C:\Windows\system32\DRIVERS\IPMIDrv.sys [2009-07-14 65536]
S3 isapnp;isapnp; C:\Windows\system32\DRIVERS\isapnp.sys [2009-07-14 46656]
S3 kbdhid;Ovladač klávesnice standardu HID; C:\Windows\system32\DRIVERS\kbdhid.sys [2009-07-14 28160]
S3 LSI_FC;LSI_FC; C:\Windows\system32\DRIVERS\lsi_fc.sys [2009-07-14 95824]
S3 LSI_SAS;LSI_SAS; C:\Windows\system32\DRIVERS\lsi_sas.sys [2009-07-14 89168]
S3 LSI_SAS2;LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [2009-07-14 54864]
S3 LSI_SCSI;LSI_SCSI; C:\Windows\system32\DRIVERS\lsi_scsi.sys [2009-07-14 96848]
S3 megasas;megasas; C:\Windows\system32\DRIVERS\megasas.sys [2009-07-14 30800]
S3 MegaSR;MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [2009-07-14 235584]
S3 mouhid;Ovladač myši standardu HID; C:\Windows\system32\DRIVERS\mouhid.sys [2009-07-14 26112]
S3 mpio;mpio; C:\Windows\system32\DRIVERS\mpio.sys [2009-07-14 130624]
S3 msahci;msahci; C:\Windows\system32\DRIVERS\msahci.sys [2009-07-14 27712]
S3 msdsm;msdsm; C:\Windows\system32\DRIVERS\msdsm.sys [2009-07-14 115792]
S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys [2009-07-14 4096]
S3 MsRPC;MsRPC; C:\Windows\system32\drivers\MsRPC.sys [2009-07-14 162896]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2009-07-14 6144]
S3 MTConfig;Microsoft Input Configuration Driver; C:\Windows\system32\DRIVERS\MTConfig.sys [2009-07-14 12288]
S3 NativeWifiP;NativeWiFi Filter; C:\Windows\system32\DRIVERS\nwifi.sys [2009-07-14 267264]
S3 NdisCap;NDIS Capture LightWeight Filter; C:\Windows\system32\DRIVERS\ndiscap.sys [2009-07-14 27136]
S3 nfrd960;nfrd960; C:\Windows\system32\DRIVERS\nfrd960.sys [2009-07-14 44624]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2007-11-29 16896]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2007-11-29 19328]
S3 nv_agp;NVIDIA nForce AGP Bus Filter; C:\Windows\system32\DRIVERS\nv_agp.sys [2009-07-14 105024]
S3 nvraid;nvraid; C:\Windows\system32\DRIVERS\nvraid.sys [2009-07-14 117312]
S3 ohci1394;1394 OHCI Compliant Host Controller (Legacy); C:\Windows\system32\DRIVERS\ohci1394.sys [2009-07-14 62464]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 PnkBstrK;PnkBstrK; \??\C:\Windows\system32\drivers\PnkBstrK.sys [2010-02-11 139128]
S3 ql2300;ql2300; C:\Windows\system32\DRIVERS\ql2300.sys [2009-07-14 1383488]
S3 ql40xx;ql40xx; C:\Windows\system32\DRIVERS\ql40xx.sys [2009-07-14 106064]
S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\Windows\system32\drivers\qwavedrv.sys [2009-07-14 31744]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sbp2port;sbp2port; C:\Windows\system32\DRIVERS\sbp2port.sys [2009-07-14 85568]
S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys [2009-07-14 26624]
S3 sermouse;Serial Mouse Driver; C:\Windows\system32\DRIVERS\sermouse.sys [2009-07-14 19968]
S3 sffdisk;SFF Storage Class Driver; C:\Windows\system32\DRIVERS\sffdisk.sys [2009-07-14 11264]
S3 sffp_mmc;SFF Storage Protocol Driver for MMC; C:\Windows\system32\DRIVERS\sffp_mmc.sys [2009-07-14 12288]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\Windows\system32\DRIVERS\sffp_sd.sys [2009-07-14 12800]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 SiSRaid2;SiSRaid2; C:\Windows\system32\DRIVERS\SiSRaid2.sys [2009-07-14 40016]
S3 SiSRaid4;SiSRaid4; C:\Windows\system32\DRIVERS\sisraid4.sys [2009-07-14 77888]
S3 Smb;@%SystemRoot%\system32\tcpipcfg.dll,-50005; C:\Windows\system32\DRIVERS\smb.sys [2009-07-14 71168]
S3 stexstor;stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [2009-07-14 21072]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 TCPIP6;Microsoft IPv6 Protocol Driver; C:\Windows\system32\DRIVERS\tcpip.sys [2009-07-14 1285712]
S3 tssecsrv;@%SystemRoot%\System32\DRIVERS\tssecsrv.sys,-101; C:\Windows\System32\DRIVERS\tssecsrv.sys [2009-07-14 30208]
