Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola logu
Moderátor: Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Kontrola logu
Logfile of random's system information tool 1.06 (written by random/random)
Run by HP at 2010-02-25 10:16:56
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 204 GB (69%) free of 297 GB
Total RAM: 2045 MB (52% free)
HijackThis download failed
======Scheduled tasks folder======
C:\Windows\tasks\AWC Startup.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HPCeeScheduleForHP.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
IObitCom Toolbar - C:\Program Files\IObitCom\tbIObi.dll [2009-10-01 2166296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86}]
NP Helper Class
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
MyAshampoo Toolbar - C:\Program Files\MyAshampoo\tbMyAs.dll [2009-12-31 2349080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CDBFB47B-58A8-4111-BF95-06178DCE326D}]
System Search Dispatcher
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{31c7d459-9cc3-44f2-9dca-fc11795309b4} - IObitCom Toolbar - C:\Program Files\IObitCom\tbIObi.dll [2009-10-01 2166296]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - MyAshampoo Toolbar - C:\Program Files\MyAshampoo\tbMyAs.dll [2009-12-31 2349080]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1045800]
"DpAgent"=C:\Program Files\DigitalPersona\Bin\dpagent.exe [2008-03-12 699456]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2008-05-14 468264]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-03-14 202032]
"OnScreenDisplay"=C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [2007-11-01 554288]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-11-20 488752]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2008-06-27 442467]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09 75008]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-10 1233920]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-10-16 2363392]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
DPPWDFLT
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 2 months======
2010-02-25 10:16:56 ----D---- C:\rsit
2010-02-25 10:16:56 ----D---- C:\Program Files\trend micro
2010-02-14 11:33:00 ----D---- C:\Users\HP\AppData\Roaming\VistaCodecs
2010-02-14 11:32:40 ----D---- C:\Program Files\VistaCodecPack
2010-02-10 18:22:57 ----D---- C:\Program Files\MyAshampoo
2010-02-10 10:08:52 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-02-10 10:08:51 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-02-10 10:08:46 ----A---- C:\Windows\system32\quartz.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\tsbyuv.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\msyuv.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\msvidc32.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\msvfw32.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\msrle32.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\mciavi32.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\iyuv_32.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\avifil32.dll
2010-02-04 17:18:23 ----D---- C:\Program Files\MediaInfo
2010-01-23 14:14:41 ----A---- C:\Windows\system32\ieui.dll
2010-01-23 14:14:41 ----A---- C:\Windows\system32\iesysprep.dll
2010-01-23 14:14:41 ----A---- C:\Windows\system32\iesetup.dll
2010-01-23 14:14:41 ----A---- C:\Windows\system32\iernonce.dll
2010-01-23 14:14:41 ----A---- C:\Windows\system32\ieframe.dll
2010-01-23 14:14:41 ----A---- C:\Windows\system32\ie4uinit.exe
2010-01-23 14:14:40 ----A---- C:\Windows\system32\occache.dll
2010-01-23 14:14:40 ----A---- C:\Windows\system32\ieUnatt.exe
2010-01-23 14:14:40 ----A---- C:\Windows\system32\iertutil.dll
2010-01-23 14:14:39 ----A---- C:\Windows\system32\mshtml.dll
2010-01-23 14:14:39 ----A---- C:\Windows\system32\msfeedssync.exe
2010-01-23 14:14:39 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-01-23 14:14:39 ----A---- C:\Windows\system32\msfeeds.dll
2010-01-23 14:14:39 ----A---- C:\Windows\system32\iepeers.dll
2010-01-23 14:14:39 ----A---- C:\Windows\system32\iedkcs32.dll
2010-01-23 14:14:38 ----A---- C:\Windows\system32\wininet.dll
2010-01-23 14:14:38 ----A---- C:\Windows\system32\urlmon.dll
2010-01-23 14:14:38 ----A---- C:\Windows\system32\jsproxy.dll
2010-01-14 17:39:47 ----D---- C:\Program Files\Common Files\Windows Live
2010-01-14 14:59:30 ----A---- C:\Windows\system32\aswBoot.exe
2010-01-14 14:59:29 ----D---- C:\Program Files\Alwil Software
2010-01-14 10:56:45 ----A---- C:\Windows\system32\t2embed.dll
2010-01-14 10:56:45 ----A---- C:\Windows\system32\fontsub.dll
2010-01-11 17:46:37 ----HD---- C:\$AVG
2010-01-11 17:45:39 ----D---- C:\Program Files\AVG
2010-01-11 17:45:38 ----D---- C:\ProgramData\avg9
2009-12-27 16:46:57 ----D---- C:\Users\HP\AppData\Roaming\HpUpdate
2009-12-27 16:46:54 ----D---- C:\Windows\Hewlett-Packard
======List of files/folders modified in the last 2 months======
2010-02-25 10:16:57 ----D---- C:\Windows\Prefetch
2010-02-25 10:16:56 ----RD---- C:\Program Files
2010-02-25 10:16:47 ----D---- C:\Windows\Temp
2010-02-25 10:14:55 ----D---- C:\Users\HP\AppData\Roaming\Skype
2010-02-25 09:40:29 ----D---- C:\Windows\System32
2010-02-25 09:40:29 ----D---- C:\Windows\inf
2010-02-25 09:40:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-02-25 09:36:20 ----D---- C:\Users\HP\AppData\Roaming\skypePM
2010-02-22 11:44:35 ----D---- C:\PPK
2010-02-18 19:01:10 ----SHD---- C:\System Volume Information
2010-02-17 17:49:10 ----D---- C:\Users\HP\AppData\Roaming\Vso
2010-02-14 11:33:11 ----SHD---- C:\Windows\Installer
2010-02-14 11:33:00 ----D---- C:\ProgramData\VistaCodecs
2010-02-14 11:32:56 ----AD---- C:\WINDOWS
2010-02-14 11:24:22 ----D---- C:\Program Files\Common Files
2010-02-14 11:24:19 ----D---- C:\Program Files\DivX
2010-02-14 11:16:08 ----D---- C:\Windows\system32\catroot2
2010-02-12 14:17:04 ----D---- C:\Windows\winsxs
2010-02-12 14:06:52 ----D---- C:\Windows\system32\catroot
2010-02-11 09:16:30 ----D---- C:\Windows\system32\drivers
2010-02-11 09:16:29 ----D---- C:\Program Files\Windows Mail
2010-02-02 09:21:07 ----D---- C:\Program Files\Mozilla Firefox
2010-02-01 20:26:20 ----A---- C:\Windows\system32\mrt.exe
2010-01-30 08:26:21 ----HDC---- C:\ProgramData\{AAAE891E-DC50-4DD4-A79D-C19DDB94E30E}
2010-01-28 14:37:52 ----D---- C:\Program Files\Internet Explorer
2010-01-27 17:08:55 ----D---- C:\Windows\Tasks
2010-01-27 17:08:55 ----D---- C:\Windows\system32\Tasks
2010-01-23 14:26:14 ----D---- C:\Windows\system32\migration
2010-01-21 11:37:24 ----D---- C:\Program Files\Microsoft Silverlight
2010-01-14 17:39:28 ----SD---- C:\ProgramData\Microsoft
2010-01-14 14:45:22 ----SD---- C:\Users\HP\AppData\Roaming\Microsoft
2010-01-14 14:45:17 ----HD---- C:\ProgramData
2010-01-14 11:12:06 ----N---- C:\Windows\system32\MpSigStub.exe
2010-01-12 10:10:55 ----D---- C:\Windows\Logs
2010-01-11 17:44:57 ----D---- C:\Program Files\Common Files\microsoft shared
2010-01-11 17:35:03 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-01-11 17:32:28 ----D---- C:\ProgramData\Symantec
2010-01-11 17:28:49 ----RSD---- C:\Windows\assembly
2009-12-27 16:47:15 ----D---- C:\Program Files\HP
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 53328]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2008-03-27 34664]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-05 1183744]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-03-28 3544064]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-01-23 52736]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-04-01 81296]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-04-14 118784]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2008-06-27 380928]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-28 199472]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 vfs101x;vfs101x; C:\Windows\system32\drivers\vfs101x.sys [2008-03-26 40752]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-10 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-10 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-10 29696]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-02-01 80424]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2008-02-01 80936]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-02-01 16168]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2009-03-19 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2009-03-19 8320]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-06-05 47360]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-10 148992]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-10 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2008-01-21 654336]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe [2008-06-27 77824]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-03-28 667648]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 DpHost;Biometric Authentication Service; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [2008-03-12 302144]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2008-03-18 19456]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-10-16 73728]
R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2008-05-14 292248]
R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2008-05-14 116112]
R2 Recovery Service for Windows;Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [2008-03-26 341328]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe [2008-06-27 221273]
R2 vfsFPService;Validity Fingerprint Service; C:\Windows\system32\vfsFPService.exe [2008-03-26 595248]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-01-25 148832]
S2 gupdate1ca3a123c4c0689;Služba Google Update (gupdate1ca3a123c4c0689); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-20 133104]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-03-04 621056]
-----------------EOF-----------------
Run by HP at 2010-02-25 10:16:56
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 204 GB (69%) free of 297 GB
Total RAM: 2045 MB (52% free)
HijackThis download failed
======Scheduled tasks folder======
C:\Windows\tasks\AWC Startup.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HPCeeScheduleForHP.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
IObitCom Toolbar - C:\Program Files\IObitCom\tbIObi.dll [2009-10-01 2166296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86}]
NP Helper Class
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
MyAshampoo Toolbar - C:\Program Files\MyAshampoo\tbMyAs.dll [2009-12-31 2349080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CDBFB47B-58A8-4111-BF95-06178DCE326D}]
System Search Dispatcher
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{31c7d459-9cc3-44f2-9dca-fc11795309b4} - IObitCom Toolbar - C:\Program Files\IObitCom\tbIObi.dll [2009-10-01 2166296]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - MyAshampoo Toolbar - C:\Program Files\MyAshampoo\tbMyAs.dll [2009-12-31 2349080]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1045800]
"DpAgent"=C:\Program Files\DigitalPersona\Bin\dpagent.exe [2008-03-12 699456]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2008-05-14 468264]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-03-14 202032]
"OnScreenDisplay"=C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [2007-11-01 554288]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-11-20 488752]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2008-06-27 442467]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09 75008]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-10 1233920]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-10-16 2363392]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
DPPWDFLT
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 2 months======
2010-02-25 10:16:56 ----D---- C:\rsit
2010-02-25 10:16:56 ----D---- C:\Program Files\trend micro
2010-02-14 11:33:00 ----D---- C:\Users\HP\AppData\Roaming\VistaCodecs
2010-02-14 11:32:40 ----D---- C:\Program Files\VistaCodecPack
2010-02-10 18:22:57 ----D---- C:\Program Files\MyAshampoo
2010-02-10 10:08:52 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-02-10 10:08:51 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-02-10 10:08:46 ----A---- C:\Windows\system32\quartz.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\tsbyuv.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\msyuv.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\msvidc32.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\msvfw32.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\msrle32.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\mciavi32.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\iyuv_32.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\avifil32.dll
2010-02-04 17:18:23 ----D---- C:\Program Files\MediaInfo
2010-01-23 14:14:41 ----A---- C:\Windows\system32\ieui.dll
2010-01-23 14:14:41 ----A---- C:\Windows\system32\iesysprep.dll
2010-01-23 14:14:41 ----A---- C:\Windows\system32\iesetup.dll
2010-01-23 14:14:41 ----A---- C:\Windows\system32\iernonce.dll
2010-01-23 14:14:41 ----A---- C:\Windows\system32\ieframe.dll
2010-01-23 14:14:41 ----A---- C:\Windows\system32\ie4uinit.exe
2010-01-23 14:14:40 ----A---- C:\Windows\system32\occache.dll
2010-01-23 14:14:40 ----A---- C:\Windows\system32\ieUnatt.exe
2010-01-23 14:14:40 ----A---- C:\Windows\system32\iertutil.dll
2010-01-23 14:14:39 ----A---- C:\Windows\system32\mshtml.dll
2010-01-23 14:14:39 ----A---- C:\Windows\system32\msfeedssync.exe
2010-01-23 14:14:39 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-01-23 14:14:39 ----A---- C:\Windows\system32\msfeeds.dll
2010-01-23 14:14:39 ----A---- C:\Windows\system32\iepeers.dll
2010-01-23 14:14:39 ----A---- C:\Windows\system32\iedkcs32.dll
2010-01-23 14:14:38 ----A---- C:\Windows\system32\wininet.dll
2010-01-23 14:14:38 ----A---- C:\Windows\system32\urlmon.dll
2010-01-23 14:14:38 ----A---- C:\Windows\system32\jsproxy.dll
2010-01-14 17:39:47 ----D---- C:\Program Files\Common Files\Windows Live
2010-01-14 14:59:30 ----A---- C:\Windows\system32\aswBoot.exe
2010-01-14 14:59:29 ----D---- C:\Program Files\Alwil Software
2010-01-14 10:56:45 ----A---- C:\Windows\system32\t2embed.dll
2010-01-14 10:56:45 ----A---- C:\Windows\system32\fontsub.dll
2010-01-11 17:46:37 ----HD---- C:\$AVG
2010-01-11 17:45:39 ----D---- C:\Program Files\AVG
2010-01-11 17:45:38 ----D---- C:\ProgramData\avg9
2009-12-27 16:46:57 ----D---- C:\Users\HP\AppData\Roaming\HpUpdate
2009-12-27 16:46:54 ----D---- C:\Windows\Hewlett-Packard
======List of files/folders modified in the last 2 months======
2010-02-25 10:16:57 ----D---- C:\Windows\Prefetch
2010-02-25 10:16:56 ----RD---- C:\Program Files
2010-02-25 10:16:47 ----D---- C:\Windows\Temp
2010-02-25 10:14:55 ----D---- C:\Users\HP\AppData\Roaming\Skype
2010-02-25 09:40:29 ----D---- C:\Windows\System32
2010-02-25 09:40:29 ----D---- C:\Windows\inf
2010-02-25 09:40:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-02-25 09:36:20 ----D---- C:\Users\HP\AppData\Roaming\skypePM
2010-02-22 11:44:35 ----D---- C:\PPK
2010-02-18 19:01:10 ----SHD---- C:\System Volume Information
2010-02-17 17:49:10 ----D---- C:\Users\HP\AppData\Roaming\Vso
2010-02-14 11:33:11 ----SHD---- C:\Windows\Installer
2010-02-14 11:33:00 ----D---- C:\ProgramData\VistaCodecs
2010-02-14 11:32:56 ----AD---- C:\WINDOWS
2010-02-14 11:24:22 ----D---- C:\Program Files\Common Files
2010-02-14 11:24:19 ----D---- C:\Program Files\DivX
2010-02-14 11:16:08 ----D---- C:\Windows\system32\catroot2
2010-02-12 14:17:04 ----D---- C:\Windows\winsxs
2010-02-12 14:06:52 ----D---- C:\Windows\system32\catroot
2010-02-11 09:16:30 ----D---- C:\Windows\system32\drivers
2010-02-11 09:16:29 ----D---- C:\Program Files\Windows Mail
2010-02-02 09:21:07 ----D---- C:\Program Files\Mozilla Firefox
2010-02-01 20:26:20 ----A---- C:\Windows\system32\mrt.exe
2010-01-30 08:26:21 ----HDC---- C:\ProgramData\{AAAE891E-DC50-4DD4-A79D-C19DDB94E30E}
2010-01-28 14:37:52 ----D---- C:\Program Files\Internet Explorer
2010-01-27 17:08:55 ----D---- C:\Windows\Tasks
2010-01-27 17:08:55 ----D---- C:\Windows\system32\Tasks
2010-01-23 14:26:14 ----D---- C:\Windows\system32\migration
2010-01-21 11:37:24 ----D---- C:\Program Files\Microsoft Silverlight
2010-01-14 17:39:28 ----SD---- C:\ProgramData\Microsoft
2010-01-14 14:45:22 ----SD---- C:\Users\HP\AppData\Roaming\Microsoft
2010-01-14 14:45:17 ----HD---- C:\ProgramData
2010-01-14 11:12:06 ----N---- C:\Windows\system32\MpSigStub.exe
2010-01-12 10:10:55 ----D---- C:\Windows\Logs
2010-01-11 17:44:57 ----D---- C:\Program Files\Common Files\microsoft shared
2010-01-11 17:35:03 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-01-11 17:32:28 ----D---- C:\ProgramData\Symantec
2010-01-11 17:28:49 ----RSD---- C:\Windows\assembly
2009-12-27 16:47:15 ----D---- C:\Program Files\HP
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 53328]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2008-03-27 34664]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-05 1183744]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-03-28 3544064]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-01-23 52736]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-04-01 81296]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-04-14 118784]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2008-06-27 380928]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-28 199472]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 vfs101x;vfs101x; C:\Windows\system32\drivers\vfs101x.sys [2008-03-26 40752]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-10 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-10 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-10 29696]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-02-01 80424]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2008-02-01 80936]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-02-01 16168]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2009-03-19 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2009-03-19 8320]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-06-05 47360]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-10 148992]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-10 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2008-01-21 654336]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe [2008-06-27 77824]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-03-28 667648]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 DpHost;Biometric Authentication Service; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [2008-03-12 302144]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2008-03-18 19456]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-10-16 73728]
R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2008-05-14 292248]
R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2008-05-14 116112]
R2 Recovery Service for Windows;Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [2008-03-26 341328]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe [2008-06-27 221273]
R2 vfsFPService;Validity Fingerprint Service; C:\Windows\system32\vfsFPService.exe [2008-03-26 595248]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-01-25 148832]
S2 gupdate1ca3a123c4c0689;Služba Google Update (gupdate1ca3a123c4c0689); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-20 133104]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-03-04 621056]
-----------------EOF-----------------
-
- Vzorný návštěvník
- Příspěvky: 479
- Registrován: 18 čer 2008 17:54
- Bydliště: Šutrovec
- Kontaktovat uživatele:
Re: Kontrola logu
Ahoj, nevyskakuju ti tam nejake reklamy?
