Zdravím, potřeboval bych kontrolu logu. Internet mi jede strašně pomalu, najíždí aspoň 10 minut a nevím čím to je.
Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrator at 2011-07-07 12:19:03
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 1 GB (9%) free of 12 GB
Total RAM: 1023 MB (36% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:19:23, on 7.7.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Razer\Lachesis\razerhid.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Razer\Lachesis\OSD.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Razer\Lachesis\razertra.exe
C:\Program Files\Razer\Lachesis\razerofa.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Plocha\RSIT.exe
C:\Program Files\trend micro\Administrator.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: CleanMyPC Popup Blocker - {7A9BC6B1-7F27-47c6-A66D-13582E81E537} - C:\Program Files\CleanMyPC Popup Blocker\CleanBHO.dll
O2 - BHO: GamePlayLabsBHO - {984A9162-8891-4D19-8CFE-17648BB4E1EC} - (no file)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: CleanMyPC Toolbar - {04164EC4-1E48-4279-818E-3721931E7636} - C:\Program Files\CleanMyPC Popup Blocker\CleanBar.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Lachesis] C:\Program Files\Razer\Lachesis\razerhid.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1292428093-162531612-682003330-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
--
End of file - 8930 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1292428093-162531612-682003330-500Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1292428093-162531612-682003330-500UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7A9BC6B1-7F27-47c6-A66D-13582E81E537}]
CleanMyPCPopupBlocker Class - C:\Program Files\CleanMyPC Popup Blocker\CleanBHO.dll [2004-12-10 65536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{984A9162-8891-4D19-8CFE-17648BB4E1EC}]
GamePlayLabsBHO Class
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-03-18 1164680]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-05-04 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{04164EC4-1E48-4279-818E-3721931E7636} - CleanMyPC Toolbar - C:\Program Files\CleanMyPC Popup Blocker\CleanBar.dll [2004-12-10 167936]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2008-03-13 1443072]
"Lachesis"=C:\Program Files\Razer\Lachesis\razerhid.exe [2007-09-12 172032]
"NeroCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"WINDVDPatch"=C:\WINDOWS\system32\CTHELPER.EXE [2002-07-02 24576]
"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
"CTStartup"=C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE [2001-12-20 28672]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-05-25 13895272]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2011-05-05 1632360]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-04-01 486856]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-04-01 15145352]
"Google Update"=C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-03-28 133104]
"Pando Media Booster"=C:\Program Files\Pando Networks\Media Booster\PMB.exe [2011-07-03 3077528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-01-30 35736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataLayer]
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe [2005-03-31 1106944]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-03-28 133104]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jet Detection]
C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe [2001-11-29 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2005-03-22 167936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync]
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe [2005-04-20 847872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^Lingea Update Center.lnk]
C:\PROGRA~1\COMMON~1\LINGEA~1\luc.exe [2009-04-27 275736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2006-10-26 98632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HPAiODevice(hp psc 700 series) - 1.lnk]
C:\PROGRA~1\HEWLET~1\AiO\HPPSC7~1\Bin\hpobrt07.exe [2003-02-03 491580]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x5F000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDriveTypeAutoRun"=0x5F000000
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
======List of files/folders created in the last 1 months======
2011-07-07 12:19:03 ----D---- C:\rsit
2011-07-07 12:19:03 ----D---- C:\Program Files\trend micro
2011-07-06 20:08:39 ----A---- C:\WINDOWS\{00000000-00000000-00000009-00001102-00000002-80651102}.BAK
2011-07-03 18:12:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\PMB Files
2011-06-28 15:09:29 ----D---- C:\Ubisoft Game Launcher
2011-06-26 14:28:59 ----D---- C:\Program Files\Pando Networks
2011-06-26 14:21:03 ----D---- C:\Documents and Settings\Administrator\Data aplikací\LolClient
2011-06-25 12:31:11 ----D---- C:\Program Files\Common Files\Java
2011-06-25 12:30:56 ----A---- C:\WINDOWS\system32\javaws.exe
2011-06-25 12:30:56 ----A---- C:\WINDOWS\system32\javaw.exe
2011-06-25 12:30:56 ----A---- C:\WINDOWS\system32\java.exe
2011-06-24 19:00:45 ----D---- C:\Program Files\Garena
2011-06-13 12:50:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA
2011-06-13 12:50:39 ----A---- C:\WINDOWS\system32\easyupdatusapiu.dll
2011-06-13 12:48:55 ----A---- C:\WINDOWS\system32\nvgenco322090.dll
2011-06-13 12:48:55 ----A---- C:\WINDOWS\system32\nvdispco3220150.dll