S3 uagp35;Microsoft AGPv3.5 Filter; C:\Windows\system32\DRIVERS\uagp35.sys [2009-07-14 55888]
S3 uliagpkx;Uli AGP Bus Filter; C:\Windows\system32\DRIVERS\uliagpkx.sys [2009-07-14 57424]
S3 UmPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys [2009-07-14 8192]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2007-11-29 8064]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-07-14 80640]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\Windows\system32\DRIVERS\usbccgp.sys [2009-07-14 75264]
S3 usbcir;eHome Infrared Receiver (USBCIR); C:\Windows\system32\DRIVERS\usbcir.sys [2009-07-14 86016]
S3 usbprint;Třída USB Printer; C:\Windows\system32\DRIVERS\usbprint.sys [2009-07-14 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2007-11-29 8064]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\Windows\system32\DRIVERS\USBSTOR.SYS [2009-07-14 74752]
S3 usbuhci;Ovladač miniportu univerzálního hostitelského řadiče Microsoft USB; C:\Windows\system32\DRIVERS\usbuhci.sys [2009-07-14 24064]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2009-07-14 146176]
S3 vga;vga; C:\Windows\system32\DRIVERS\vgapnp.sys [2009-07-14 26112]
S3 vhdmp;vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys [2009-07-14 159824]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 vsmraid;vsmraid; C:\Windows\system32\DRIVERS\vsmraid.sys [2009-07-14 141904]
S3 vwifibus;@%SystemRoot%\System32\drivers\vwifibus.sys,-257; C:\Windows\System32\drivers\vwifibus.sys [2009-07-14 19968]
S3 WacomPen;Wacom Serial Pen HID Driver; C:\Windows\system32\DRIVERS\wacompen.sys [2009-07-14 21632]
S3 Wd;Wd; C:\Windows\system32\DRIVERS\wd.sys [2009-07-14 19024]
S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2009-07-14 19008]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2009-09-11 35592]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\Windows\system32\drivers\WmHidLo.sys [2009-09-11 31752]
S3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2009-07-14 11264]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2009-09-11 14984]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]
S4 crcdisk;Crcdisk Filter Driver; C:\Windows\system32\DRIVERS\crcdisk.sys [2009-07-14 22096]
S4 ws2ifsl;@%systemroot%\System32\drivers\ws2ifsl.sys,-1000; C:\Windows\system32\drivers\ws2ifsl.sys [2009-07-14 16384]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-02-03 172032]
R2 AMDFusionSVC;Služby softwarového nástroje AMD Fusion; C:\Program Files\AMD\AMD Fusion Utility for Desktops\FusionSVC.exe [2009-09-08 383544]
R2 AudioEndpointBuilder;@%SystemRoot%\system32\audiosrv.dll,-204; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-01-27 285392]
R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 gpsvc;@gpapi.dll,-112; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
R2 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-01-29 75064]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2010-02-11 215128]
R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-02 1043784]
R2 UxSms;@%SystemRoot%\system32\dwm.exe,-2000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 WSearch;@%systemroot%\system32\SearchIndexer.exe,-103; C:\Windows\system32\SearchIndexer.exe [2009-07-14 428032]
R2 wudfsvc;@%SystemRoot%\system32\wudfsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 netprofm;@%SystemRoot%\system32\netprofm.dll,-202; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [2009-07-14 22528]
R3 WdiServiceHost;@%systemroot%\system32\wdi.dll,-502; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 AODService;AODService; C:\Program Files\AMD\OverDrive\AODAssist.exe [2009-10-22 136544]
S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [2009-07-14 3179520]
S2 SPService;SPService; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 clr_optimization_v2.0.50727_32;Microsoft .NET Framework NGEN v2.0.50727_X86; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2009-06-10 66384]