1) Stiahni MbAM. Uloz na plochu, otvor "mbam-setup.exe" a nainstaluj. Updatuj. Potom spravis kompletny scan - co program najde, zmaz. Nasledny log vloz sem.
2) Novy log z RSITu ta poprosim
1) Stiahni MbAM. Uloz na plochu, otvor "mbam-setup.exe" a nainstaluj. Updatuj. Potom spravis kompletny scan - co program najde, zmaz. Nasledny log vloz sem.
2) Novy log z RSITu ta poprosim
Ja som skromný, mám len dve veci do podpisu...
1) Chcete pomôcť fóru? Podporte ho_!!
2) Prosím všetkých, ktorí majú problém:
- založte si vlastný topic a do 1. prispevku vložte log z RSIT a presný stručný popis problému.
- bez odporúčania nespúšťajte ŽIADEN iný program nájdený na fóre/internete.
- needitujte a nemažte príspevky.
- dodržujte inštrukcie a nerobte nič naviac (z vlastnej iniciatívy).
1) Chcete pomôcť fóru? Podporte ho_!!
2) Prosím všetkých, ktorí majú problém:
- založte si vlastný topic a do 1. prispevku vložte log z RSIT a presný stručný popis problému.
- bez odporúčania nespúšťajte ŽIADEN iný program nájdený na fóre/internete.
- needitujte a nemažte príspevky.
- dodržujte inštrukcie a nerobte nič naviac (z vlastnej iniciatívy).
Re: Kontrola logu
Zdravim, nevyskakuje na me nic ale vypadalo to na spamovani...
Tady je log MBAM, RSIT bude nasledovat vzapesti
Malwarebytes' Anti-Malware 1.44
Verze databáze: 3795
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18882
26.2.2010 11:42:18
mbam-log-2010-02-26 (11-42-18).txt
Typ kontroly: Kompletní kontrola (C:\|D:\|)
Zkontrolované objekty: 259098
Uplynulý čas: 1 hour(s), 5 minute(s), 45 second(s)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 22
Infikované hodnoty registru: 2
Infikované datové položky registru: 0
Infikované adresáře: 2
Infikované soubory: 0
Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované klíče registru:
HKEY_CLASSES_ROOT\explorerbar.funredirector (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funredirector.1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{877f3eab-4462-44df-8475-6064eafd7fbf} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{883dfc00-8a21-411d-956c-73a4e4b7d16f} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c28a0312-c403-417b-a425-a915bc0519cd} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{25b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
Infikované hodnoty registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{2224e955-00e9-4613-a844-ce69fccaae91} (Adware.DoubleD) -> Quarantined and deleted successfully.
Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované adresáře:
C:\Program Files\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar (Adware.DoubleD) -> Quarantined and deleted successfully.
Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)
Tady je log MBAM, RSIT bude nasledovat vzapesti
Malwarebytes' Anti-Malware 1.44
Verze databáze: 3795
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18882
26.2.2010 11:42:18
mbam-log-2010-02-26 (11-42-18).txt
Typ kontroly: Kompletní kontrola (C:\|D:\|)
Zkontrolované objekty: 259098
Uplynulý čas: 1 hour(s), 5 minute(s), 45 second(s)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 22
Infikované hodnoty registru: 2
Infikované datové položky registru: 0
Infikované adresáře: 2
Infikované soubory: 0
Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované klíče registru:
HKEY_CLASSES_ROOT\explorerbar.funredirector (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funredirector.1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{877f3eab-4462-44df-8475-6064eafd7fbf} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{883dfc00-8a21-411d-956c-73a4e4b7d16f} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c28a0312-c403-417b-a425-a915bc0519cd} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{25b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
Infikované hodnoty registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{2224e955-00e9-4613-a844-ce69fccaae91} (Adware.DoubleD) -> Quarantined and deleted successfully.
Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované adresáře:
C:\Program Files\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\DoubleD\GamingHarbor Toolbar (Adware.DoubleD) -> Quarantined and deleted successfully.
Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)
Re: Kontrola logu
Logfile of random's system information tool 1.06 (written by random/random)
Run by HP at 2010-02-26 11:45:25
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 208 GB (70%) free of 297 GB
Total RAM: 2045 MB (40% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:47:36, on 26.2.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
C:\Windows\Explorer.EXE
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\NOTEPAD.EXE
F:\Diagnostic\RSIT\RSIT.exe
C:\Program Files\trend micro\HP.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2475029
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll
R3 - URLSearchHook: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyAs.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll
O2 - BHO: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyAs.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyAs.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Stáhnout pomocí USD - C:\PPK\usdown\Ext\downloadie.html
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: Služba Google Update (gupdate1ca3a123c4c0689) (gupdate1ca3a123c4c0689) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe
--
End of file - 11121 bytes
======Scheduled tasks folder======
C:\Windows\tasks\AWC Startup.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HPCeeScheduleForHP.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
IObitCom Toolbar - C:\Program Files\IObitCom\tbIObi.dll [2009-10-01 2166296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
MyAshampoo Toolbar - C:\Program Files\MyAshampoo\tbMyAs.dll [2009-12-31 2349080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{31c7d459-9cc3-44f2-9dca-fc11795309b4} - IObitCom Toolbar - C:\Program Files\IObitCom\tbIObi.dll [2009-10-01 2166296]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - MyAshampoo Toolbar - C:\Program Files\MyAshampoo\tbMyAs.dll [2009-12-31 2349080]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1045800]
"DpAgent"=C:\Program Files\DigitalPersona\Bin\dpagent.exe [2008-03-12 699456]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2008-05-14 468264]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-03-14 202032]
"OnScreenDisplay"=C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [2007-11-01 554288]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-11-20 488752]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2008-06-27 442467]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09 75008]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-01-07 429392]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-10 1233920]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-10-16 2363392]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
DPPWDFLT
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 2 months======
2010-02-26 10:19:09 ----D---- C:\Users\HP\AppData\Roaming\Malwarebytes
2010-02-26 10:19:00 ----D---- C:\ProgramData\Malwarebytes
2010-02-26 10:18:59 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-02-25 10:35:30 ----A---- C:\Windows\system32\jscript.dll
2010-02-25 10:35:16 ----A---- C:\Windows\system32\tzres.dll
2010-02-25 10:33:43 ----A---- C:\Windows\system32\secproc_isv.dll
2010-02-25 10:33:43 ----A---- C:\Windows\system32\secproc.dll
2010-02-25 10:33:34 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-02-25 10:33:34 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-02-25 10:33:34 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-02-25 10:33:34 ----A---- C:\Windows\system32\RMActivate.exe
2010-02-25 10:33:33 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-02-25 10:33:33 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-02-25 10:33:33 ----A---- C:\Windows\system32\msdrm.dll
2010-02-25 10:33:11 ----A---- C:\Windows\system32\gameux.dll
2010-02-25 10:33:09 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-02-25 10:33:09 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-02-25 10:16:56 ----D---- C:\rsit
2010-02-25 10:16:56 ----D---- C:\Program Files\trend micro
2010-02-14 11:33:00 ----D---- C:\Users\HP\AppData\Roaming\VistaCodecs
2010-02-14 11:32:40 ----D---- C:\Program Files\VistaCodecPack
2010-02-10 18:22:57 ----D---- C:\Program Files\MyAshampoo
2010-02-10 10:08:52 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-02-10 10:08:51 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-02-10 10:08:46 ----A---- C:\Windows\system32\quartz.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\tsbyuv.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\msyuv.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\msvidc32.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\msvfw32.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\msrle32.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\mciavi32.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\iyuv_32.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\avifil32.dll
2010-02-04 17:18:23 ----D---- C:\Program Files\MediaInfo
2010-01-23 14:14:41 ----A---- C:\Windows\system32\ieui.dll
2010-01-23 14:14:41 ----A---- C:\Windows\system32\iesysprep.dll
2010-01-23 14:14:41 ----A---- C:\Windows\system32\iesetup.dll
2010-01-23 14:14:41 ----A---- C:\Windows\system32\iernonce.dll
2010-01-23 14:14:41 ----A---- C:\Windows\system32\ieframe.dll
2010-01-23 14:14:41 ----A---- C:\Windows\system32\ie4uinit.exe
2010-01-23 14:14:40 ----A---- C:\Windows\system32\occache.dll
2010-01-23 14:14:40 ----A---- C:\Windows\system32\ieUnatt.exe
2010-01-23 14:14:40 ----A---- C:\Windows\system32\iertutil.dll
2010-01-23 14:14:39 ----A---- C:\Windows\system32\mshtml.dll
2010-01-23 14:14:39 ----A---- C:\Windows\system32\msfeedssync.exe
2010-01-23 14:14:39 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-01-23 14:14:39 ----A---- C:\Windows\system32\msfeeds.dll
2010-01-23 14:14:39 ----A---- C:\Windows\system32\iepeers.dll
2010-01-23 14:14:39 ----A---- C:\Windows\system32\iedkcs32.dll
2010-01-23 14:14:38 ----A---- C:\Windows\system32\wininet.dll
2010-01-23 14:14:38 ----A---- C:\Windows\system32\urlmon.dll
2010-01-23 14:14:38 ----A---- C:\Windows\system32\jsproxy.dll
2010-01-14 17:39:47 ----D---- C:\Program Files\Common Files\Windows Live
2010-01-14 14:59:30 ----A---- C:\Windows\system32\aswBoot.exe
2010-01-14 14:59:29 ----D---- C:\Program Files\Alwil Software
2010-01-14 10:56:45 ----A---- C:\Windows\system32\t2embed.dll
2010-01-14 10:56:45 ----A---- C:\Windows\system32\fontsub.dll
2010-01-11 17:46:37 ----HD---- C:\$AVG
2010-01-11 17:45:39 ----D---- C:\Program Files\AVG
2010-01-11 17:45:38 ----D---- C:\ProgramData\avg9
2009-12-27 16:46:57 ----D---- C:\Users\HP\AppData\Roaming\HpUpdate
2009-12-27 16:46:54 ----D---- C:\Windows\Hewlett-Packard
======List of files/folders modified in the last 2 months======
2010-02-26 11:46:05 ----D---- C:\Windows\System32
2010-02-26 11:46:05 ----D---- C:\Windows\inf
2010-02-26 11:46:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-02-26 11:45:54 ----D---- C:\Windows\Temp
2010-02-26 11:42:45 ----D---- C:\Users\HP\AppData\Roaming\Skype
2010-02-26 11:42:18 ----RD---- C:\Program Files
2010-02-26 11:00:29 ----D---- C:\Windows\rescache
2010-02-26 10:29:51 ----D---- C:\Windows\system32\drivers
2010-02-26 10:23:07 ----SHD---- C:\System Volume Information
2010-02-26 10:19:00 ----HD---- C:\ProgramData
2010-02-26 10:17:01 ----D---- C:\Users\HP\AppData\Roaming\skypePM
2010-02-26 10:16:04 ----D---- C:\Windows\Prefetch
2010-02-26 10:13:39 ----D---- C:\Windows\system32\cs-CZ
2010-02-26 10:13:38 ----D---- C:\Windows\AppPatch
2010-02-26 10:13:37 ----RSD---- C:\Windows\Fonts
2010-02-25 16:29:45 ----D---- C:\Windows\winsxs
2010-02-25 16:28:37 ----D---- C:\Windows\system32\catroot
2010-02-25 10:32:22 ----D---- C:\Windows\system32\catroot2
2010-02-24 09:16:06 ----N---- C:\Windows\system32\MpSigStub.exe
2010-02-22 11:44:35 ----D---- C:\PPK
2010-02-17 17:49:10 ----D---- C:\Users\HP\AppData\Roaming\Vso
2010-02-14 11:33:11 ----SHD---- C:\Windows\Installer
2010-02-14 11:33:00 ----D---- C:\ProgramData\VistaCodecs
2010-02-14 11:32:56 ----AD---- C:\WINDOWS
2010-02-14 11:24:22 ----D---- C:\Program Files\Common Files
2010-02-14 11:24:19 ----D---- C:\Program Files\DivX
2010-02-11 09:16:29 ----D---- C:\Program Files\Windows Mail
2010-02-02 09:21:07 ----D---- C:\Program Files\Mozilla Firefox
2010-02-01 20:26:20 ----A---- C:\Windows\system32\mrt.exe
2010-01-30 08:26:21 ----HDC---- C:\ProgramData\{AAAE891E-DC50-4DD4-A79D-C19DDB94E30E}
2010-01-28 14:37:52 ----D---- C:\Program Files\Internet Explorer
2010-01-27 17:08:55 ----D---- C:\Windows\Tasks
2010-01-27 17:08:55 ----D---- C:\Windows\system32\Tasks
2010-01-23 14:26:14 ----D---- C:\Windows\system32\migration
2010-01-21 11:37:24 ----D---- C:\Program Files\Microsoft Silverlight
2010-01-14 17:39:28 ----SD---- C:\ProgramData\Microsoft
2010-01-14 14:45:22 ----SD---- C:\Users\HP\AppData\Roaming\Microsoft
2010-01-12 10:10:55 ----D---- C:\Windows\Logs
2010-01-11 17:44:57 ----D---- C:\Program Files\Common Files\microsoft shared
2010-01-11 17:35:03 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-01-11 17:32:28 ----D---- C:\ProgramData\Symantec
2010-01-11 17:28:49 ----RSD---- C:\Windows\assembly
2009-12-27 16:47:15 ----D---- C:\Program Files\HP
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 53328]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2008-03-27 34664]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-05 1183744]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-03-28 3544064]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-01-23 52736]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-04-01 81296]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2010-01-07 38224]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-04-14 118784]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2008-06-27 380928]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-28 199472]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 vfs101x;vfs101x; C:\Windows\system32\drivers\vfs101x.sys [2008-03-26 40752]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-10 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-10 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-10 29696]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-02-01 80424]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2008-02-01 80936]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-02-01 16168]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2009-03-19 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2009-03-19 8320]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-06-05 47360]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-10 148992]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-10 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2008-01-21 654336]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe [2008-06-27 77824]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-03-28 667648]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 DpHost;Biometric Authentication Service; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [2008-03-12 302144]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2008-03-18 19456]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-10-16 73728]
R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2008-05-14 292248]
R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2008-05-14 116112]
R2 Recovery Service for Windows;Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [2008-03-26 341328]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe [2008-06-27 221273]
R2 vfsFPService;Validity Fingerprint Service; C:\Windows\system32\vfsFPService.exe [2008-03-26 595248]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-01-25 148832]
S2 gupdate1ca3a123c4c0689;Služba Google Update (gupdate1ca3a123c4c0689); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-20 133104]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-03-04 621056]
-----------------EOF-----------------
Run by HP at 2010-02-26 11:45:25
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 208 GB (70%) free of 297 GB
Total RAM: 2045 MB (40% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:47:36, on 26.2.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
C:\Windows\Explorer.EXE
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\NOTEPAD.EXE
F:\Diagnostic\RSIT\RSIT.exe
C:\Program Files\trend micro\HP.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2475029
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll
R3 - URLSearchHook: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyAs.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll
O2 - BHO: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyAs.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: IObitCom Toolbar - {31c7d459-9cc3-44f2-9dca-fc11795309b4} - C:\Program Files\IObitCom\tbIObi.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyAs.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Stáhnout pomocí USD - C:\PPK\usdown\Ext\downloadie.html
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: Služba Google Update (gupdate1ca3a123c4c0689) (gupdate1ca3a123c4c0689) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe
--
End of file - 11121 bytes
======Scheduled tasks folder======
C:\Windows\tasks\AWC Startup.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HPCeeScheduleForHP.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
IObitCom Toolbar - C:\Program Files\IObitCom\tbIObi.dll [2009-10-01 2166296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
MyAshampoo Toolbar - C:\Program Files\MyAshampoo\tbMyAs.dll [2009-12-31 2349080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{31c7d459-9cc3-44f2-9dca-fc11795309b4} - IObitCom Toolbar - C:\Program Files\IObitCom\tbIObi.dll [2009-10-01 2166296]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - MyAshampoo Toolbar - C:\Program Files\MyAshampoo\tbMyAs.dll [2009-12-31 2349080]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1045800]
"DpAgent"=C:\Program Files\DigitalPersona\Bin\dpagent.exe [2008-03-12 699456]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2008-05-14 468264]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-03-14 202032]
"OnScreenDisplay"=C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [2007-11-01 554288]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-11-20 488752]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2008-06-27 442467]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09 75008]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-01-07 429392]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-10 1233920]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-10-16 2363392]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
DPPWDFLT
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 2 months======
2010-02-26 10:19:09 ----D---- C:\Users\HP\AppData\Roaming\Malwarebytes
2010-02-26 10:19:00 ----D---- C:\ProgramData\Malwarebytes
2010-02-26 10:18:59 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-02-25 10:35:30 ----A---- C:\Windows\system32\jscript.dll
2010-02-25 10:35:16 ----A---- C:\Windows\system32\tzres.dll
2010-02-25 10:33:43 ----A---- C:\Windows\system32\secproc_isv.dll
2010-02-25 10:33:43 ----A---- C:\Windows\system32\secproc.dll
2010-02-25 10:33:34 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-02-25 10:33:34 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-02-25 10:33:34 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-02-25 10:33:34 ----A---- C:\Windows\system32\RMActivate.exe
2010-02-25 10:33:33 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-02-25 10:33:33 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-02-25 10:33:33 ----A---- C:\Windows\system32\msdrm.dll
2010-02-25 10:33:11 ----A---- C:\Windows\system32\gameux.dll
2010-02-25 10:33:09 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-02-25 10:33:09 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-02-25 10:16:56 ----D---- C:\rsit
2010-02-25 10:16:56 ----D---- C:\Program Files\trend micro
2010-02-14 11:33:00 ----D---- C:\Users\HP\AppData\Roaming\VistaCodecs
2010-02-14 11:32:40 ----D---- C:\Program Files\VistaCodecPack
2010-02-10 18:22:57 ----D---- C:\Program Files\MyAshampoo
2010-02-10 10:08:52 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-02-10 10:08:51 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-02-10 10:08:46 ----A---- C:\Windows\system32\quartz.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\tsbyuv.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\msyuv.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\msvidc32.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\msvfw32.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\msrle32.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\mciavi32.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\iyuv_32.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\avifil32.dll
2010-02-04 17:18:23 ----D---- C:\Program Files\MediaInfo
2010-01-23 14:14:41 ----A---- C:\Windows\system32\ieui.dll
2010-01-23 14:14:41 ----A---- C:\Windows\system32\iesysprep.dll
2010-01-23 14:14:41 ----A---- C:\Windows\system32\iesetup.dll
2010-01-23 14:14:41 ----A---- C:\Windows\system32\iernonce.dll
2010-01-23 14:14:41 ----A---- C:\Windows\system32\ieframe.dll
2010-01-23 14:14:41 ----A---- C:\Windows\system32\ie4uinit.exe
2010-01-23 14:14:40 ----A---- C:\Windows\system32\occache.dll
2010-01-23 14:14:40 ----A---- C:\Windows\system32\ieUnatt.exe
2010-01-23 14:14:40 ----A---- C:\Windows\system32\iertutil.dll
2010-01-23 14:14:39 ----A---- C:\Windows\system32\mshtml.dll
2010-01-23 14:14:39 ----A---- C:\Windows\system32\msfeedssync.exe
2010-01-23 14:14:39 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-01-23 14:14:39 ----A---- C:\Windows\system32\msfeeds.dll
2010-01-23 14:14:39 ----A---- C:\Windows\system32\iepeers.dll
2010-01-23 14:14:39 ----A---- C:\Windows\system32\iedkcs32.dll
2010-01-23 14:14:38 ----A---- C:\Windows\system32\wininet.dll
2010-01-23 14:14:38 ----A---- C:\Windows\system32\urlmon.dll
2010-01-23 14:14:38 ----A---- C:\Windows\system32\jsproxy.dll
2010-01-14 17:39:47 ----D---- C:\Program Files\Common Files\Windows Live
2010-01-14 14:59:30 ----A---- C:\Windows\system32\aswBoot.exe
2010-01-14 14:59:29 ----D---- C:\Program Files\Alwil Software
2010-01-14 10:56:45 ----A---- C:\Windows\system32\t2embed.dll
2010-01-14 10:56:45 ----A---- C:\Windows\system32\fontsub.dll
2010-01-11 17:46:37 ----HD---- C:\$AVG
2010-01-11 17:45:39 ----D---- C:\Program Files\AVG
2010-01-11 17:45:38 ----D---- C:\ProgramData\avg9
2009-12-27 16:46:57 ----D---- C:\Users\HP\AppData\Roaming\HpUpdate
2009-12-27 16:46:54 ----D---- C:\Windows\Hewlett-Packard
======List of files/folders modified in the last 2 months======
2010-02-26 11:46:05 ----D---- C:\Windows\System32
2010-02-26 11:46:05 ----D---- C:\Windows\inf
2010-02-26 11:46:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-02-26 11:45:54 ----D---- C:\Windows\Temp
2010-02-26 11:42:45 ----D---- C:\Users\HP\AppData\Roaming\Skype
2010-02-26 11:42:18 ----RD---- C:\Program Files
2010-02-26 11:00:29 ----D---- C:\Windows\rescache
2010-02-26 10:29:51 ----D---- C:\Windows\system32\drivers
2010-02-26 10:23:07 ----SHD---- C:\System Volume Information
2010-02-26 10:19:00 ----HD---- C:\ProgramData
2010-02-26 10:17:01 ----D---- C:\Users\HP\AppData\Roaming\skypePM
2010-02-26 10:16:04 ----D---- C:\Windows\Prefetch
2010-02-26 10:13:39 ----D---- C:\Windows\system32\cs-CZ
2010-02-26 10:13:38 ----D---- C:\Windows\AppPatch
2010-02-26 10:13:37 ----RSD---- C:\Windows\Fonts
2010-02-25 16:29:45 ----D---- C:\Windows\winsxs
2010-02-25 16:28:37 ----D---- C:\Windows\system32\catroot
2010-02-25 10:32:22 ----D---- C:\Windows\system32\catroot2
2010-02-24 09:16:06 ----N---- C:\Windows\system32\MpSigStub.exe
2010-02-22 11:44:35 ----D---- C:\PPK
2010-02-17 17:49:10 ----D---- C:\Users\HP\AppData\Roaming\Vso
2010-02-14 11:33:11 ----SHD---- C:\Windows\Installer
2010-02-14 11:33:00 ----D---- C:\ProgramData\VistaCodecs
2010-02-14 11:32:56 ----AD---- C:\WINDOWS
2010-02-14 11:24:22 ----D---- C:\Program Files\Common Files
2010-02-14 11:24:19 ----D---- C:\Program Files\DivX
2010-02-11 09:16:29 ----D---- C:\Program Files\Windows Mail
2010-02-02 09:21:07 ----D---- C:\Program Files\Mozilla Firefox
2010-02-01 20:26:20 ----A---- C:\Windows\system32\mrt.exe
2010-01-30 08:26:21 ----HDC---- C:\ProgramData\{AAAE891E-DC50-4DD4-A79D-C19DDB94E30E}
2010-01-28 14:37:52 ----D---- C:\Program Files\Internet Explorer
2010-01-27 17:08:55 ----D---- C:\Windows\Tasks
2010-01-27 17:08:55 ----D---- C:\Windows\system32\Tasks
2010-01-23 14:26:14 ----D---- C:\Windows\system32\migration
2010-01-21 11:37:24 ----D---- C:\Program Files\Microsoft Silverlight
2010-01-14 17:39:28 ----SD---- C:\ProgramData\Microsoft
2010-01-14 14:45:22 ----SD---- C:\Users\HP\AppData\Roaming\Microsoft
2010-01-12 10:10:55 ----D---- C:\Windows\Logs
2010-01-11 17:44:57 ----D---- C:\Program Files\Common Files\microsoft shared
2010-01-11 17:35:03 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-01-11 17:32:28 ----D---- C:\ProgramData\Symantec
2010-01-11 17:28:49 ----RSD---- C:\Windows\assembly
2009-12-27 16:47:15 ----D---- C:\Program Files\HP
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 53328]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2008-03-27 34664]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-05 1183744]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-03-28 3544064]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-01-23 52736]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-04-01 81296]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2010-01-07 38224]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-04-14 118784]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2008-06-27 380928]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-28 199472]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 vfs101x;vfs101x; C:\Windows\system32\drivers\vfs101x.sys [2008-03-26 40752]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-10 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-10 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-10 29696]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-02-01 80424]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2008-02-01 80936]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-02-01 16168]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2009-03-19 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2009-03-19 8320]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-06-05 47360]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-10 148992]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-10 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2008-01-21 654336]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe [2008-06-27 77824]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-03-28 667648]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 DpHost;Biometric Authentication Service; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [2008-03-12 302144]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2008-03-18 19456]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-10-16 73728]
R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2008-05-14 292248]
R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2008-05-14 116112]
R2 Recovery Service for Windows;Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [2008-03-26 341328]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe [2008-06-27 221273]
R2 vfsFPService;Validity Fingerprint Service; C:\Windows\system32\vfsFPService.exe [2008-03-26 595248]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-01-25 148832]
S2 gupdate1ca3a123c4c0689;Služba Google Update (gupdate1ca3a123c4c0689); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-20 133104]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-03-04 621056]
-----------------EOF-----------------
-
- Vzorný návštěvník
- Příspěvky: 479
- Registrován: 18 čer 2008 17:54
- Bydliště: Šutrovec
- Kontaktovat uživatele:
Re: Kontrola logu
Stiahni SecurityCheck. Spust ho a postupuj podla instrukcii. Nakoniec vyhodi log, ktory skopiruj sem.
A otazocka - su este nejake problemy?
A otazocka - su este nejake problemy?
Ja som skromný, mám len dve veci do podpisu...
1) Chcete pomôcť fóru? Podporte ho_!!
2) Prosím všetkých, ktorí majú problém:
- založte si vlastný topic a do 1. prispevku vložte log z RSIT a presný stručný popis problému.
- bez odporúčania nespúšťajte ŽIADEN iný program nájdený na fóre/internete.
- needitujte a nemažte príspevky.
- dodržujte inštrukcie a nerobte nič naviac (z vlastnej iniciatívy).
1) Chcete pomôcť fóru? Podporte ho_!!
2) Prosím všetkých, ktorí majú problém:
- založte si vlastný topic a do 1. prispevku vložte log z RSIT a presný stručný popis problému.
- bez odporúčania nespúšťajte ŽIADEN iný program nájdený na fóre/internete.
- needitujte a nemažte príspevky.
- dodržujte inštrukcie a nerobte nič naviac (z vlastnej iniciatívy).
Re: Kontrola logu
vypada to dobre jestli teda jsem schopnej to takhle rychle rozpoznat ))
Results of screen317's Security Check version 0.99.1
Windows Vista Service Pack 2 (UAC is enabled)
``````````````````````````````
Antivirus/Firewall Check:
avast! Antivirus
WMIC entry does not exist for antivirus; attempting automatic update.
``````````````````````````````
Anti-malware/Other Utilities Check:
HijackThis 2.0.2
Java(TM) 6 Update 17
Java(TM) 6 Update 5
Out of date Java installed!
Adobe Flash Player 10
Adobe Reader 8 - Czech
Adobe Reader 8.1.2 Security Update 1 (KB403742)
Out of date Adobe Reader installed!
``````````````````````````````
Process Check:
objlist.exe by Laurent
Windows Defender MSASCui.exe
``````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)
`````````End of Log```````````
Results of screen317's Security Check version 0.99.1
Windows Vista Service Pack 2 (UAC is enabled)
``````````````````````````````
Antivirus/Firewall Check:
avast! Antivirus
WMIC entry does not exist for antivirus; attempting automatic update.
``````````````````````````````
Anti-malware/Other Utilities Check:
HijackThis 2.0.2
Java(TM) 6 Update 17
Java(TM) 6 Update 5
Out of date Java installed!
Adobe Flash Player 10
Adobe Reader 8 - Czech
Adobe Reader 8.1.2 Security Update 1 (KB403742)
Out of date Adobe Reader installed!
``````````````````````````````
Process Check:
objlist.exe by Laurent
Windows Defender MSASCui.exe
``````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)
`````````End of Log```````````
-
- Vzorný návštěvník
- Příspěvky: 479
- Registrován: 18 čer 2008 17:54
- Bydliště: Šutrovec
- Kontaktovat uživatele:
Re: Kontrola logu
Tak pre istotu:
Stiahni ComboFix, najlepsie na plochu. Vypni vsetky otvorene aplikacie, ako aj rezidenty antiviru, antispywaru a firewall. Spust program cez ucet s administratorskymi pravami a postupuj podla instrukcii. Cely sken bude trvat cca 10 minut. Pocas neho moze byt PC restartovane. Log, ktory ComboFix vytvori, najdes na adrese "C:\ComboFix.txt".
Ten vloz sem.
Pozor: Kym ComboFix nevytvori log, na nic neklikat, nic nestlacat !!
Stiahni ComboFix, najlepsie na plochu. Vypni vsetky otvorene aplikacie, ako aj rezidenty antiviru, antispywaru a firewall. Spust program cez ucet s administratorskymi pravami a postupuj podla instrukcii. Cely sken bude trvat cca 10 minut. Pocas neho moze byt PC restartovane. Log, ktory ComboFix vytvori, najdes na adrese "C:\ComboFix.txt".
Ten vloz sem.
Pozor: Kym ComboFix nevytvori log, na nic neklikat, nic nestlacat !!
Ja som skromný, mám len dve veci do podpisu...
1) Chcete pomôcť fóru? Podporte ho_!!
2) Prosím všetkých, ktorí majú problém:
- založte si vlastný topic a do 1. prispevku vložte log z RSIT a presný stručný popis problému.
- bez odporúčania nespúšťajte ŽIADEN iný program nájdený na fóre/internete.
- needitujte a nemažte príspevky.
- dodržujte inštrukcie a nerobte nič naviac (z vlastnej iniciatívy).
1) Chcete pomôcť fóru? Podporte ho_!!
2) Prosím všetkých, ktorí majú problém:
- založte si vlastný topic a do 1. prispevku vložte log z RSIT a presný stručný popis problému.
- bez odporúčania nespúšťajte ŽIADEN iný program nájdený na fóre/internete.
- needitujte a nemažte príspevky.
- dodržujte inštrukcie a nerobte nič naviac (z vlastnej iniciatívy).
Re: Kontrola logu
ComboFix 10-02-25.02 - HP 26.02.2010 16:56:13.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2045.1048 [GMT 1:00]
Spuštěný z: c:\users\HP\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\$recycle.bin\S-1-5-21-775167349-3143235873-376905341-500
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
c:\users\HP\AppData\Roaming\inst.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-26 do 2010-02-26 )))))))))))))))))))))))))))))))
.