S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe [2009-07-14 22528]
S3 ehRecvr;@%SystemRoot%\ehome\ehrecvr.exe,-101; C:\Windows\ehome\ehRecvr.exe [2009-07-14 557056]
S3 ehSched;@%SystemRoot%\ehome\ehsched.exe,-101; C:\Windows\ehome\ehsched.exe [2009-07-14 94720]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2009-07-14 522752]
S3 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-01-17 655624]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2009-06-10 42856]
S3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 idsvc;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2009-06-10 878416]
S3 IPBusEnum;@%systemroot%\system32\IPBusEnum.dll,-102; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 KeyIso;@keyiso.dll,-100; C:\Windows\system32\lsass.exe [2009-07-14 22528]
S3 KtmRm;@comres.dll,-2946; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 p2pimsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8004; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 pla;@%systemroot%\system32\pla.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 PNRPAutoReg;@%SystemRoot%\system32\pnrpauto.dll,-8002; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 PNRPsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SDRSVC;@%SystemRoot%\system32\sdrsvc.dll,-107; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [2008-02-20 354816]
S3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; C:\Windows\System32\snmptrap.exe [2009-07-14 12800]
S3 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 TabletInputService;@%SystemRoot%\system32\TabSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 TBS;@%SystemRoot%\system32\tbssvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\Windows\servicing\TrustedInstaller.exe [2009-07-14 204800]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-02-24 435016]
S3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; C:\Windows\system32\UI0Detect.exe [2009-07-14 35840]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 vds;@%SystemRoot%\system32\vds.exe,-100; C:\Windows\System32\vds.exe [2009-07-14 452608]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-07-14 1202688]
S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 wcncsvc;@%SystemRoot%\system32\wcncsvc.dll,-3; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WcsPlugInService;@%SystemRoot%\system32\WcsPlugInService.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 WdiSystemHost;@%systemroot%\system32\wdi.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Wecsvc;@%SystemRoot%\system32\wecsvc.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 wercplsupport;@%SystemRoot%\System32\wercplsupport.dll,-101; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WerSvc;@%SystemRoot%\System32\wersvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WinDefend;@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WinHttpAutoProxySvc;@%SystemRoot%\system32\winhttp.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 WinRM;@%Systemroot%\system32\wsmsvc.dll,-101; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Wlansvc;@%SystemRoot%\System32\wlansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 WMPNetworkSvc;@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101; C:\Program Files\Windows Media Player\wmpnetwk.exe [2009-07-14 1121280]
S3 WPCSvc;@%SystemRoot%\system32\wpcsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 WPDBusEnum;@%SystemRoot%\system32\wpdbusenum.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 Mcx2Svc;@%SystemRoot%\ehome\ehres.dll,-15501; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 NetTcpPortSharing;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8201; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 128848]