2010-02-26 16:04 . 2010-02-26 16:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-02-26 09:19 . 2010-02-26 09:19 5115824 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-02-26 09:19 . 2010-02-26 09:19 -------- d-----w- c:\users\HP\AppData\Roaming\Malwarebytes
2010-02-26 09:19 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-26 09:19 . 2010-02-26 09:19 -------- d-----w- c:\programdata\Malwarebytes
2010-02-26 09:18 . 2010-02-26 09:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-26 09:18 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-25 09:35 . 2010-01-23 09:26 2048 ----a-w- c:\windows\system32\tzres.dll
2010-02-25 09:33 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2010-02-25 09:33 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc.dll
2010-02-25 09:33 . 2010-01-25 08:21 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-02-25 09:33 . 2010-01-25 08:21 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-02-25 09:33 . 2010-01-25 08:21 518144 ----a-w- c:\windows\system32\RMActivate.exe
2010-02-25 09:33 . 2010-01-25 08:21 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-02-25 09:33 . 2010-01-25 12:00 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-02-25 09:33 . 2010-01-25 12:00 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-02-25 09:33 . 2010-01-25 11:58 332288 ----a-w- c:\windows\system32\msdrm.dll
2010-02-25 09:33 . 2010-01-06 15:39 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-02-25 09:33 . 2010-01-06 15:38 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-02-25 09:33 . 2010-01-06 13:30 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-02-25 09:16 . 2010-02-26 10:47 -------- d-----w- c:\program files\trend micro
2010-02-25 09:16 . 2010-02-25 09:16 -------- d-----w- C:\rsit
2010-02-14 10:33 . 2010-02-14 10:33 -------- d-----w- c:\users\HP\AppData\Roaming\VistaCodecs
2010-02-14 10:32 . 2010-02-14 10:32 -------- d-----w- c:\program files\VistaCodecPack
2010-02-10 17:22 . 2010-02-10 17:22 -------- d-----w- c:\program files\MyAshampoo
2010-02-10 17:22 . 2010-01-20 11:19 52224 ----a-w- c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzqn1e6r.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components\FFExternalAlert.dll
2010-02-10 17:22 . 2010-01-20 11:19 101376 ----a-w- c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzqn1e6r.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components\RadioWMPCore.dll
2010-02-10 08:43 . 2009-12-04 15:56 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-02-10 08:43 . 2009-12-04 15:56 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-04 16:18 . 2010-02-04 16:18 -------- d-----w- c:\program files\MediaInfo
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-26 15:54 . 2009-05-31 14:54 -------- d-----w- c:\users\HP\AppData\Roaming\Skype
2010-02-26 15:07 . 2009-05-31 15:00 -------- d-----w- c:\users\HP\AppData\Roaming\skypePM
2010-02-26 10:46 . 2008-06-09 12:10 598832 ----a-w- c:\windows\system32\perfh005.dat
2010-02-26 10:46 . 2008-06-09 12:10 114992 ----a-w- c:\windows\system32\perfc005.dat
2010-02-26 09:16 . 2009-05-22 12:07 67256 ----a-w- c:\users\HP\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-25 15:29 . 2009-05-22 09:49 12 ----a-w- c:\windows\bthservsdp.dat
2010-02-24 08:16 . 2009-10-03 16:14 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-22 11:06 . 2009-05-30 12:39 1248 ----a-w- c:\users\HP\AppData\Roaming\wklnhst.dat
2010-02-17 16:49 . 2009-06-05 09:53 -------- d-----w- c:\users\HP\AppData\Roaming\Vso
2010-02-14 10:33 . 2009-10-14 13:51 -------- d-----w- c:\programdata\VistaCodecs
2010-02-14 10:24 . 2009-06-27 17:44 -------- d-----w- c:\program files\DivX
2010-02-11 08:16 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-01-30 07:26 . 2009-08-16 08:41 -------- dc-h--w- c:\programdata\{AAAE891E-DC50-4DD4-A79D-C19DDB94E30E}
2010-01-21 10:37 . 2009-06-02 10:47 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-14 16:39 . 2010-01-14 16:39 -------- d-----w- c:\program files\Common Files\Windows Live
2010-01-14 13:59 . 2010-01-14 13:59 -------- d-----w- c:\program files\Alwil Software
2010-01-14 13:45 . 2010-01-11 16:45 -------- d-----w- c:\programdata\avg9
2010-01-11 16:45 . 2010-01-12 09:05 4043032 ----a-w- c:\programdata\avg9\update\backup\avgui.exe
2010-01-11 16:45 . 2010-01-12 09:05 3776280 ----a-w- c:\programdata\avg9\update\backup\setup.exe
2010-01-11 16:45 . 2010-01-12 09:05 2033432 ----a-w- c:\programdata\avg9\update\backup\avgtray.exe
2010-01-11 16:45 . 2010-01-12 09:05 3967256 ----a-w- c:\programdata\avg9\update\backup\avgcorex.dll
2010-01-11 16:45 . 2010-01-12 09:05 2352920 ----a-w- c:\programdata\avg9\update\backup\avgresf.dll
2010-01-11 16:45 . 2010-01-12 09:05 916248 ----a-w- c:\programdata\avg9\update\backup\avgcfgx.dll
2010-01-11 16:45 . 2010-01-11 16:45 -------- d-----w- c:\program files\AVG
2010-01-11 16:35 . 2008-06-09 02:34 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-01-11 16:32 . 2008-06-09 02:34 -------- d-----w- c:\programdata\Symantec
2010-01-06 15:38 . 2010-02-25 09:33 173056 ----a-w- c:\windows\AppPatch\AcXtrnal.dll
2010-01-06 15:38 . 2010-02-25 09:33 2159616 ----a-w- c:\windows\AppPatch\AcGenral.dll
2010-01-06 15:38 . 2010-02-25 09:33 542720 ----a-w- c:\windows\AppPatch\AcLayers.dll
2010-01-06 15:38 . 2010-02-25 09:33 458752 ----a-w- c:\windows\AppPatch\AcSpecfc.dll
2010-01-02 06:38 . 2010-01-23 13:14 916480 ----a-w- c:\windows\system32\wininet.dll
2010-01-02 06:32 . 2010-01-23 13:14 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-01-02 06:32 . 2010-01-23 13:14 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-01-02 04:57 . 2010-01-23 13:14 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-12-24 13:06 . 2009-06-05 09:53 47360 ----a-w- c:\users\HP\AppData\Roaming\pcouffin.sys
2009-12-24 13:06 . 2009-06-05 09:53 47360 ----a-w- c:\users\HP\AppData\Roaming\pcouffin.sys
2009-12-19 11:20 . 2009-12-19 11:20 515848 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-12-11 11:43 . 2010-02-10 09:08 302080 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-11 11:43 . 2010-02-10 09:08 98816 ----a-w- c:\windows\system32\drivers\srvnet.sys
2009-12-08 20:01 . 2010-02-10 09:08 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-12-08 20:01 . 2010-02-10 09:08 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-08 20:01 . 2010-02-10 09:08 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-08 17:26 . 2010-02-10 09:08 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-12-04 18:30 . 2010-02-10 09:08 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2009-12-04 18:29 . 2010-02-10 09:08 1314816 ----a-w- c:\windows\system32\quartz.dll
2009-12-04 18:28 . 2010-02-10 09:08 22528 ----a-w- c:\windows\system32\msyuv.dll
2009-12-04 18:28 . 2010-02-10 09:08 31744 ----a-w- c:\windows\system32\msvidc32.dll
2009-12-04 18:28 . 2010-02-10 09:08 123904 ----a-w- c:\windows\system32\msvfw32.dll
2009-12-04 18:28 . 2010-02-10 09:08 13312 ----a-w- c:\windows\system32\msrle32.dll
2009-12-04 18:28 . 2010-02-10 09:08 82944 ----a-w- c:\windows\system32\mciavi32.dll
2009-12-04 18:28 . 2010-02-10 09:08 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2009-12-04 18:27 . 2010-02-10 09:08 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{31c7d459-9cc3-44f2-9dca-fc11795309b4}"= "c:\program files\IObitCom\tbIObi.dll" [2009-10-01 2166296]
"{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}"= "c:\program files\MyAshampoo\tbMyAs.dll" [2009-12-31 2349080]
[HKEY_CLASSES_ROOT\clsid\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
[HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
2009-10-01 16:29 2166296 ----a-w- c:\program files\IObitCom\tbIObi.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
2009-12-31 10:53 2349080 ----a-w- c:\program files\MyAshampoo\tbMyAs.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{31c7d459-9cc3-44f2-9dca-fc11795309b4}"= "c:\program files\IObitCom\tbIObi.dll" [2009-10-01 2166296]
"{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}"= "c:\program files\MyAshampoo\tbMyAs.dll" [2009-12-31 2349080]
[HKEY_CLASSES_ROOT\clsid\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
[HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{31C7D459-9CC3-44F2-9DCA-FC11795309B4}"= "c:\program files\IObitCom\tbIObi.dll" [2009-10-01 2166296]
"{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}"= "c:\program files\MyAshampoo\tbMyAs.dll" [2009-12-31 2349080]
[HKEY_CLASSES_ROOT\clsid\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
[HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-10-16 2363392]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2008-03-12 699456]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-05-14 468264]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-03-14 202032]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-11-01 554288]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-11-20 488752]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-06-27 442467]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli DPPWDFLT
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):dc,54,67,22,b3,01,ca,01
R0 Amddfltr;Amd Disk Lower Filter Driver;c:\windows\System32\drivers\Amddfltr.sys [22.5.2009 11:04 15416]
R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [14.1.2010 14:59 114768]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\AEstSrv.exe [27.6.2008 19:53 77824]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [14.1.2010 14:59 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [14.1.2010 14:59 53328]
R2 hpsrv;HP Service;c:\windows\System32\hpservice.exe [18.3.2008 15:24 19456]
R2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\SMINST\BLService.exe [9.6.2008 4:54 341328]
R2 vfsFPService;Validity Fingerprint Service;c:\windows\System32\vfsFPService.exe [26.3.2008 17:27 595248]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [9.6.2008 4:06 193840]
R3 enecir;ENE CIR Receiver;c:\windows\System32\drivers\enecir.sys [23.1.2008 22:23 52736]
R3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys [1.4.2008 12:14 81296]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\System32\drivers\mbamswissarmy.sys [26.2.2010 10:19 38224]
R3 vfs101x;vfs101x;c:\windows\System32\drivers\vfs101x.sys [26.3.2008 17:28 40752]
S2 gupdate1ca3a123c4c0689;Služba Google Update (gupdate1ca3a123c4c0689);c:\program files\Google\Update\GoogleUpdate.exe [20.9.2009 17:48 133104]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\System32\drivers\nmwcdnsu.sys [19.3.2009 12:48 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\System32\drivers\nmwcdnsuc.sys [19.3.2009 12:48 8320]
--- Ostatní služby/ovladače v paměti ---
*NewlyCreated* - MBAMSWISSARMY
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-10-16 11:49 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
2010-02-26 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2009-08-22 12:51]
2010-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-20 16:48]
2010-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-20 16:48]
2010-01-28 c:\windows\Tasks\HPCeeScheduleForHP.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-06-09 13:14]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2475029
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=cs_cz&c=83&bd=Pavilion&pf=cnnb
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Stáhnout pomocí USD - c:\ppk\usdown\Ext\downloadie.html
IE: {{230D1201-7607-4CF6-A11F-9E4BF0A333E0} - {0DB13731-CEFD-43CF-A8FD-B61DCBC4D5B8} - c:\program files\Verdict Free\etnxp.dll
IE: {{2C73F784-D2DE-4422-B070-2E3332FE5744} - {0320AC26-52C8-4316-B2C4-24BB6FA73C9A} - c:\program files\Verdict Free\etnxp.dll
FF - ProfilePath - c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzqn1e6r.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&q=
FF - component: c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzqn1e6r.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components\FFExternalAlert.dll
FF - component: c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzqn1e6r.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components\RadioWMPCore.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-26 17:04
Windows 6.0.6002 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'lsass.exe'(696)
c:\windows\system32\DPPWDFLT.dll
.
Celkový čas: 2010-02-26 17:08:04
ComboFix-quarantined-files.txt 2010-02-26 16:08
Před spuštěním: Volných bajtů: 216 705 503 232
Po spuštění: Volných bajtů: 215 924 441 088
- - End Of File - - C23CA6E97E5558C061BB39E35AA965E9
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2045.1048 [GMT 1:00]
Spuštěný z: c:\users\HP\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\$recycle.bin\S-1-5-21-775167349-3143235873-376905341-500
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
c:\users\HP\AppData\Roaming\inst.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-26 do 2010-02-26 )))))))))))))))))))))))))))))))
.
2010-02-26 16:04 . 2010-02-26 16:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-02-26 09:19 . 2010-02-26 09:19 5115824 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-02-26 09:19 . 2010-02-26 09:19 -------- d-----w- c:\users\HP\AppData\Roaming\Malwarebytes
2010-02-26 09:19 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-26 09:19 . 2010-02-26 09:19 -------- d-----w- c:\programdata\Malwarebytes
2010-02-26 09:18 . 2010-02-26 09:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-26 09:18 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-25 09:35 . 2010-01-23 09:26 2048 ----a-w- c:\windows\system32\tzres.dll
2010-02-25 09:33 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2010-02-25 09:33 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc.dll
2010-02-25 09:33 . 2010-01-25 08:21 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-02-25 09:33 . 2010-01-25 08:21 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-02-25 09:33 . 2010-01-25 08:21 518144 ----a-w- c:\windows\system32\RMActivate.exe
2010-02-25 09:33 . 2010-01-25 08:21 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-02-25 09:33 . 2010-01-25 12:00 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-02-25 09:33 . 2010-01-25 12:00 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-02-25 09:33 . 2010-01-25 11:58 332288 ----a-w- c:\windows\system32\msdrm.dll
2010-02-25 09:33 . 2010-01-06 15:39 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-02-25 09:33 . 2010-01-06 15:38 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-02-25 09:33 . 2010-01-06 13:30 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-02-25 09:16 . 2010-02-26 10:47 -------- d-----w- c:\program files\trend micro
2010-02-25 09:16 . 2010-02-25 09:16 -------- d-----w- C:\rsit
2010-02-14 10:33 . 2010-02-14 10:33 -------- d-----w- c:\users\HP\AppData\Roaming\VistaCodecs
2010-02-14 10:32 . 2010-02-14 10:32 -------- d-----w- c:\program files\VistaCodecPack
2010-02-10 17:22 . 2010-02-10 17:22 -------- d-----w- c:\program files\MyAshampoo
2010-02-10 17:22 . 2010-01-20 11:19 52224 ----a-w- c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzqn1e6r.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components\FFExternalAlert.dll
2010-02-10 17:22 . 2010-01-20 11:19 101376 ----a-w- c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzqn1e6r.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components\RadioWMPCore.dll
2010-02-10 08:43 . 2009-12-04 15:56 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-02-10 08:43 . 2009-12-04 15:56 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-04 16:18 . 2010-02-04 16:18 -------- d-----w- c:\program files\MediaInfo
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-26 15:54 . 2009-05-31 14:54 -------- d-----w- c:\users\HP\AppData\Roaming\Skype
2010-02-26 15:07 . 2009-05-31 15:00 -------- d-----w- c:\users\HP\AppData\Roaming\skypePM
2010-02-26 10:46 . 2008-06-09 12:10 598832 ----a-w- c:\windows\system32\perfh005.dat
2010-02-26 10:46 . 2008-06-09 12:10 114992 ----a-w- c:\windows\system32\perfc005.dat
2010-02-26 09:16 . 2009-05-22 12:07 67256 ----a-w- c:\users\HP\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-25 15:29 . 2009-05-22 09:49 12 ----a-w- c:\windows\bthservsdp.dat
2010-02-24 08:16 . 2009-10-03 16:14 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-22 11:06 . 2009-05-30 12:39 1248 ----a-w- c:\users\HP\AppData\Roaming\wklnhst.dat
2010-02-17 16:49 . 2009-06-05 09:53 -------- d-----w- c:\users\HP\AppData\Roaming\Vso
2010-02-14 10:33 . 2009-10-14 13:51 -------- d-----w- c:\programdata\VistaCodecs
2010-02-14 10:24 . 2009-06-27 17:44 -------- d-----w- c:\program files\DivX
2010-02-11 08:16 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-01-30 07:26 . 2009-08-16 08:41 -------- dc-h--w- c:\programdata\{AAAE891E-DC50-4DD4-A79D-C19DDB94E30E}
2010-01-21 10:37 . 2009-06-02 10:47 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-14 16:39 . 2010-01-14 16:39 -------- d-----w- c:\program files\Common Files\Windows Live
2010-01-14 13:59 . 2010-01-14 13:59 -------- d-----w- c:\program files\Alwil Software
2010-01-14 13:45 . 2010-01-11 16:45 -------- d-----w- c:\programdata\avg9
2010-01-11 16:45 . 2010-01-12 09:05 4043032 ----a-w- c:\programdata\avg9\update\backup\avgui.exe
2010-01-11 16:45 . 2010-01-12 09:05 3776280 ----a-w- c:\programdata\avg9\update\backup\setup.exe
2010-01-11 16:45 . 2010-01-12 09:05 2033432 ----a-w- c:\programdata\avg9\update\backup\avgtray.exe
2010-01-11 16:45 . 2010-01-12 09:05 3967256 ----a-w- c:\programdata\avg9\update\backup\avgcorex.dll
2010-01-11 16:45 . 2010-01-12 09:05 2352920 ----a-w- c:\programdata\avg9\update\backup\avgresf.dll
2010-01-11 16:45 . 2010-01-12 09:05 916248 ----a-w- c:\programdata\avg9\update\backup\avgcfgx.dll
2010-01-11 16:45 . 2010-01-11 16:45 -------- d-----w- c:\program files\AVG
2010-01-11 16:35 . 2008-06-09 02:34 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-01-11 16:32 . 2008-06-09 02:34 -------- d-----w- c:\programdata\Symantec
2010-01-06 15:38 . 2010-02-25 09:33 173056 ----a-w- c:\windows\AppPatch\AcXtrnal.dll
2010-01-06 15:38 . 2010-02-25 09:33 2159616 ----a-w- c:\windows\AppPatch\AcGenral.dll
2010-01-06 15:38 . 2010-02-25 09:33 542720 ----a-w- c:\windows\AppPatch\AcLayers.dll
2010-01-06 15:38 . 2010-02-25 09:33 458752 ----a-w- c:\windows\AppPatch\AcSpecfc.dll
2010-01-02 06:38 . 2010-01-23 13:14 916480 ----a-w- c:\windows\system32\wininet.dll
2010-01-02 06:32 . 2010-01-23 13:14 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-01-02 06:32 . 2010-01-23 13:14 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-01-02 04:57 . 2010-01-23 13:14 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-12-24 13:06 . 2009-06-05 09:53 47360 ----a-w- c:\users\HP\AppData\Roaming\pcouffin.sys
2009-12-24 13:06 . 2009-06-05 09:53 47360 ----a-w- c:\users\HP\AppData\Roaming\pcouffin.sys
2009-12-19 11:20 . 2009-12-19 11:20 515848 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-12-11 11:43 . 2010-02-10 09:08 302080 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-11 11:43 . 2010-02-10 09:08 98816 ----a-w- c:\windows\system32\drivers\srvnet.sys
2009-12-08 20:01 . 2010-02-10 09:08 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-12-08 20:01 . 2010-02-10 09:08 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-08 20:01 . 2010-02-10 09:08 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-08 17:26 . 2010-02-10 09:08 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-12-04 18:30 . 2010-02-10 09:08 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2009-12-04 18:29 . 2010-02-10 09:08 1314816 ----a-w- c:\windows\system32\quartz.dll
2009-12-04 18:28 . 2010-02-10 09:08 22528 ----a-w- c:\windows\system32\msyuv.dll
2009-12-04 18:28 . 2010-02-10 09:08 31744 ----a-w- c:\windows\system32\msvidc32.dll
2009-12-04 18:28 . 2010-02-10 09:08 123904 ----a-w- c:\windows\system32\msvfw32.dll
2009-12-04 18:28 . 2010-02-10 09:08 13312 ----a-w- c:\windows\system32\msrle32.dll
2009-12-04 18:28 . 2010-02-10 09:08 82944 ----a-w- c:\windows\system32\mciavi32.dll
2009-12-04 18:28 . 2010-02-10 09:08 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2009-12-04 18:27 . 2010-02-10 09:08 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{31c7d459-9cc3-44f2-9dca-fc11795309b4}"= "c:\program files\IObitCom\tbIObi.dll" [2009-10-01 2166296]
"{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}"= "c:\program files\MyAshampoo\tbMyAs.dll" [2009-12-31 2349080]
[HKEY_CLASSES_ROOT\clsid\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
[HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
2009-10-01 16:29 2166296 ----a-w- c:\program files\IObitCom\tbIObi.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
2009-12-31 10:53 2349080 ----a-w- c:\program files\MyAshampoo\tbMyAs.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{31c7d459-9cc3-44f2-9dca-fc11795309b4}"= "c:\program files\IObitCom\tbIObi.dll" [2009-10-01 2166296]
"{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}"= "c:\program files\MyAshampoo\tbMyAs.dll" [2009-12-31 2349080]
[HKEY_CLASSES_ROOT\clsid\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
[HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{31C7D459-9CC3-44F2-9DCA-FC11795309B4}"= "c:\program files\IObitCom\tbIObi.dll" [2009-10-01 2166296]
"{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}"= "c:\program files\MyAshampoo\tbMyAs.dll" [2009-12-31 2349080]
[HKEY_CLASSES_ROOT\clsid\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
[HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-10-16 2363392]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2008-03-12 699456]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-05-14 468264]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-03-14 202032]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-11-01 554288]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-11-20 488752]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-06-27 442467]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli DPPWDFLT
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):dc,54,67,22,b3,01,ca,01
R0 Amddfltr;Amd Disk Lower Filter Driver;c:\windows\System32\drivers\Amddfltr.sys [22.5.2009 11:04 15416]
R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [14.1.2010 14:59 114768]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\AEstSrv.exe [27.6.2008 19:53 77824]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [14.1.2010 14:59 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [14.1.2010 14:59 53328]
R2 hpsrv;HP Service;c:\windows\System32\hpservice.exe [18.3.2008 15:24 19456]
R2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\SMINST\BLService.exe [9.6.2008 4:54 341328]
R2 vfsFPService;Validity Fingerprint Service;c:\windows\System32\vfsFPService.exe [26.3.2008 17:27 595248]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [9.6.2008 4:06 193840]
R3 enecir;ENE CIR Receiver;c:\windows\System32\drivers\enecir.sys [23.1.2008 22:23 52736]
R3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys [1.4.2008 12:14 81296]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\System32\drivers\mbamswissarmy.sys [26.2.2010 10:19 38224]
R3 vfs101x;vfs101x;c:\windows\System32\drivers\vfs101x.sys [26.3.2008 17:28 40752]
S2 gupdate1ca3a123c4c0689;Služba Google Update (gupdate1ca3a123c4c0689);c:\program files\Google\Update\GoogleUpdate.exe [20.9.2009 17:48 133104]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\System32\drivers\nmwcdnsu.sys [19.3.2009 12:48 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\System32\drivers\nmwcdnsuc.sys [19.3.2009 12:48 8320]
--- Ostatní služby/ovladače v paměti ---
*NewlyCreated* - MBAMSWISSARMY
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-10-16 11:49 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
2010-02-26 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2009-08-22 12:51]
2010-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-20 16:48]
2010-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-20 16:48]
2010-01-28 c:\windows\Tasks\HPCeeScheduleForHP.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-06-09 13:14]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2475029
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=cs_cz&c=83&bd=Pavilion&pf=cnnb
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Stáhnout pomocí USD - c:\ppk\usdown\Ext\downloadie.html
IE: {{230D1201-7607-4CF6-A11F-9E4BF0A333E0} - {0DB13731-CEFD-43CF-A8FD-B61DCBC4D5B8} - c:\program files\Verdict Free\etnxp.dll
IE: {{2C73F784-D2DE-4422-B070-2E3332FE5744} - {0320AC26-52C8-4316-B2C4-24BB6FA73C9A} - c:\program files\Verdict Free\etnxp.dll
FF - ProfilePath - c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzqn1e6r.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&q=
FF - component: c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzqn1e6r.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components\FFExternalAlert.dll
FF - component: c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzqn1e6r.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components\RadioWMPCore.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-26 17:04
Windows 6.0.6002 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'lsass.exe'(696)
c:\windows\system32\DPPWDFLT.dll
.
Celkový čas: 2010-02-26 17:08:04
ComboFix-quarantined-files.txt 2010-02-26 16:08
Před spuštěním: Volných bajtů: 216 705 503 232
Po spuštění: Volných bajtů: 215 924 441 088
- - End Of File - - C23CA6E97E5558C061BB39E35AA965E9
-
- Vzorný návštěvník
- Příspěvky: 479
- Registrován: 18 čer 2008 17:54
- Bydliště: Šutrovec
- Kontaktovat uživatele:
Re: Kontrola logu
Presun ikonu CF na plochu, vypni vsetky otvorene aplikacie, ako aj rezidenty antiviru, antispywaru a firewall a otvor poznamkovy blok. Donho skopiruj:
Uloz na plochu ako CFScript.txt a mysou pretiahni nad ikonou CF.
Program script spracuje a spravi novy log.
Pozor: Ak po aplikacii skriptu nenabehne Windows, restartuj PC, stlac F8 a zvol Poslednu znamu funkcnu konfiguraciu.
Kód: Vybrat vše
KillAll::
Folder::
c:\programdata\avg9
c:\program files\AVG
c:\program files\Common Files\Symantec Shared
c:\programdata\Symantec
c:\program files\IObitCom
c:\program files\IObit
Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{31c7d459-9cc3-44f2-9dca-fc11795309b4}"=-
"{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}"=-
[-HKEY_CLASSES_ROOT\clsid\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
[-HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{31c7d459-9cc3-44f2-9dca-fc11795309b4}"=-
"{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}"=-
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{31C7D459-9CC3-44F2-9DCA-FC11795309B4}"=-
"{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}"=-
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000000
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
File::
c:\windows\Tasks\AWC Startup.job
RegLockDel::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
DDS::
uStart Page = hxxp://search.conduit.com?SearchSource= ... =CT2475029
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
FireFox::
FF - ProfilePath - c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzqn1e6r.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.as ... 2475029&q=
Program script spracuje a spravi novy log.
Pozor: Ak po aplikacii skriptu nenabehne Windows, restartuj PC, stlac F8 a zvol Poslednu znamu funkcnu konfiguraciu.
Ja som skromný, mám len dve veci do podpisu...
1) Chcete pomôcť fóru? Podporte ho_!!
2) Prosím všetkých, ktorí majú problém:
- založte si vlastný topic a do 1. prispevku vložte log z RSIT a presný stručný popis problému.
- bez odporúčania nespúšťajte ŽIADEN iný program nájdený na fóre/internete.
- needitujte a nemažte príspevky.
- dodržujte inštrukcie a nerobte nič naviac (z vlastnej iniciatívy).
1) Chcete pomôcť fóru? Podporte ho_!!
2) Prosím všetkých, ktorí majú problém:
- založte si vlastný topic a do 1. prispevku vložte log z RSIT a presný stručný popis problému.
- bez odporúčania nespúšťajte ŽIADEN iný program nájdený na fóre/internete.
- needitujte a nemažte príspevky.
- dodržujte inštrukcie a nerobte nič naviac (z vlastnej iniciatívy).
Re: Kontrola logu
asi tam neco bylo...
ComboFix 10-02-26.01 - HP 26.02.2010 20:14:34.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2045.962 [GMT 1:00]
Spuštěný z: c:\users\HP\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\HP\Desktop\CFScript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
FILE ::
"c:\windows\Tasks\AWC Startup.job"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\AVG
c:\program files\Common Files\Symantec Shared
c:\program files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll
c:\program files\IObit
c:\program files\IObit\Advanced SystemCare 3\AutoCare.exe
c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe
c:\program files\IObit\Advanced SystemCare 3\AWC.exe
c:\program files\IObit\Advanced SystemCare 3\AWCInit.exe
c:\program files\IObit\Advanced SystemCare 3\AwcSchedule.dll
c:\program files\IObit\Advanced SystemCare 3\ContextMenu.exe
c:\program files\IObit\Advanced SystemCare 3\CookiesBK.pln
c:\program files\IObit\Advanced SystemCare 3\CoolTrayIcon_D6plus.bpl
c:\program files\IObit\Advanced SystemCare 3\Def.dbd
c:\program files\IObit\Advanced SystemCare 3\ESR.exe
c:\program files\IObit\Advanced SystemCare 3\EULA.rtf
c:\program files\IObit\Advanced SystemCare 3\FFSweep.dll
c:\program files\IObit\Advanced SystemCare 3\FileSweep.dll
c:\program files\IObit\Advanced SystemCare 3\Help.html
c:\program files\IObit\Advanced SystemCare 3\IEFavBK.pln
c:\program files\IObit\Advanced SystemCare 3\Images\care.png
c:\program files\IObit\Advanced SystemCare 3\Images\ds.png
c:\program files\IObit\Advanced SystemCare 3\Images\home.png
c:\program files\IObit\Advanced SystemCare 3\Images\mw.png
c:\program files\IObit\Advanced SystemCare 3\Images\tips.jpg
c:\program files\IObit\Advanced SystemCare 3\Images\tips2.jpg
c:\program files\IObit\Advanced SystemCare 3\Images\ut.png
c:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe
c:\program files\IObit\Advanced SystemCare 3\Language\Albanian.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Brasil.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Czech.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Dansk.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Dutch.lng
c:\program files\IObit\Advanced SystemCare 3\Language\English.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Finnish.lng
c:\program files\IObit\Advanced SystemCare 3\Language\French.lng
c:\program files\IObit\Advanced SystemCare 3\Language\German.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Hebrew.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Hungarian.lng
c:\program files\IObit\Advanced SystemCare 3\Language\ChineseSimp.lng
c:\program files\IObit\Advanced SystemCare 3\Language\ChineseTrad.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Italiano.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Japanese.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Korean.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Persian.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Polish.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Romanian.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Russian.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Spanish.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Srpski.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Svenska.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Swedish.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Turkish.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Ukrainian.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Valencian.lng
c:\program files\IObit\Advanced SystemCare 3\License.dat
c:\program files\IObit\Advanced SystemCare 3\News\bnews.html
c:\program files\IObit\Advanced SystemCare 3\News\Css\bstyle.css
c:\program files\IObit\Advanced SystemCare 3\News\Css\wstyle.css
c:\program files\IObit\Advanced SystemCare 3\News\wnews.html
c:\program files\IObit\Advanced SystemCare 3\NtfsData.dll
c:\program files\IObit\Advanced SystemCare 3\RegeditBK.pln
c:\program files\IObit\Advanced SystemCare 3\Registration.exe
c:\program files\IObit\Advanced SystemCare 3\Routine.dll
c:\program files\IObit\Advanced SystemCare 3\rtl70.bpl
c:\program files\IObit\Advanced SystemCare 3\servicelist_vista.ini
c:\program files\IObit\Advanced SystemCare 3\servicelist_xp.ini
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_01.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_01_mouseover.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_02.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_02_mouseover.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_03.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_03_mouseover.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_04.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_04_mouseover.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Button_bg_down.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Button_bg_left.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Button_bg_right.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Button_bg_up.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Bg_Content.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\BG_Main.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Care_Button_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Care_Button_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Care_Button_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Care_Button_en_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Care_Button_en_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Care_Button_en_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Close1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Close2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Content_bg_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Content_bg_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Content_bg_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Flag.ico
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Check.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Checked.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Layout.ini
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Min1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Min2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\scan.avi
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Shadow.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_Bottom.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_Selected_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_Selected_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_Selected_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_UnSelected_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_UnSelected_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_UnSelected_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Title.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\UnCheck.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Unchecked.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Upgrade1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Upgrade2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_01.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_01_mouseover.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_02.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_02_mouseover.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_03.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_03_mouseover.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_04.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_04_mouseover.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Button_bg_down.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Button_bg_left.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Button_bg_right.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Button_bg_up.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Bg_Content.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\BG_Main.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Care_Button_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Care_Button_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Care_Button_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Care_Button_en_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Care_Button_en_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Care_Button_en_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Close1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Close2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Content_bg_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Content_bg_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Content_bg_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Flag.ico
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Check.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Checked.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Layout.ini
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Min1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Min2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\scan.avi
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Shadow.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_Bottom.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_BottomLine.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_Selected_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_Selected_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_Selected_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_UnSelected_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_UnSelected_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_UnSelected_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Title.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\UnCheck.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Unchecked.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Upgrade1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Upgrade2.png
c:\program files\IObit\Advanced SystemCare 3\sqlite3.dll
c:\program files\IObit\Advanced SystemCare 3\STFix.dll
c:\program files\IObit\Advanced SystemCare 3\Sup_DiskCleaner.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_DiskChk.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_GameBooster.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_InternetBooster.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_IS360.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_ISD.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_RegistryDefrag.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_RN.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_ShortcutsFixer.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe
c:\program files\IObit\Advanced SystemCare 3\Sus_DriverBackUp.exe
c:\program files\IObit\Advanced SystemCare 3\Sus_PIeHelp.exe
c:\program files\IObit\Advanced SystemCare 3\Sus_SystemBackup.exe
c:\program files\IObit\Advanced SystemCare 3\Sus_SystemFileScan.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_AutoShutDown.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_ClonedFilesFinder.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_ContextManager.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_DiskExplorer.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_RestoreCenter.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_SoftUninstaller.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_StartUpManager.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_SysInfo.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_WinManager.exe
c:\program files\IObit\Advanced SystemCare 3\unins000.dat
c:\program files\IObit\Advanced SystemCare 3\unins000.exe
c:\program files\IObit\Advanced SystemCare 3\unins000.msg
c:\program files\IObit\Advanced SystemCare 3\Update History.txt
c:\program files\IObit\Advanced SystemCare 3\Update\awc3check.upt
c:\program files\IObit\Advanced SystemCare 3\UpdateLog.txt
c:\program files\IObit\Advanced SystemCare 3\vcl70.bpl
c:\program files\IObit\Advanced SystemCare 3\vclx70.bpl
c:\program files\IObit\Advanced SystemCare 3\winSkinD7R.bpl
c:\program files\IObit\Advanced SystemCare 3\Wizard.exe
c:\program files\IObitCom
c:\program files\IObitCom\INSTALL.LOG
c:\program files\IObitCom\IObitComToolbarHelper.exe
c:\program files\IObitCom\tbIObi.dll
c:\program files\IObitCom\toolbar.cfg
c:\program files\IObitCom\UNWISE.EXE
c:\programdata\avg9
c:\programdata\avg9\Cfg\changecfgreg.cfg
c:\programdata\avg9\Cfg\krnl.cfg
c:\programdata\avg9\Cfg\mail.cfg
c:\programdata\avg9\Cfg\malrep.cfg
c:\programdata\avg9\Cfg\scan.cfg
c:\programdata\avg9\Cfg\sched.cfg
c:\programdata\avg9\Cfg\update.cfg
c:\programdata\avg9\Cfg\user.cfg
c:\programdata\avg9\CfgAll\falsealarm.cfg
c:\programdata\avg9\CfgAll\krnlall.cfg
c:\programdata\avg9\CfgAll\updateall.cfg
c:\programdata\avg9\emc\Log\emc.log
c:\programdata\avg9\Log\avgcfg.log
c:\programdata\avg9\Log\avgcfg.log.lock
c:\programdata\avg9\Log\avgcore.log
c:\programdata\avg9\Log\avgcore.log.1
c:\programdata\avg9\Log\avgcore.log.2
c:\programdata\avg9\Log\avgcore.log.lock
c:\programdata\avg9\Log\avgfrw.log
c:\programdata\avg9\Log\avgfrw.log.lock
c:\programdata\avg9\Log\avgchjw.log
c:\programdata\avg9\Log\avgchjw.log.lock
c:\programdata\avg9\Log\avgchjwsrv.log
c:\programdata\avg9\Log\avgchjwsrv.log.lock
c:\programdata\avg9\Log\avgldr.log
c:\programdata\avg9\Log\avgldr.log.lock
c:\programdata\avg9\Log\avglng.log
c:\programdata\avg9\Log\avglng.log.lock
c:\programdata\avg9\Log\avgns.log
c:\programdata\avg9\Log\avgns.log.lock
c:\programdata\avg9\Log\avgrs.log
c:\programdata\avg9\Log\avgrs.log.1
c:\programdata\avg9\Log\avgrs.log.lock
c:\programdata\avg9\Log\avgscan.log
c:\programdata\avg9\Log\avgscan.log.lock
c:\programdata\avg9\Log\avgsched.log
c:\programdata\avg9\Log\avgsched.log.1
c:\programdata\avg9\Log\avgsched.log.lock
c:\programdata\avg9\Log\avgsrm.log
c:\programdata\avg9\Log\avgsrm.log.lock
c:\programdata\avg9\Log\avgsrmacstat.log
c:\programdata\avg9\Log\avgsrmacstat.log.lock
c:\programdata\avg9\Log\avgtdi.log
c:\programdata\avg9\Log\avgtdi.log.lock
c:\programdata\avg9\Log\avgui.log
c:\programdata\avg9\Log\avgui.log.lock
c:\programdata\avg9\Log\avgupd.log
c:\programdata\avg9\Log\avgupd.log.lock
c:\programdata\avg9\Log\avgwd.log
c:\programdata\avg9\Log\avgwd.log.1
c:\programdata\avg9\Log\avgwd.log.2
c:\programdata\avg9\Log\avgwd.log.3
c:\programdata\avg9\Log\avgwd.log.lock
c:\programdata\avg9\Log\avgwdsvc.log
c:\programdata\avg9\Log\avgwdsvc.log.lock
c:\programdata\avg9\Log\fixcfg.log
c:\programdata\avg9\Log\fixcfg.log.lock
c:\programdata\avg9\Log\history.xml
c:\programdata\avg9\Log\vault.log
c:\programdata\avg9\Log\vault.log.lock
c:\programdata\avg9\scanlogs\I_00000005.log
c:\programdata\avg9\scanlogs\I_00000006.log
c:\programdata\avg9\scanlogs\I_00000007.log
c:\programdata\avg9\scanlogs\srm.idx
c:\programdata\avg9\Temp\014c79f4-f067-4e05-a740-29c45d01bbcb-290-oopp.tmp
c:\programdata\avg9\Temp\0bebbf9a-f54e-451d-bd44-eaf8bfc8fd1f-290-oopp.tmp
c:\programdata\avg9\Temp\0e9b47f8-b542-4f88-9c84-9093066d63ac-290-oopp.tmp
c:\programdata\avg9\Temp\1c563855-6006-43fe-980b-9e0feac32c83-290-oopp.tmp
c:\programdata\avg9\Temp\29a5e578-793b-49be-bfdd-15e7b475ecc5-11a8-oopp.tmp
c:\programdata\avg9\Temp\9f528345-6f54-4cfb-ba67-159eb9f48e0d-290-oopp.tmp
c:\programdata\avg9\Temp\a9574aaf-3824-4727-89be-3fce59c35850-290-oopp.tmp
c:\programdata\avg9\Temp\ab2d9b27-ef80-4f1e-9a8e-abd5c6d37cc1-290-oopp.tmp
c:\programdata\avg9\Temp\b35e0a2d-c5aa-40bc-a0bf-6bfb046f8764-280-oopp.tmp
c:\programdata\avg9\Temp\cde1aaec-4418-4872-a360-2806bbdf1f09-290-oopp.tmp
c:\programdata\avg9\Temp\d75b27a6-b45b-4e1c-81a7-69f8fb54d3a7-474-oopp.tmp
c:\programdata\avg9\Temp\e9993d64-2ad7-454e-aadb-e98da504e094-290-oopp.tmp
c:\programdata\avg9\Temp\file9514.tmp
c:\programdata\avg9\update\backup\avg9cz.lng
c:\programdata\avg9\update\backup\avg9us.lng
c:\programdata\avg9\update\backup\avgcfgx.dll
c:\programdata\avg9\update\backup\avgcorex.dll
c:\programdata\avg9\update\backup\avgresf.dll
c:\programdata\avg9\update\backup\avgtray.exe
c:\programdata\avg9\update\backup\avgui.exe
c:\programdata\avg9\update\backup\incavi.avm
c:\programdata\avg9\update\backup\microavi.avg
c:\programdata\avg9\update\backup\sb.dat
c:\programdata\avg9\update\backup\sb.dat.xcd
c:\programdata\avg9\update\backup\sb2.dat
c:\programdata\avg9\update\backup\sc.dat
c:\programdata\avg9\update\backup\sc.dat.xcd
c:\programdata\avg9\update\backup\setup.dat
c:\programdata\avg9\update\backup\setup.exe
c:\programdata\avg9\update\backup\setupcz.lns
c:\programdata\avg9\update\backup\setupus.lns
c:\programdata\avg9\update\prepare\temp\cty.cty
c:\programdata\Symantec
c:\programdata\Symantec\Definitions\VirusDefs\Cat.DB
c:\programdata\Symantec\Definitions\VirusDefs\umcat_01.db
c:\programdata\Symantec\LiveUpdate\Settings.LiveUpdate
c:\programdata\Symantec\symdata.xml
c:\windows\Tasks\AWC Startup.job
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-26 do 2010-02-26 )))))))))))))))))))))))))))))))
.