-----------------EOF-----------------

[Rudy]

Log není kompletní. Spusťte RSIT znovu, ale v kompatibilitě WinXP.

[MartinStifler]

Uz by to mělo být kompletní

[Rudy]

Ano je. Nyní udělejte sken ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

[MartinStifler]

tady je ten vypis z ComboFixu :
-----------------------------
ComboFix 10-03-03.09 - Soulja Boy 04.03.2010 19:51:31.1.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.3584.2648 [GMT 1:00]
Spuštěný z: c:\users\Soulja Boy\Documents\Downloads\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\h.exe
c:\program files\Internet Explorer\js.mui
c:\program files\temp
c:\windows\tsnp2uvc .exe

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_SPService


((((((((((((((((((((((((( Soubory vytvořené od 2010-02-04 do 2010-03-04 )))))))))))))))))))))))))))))))
.

2010-03-04 18:57 . 2010-03-04 18:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-03-04 18:57 . 2010-03-04 18:57 -------- d-----w- c:\users\Alien vs Predator\AppData\Local\temp
2010-03-04 18:18 . 2010-03-04 18:19 -------- d-----w- C:\rsit
2010-03-04 18:09 . 2010-03-04 18:18 -------- d-----w- c:\program files\trend micro
2010-03-04 17:39 . 2010-03-04 17:41 -------- d-----w- c:\program files\RegCure
2010-03-04 17:39 . 2010-03-04 17:39 -------- d-----w- c:\programdata\RegCure
2010-03-04 17:30 . 2010-03-04 17:30 -------- d-----w- c:\users\Alien vs Predator\AppData\Local\Diagnostics
2010-03-04 17:27 . 2010-03-04 17:27 130320 ----a-w- c:\users\Alien vs Predator\AppData\Local\GDIPFONTCACHEV1.DAT
2010-03-04 17:27 . 2010-03-04 17:27 -------- d-----w- c:\users\Alien vs Predator\AppData\Roaming\ATI
2010-03-04 17:27 . 2010-03-04 17:27 -------- d-----w- c:\users\Alien vs Predator\AppData\Local\ATI
2010-03-01 17:37 . 2010-03-01 17:37 -------- d-----w- c:\program files\DAEMON Tools Pro
2010-03-01 17:37 . 2010-03-01 18:10 -------- d-----w- c:\users\Soulja Boy\AppData\Roaming\DAEMON Tools Pro
2010-03-01 17:37 . 2010-03-01 17:37 -------- d-----w- c:\programdata\DAEMON Tools Pro
2010-03-01 15:54 . 2010-03-01 15:55 -------- d-----w- C:\run
2010-02-28 12:28 . 2010-02-04 09:01 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2010-02-28 12:28 . 2010-02-04 09:01 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2010-02-28 12:28 . 2010-02-04 09:01 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2010-02-28 12:28 . 2010-02-04 09:01 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2010-02-28 12:25 . 2010-02-28 12:26 -------- d-----w- C:\dirext
2010-02-28 12:22 . 2010-02-28 12:22 -------- d-----w- c:\programdata\ATI
2010-02-28 12:20 . 2010-02-28 12:20 10134 ----a-r- c:\users\Soulja Boy\AppData\Roaming\Microsoft\Installer\{F20F8E93-3471-1808-AC39-7CE622FCBB4B}\ARPPRODUCTICON.exe
2010-02-26 06:41 . 2010-02-26 06:41 847040 ----a-w- c:\users\Soulja Boy\AppData\Roaming\Facebook\axfbootloader.dll
2010-02-26 06:41 . 2010-02-26 06:41 5582848 ----a-w- c:\users\Soulja Boy\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
2010-02-24 18:40 . 2010-02-02 11:24 30536 ----a-w- c:\windows\system32\TURegOpt.exe
2010-02-24 18:40 . 2010-02-02 11:18 21320 ----a-w- c:\windows\system32\authuitu.dll
2010-02-24 18:40 . 2010-02-02 11:18 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2010-02-24 18:40 . 2010-02-24 18:40 -------- d-----w- c:\users\Soulja Boy\AppData\Roaming\TuneUp Software
2010-02-24 18:40 . 2010-02-24 18:53 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-02-24 18:39 . 2010-02-24 18:39 -------- d-----w- c:\programdata\TuneUp Software
2010-02-24 18:39 . 2010-02-24 18:39 -------- d-sh--w- c:\programdata\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-02-24 14:12 . 2009-12-13 09:30 641536 ----a-w- c:\windows\system32\CPFilters.dll