2010-02-26 19:23 . 2010-02-26 19:27 -------- d-----w- c:\users\HP\AppData\Local\temp
2010-02-26 19:23 . 2010-02-26 19:23 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-02-26 19:23 . 2010-02-26 19:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-02-26 16:16 . 2010-02-26 16:16 -------- d-----w- c:\programdata\WindowsSearch
2010-02-26 09:19 . 2010-02-26 09:19 -------- d-----w- c:\users\HP\AppData\Roaming\Malwarebytes
2010-02-26 09:19 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-26 09:19 . 2010-02-26 09:19 -------- d-----w- c:\programdata\Malwarebytes
2010-02-26 09:18 . 2010-02-26 09:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-26 09:18 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-25 09:35 . 2010-01-23 09:26 2048 ----a-w- c:\windows\system32\tzres.dll
2010-02-25 09:33 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2010-02-25 09:33 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc.dll
2010-02-25 09:33 . 2010-01-25 08:21 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-02-25 09:33 . 2010-01-25 08:21 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-02-25 09:33 . 2010-01-25 08:21 518144 ----a-w- c:\windows\system32\RMActivate.exe
2010-02-25 09:33 . 2010-01-25 08:21 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-02-25 09:33 . 2010-01-25 12:00 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-02-25 09:33 . 2010-01-25 12:00 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-02-25 09:33 . 2010-01-25 11:58 332288 ----a-w- c:\windows\system32\msdrm.dll
2010-02-25 09:33 . 2010-01-06 15:39 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-02-25 09:33 . 2010-01-06 15:38 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-02-25 09:33 . 2010-01-06 13:30 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-02-25 09:16 . 2010-02-26 10:47 -------- d-----w- c:\program files\trend micro
2010-02-25 09:16 . 2010-02-25 09:16 -------- d-----w- C:\rsit
2010-02-14 10:33 . 2010-02-14 10:33 -------- d-----w- c:\users\HP\AppData\Roaming\VistaCodecs
2010-02-14 10:32 . 2010-02-14 10:32 -------- d-----w- c:\program files\VistaCodecPack
2010-02-10 17:22 . 2010-02-10 17:22 -------- d-----w- c:\program files\MyAshampoo
2010-02-10 08:43 . 2009-12-04 15:56 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-02-10 08:43 . 2009-12-04 15:56 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-04 16:18 . 2010-02-04 16:18 -------- d-----w- c:\program files\MediaInfo
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-26 19:28 . 2009-05-31 14:54 -------- d-----w- c:\users\HP\AppData\Roaming\Skype
2010-02-26 19:27 . 2009-05-31 15:00 -------- d-----w- c:\users\HP\AppData\Roaming\skypePM
2010-02-26 19:23 . 2009-05-22 09:49 1076 ----a-w- c:\windows\bthservsdp.dat
2010-02-26 19:11 . 2008-06-09 12:10 598832 ----a-w- c:\windows\system32\perfh005.dat
2010-02-26 19:11 . 2008-06-09 12:10 114992 ----a-w- c:\windows\system32\perfc005.dat
2010-02-26 09:19 . 2010-02-26 09:19 5115824 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-02-26 09:16 . 2009-05-22 12:07 67256 ----a-w- c:\users\HP\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-24 08:16 . 2009-10-03 16:14 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-22 11:06 . 2009-05-30 12:39 1248 ----a-w- c:\users\HP\AppData\Roaming\wklnhst.dat
2010-02-17 16:49 . 2009-06-05 09:53 -------- d-----w- c:\users\HP\AppData\Roaming\Vso
2010-02-14 10:33 . 2009-10-14 13:51 -------- d-----w- c:\programdata\VistaCodecs
2010-02-14 10:24 . 2009-06-27 17:44 -------- d-----w- c:\program files\DivX
2010-02-11 08:16 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-01-30 07:26 . 2009-08-16 08:41 -------- dc-h--w- c:\programdata\{AAAE891E-DC50-4DD4-A79D-C19DDB94E30E}
2010-01-21 10:37 . 2009-06-02 10:47 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-20 11:19 . 2010-02-10 17:22 52224 ----a-w- c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzqn1e6r.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components\FFExternalAlert.dll
2010-01-20 11:19 . 2010-02-10 17:22 101376 ----a-w- c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzqn1e6r.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components\RadioWMPCore.dll
2010-01-14 16:39 . 2010-01-14 16:39 -------- d-----w- c:\program files\Common Files\Windows Live
2010-01-14 13:59 . 2010-01-14 13:59 -------- d-----w- c:\program files\Alwil Software
2010-01-02 06:38 . 2010-01-23 13:14 916480 ----a-w- c:\windows\system32\wininet.dll
2010-01-02 06:32 . 2010-01-23 13:14 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-01-02 06:32 . 2010-01-23 13:14 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-01-02 04:57 . 2010-01-23 13:14 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-12-24 13:06 . 2009-06-05 09:53 47360 ----a-w- c:\users\HP\AppData\Roaming\pcouffin.sys
2009-12-24 13:06 . 2009-06-05 09:53 47360 ----a-w- c:\users\HP\AppData\Roaming\pcouffin.sys
2009-12-19 11:20 . 2009-12-19 11:20 515848 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-12-11 11:43 . 2010-02-10 09:08 302080 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-11 11:43 . 2010-02-10 09:08 98816 ----a-w- c:\windows\system32\drivers\srvnet.sys
2009-12-08 20:01 . 2010-02-10 09:08 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-12-08 20:01 . 2010-02-10 09:08 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-08 20:01 . 2010-02-10 09:08 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-08 17:26 . 2010-02-10 09:08 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-12-04 18:30 . 2010-02-10 09:08 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2009-12-04 18:29 . 2010-02-10 09:08 1314816 ----a-w- c:\windows\system32\quartz.dll
2009-12-04 18:28 . 2010-02-10 09:08 22528 ----a-w- c:\windows\system32\msyuv.dll
2009-12-04 18:28 . 2010-02-10 09:08 31744 ----a-w- c:\windows\system32\msvidc32.dll
2009-12-04 18:28 . 2010-02-10 09:08 123904 ----a-w- c:\windows\system32\msvfw32.dll
2009-12-04 18:28 . 2010-02-10 09:08 13312 ----a-w- c:\windows\system32\msrle32.dll
2009-12-04 18:28 . 2010-02-10 09:08 82944 ----a-w- c:\windows\system32\mciavi32.dll
2009-12-04 18:28 . 2010-02-10 09:08 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2009-12-04 18:27 . 2010-02-10 09:08 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-10-16 2363392]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2008-03-12 699456]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-05-14 468264]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-03-14 202032]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-11-01 554288]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-11-20 488752]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-06-27 442467]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli DPPWDFLT
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):dc,54,67,22,b3,01,ca,01
R0 Amddfltr;Amd Disk Lower Filter Driver;c:\windows\System32\drivers\Amddfltr.sys [22.5.2009 11:04 15416]
R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [14.1.2010 14:59 114768]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\AEstSrv.exe [27.6.2008 19:53 77824]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [14.1.2010 14:59 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [14.1.2010 14:59 53328]
R2 hpsrv;HP Service;c:\windows\System32\hpservice.exe [18.3.2008 15:24 19456]
R2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\SMINST\BLService.exe [9.6.2008 4:54 341328]
R2 vfsFPService;Validity Fingerprint Service;c:\windows\System32\vfsFPService.exe [26.3.2008 17:27 595248]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [9.6.2008 4:06 193840]
R3 enecir;ENE CIR Receiver;c:\windows\System32\drivers\enecir.sys [23.1.2008 22:23 52736]
R3 vfs101x;vfs101x;c:\windows\System32\drivers\vfs101x.sys [26.3.2008 17:28 40752]
S2 gupdate1ca3a123c4c0689;Služba Google Update (gupdate1ca3a123c4c0689);c:\program files\Google\Update\GoogleUpdate.exe [20.9.2009 17:48 133104]
S3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys [1.4.2008 12:14 81296]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\System32\drivers\nmwcdnsu.sys [19.3.2009 12:48 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\System32\drivers\nmwcdnsuc.sys [19.3.2009 12:48 8320]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-10-16 11:49 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
2010-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-20 16:48]
2010-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-20 16:48]
2010-02-26 c:\windows\Tasks\HPCeeScheduleForHP.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-06-09 13:14]
.
.
------- Doplňkový sken -------
.
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Stáhnout pomocí USD - c:\ppk\usdown\Ext\downloadie.html
IE: {{230D1201-7607-4CF6-A11F-9E4BF0A333E0} - {0DB13731-CEFD-43CF-A8FD-B61DCBC4D5B8} - c:\program files\Verdict Free\etnxp.dll
IE: {{2C73F784-D2DE-4422-B070-2E3332FE5744} - {0320AC26-52C8-4316-B2C4-24BB6FA73C9A} - c:\program files\Verdict Free\etnxp.dll
FF - ProfilePath - c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzqn1e6r.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - component: c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzqn1e6r.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components\FFExternalAlert.dll
FF - component: c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzqn1e6r.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components\RadioWMPCore.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-Advanced SystemCare 3_is1 - c:\program files\IObit\Advanced SystemCare 3\unins000.exe
AddRemove-IObitCom Toolbar - c:\progra~1\IObitCom\UNWISE.EXE
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-26 20:27
Windows 6.0.6002 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'lsass.exe'(664)
c:\windows\system32\DPPWDFLT.dll
- - - - - - - > 'Explorer.exe'(4720)
c:\program files\DigitalPersona\Bin\DpoFeedb.dll
c:\windows\system32\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\WLANExt.exe
c:\program files\DigitalPersona\Bin\DpHostW.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPSched.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conime.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Alwil Software\Avast4\ashDisp.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Hewlett-Packard\Shared\HpqToaster.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\system32\msiexec.exe
.
**************************************************************************
.