2010-02-24 14:12 . 2009-12-13 09:30 465408 ----a-w- c:\windows\system32\psisdecd.dll
2010-02-24 14:12 . 2009-12-13 09:29 417792 ----a-w- c:\windows\system32\msdri.dll
2010-02-24 14:11 . 2010-02-02 07:45 2048 ----a-w- c:\windows\system32\tzres.dll
2010-02-21 18:37 . 2010-02-21 18:37 -------- d-----w- c:\users\Soulja Boy\AppData\Local\Aspyr
2010-02-21 17:00 . 2010-02-21 17:00 -------- d-----w- c:\program files\Aspyr
2010-02-20 20:25 . 2010-02-20 20:25 -------- d-----w- c:\program files\Monte Cristo
2010-02-20 09:07 . 2010-02-20 09:07 -------- d-----w- c:\windows\system32\RTCOM
2010-02-16 19:07 . 2010-02-16 19:07 -------- d-----w- c:\program files\3dGirlz
2010-02-04 15:25 . 2010-02-28 12:22 -------- d-----w- c:\program files\ATI Technologies
2010-02-04 15:25 . 2010-02-28 12:22 -------- d-----w- c:\program files\ATI
2010-02-04 14:47 . 2010-02-04 14:47 -------- d-----w- c:\program files\Common Files\ATI Technologies
2010-02-03 17:46 . 2010-02-03 17:46 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2010-02-03 17:46 . 2010-02-03 17:46 -------- d-----w- c:\program files\OpenAL
2010-02-03 17:44 . 2010-02-03 17:46 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2010-02-03 17:38 . 2010-02-03 17:38 -------- d-----w- c:\program files\NSIS
2010-02-03 04:54 . 2010-02-03 04:54 5313536 ----a-w- c:\windows\system32\drivers\atipmdag.sys
2010-02-03 04:54 . 2010-02-03 04:54 5313536 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2010-02-03 04:23 . 2010-02-03 04:23 426496 ----a-w- c:\windows\system32\aticfx32.dll
2010-02-03 04:19 . 2010-02-03 04:19 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-02-03 04:17 . 2010-02-03 04:17 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-02-03 04:17 . 2010-02-03 04:17 372736 ----a-w- c:\windows\system32\atieclxx.exe
2010-02-03 04:16 . 2010-02-03 04:16 172032 ----a-w- c:\windows\system32\atiesrxx.exe
2010-02-03 04:15 . 2010-02-03 04:15 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2010-02-03 04:15 . 2010-02-03 04:15 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2010-02-03 04:15 . 2010-02-03 04:15 274432 ----a-w- c:\windows\system32\Oemdspif.dll
2010-02-03 04:14 . 2010-02-03 04:14 11776 ----a-w- c:\windows\system32\atimuixx.dll
2010-02-03 04:14 . 2010-02-03 04:14 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-02-03 04:01 . 2010-02-03 04:01 14147072 ----a-w- c:\windows\system32\atioglxx.dll
2010-02-03 03:52 . 2010-02-03 03:52 53248 ----a-w- c:\windows\system32\aticalrt.dll
2010-02-03 03:52 . 2010-02-03 03:52 53248 ----a-w- c:\windows\system32\aticalcl.dll
2010-02-03 03:51 . 2010-02-03 03:51 3649536 ----a-w- c:\windows\system32\aticaldd.dll
2010-02-03 03:40 . 2010-02-03 03:40 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-02-03 03:25 . 2010-02-03 03:25 52224 ----a-w- c:\windows\system32\atimpc32.dll
2010-02-03 03:25 . 2010-02-03 03:25 52224 ----a-w- c:\windows\system32\amdpcom32.dll
2010-02-03 03:24 . 2010-02-03 03:24 229376 ----a-w- c:\windows\system32\atiadlxx.dll
2010-02-03 03:24 . 2010-02-03 03:24 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2010-02-03 03:24 . 2010-02-03 03:24 14848 ----a-w- c:\windows\system32\atigktxx.dll
2010-02-03 03:23 . 2010-02-03 03:23 150016 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2010-02-03 03:23 . 2010-02-03 03:23 50176 ----a-w- c:\windows\system32\coinst.dll
2010-02-03 03:23 . 2010-02-03 03:23 27136 ----a-w- c:\windows\system32\atiuxpag.dll
2010-02-03 03:22 . 2010-02-03 03:22 20480 ----a-w- c:\windows\system32\atiu9pag.dll
2010-02-02 21:19 . 2010-02-02 21:19 -------- d-----w- c:\programdata\Codemasters

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-04 18:56 . 2009-07-14 08:44 634370 ----a-w- c:\windows\system32\perfh005.dat
2010-03-04 18:56 . 2009-07-14 08:44 124746 ----a-w- c:\windows\system32\perfc005.dat
2010-03-04 14:05 . 2009-09-26 07:14 -------- d-----w- c:\users\Soulja Boy\AppData\Roaming\ICQ
2010-03-01 18:09 . 2009-09-26 07:13 130320 ----a-w- c:\users\Soulja Boy\AppData\Local\GDIPFONTCACHEV1.DAT
2010-03-01 17:38 . 2009-09-27 20:06 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-03-01 17:33 . 2009-09-27 20:08 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-03-01 16:09 . 2010-02-02 17:12 -------- d-----w- c:\program files\Uniblue
2010-03-01 15:46 . 2009-09-26 12:10 -------- d-----w- c:\program files\Common Files\Adobe
2010-02-27 17:27 . 2010-01-29 15:51 50354 ----a-w- c:\users\Soulja Boy\AppData\Roaming\Facebook\uninstall.exe
2010-02-27 17:27 . 2010-01-29 15:51 -------- d-----w- c:\users\Soulja Boy\AppData\Roaming\Facebook
2010-02-24 15:41 . 2009-11-22 15:56 -------- d-----w- c:\users\Soulja Boy\AppData\Roaming\Skype
2010-02-24 15:01 . 2009-11-22 16:02 -------- d-----w- c:\users\Soulja Boy\AppData\Roaming\skypePM
2010-02-21 18:10 . 2010-01-27 14:46 -------- d-----w- c:\programdata\avg9
2010-02-20 09:06 . 2009-09-26 07:14 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-17 20:28 . 2010-01-27 15:06 -------- d-----w- c:\program files\ICQ7.0
2010-02-11 13:45 . 2009-09-26 09:47 215128 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-02-11 13:23 . 2009-09-26 09:48 139128 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-02-10 13:10 . 2009-09-27 19:45 -------- d-----w- c:\programdata\Microsoft Help
2010-02-08 17:46 . 2010-02-20 09:06 57376 ----a-w- c:\windows\system32\RtkCoInst.dll
2010-02-08 17:46 . 2010-02-20 09:06 1695264 ----a-w- c:\windows\system32\RtkPgExt.dll
2010-02-08 17:46 . 2010-02-20 09:06 371232 ----a-w- c:\windows\system32\RtkApoApi.dll
2010-02-08 17:46 . 2010-02-20 09:06 2624544 ----a-w- c:\windows\system32\RtkAPO.dll
2010-02-08 17:17 . 2010-02-20 09:06 3019232 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys
2010-02-03 16:43 . 2009-07-14 04:52 -------- d-----w- c:\program files\Windows Portable Devices
2010-02-03 16:43 . 2009-07-14 04:52 -------- d-----w- c:\program files\Windows Defender
2010-02-03 16:43 . 2009-09-27 19:42 -------- d-----w- c:\users\Soulja Boy\AppData\Roaming\GHISLER
2010-02-03 16:43 . 2010-01-20 19:38 -------- d-----w- c:\program files\ICQ6Toolbar
2010-02-03 16:43 . 2010-01-05 19:55 -------- d-----w- c:\programdata\Ulead Systems
2010-02-03 16:43 . 2010-01-02 22:17 -------- d-----w- c:\program files\Common Files\LightScribe
2010-02-03 16:42 . 2010-02-02 16:04 -------- d-----w- c:\program files\Codemasters
2010-02-03 16:42 . 2010-01-29 16:52 -------- d-----w- c:\program files\Battlefield.Bad.Company.2.anorganick
2010-02-03 16:42 . 2009-12-17 14:24 -------- d-----w- c:\program files\AMD
2010-02-03 04:12 . 2009-11-25 03:12 3073024 ----a-w- c:\windows\system32\atidxx32.dll
2010-02-03 03:55 . 2009-11-25 02:55 3653632 ----a-w- c:\windows\system32\atiumdag.dll
2010-02-03 03:37 . 2009-11-25 02:37 2934272 ----a-w- c:\windows\system32\atiumdva.dll
2010-02-02 17:12 . 2010-02-02 16:37 -------- d-----w- c:\users\Soulja Boy\AppData\Roaming\Uniblue
2010-02-01 15:14 . 2010-02-20 09:06 1247776 ----a-w- c:\windows\RtlExUpd.dll
2010-01-29 21:25 . 2009-09-26 09:47 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-01-29 21:21 . 2009-09-26 09:41 -------- d-----w- c:\program files\Electronic Arts
2010-01-29 21:14 . 2009-09-26 09:48 138056 ----a-w- c:\users\Soulja Boy\AppData\Roaming\PnkBstrK.sys
2010-01-29 21:14 . 2009-09-26 09:48 138056 ----a-w- c:\users\Soulja Boy\AppData\Roaming\PnkBstrK.sys
2010-01-29 21:14 . 2010-01-29 21:14 2434856 ----a-w- c:\windows\system32\pbsvc_bc2.exe
2010-01-28 14:33 . 2010-01-28 14:33 100352 ----a-w- c:\windows\system32\drivers\AtiHdmi.sys
2010-01-27 15:26 . 2009-11-01 10:10 -------- d-----w- c:\program files\StylishProfile
2010-01-27 15:06 . 2010-01-20 19:38 -------- d-----w- c:\programdata\ICQ
2010-01-27 14:47 . 2010-01-27 14:47 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-01-27 14:47 . 2010-01-27 14:47 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-01-27 14:47 . 2010-01-27 14:47 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-01-27 14:47 . 2010-01-27 14:47 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-01-27 14:46 . 2010-01-27 14:46 -------- d-----w- c:\program files\AVG