Celkový čas: 2010-02-26 20:35:55 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-02-26 19:35
ComboFix2.txt 2010-02-26 16:08
Před spuštěním: Volných bajtů: 215 952 109 568
Po spuštění: Volných bajtů: 216 347 574 272
- - End Of File - - 96CB3BB386252F9E26C72C28DEC4CA19
ComboFix 10-02-26.01 - HP 26.02.2010 20:14:34.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2045.962 [GMT 1:00]
Spuštěný z: c:\users\HP\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\HP\Desktop\CFScript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
FILE ::
"c:\windows\Tasks\AWC Startup.job"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\AVG
c:\program files\Common Files\Symantec Shared
c:\program files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll
c:\program files\IObit
c:\program files\IObit\Advanced SystemCare 3\AutoCare.exe
c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe
c:\program files\IObit\Advanced SystemCare 3\AWC.exe
c:\program files\IObit\Advanced SystemCare 3\AWCInit.exe
c:\program files\IObit\Advanced SystemCare 3\AwcSchedule.dll
c:\program files\IObit\Advanced SystemCare 3\ContextMenu.exe
c:\program files\IObit\Advanced SystemCare 3\CookiesBK.pln
c:\program files\IObit\Advanced SystemCare 3\CoolTrayIcon_D6plus.bpl
c:\program files\IObit\Advanced SystemCare 3\Def.dbd
c:\program files\IObit\Advanced SystemCare 3\ESR.exe
c:\program files\IObit\Advanced SystemCare 3\EULA.rtf
c:\program files\IObit\Advanced SystemCare 3\FFSweep.dll
c:\program files\IObit\Advanced SystemCare 3\FileSweep.dll
c:\program files\IObit\Advanced SystemCare 3\Help.html
c:\program files\IObit\Advanced SystemCare 3\IEFavBK.pln
c:\program files\IObit\Advanced SystemCare 3\Images\care.png
c:\program files\IObit\Advanced SystemCare 3\Images\ds.png
c:\program files\IObit\Advanced SystemCare 3\Images\home.png
c:\program files\IObit\Advanced SystemCare 3\Images\mw.png
c:\program files\IObit\Advanced SystemCare 3\Images\tips.jpg
c:\program files\IObit\Advanced SystemCare 3\Images\tips2.jpg
c:\program files\IObit\Advanced SystemCare 3\Images\ut.png
c:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe
c:\program files\IObit\Advanced SystemCare 3\Language\Albanian.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Brasil.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Czech.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Dansk.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Dutch.lng
c:\program files\IObit\Advanced SystemCare 3\Language\English.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Finnish.lng
c:\program files\IObit\Advanced SystemCare 3\Language\French.lng
c:\program files\IObit\Advanced SystemCare 3\Language\German.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Hebrew.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Hungarian.lng
c:\program files\IObit\Advanced SystemCare 3\Language\ChineseSimp.lng
c:\program files\IObit\Advanced SystemCare 3\Language\ChineseTrad.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Italiano.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Japanese.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Korean.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Persian.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Polish.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Romanian.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Russian.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Spanish.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Srpski.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Svenska.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Swedish.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Turkish.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Ukrainian.lng
c:\program files\IObit\Advanced SystemCare 3\Language\Valencian.lng
c:\program files\IObit\Advanced SystemCare 3\License.dat
c:\program files\IObit\Advanced SystemCare 3\News\bnews.html
c:\program files\IObit\Advanced SystemCare 3\News\Css\bstyle.css
c:\program files\IObit\Advanced SystemCare 3\News\Css\wstyle.css
c:\program files\IObit\Advanced SystemCare 3\News\wnews.html
c:\program files\IObit\Advanced SystemCare 3\NtfsData.dll
c:\program files\IObit\Advanced SystemCare 3\RegeditBK.pln
c:\program files\IObit\Advanced SystemCare 3\Registration.exe
c:\program files\IObit\Advanced SystemCare 3\Routine.dll
c:\program files\IObit\Advanced SystemCare 3\rtl70.bpl
c:\program files\IObit\Advanced SystemCare 3\servicelist_vista.ini
c:\program files\IObit\Advanced SystemCare 3\servicelist_xp.ini
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_01.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_01_mouseover.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_02.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_02_mouseover.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_03.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_03_mouseover.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_04.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Btn_04_mouseover.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Button_bg_down.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Button_bg_left.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Button_bg_right.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\4C_Button_bg_up.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Bg_Content.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\BG_Main.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Care_Button_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Care_Button_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Care_Button_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Care_Button_en_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Care_Button_en_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Care_Button_en_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Close1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Close2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Content_bg_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Content_bg_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Content_bg_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Flag.ico
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Check.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Checked.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Layout.ini
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Min1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Min2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\scan.avi
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Shadow.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_Bottom.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_Selected_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_Selected_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_Selected_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_UnSelected_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_UnSelected_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Tab_UnSelected_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Title.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\UnCheck.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Unchecked.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Upgrade1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\Black\Upgrade2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_01.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_01_mouseover.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_02.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_02_mouseover.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_03.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_03_mouseover.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_04.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Btn_04_mouseover.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Button_bg_down.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Button_bg_left.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Button_bg_right.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\4C_Button_bg_up.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Bg_Content.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\BG_Main.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Care_Button_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Care_Button_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Care_Button_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Care_Button_en_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Care_Button_en_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Care_Button_en_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Close1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Close2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Content_bg_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Content_bg_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Content_bg_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Flag.ico
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Check.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Checked.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Layout.ini
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Min1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Min2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\scan.avi
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Shadow.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_Bottom.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_BottomLine.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_Selected_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_Selected_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_Selected_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_UnSelected_1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_UnSelected_2.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Tab_UnSelected_3.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Title.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\UnCheck.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Unchecked.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Upgrade1.png
c:\program files\IObit\Advanced SystemCare 3\Skin\White\Upgrade2.png
c:\program files\IObit\Advanced SystemCare 3\sqlite3.dll
c:\program files\IObit\Advanced SystemCare 3\STFix.dll
c:\program files\IObit\Advanced SystemCare 3\Sup_DiskCleaner.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_DiskChk.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_GameBooster.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_InternetBooster.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_IS360.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_ISD.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_RegistryDefrag.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_RN.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_ShortcutsFixer.exe
c:\program files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe
c:\program files\IObit\Advanced SystemCare 3\Sus_DriverBackUp.exe
c:\program files\IObit\Advanced SystemCare 3\Sus_PIeHelp.exe
c:\program files\IObit\Advanced SystemCare 3\Sus_SystemBackup.exe
c:\program files\IObit\Advanced SystemCare 3\Sus_SystemFileScan.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_AutoShutDown.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_ClonedFilesFinder.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_ContextManager.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_DiskExplorer.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_RestoreCenter.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_SoftUninstaller.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_StartUpManager.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_SysInfo.exe
c:\program files\IObit\Advanced SystemCare 3\Sut_WinManager.exe
c:\program files\IObit\Advanced SystemCare 3\unins000.dat
c:\program files\IObit\Advanced SystemCare 3\unins000.exe
c:\program files\IObit\Advanced SystemCare 3\unins000.msg
c:\program files\IObit\Advanced SystemCare 3\Update History.txt
c:\program files\IObit\Advanced SystemCare 3\Update\awc3check.upt
c:\program files\IObit\Advanced SystemCare 3\UpdateLog.txt
c:\program files\IObit\Advanced SystemCare 3\vcl70.bpl
c:\program files\IObit\Advanced SystemCare 3\vclx70.bpl
c:\program files\IObit\Advanced SystemCare 3\winSkinD7R.bpl
c:\program files\IObit\Advanced SystemCare 3\Wizard.exe
c:\program files\IObitCom
c:\program files\IObitCom\INSTALL.LOG
c:\program files\IObitCom\IObitComToolbarHelper.exe
c:\program files\IObitCom\tbIObi.dll
c:\program files\IObitCom\toolbar.cfg
c:\program files\IObitCom\UNWISE.EXE
c:\programdata\avg9
c:\programdata\avg9\Cfg\changecfgreg.cfg
c:\programdata\avg9\Cfg\krnl.cfg
c:\programdata\avg9\Cfg\mail.cfg
c:\programdata\avg9\Cfg\malrep.cfg
c:\programdata\avg9\Cfg\scan.cfg
c:\programdata\avg9\Cfg\sched.cfg
c:\programdata\avg9\Cfg\update.cfg
c:\programdata\avg9\Cfg\user.cfg
c:\programdata\avg9\CfgAll\falsealarm.cfg
c:\programdata\avg9\CfgAll\krnlall.cfg
c:\programdata\avg9\CfgAll\updateall.cfg
c:\programdata\avg9\emc\Log\emc.log
c:\programdata\avg9\Log\avgcfg.log
c:\programdata\avg9\Log\avgcfg.log.lock
c:\programdata\avg9\Log\avgcore.log
c:\programdata\avg9\Log\avgcore.log.1
c:\programdata\avg9\Log\avgcore.log.2
c:\programdata\avg9\Log\avgcore.log.lock
c:\programdata\avg9\Log\avgfrw.log
c:\programdata\avg9\Log\avgfrw.log.lock
c:\programdata\avg9\Log\avgchjw.log
c:\programdata\avg9\Log\avgchjw.log.lock
c:\programdata\avg9\Log\avgchjwsrv.log
c:\programdata\avg9\Log\avgchjwsrv.log.lock
c:\programdata\avg9\Log\avgldr.log
c:\programdata\avg9\Log\avgldr.log.lock
c:\programdata\avg9\Log\avglng.log
c:\programdata\avg9\Log\avglng.log.lock
c:\programdata\avg9\Log\avgns.log
c:\programdata\avg9\Log\avgns.log.lock
c:\programdata\avg9\Log\avgrs.log
c:\programdata\avg9\Log\avgrs.log.1
c:\programdata\avg9\Log\avgrs.log.lock
c:\programdata\avg9\Log\avgscan.log
c:\programdata\avg9\Log\avgscan.log.lock
c:\programdata\avg9\Log\avgsched.log
c:\programdata\avg9\Log\avgsched.log.1
c:\programdata\avg9\Log\avgsched.log.lock
c:\programdata\avg9\Log\avgsrm.log
c:\programdata\avg9\Log\avgsrm.log.lock
c:\programdata\avg9\Log\avgsrmacstat.log
c:\programdata\avg9\Log\avgsrmacstat.log.lock
c:\programdata\avg9\Log\avgtdi.log
c:\programdata\avg9\Log\avgtdi.log.lock
c:\programdata\avg9\Log\avgui.log
c:\programdata\avg9\Log\avgui.log.lock
c:\programdata\avg9\Log\avgupd.log
c:\programdata\avg9\Log\avgupd.log.lock
c:\programdata\avg9\Log\avgwd.log
c:\programdata\avg9\Log\avgwd.log.1
c:\programdata\avg9\Log\avgwd.log.2
c:\programdata\avg9\Log\avgwd.log.3
c:\programdata\avg9\Log\avgwd.log.lock
c:\programdata\avg9\Log\avgwdsvc.log
c:\programdata\avg9\Log\avgwdsvc.log.lock
c:\programdata\avg9\Log\fixcfg.log
c:\programdata\avg9\Log\fixcfg.log.lock
c:\programdata\avg9\Log\history.xml
c:\programdata\avg9\Log\vault.log
c:\programdata\avg9\Log\vault.log.lock
c:\programdata\avg9\scanlogs\I_00000005.log
c:\programdata\avg9\scanlogs\I_00000006.log
c:\programdata\avg9\scanlogs\I_00000007.log
c:\programdata\avg9\scanlogs\srm.idx
c:\programdata\avg9\Temp\014c79f4-f067-4e05-a740-29c45d01bbcb-290-oopp.tmp
c:\programdata\avg9\Temp\0bebbf9a-f54e-451d-bd44-eaf8bfc8fd1f-290-oopp.tmp
c:\programdata\avg9\Temp\0e9b47f8-b542-4f88-9c84-9093066d63ac-290-oopp.tmp
c:\programdata\avg9\Temp\1c563855-6006-43fe-980b-9e0feac32c83-290-oopp.tmp
c:\programdata\avg9\Temp\29a5e578-793b-49be-bfdd-15e7b475ecc5-11a8-oopp.tmp
c:\programdata\avg9\Temp\9f528345-6f54-4cfb-ba67-159eb9f48e0d-290-oopp.tmp
c:\programdata\avg9\Temp\a9574aaf-3824-4727-89be-3fce59c35850-290-oopp.tmp
c:\programdata\avg9\Temp\ab2d9b27-ef80-4f1e-9a8e-abd5c6d37cc1-290-oopp.tmp
c:\programdata\avg9\Temp\b35e0a2d-c5aa-40bc-a0bf-6bfb046f8764-280-oopp.tmp
c:\programdata\avg9\Temp\cde1aaec-4418-4872-a360-2806bbdf1f09-290-oopp.tmp
c:\programdata\avg9\Temp\d75b27a6-b45b-4e1c-81a7-69f8fb54d3a7-474-oopp.tmp
c:\programdata\avg9\Temp\e9993d64-2ad7-454e-aadb-e98da504e094-290-oopp.tmp
c:\programdata\avg9\Temp\file9514.tmp
c:\programdata\avg9\update\backup\avg9cz.lng
c:\programdata\avg9\update\backup\avg9us.lng
c:\programdata\avg9\update\backup\avgcfgx.dll
c:\programdata\avg9\update\backup\avgcorex.dll
c:\programdata\avg9\update\backup\avgresf.dll
c:\programdata\avg9\update\backup\avgtray.exe
c:\programdata\avg9\update\backup\avgui.exe
c:\programdata\avg9\update\backup\incavi.avm
c:\programdata\avg9\update\backup\microavi.avg
c:\programdata\avg9\update\backup\sb.dat
c:\programdata\avg9\update\backup\sb.dat.xcd
c:\programdata\avg9\update\backup\sb2.dat
c:\programdata\avg9\update\backup\sc.dat
c:\programdata\avg9\update\backup\sc.dat.xcd
c:\programdata\avg9\update\backup\setup.dat
c:\programdata\avg9\update\backup\setup.exe
c:\programdata\avg9\update\backup\setupcz.lns
c:\programdata\avg9\update\backup\setupus.lns
c:\programdata\avg9\update\prepare\temp\cty.cty
c:\programdata\Symantec
c:\programdata\Symantec\Definitions\VirusDefs\Cat.DB
c:\programdata\Symantec\Definitions\VirusDefs\umcat_01.db
c:\programdata\Symantec\LiveUpdate\Settings.LiveUpdate
c:\programdata\Symantec\symdata.xml
c:\windows\Tasks\AWC Startup.job
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-26 do 2010-02-26 )))))))))))))))))))))))))))))))
.
2010-02-26 19:23 . 2010-02-26 19:27 -------- d-----w- c:\users\HP\AppData\Local\temp
2010-02-26 19:23 . 2010-02-26 19:23 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-02-26 19:23 . 2010-02-26 19:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-02-26 16:16 . 2010-02-26 16:16 -------- d-----w- c:\programdata\WindowsSearch
2010-02-26 09:19 . 2010-02-26 09:19 -------- d-----w- c:\users\HP\AppData\Roaming\Malwarebytes
2010-02-26 09:19 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-26 09:19 . 2010-02-26 09:19 -------- d-----w- c:\programdata\Malwarebytes
2010-02-26 09:18 . 2010-02-26 09:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-26 09:18 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-25 09:35 . 2010-01-23 09:26 2048 ----a-w- c:\windows\system32\tzres.dll
2010-02-25 09:33 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2010-02-25 09:33 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc.dll
2010-02-25 09:33 . 2010-01-25 08:21 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-02-25 09:33 . 2010-01-25 08:21 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-02-25 09:33 . 2010-01-25 08:21 518144 ----a-w- c:\windows\system32\RMActivate.exe
2010-02-25 09:33 . 2010-01-25 08:21 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-02-25 09:33 . 2010-01-25 12:00 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-02-25 09:33 . 2010-01-25 12:00 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-02-25 09:33 . 2010-01-25 11:58 332288 ----a-w- c:\windows\system32\msdrm.dll
2010-02-25 09:33 . 2010-01-06 15:39 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-02-25 09:33 . 2010-01-06 15:38 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-02-25 09:33 . 2010-01-06 13:30 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-02-25 09:16 . 2010-02-26 10:47 -------- d-----w- c:\program files\trend micro
2010-02-25 09:16 . 2010-02-25 09:16 -------- d-----w- C:\rsit
2010-02-14 10:33 . 2010-02-14 10:33 -------- d-----w- c:\users\HP\AppData\Roaming\VistaCodecs
2010-02-14 10:32 . 2010-02-14 10:32 -------- d-----w- c:\program files\VistaCodecPack
2010-02-10 17:22 . 2010-02-10 17:22 -------- d-----w- c:\program files\MyAshampoo
2010-02-10 08:43 . 2009-12-04 15:56 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-02-10 08:43 . 2009-12-04 15:56 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-04 16:18 . 2010-02-04 16:18 -------- d-----w- c:\program files\MediaInfo
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-26 19:28 . 2009-05-31 14:54 -------- d-----w- c:\users\HP\AppData\Roaming\Skype
2010-02-26 19:27 . 2009-05-31 15:00 -------- d-----w- c:\users\HP\AppData\Roaming\skypePM
2010-02-26 19:23 . 2009-05-22 09:49 1076 ----a-w- c:\windows\bthservsdp.dat
2010-02-26 19:11 . 2008-06-09 12:10 598832 ----a-w- c:\windows\system32\perfh005.dat
2010-02-26 19:11 . 2008-06-09 12:10 114992 ----a-w- c:\windows\system32\perfc005.dat
2010-02-26 09:19 . 2010-02-26 09:19 5115824 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-02-26 09:16 . 2009-05-22 12:07 67256 ----a-w- c:\users\HP\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-24 08:16 . 2009-10-03 16:14 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-22 11:06 . 2009-05-30 12:39 1248 ----a-w- c:\users\HP\AppData\Roaming\wklnhst.dat
2010-02-17 16:49 . 2009-06-05 09:53 -------- d-----w- c:\users\HP\AppData\Roaming\Vso
2010-02-14 10:33 . 2009-10-14 13:51 -------- d-----w- c:\programdata\VistaCodecs
2010-02-14 10:24 . 2009-06-27 17:44 -------- d-----w- c:\program files\DivX
2010-02-11 08:16 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-01-30 07:26 . 2009-08-16 08:41 -------- dc-h--w- c:\programdata\{AAAE891E-DC50-4DD4-A79D-C19DDB94E30E}
2010-01-21 10:37 . 2009-06-02 10:47 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-20 11:19 . 2010-02-10 17:22 52224 ----a-w- c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzqn1e6r.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components\FFExternalAlert.dll
2010-01-20 11:19 . 2010-02-10 17:22 101376 ----a-w- c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzqn1e6r.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components\RadioWMPCore.dll
2010-01-14 16:39 . 2010-01-14 16:39 -------- d-----w- c:\program files\Common Files\Windows Live
2010-01-14 13:59 . 2010-01-14 13:59 -------- d-----w- c:\program files\Alwil Software
2010-01-02 06:38 . 2010-01-23 13:14 916480 ----a-w- c:\windows\system32\wininet.dll
2010-01-02 06:32 . 2010-01-23 13:14 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-01-02 06:32 . 2010-01-23 13:14 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-01-02 04:57 . 2010-01-23 13:14 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-12-24 13:06 . 2009-06-05 09:53 47360 ----a-w- c:\users\HP\AppData\Roaming\pcouffin.sys
2009-12-24 13:06 . 2009-06-05 09:53 47360 ----a-w- c:\users\HP\AppData\Roaming\pcouffin.sys
2009-12-19 11:20 . 2009-12-19 11:20 515848 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-12-11 11:43 . 2010-02-10 09:08 302080 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-11 11:43 . 2010-02-10 09:08 98816 ----a-w- c:\windows\system32\drivers\srvnet.sys
2009-12-08 20:01 . 2010-02-10 09:08 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-12-08 20:01 . 2010-02-10 09:08 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-08 20:01 . 2010-02-10 09:08 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-08 17:26 . 2010-02-10 09:08 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-12-04 18:30 . 2010-02-10 09:08 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2009-12-04 18:29 . 2010-02-10 09:08 1314816 ----a-w- c:\windows\system32\quartz.dll
2009-12-04 18:28 . 2010-02-10 09:08 22528 ----a-w- c:\windows\system32\msyuv.dll
2009-12-04 18:28 . 2010-02-10 09:08 31744 ----a-w- c:\windows\system32\msvidc32.dll
2009-12-04 18:28 . 2010-02-10 09:08 123904 ----a-w- c:\windows\system32\msvfw32.dll
2009-12-04 18:28 . 2010-02-10 09:08 13312 ----a-w- c:\windows\system32\msrle32.dll
2009-12-04 18:28 . 2010-02-10 09:08 82944 ----a-w- c:\windows\system32\mciavi32.dll
2009-12-04 18:28 . 2010-02-10 09:08 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2009-12-04 18:27 . 2010-02-10 09:08 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-10-16 2363392]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2008-03-12 699456]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-05-14 468264]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-03-14 202032]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-11-01 554288]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-11-20 488752]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-06-27 442467]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli DPPWDFLT
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):dc,54,67,22,b3,01,ca,01
R0 Amddfltr;Amd Disk Lower Filter Driver;c:\windows\System32\drivers\Amddfltr.sys [22.5.2009 11:04 15416]
R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [14.1.2010 14:59 114768]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\AEstSrv.exe [27.6.2008 19:53 77824]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [14.1.2010 14:59 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [14.1.2010 14:59 53328]
R2 hpsrv;HP Service;c:\windows\System32\hpservice.exe [18.3.2008 15:24 19456]
R2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\SMINST\BLService.exe [9.6.2008 4:54 341328]
R2 vfsFPService;Validity Fingerprint Service;c:\windows\System32\vfsFPService.exe [26.3.2008 17:27 595248]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [9.6.2008 4:06 193840]
R3 enecir;ENE CIR Receiver;c:\windows\System32\drivers\enecir.sys [23.1.2008 22:23 52736]
R3 vfs101x;vfs101x;c:\windows\System32\drivers\vfs101x.sys [26.3.2008 17:28 40752]
S2 gupdate1ca3a123c4c0689;Služba Google Update (gupdate1ca3a123c4c0689);c:\program files\Google\Update\GoogleUpdate.exe [20.9.2009 17:48 133104]
S3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys [1.4.2008 12:14 81296]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\System32\drivers\nmwcdnsu.sys [19.3.2009 12:48 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\System32\drivers\nmwcdnsuc.sys [19.3.2009 12:48 8320]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-10-16 11:49 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
2010-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-20 16:48]
2010-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-20 16:48]
2010-02-26 c:\windows\Tasks\HPCeeScheduleForHP.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-06-09 13:14]
.