2010-01-27 14:13 . 2010-01-26 17:00 -------- d-----w- c:\programdata\Alwil Software
2010-01-27 03:20 . 2010-01-27 03:20 5578752 ----a-w- c:\users\Soulja Boy\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll
2010-01-26 17:00 . 2010-01-26 17:00 -------- d-----w- c:\program files\Alwil Software
2010-01-26 16:52 . 2010-01-26 16:52 4 ----a-w- c:\program files\10053000.dat
2010-01-26 10:38 . 2010-02-20 09:06 145760 ----a-w- c:\windows\system32\AERTACap.dll
2010-01-25 18:12 . 2010-02-20 09:06 291232 ----a-w- c:\windows\system32\FMAPO.dll
2010-01-25 16:06 . 2010-01-25 16:06 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-01-25 16:06 . 2010-03-04 17:26 38784 ----a-w- c:\users\Alien vs Predator\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-01-25 16:06 . 2010-01-25 16:06 38784 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-01-25 16:06 . 2010-01-07 12:00 38784 ----a-w- c:\users\Soulja Boy\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-01-25 16:05 . 2010-01-24 22:14 -------- d-----w- c:\programdata\Electronic Arts
2010-01-24 21:52 . 2010-01-24 21:52 10134 ----a-r- c:\users\Soulja Boy\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
2010-01-24 21:52 . 2010-01-24 21:52 -------- d-----w- c:\program files\Microsoft WSE
2010-01-18 23:29 . 2010-02-10 09:41 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-01-18 23:29 . 2010-02-10 09:41 85504 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-01-18 23:29 . 2010-02-10 09:41 365568 ----a-w- c:\windows\system32\secproc_isv.dll
2010-01-18 23:29 . 2010-02-10 09:41 369152 ----a-w- c:\windows\system32\secproc.dll
2010-01-18 23:28 . 2010-02-10 09:41 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-01-18 23:28 . 2010-02-10 09:41 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-18 23:28 . 2010-02-10 09:41 320512 ----a-w- c:\windows\system32\RMActivate.exe
2010-01-18 23:28 . 2010-02-10 09:41 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-01-17 16:16 . 2010-01-17 16:16 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2010-01-17 14:25 . 2010-01-14 18:55 -------- d-----w- c:\program files\German Truck Simulator
2010-01-16 19:54 . 2010-01-16 19:54 -------- d-----w- c:\program files\Break For Games
2010-01-14 10:12 . 2009-10-03 09:27 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-01-12 14:35 . 2010-01-12 14:35 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2010-01-10 15:10 . 2010-01-10 15:08 -------- d-----w- c:\program files\NewBlue
2010-01-10 15:08 . 2010-01-10 15:08 279172 ----a-w- c:\programdata\eSellerate\eWebClient.dll
2010-01-10 15:08 . 2010-01-10 15:08 -------- d-----w- c:\programdata\eSellerate
2010-01-10 15:08 . 2010-01-10 15:08 -------- d-----w- c:\program files\Common Files\eSellerate
2010-01-10 15:03 . 2010-01-10 15:03 -------- d-----w- c:\users\Soulja Boy\AppData\Roaming\Publish Providers
2010-01-10 15:03 . 2010-01-10 14:36 -------- d-----w- c:\users\Soulja Boy\AppData\Roaming\Sony
2010-01-10 14:15 . 2010-01-10 14:15 -------- d-----w- c:\program files\Pixelan
2010-01-10 14:13 . 2010-01-10 14:06 -------- d-----w- c:\program files\Sony
2010-01-10 14:06 . 2010-01-10 14:06 -------- d-----w- c:\programdata\Sony
2010-01-08 22:24 . 2010-01-08 22:22 -------- d-----w- c:\program files\Image-Line
2010-01-08 22:24 . 2010-01-08 22:24 -------- d-----w- c:\program files\ASIO4ALL v2
2010-01-08 22:24 . 2010-01-08 22:24 -------- d-----w- c:\program files\VstPlugins
2010-01-08 22:23 . 2010-01-08 22:23 -------- d-----w- c:\program files\Outsim
2010-01-08 03:18 . 2010-02-10 09:41 221184 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-01-08 03:17 . 2010-02-10 09:41 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-01-05 19:58 . 2010-01-05 19:58 -------- d-----w- c:\users\Soulja Boy\AppData\Roaming\Ulead Systems
2010-01-05 19:56 . 2010-01-05 19:55 -------- d-----w- c:\program files\Common Files\Ulead Systems
2010-01-05 19:55 . 2010-01-05 19:55 -------- d-----w- c:\program files\Corel
2010-01-05 15:42 . 2010-01-05 15:42 -------- d-----w- c:\program files\CCleaner
2010-01-05 12:39 . 2010-02-20 09:06 405776 ----a-w- c:\windows\system32\DTSVoiceClarityDLL.dll
2010-01-05 12:39 . 2010-02-20 09:06 1131280 ----a-w- c:\windows\system32\DTSS2SpeakerDLL.dll
2010-01-05 12:39 . 2010-02-20 09:06 961296 ----a-w- c:\windows\system32\DTSS2HeadphoneDLL.dll
2010-01-05 12:39 . 2010-02-20 09:06 290064 ----a-w- c:\windows\system32\DTSNeoPCDLL.dll
2010-01-05 12:38 . 2010-02-20 09:06 223504 ----a-w- c:\windows\system32\DTSLimiterDLL.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

Kód: Vybrat vše

<pre>
c:\program files\Common Files\Adobe\CS4ServiceManager\cs4servicemanager .exe
c:\program files\Common Files\LightScribe\lightscribecontrolpanel .exe
c:\program files\Common Files\Ulead Systems\AutoDetector\monitor .exe
c:\program files\DAEMON Tools Lite\daemon .exe
c:\program files\MSI\MSI Q-Face\webtest .exe
c:\program files\Realtek\Audio\HDA\rthdvcpl .exe
c:\program files\Skype\Phone\skype .exe
</pre>

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files\ICQ7.0\ICQ.exe" [2010-02-11 133368]
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe" [2009-12-18 427328]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"UniblueRegistryBooster"="c:\program files\Uniblue\RegistryBooster 2010\launcher.exe" [2009-09-29 59184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-02-08 8505888]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-02 98304]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="c:\windows\system32\Macromed\Flash\FlashUtil10c.exe" [2009-07-18 257440]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Nokia Nseries PC Suite.lnk - c:\program files\Nokia\NNPCS\RunLauncher.exe [2008-5-8 943568]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /A:* /L:1033 /heur:80 /pup /archives /IA:0 /KBD:2 /dir:C:\Program

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Start WingMan Profiler"=
"AdobeBridge"=

R2 AODService;AODService;c:\program files\AMD\OverDrive\AODAssist.exe [2009-10-22 136544]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-03-01 691696]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2010-01-27 333192]
S1 AvgTdiX;AVG Free Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2010-01-27 360584]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-02-03 172032]
S2 AMDFusionSVC;Služby softwarového nástroje AMD Fusion;c:\program files\AMD\AMD Fusion Utility for Desktops\FusionSVC.exe [2009-09-08 383544]
S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-01-27 285392]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-02 1043784]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-02-03 5313536]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-02-03 150016]
S3 MSILiveVirtualCamera;MSI Live Virtual Camera;c:\windows\system32\DRIVERS\MSILiveVirtualCamera.sys [2007-01-29 449408]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 09:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2010-03-04 c:\windows\Tasks\RegCure Program Check.job
- c:\program files\RegCure\RegCure.exe [2010-02-23 23:20]

2010-03-04 c:\windows\Tasks\RegCure Startup.job
- c:\program files\RegCure\RegCure.exe [2010-02-23 23:20]

2010-03-04 c:\windows\Tasks\RegCure.job
- c:\program files\RegCure\RegCure.exe [2010-02-23 23:20]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{14CD42DD-ABCD-3586-DCAB-40E3693E3737} - c:\program files\StylishProfile\ct.htm
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} - c:\program files\ICQ7.0\ICQ.exe
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

ShellIconOverlayIdentifiers-{96AFBE69-C3B0-4b00-8578-D933D2896EE2} - (no file)



**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: error reading MBR
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll >>UNKNOWN [0x859091F8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
IoDeviceObjectType -> DumpProcedure -> 0xd46a624f

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,78,69,56,ff,b5,92,e6,49,a8,7a,5c,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,78,69,56,ff,b5,92,e6,49,a8,7a,5c,\

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\windows\system32\taskhost.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\program files\AVG\AVG9\avgnsx.exe
c:\windows\system32\conhost.exe
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Uniblue\RegistryBooster 2010\registrybooster.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\taskhost.exe
.
**************************************************************************
.
Celkový čas: 2010-03-04 20:02:29 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-03-04 19:02

Před spuštěním: Volných bajtů: 692 165 906 432
Po spuštění: Volných bajtů: 692 021 157 888

- - End Of File - - 54AD81A46FF3616CB39B1706FEA1B5ED

[Rudy]

Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:

RenV::
c:\program files\Common Files\Adobe\CS4ServiceManager\cs4servicemanager .exe
c:\program files\Common Files\LightScribe\lightscribecontrolpanel .exe
c:\program files\Common Files\Ulead Systems\AutoDetector\monitor .exe
c:\program files\DAEMON Tools Lite\daemon .exe
c:\program files\MSI\MSI Q-Face\webtest .exe
c:\program files\Realtek\Audio\HDA\rthdvcpl .exe
c:\program files\Skype\Phone\skype .exe

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.



Pak ještě zkontrolujte MBR: http://www2.gmer.net/mbr/mbr.exe . Dejte log.

[MartinStifler]

Pak ještě zkontrolujte MBR: http://www2.gmer.net/mbr/mbr.exe . Dejte log.

Je možné že vy to vyhodilo jen tenhle log:
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

[Rudy]

Ano, je to ten správný log. Vše již vypadá čisté.

[MartinStifler]

Porad me to pri instalaci te hry haze tuhle chybu ale kazdymu verze hry ktery chci nainstalovat jde nvm asi preinstalace windowsu to jisti , ale moc dekuju za pomoc pomohlo me to odstranit aspon nektery inaci errory ktery me win.. hazel , Moc dik Rudy

[Rudy]

Nemáte zač!

[rogue34]

Zdravím,
přidávám se k MartinStifler - při instalaci jedné hry mi to píše stejnou chybu.
Pokud někdo víte, co s tím, prosím, dejte vědět.
Díky.

[Rudy]

2. rogue34: Založte si, prosím, vlastní topic a vložte do něj log z RSIT: http://viry.cz/forum/viewtopic.php?f=24&t=81939 .