.
------- Doplňkový sken -------
.
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Stáhnout pomocí USD - c:\ppk\usdown\Ext\downloadie.html
IE: {{230D1201-7607-4CF6-A11F-9E4BF0A333E0} - {0DB13731-CEFD-43CF-A8FD-B61DCBC4D5B8} - c:\program files\Verdict Free\etnxp.dll
IE: {{2C73F784-D2DE-4422-B070-2E3332FE5744} - {0320AC26-52C8-4316-B2C4-24BB6FA73C9A} - c:\program files\Verdict Free\etnxp.dll
FF - ProfilePath - c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzqn1e6r.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - component: c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzqn1e6r.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components\FFExternalAlert.dll
FF - component: c:\users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\jzqn1e6r.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components\RadioWMPCore.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-Advanced SystemCare 3_is1 - c:\program files\IObit\Advanced SystemCare 3\unins000.exe
AddRemove-IObitCom Toolbar - c:\progra~1\IObitCom\UNWISE.EXE
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-26 20:27
Windows 6.0.6002 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'lsass.exe'(664)
c:\windows\system32\DPPWDFLT.dll
- - - - - - - > 'Explorer.exe'(4720)
c:\program files\DigitalPersona\Bin\DpoFeedb.dll
c:\windows\system32\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\WLANExt.exe
c:\program files\DigitalPersona\Bin\DpHostW.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPSched.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conime.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Alwil Software\Avast4\ashDisp.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Hewlett-Packard\Shared\HpqToaster.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\system32\msiexec.exe
.
**************************************************************************
.
Celkový čas: 2010-02-26 20:35:55 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-02-26 19:35
ComboFix2.txt 2010-02-26 16:08
Před spuštěním: Volných bajtů: 215 952 109 568
Po spuštění: Volných bajtů: 216 347 574 272
- - End Of File - - 96CB3BB386252F9E26C72C28DEC4CA19
Re: Kontrola logu
Hezké odpoledne, záskok za kolegu
Jak to vypadá s počítačem ted?
Jak to vypadá s počítačem ted?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Kontrola logu
Zdravim
PC vypada dobre, ale jak uz jsem psal vyse, daval jsem spis preventivku, tzn, na prvni pohled se chovalo dobre i predtim. Divne, ja vim Predtim jsem mel pocit, ze "obcasi si odesila" nejake data tak nejak sam o sobe, ted uz to vypada dobre, nedeje se nic podezreleho.
PC vypada dobre, ale jak uz jsem psal vyse, daval jsem spis preventivku, tzn, na prvni pohled se chovalo dobre i predtim. Divne, ja vim Predtim jsem mel pocit, ze "obcasi si odesila" nejake data tak nejak sam o sobe, ted uz to vypada dobre, nedeje se nic podezreleho.
Re: Kontrola logu
Ještě se podívejte do složky c:\qoobox a z karantény si vytáhněte c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk.vir, koncovku vir smažte
Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:
ComboFix /Uninstall
-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.
***********
Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe
-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir
***********
Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru
záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner
záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít
Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.
Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.
***********
Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech
***********
Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?
Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:
ComboFix /Uninstall
-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.
***********
Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe
-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir
***********
Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru
záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner
záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít
Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.
Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.
***********
Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech
***********
Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Kontrola logu
PC vypada v poradku, jen RSIT trval nejak moc dlouho, pri "Listining Event Logs" jsem myslel ze se to cele zaseklo... Cca tri minuty se nic nedelo, nakonec na me ale log vybafl
Logfile of random's system information tool 1.06 (written by random/random)
Run by HP at 2010-03-01 11:18:48
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 207 GB (70%) free of 297 GB
Total RAM: 2045 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:19:16, on 1.3.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\HP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5YBYBO5\RSIT[1].exe
C:\Program Files\trend micro\HP.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Stáhnout pomocí USD - C:\PPK\usdown\Ext\downloadie.html
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: Služba Google Update (gupdate1ca3a123c4c0689) (gupdate1ca3a123c4c0689) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe
--
End of file - 9166 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HPCeeScheduleForHP.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1045800]
"DpAgent"=C:\Program Files\DigitalPersona\Bin\dpagent.exe [2008-03-12 699456]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2008-05-14 468264]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-03-14 202032]
"OnScreenDisplay"=C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [2007-11-01 554288]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-11-20 488752]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2008-06-27 442467]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09 75008]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-10 1233920]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-10-16 2363392]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
DPPWDFLT
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2010-03-01 11:18:48 ----D---- C:\rsit
2010-03-01 10:55:27 ----D---- C:\Program Files\CCleaner
2010-02-26 20:26:24 ----D---- C:\$RECYCLE.BIN
2010-02-26 20:23:41 ----D---- C:\Windows\temp
2010-02-26 17:16:16 ----D---- C:\ProgramData\WindowsSearch
2010-02-26 16:55:17 ----D---- C:\Windows\ERDNT
2010-02-26 10:19:09 ----D---- C:\Users\HP\AppData\Roaming\Malwarebytes
2010-02-26 10:19:00 ----D---- C:\ProgramData\Malwarebytes
2010-02-26 10:18:59 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-02-25 10:35:30 ----A---- C:\Windows\system32\jscript.dll
2010-02-25 10:35:16 ----A---- C:\Windows\system32\tzres.dll
2010-02-25 10:33:43 ----A---- C:\Windows\system32\secproc_isv.dll
2010-02-25 10:33:43 ----A---- C:\Windows\system32\secproc.dll
2010-02-25 10:33:34 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-02-25 10:33:34 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-02-25 10:33:34 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-02-25 10:33:34 ----A---- C:\Windows\system32\RMActivate.exe
2010-02-25 10:33:33 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-02-25 10:33:33 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-02-25 10:33:33 ----A---- C:\Windows\system32\msdrm.dll
2010-02-25 10:33:11 ----A---- C:\Windows\system32\gameux.dll
2010-02-25 10:33:09 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-02-25 10:33:09 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-02-25 10:16:56 ----D---- C:\Program Files\trend micro
2010-02-14 11:33:00 ----D---- C:\Users\HP\AppData\Roaming\VistaCodecs
2010-02-14 11:32:40 ----D---- C:\Program Files\VistaCodecPack
2010-02-10 18:22:57 ----D---- C:\Program Files\MyAshampoo
2010-02-10 10:08:52 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-02-10 10:08:51 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-02-10 10:08:46 ----A---- C:\Windows\system32\quartz.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\tsbyuv.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\msyuv.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\msvidc32.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\msvfw32.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\msrle32.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\mciavi32.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\iyuv_32.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\avifil32.dll
2010-02-04 17:18:23 ----D---- C:\Program Files\MediaInfo
======List of files/folders modified in the last 1 months======
2010-03-01 11:18:59 ----D---- C:\Windows\Prefetch
2010-03-01 11:14:20 ----D---- C:\Windows\System32
2010-03-01 11:14:20 ----D---- C:\Windows\inf
2010-03-01 11:14:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-03-01 11:09:11 ----D---- C:\Users\HP\AppData\Roaming\Skype
2010-03-01 11:06:00 ----D---- C:\Windows\system32\drivers
2010-03-01 11:02:04 ----AD---- C:\WINDOWS
2010-03-01 10:58:49 ----D---- C:\Windows\Debug
2010-03-01 10:55:27 ----RD---- C:\Program Files
2010-03-01 10:08:55 ----D---- C:\Users\HP\AppData\Roaming\skypePM
2010-02-26 20:28:15 ----SHD---- C:\Windows\Installer
2010-02-26 20:26:36 ----A---- C:\Windows\system.ini
2010-02-26 20:22:57 ----D---- C:\ProgramData
2010-02-26 20:22:55 ----D---- C:\Program Files\Common Files
2010-02-26 20:22:54 ----D---- C:\Windows\Tasks
2010-02-26 20:18:00 ----D---- C:\Windows\AppPatch
2010-02-26 11:00:29 ----D---- C:\Windows\rescache
2010-02-26 10:23:07 ----SHD---- C:\System Volume Information
2010-02-26 10:13:39 ----D---- C:\Windows\system32\cs-CZ
2010-02-26 10:13:37 ----RSD---- C:\Windows\Fonts
2010-02-25 16:29:45 ----D---- C:\Windows\winsxs
2010-02-25 16:28:37 ----D---- C:\Windows\system32\catroot
2010-02-25 10:32:22 ----D---- C:\Windows\system32\catroot2
2010-02-24 09:16:06 ----N---- C:\Windows\system32\MpSigStub.exe
2010-02-22 11:44:35 ----D---- C:\PPK
2010-02-17 17:49:10 ----D---- C:\Users\HP\AppData\Roaming\Vso
2010-02-14 11:33:00 ----D---- C:\ProgramData\VistaCodecs
2010-02-14 11:24:19 ----D---- C:\Program Files\DivX
2010-02-11 09:16:29 ----D---- C:\Program Files\Windows Mail
2010-02-02 09:21:07 ----D---- C:\Program Files\Mozilla Firefox
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 53328]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2008-03-27 34664]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-05 1183744]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-03-28 3544064]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-10 22528]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-10 29696]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-02-01 80424]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2008-02-01 80936]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-02-01 16168]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-01-23 52736]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-04-01 81296]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-10 148992]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-04-14 118784]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2008-06-27 380928]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-28 199472]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 vfs101x;vfs101x; C:\Windows\system32\drivers\vfs101x.sys [2008-03-26 40752]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-10 507904]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2009-03-19 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2009-03-19 8320]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-06-05 47360]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-10 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2008-01-21 654336]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe [2008-06-27 77824]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-03-28 667648]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 DpHost;Biometric Authentication Service; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [2008-03-12 302144]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2008-03-18 19456]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-10-16 73728]
R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2008-05-14 292248]
R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2008-05-14 116112]
R2 Recovery Service for Windows;Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [2008-03-26 341328]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe [2008-06-27 221273]
R2 vfsFPService;Validity Fingerprint Service; C:\Windows\system32\vfsFPService.exe [2008-03-26 595248]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-01-25 148832]
S2 gupdate1ca3a123c4c0689;Služba Google Update (gupdate1ca3a123c4c0689); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-20 133104]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-03-04 621056]
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by HP at 2010-03-01 11:18:48
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 207 GB (70%) free of 297 GB
Total RAM: 2045 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:19:16, on 1.3.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\HP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5YBYBO5\RSIT[1].exe
C:\Program Files\trend micro\HP.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Stáhnout pomocí USD - C:\PPK\usdown\Ext\downloadie.html
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: Služba Google Update (gupdate1ca3a123c4c0689) (gupdate1ca3a123c4c0689) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe
--
End of file - 9166 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HPCeeScheduleForHP.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1045800]
"DpAgent"=C:\Program Files\DigitalPersona\Bin\dpagent.exe [2008-03-12 699456]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2008-05-14 468264]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-03-14 202032]
"OnScreenDisplay"=C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [2007-11-01 554288]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-11-20 488752]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2008-06-27 442467]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09 75008]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-10 1233920]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-10-16 2363392]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
DPPWDFLT
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2010-03-01 11:18:48 ----D---- C:\rsit
2010-03-01 10:55:27 ----D---- C:\Program Files\CCleaner
2010-02-26 20:26:24 ----D---- C:\$RECYCLE.BIN
2010-02-26 20:23:41 ----D---- C:\Windows\temp
2010-02-26 17:16:16 ----D---- C:\ProgramData\WindowsSearch
2010-02-26 16:55:17 ----D---- C:\Windows\ERDNT
2010-02-26 10:19:09 ----D---- C:\Users\HP\AppData\Roaming\Malwarebytes
2010-02-26 10:19:00 ----D---- C:\ProgramData\Malwarebytes
2010-02-26 10:18:59 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-02-25 10:35:30 ----A---- C:\Windows\system32\jscript.dll
2010-02-25 10:35:16 ----A---- C:\Windows\system32\tzres.dll
2010-02-25 10:33:43 ----A---- C:\Windows\system32\secproc_isv.dll
2010-02-25 10:33:43 ----A---- C:\Windows\system32\secproc.dll
2010-02-25 10:33:34 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-02-25 10:33:34 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-02-25 10:33:34 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-02-25 10:33:34 ----A---- C:\Windows\system32\RMActivate.exe
2010-02-25 10:33:33 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-02-25 10:33:33 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-02-25 10:33:33 ----A---- C:\Windows\system32\msdrm.dll
2010-02-25 10:33:11 ----A---- C:\Windows\system32\gameux.dll
2010-02-25 10:33:09 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-02-25 10:33:09 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-02-25 10:16:56 ----D---- C:\Program Files\trend micro
2010-02-14 11:33:00 ----D---- C:\Users\HP\AppData\Roaming\VistaCodecs
2010-02-14 11:32:40 ----D---- C:\Program Files\VistaCodecPack
2010-02-10 18:22:57 ----D---- C:\Program Files\MyAshampoo
2010-02-10 10:08:52 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-02-10 10:08:51 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-02-10 10:08:46 ----A---- C:\Windows\system32\quartz.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\tsbyuv.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\msyuv.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\msvidc32.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\msvfw32.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\msrle32.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\mciavi32.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\iyuv_32.dll
2010-02-10 10:08:45 ----A---- C:\Windows\system32\avifil32.dll
2010-02-04 17:18:23 ----D---- C:\Program Files\MediaInfo
======List of files/folders modified in the last 1 months======
2010-03-01 11:18:59 ----D---- C:\Windows\Prefetch
2010-03-01 11:14:20 ----D---- C:\Windows\System32
2010-03-01 11:14:20 ----D---- C:\Windows\inf
2010-03-01 11:14:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-03-01 11:09:11 ----D---- C:\Users\HP\AppData\Roaming\Skype
2010-03-01 11:06:00 ----D---- C:\Windows\system32\drivers
2010-03-01 11:02:04 ----AD---- C:\WINDOWS
2010-03-01 10:58:49 ----D---- C:\Windows\Debug
2010-03-01 10:55:27 ----RD---- C:\Program Files
2010-03-01 10:08:55 ----D---- C:\Users\HP\AppData\Roaming\skypePM
2010-02-26 20:28:15 ----SHD---- C:\Windows\Installer
2010-02-26 20:26:36 ----A---- C:\Windows\system.ini
2010-02-26 20:22:57 ----D---- C:\ProgramData
2010-02-26 20:22:55 ----D---- C:\Program Files\Common Files
2010-02-26 20:22:54 ----D---- C:\Windows\Tasks
2010-02-26 20:18:00 ----D---- C:\Windows\AppPatch
2010-02-26 11:00:29 ----D---- C:\Windows\rescache
2010-02-26 10:23:07 ----SHD---- C:\System Volume Information
2010-02-26 10:13:39 ----D---- C:\Windows\system32\cs-CZ
2010-02-26 10:13:37 ----RSD---- C:\Windows\Fonts
2010-02-25 16:29:45 ----D---- C:\Windows\winsxs
2010-02-25 16:28:37 ----D---- C:\Windows\system32\catroot
2010-02-25 10:32:22 ----D---- C:\Windows\system32\catroot2
2010-02-24 09:16:06 ----N---- C:\Windows\system32\MpSigStub.exe
2010-02-22 11:44:35 ----D---- C:\PPK
2010-02-17 17:49:10 ----D---- C:\Users\HP\AppData\Roaming\Vso
2010-02-14 11:33:00 ----D---- C:\ProgramData\VistaCodecs
2010-02-14 11:24:19 ----D---- C:\Program Files\DivX
2010-02-11 09:16:29 ----D---- C:\Program Files\Windows Mail
2010-02-02 09:21:07 ----D---- C:\Program Files\Mozilla Firefox
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 53328]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2008-03-27 34664]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-05 1183744]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-03-28 3544064]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-10 22528]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-10 29696]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-02-01 80424]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2008-02-01 80936]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-02-01 16168]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-01-23 52736]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-04-01 81296]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-10 148992]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-04-14 118784]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2008-06-27 380928]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-28 199472]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 vfs101x;vfs101x; C:\Windows\system32\drivers\vfs101x.sys [2008-03-26 40752]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-10 507904]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2009-03-19 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2009-03-19 8320]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-06-05 47360]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-10 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2008-01-21 654336]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe [2008-06-27 77824]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-03-28 667648]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 DpHost;Biometric Authentication Service; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [2008-03-12 302144]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2008-03-18 19456]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-10-16 73728]
R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2008-05-14 292248]
R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2008-05-14 116112]
R2 Recovery Service for Windows;Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [2008-03-26 341328]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe [2008-06-27 221273]
R2 vfsFPService;Validity Fingerprint Service; C:\Windows\system32\vfsFPService.exe [2008-03-26 595248]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-01-25 148832]
S2 gupdate1ca3a123c4c0689;Služba Google Update (gupdate1ca3a123c4c0689); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-20 133104]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-03-04 621056]
-----------------EOF-----------------
Re: Kontrola logu
:arrow:Otevřete poznámkový blok a do něj zkopírujte:
-uložte jako (typ: všechny soubory) kde za název souboru zadáte "smazani.reg" bez uvozovek,
klikněte na uložit, pak na soubor standardně 2X klikněte a potvrďte dialogové okno.
Pokud nejsou problémy, je to vše
Kód: Vybrat vše
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=-
klikněte na uložit, pak na soubor standardně 2X klikněte a potvrďte dialogové okno.
Pokud nejsou problémy, je to vše
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.