2011-06-13 12:45:06 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-06-13 12:40:45 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2011-06-13 12:40:45 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2011-06-13 12:40:45 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2011-06-13 12:40:44 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2011-06-13 12:40:44 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2011-06-13 12:40:44 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2011-06-13 12:40:43 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2011-06-13 12:40:43 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2011-06-13 12:40:42 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2011-06-13 12:40:42 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2011-06-13 12:40:42 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2011-06-13 12:40:41 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2011-06-13 12:40:41 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2011-06-13 12:40:40 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2011-06-13 12:40:40 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2011-06-13 12:40:39 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2011-06-13 12:40:39 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2011-06-13 12:40:38 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2011-06-13 12:40:37 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2011-06-13 12:40:37 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2011-06-13 12:40:36 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2011-06-13 12:40:36 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2011-06-13 12:40:36 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2011-06-13 12:40:35 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2011-06-13 12:40:35 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2011-06-13 12:40:34 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2011-06-13 12:40:34 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2011-06-13 12:40:34 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2011-06-13 12:40:33 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2011-06-13 12:40:33 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2011-06-13 12:40:33 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2011-06-13 12:40:32 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2011-06-13 12:40:31 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2011-06-13 12:40:31 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2011-06-13 12:40:31 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2011-06-13 12:40:30 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2011-06-13 12:40:30 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2011-06-13 12:40:29 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2011-06-13 12:40:28 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2011-06-13 12:40:28 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2011-06-13 12:40:28 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2011-06-13 12:40:27 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2011-06-13 12:40:27 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2011-06-13 12:40:27 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2011-06-13 12:40:26 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2011-06-13 12:40:26 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2011-06-13 12:40:25 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2011-06-13 12:40:25 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2011-06-13 12:40:24 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2011-06-13 12:40:24 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2011-06-13 12:40:23 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2011-06-13 12:40:23 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2011-06-13 12:40:22 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2011-06-13 12:40:22 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2011-06-13 12:40:21 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2011-06-13 12:40:21 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2011-06-13 12:40:20 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2011-06-13 12:40:20 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2011-06-13 12:40:20 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2011-06-13 12:40:19 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2011-06-13 12:40:19 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2011-06-13 12:40:19 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2011-06-13 12:40:18 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2011-06-13 12:40:15 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2011-06-13 12:40:09 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2011-06-13 12:40:05 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2011-06-13 12:40:00 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2011-06-13 12:40:00 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2011-06-13 12:39:52 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2011-06-13 12:39:51 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2011-06-13 12:39:51 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2011-06-13 12:39:50 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2011-06-13 12:39:50 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2011-06-13 12:39:50 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2011-06-13 12:39:50 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2011-06-13 12:39:49 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2011-06-13 12:39:49 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2011-06-13 12:39:49 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2011-06-13 12:39:49 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2011-06-13 12:39:39 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2011-06-13 12:39:39 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2011-06-13 12:39:39 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2011-06-13 12:39:39 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2011-06-13 12:39:39 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2011-06-13 12:39:38 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2011-06-13 12:39:38 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2011-06-13 12:39:38 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2011-06-13 12:39:37 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2011-06-13 12:39:36 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2011-06-12 23:37:08 ----D---- C:\WINDOWS\system32\appmgmt
======List of files/folders modified in the last 1 months======
2011-07-07 12:19:15 ----D---- C:\WINDOWS\Temp
2011-07-07 12:19:05 ----D---- C:\WINDOWS\Prefetch
2011-07-07 12:19:03 ----RD---- C:\Program Files
2011-07-07 12:15:35 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Skype
2011-07-07 12:13:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\Easybits GO
2011-07-07 12:12:34 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-07-07 12:12:21 ----A---- C:\WINDOWS\WTRAN32.INI
2011-07-07 10:42:32 ----D---- C:\Documents and Settings\Administrator\Data aplikací\uTorrent
2011-07-07 09:24:04 ----D---- C:\WINDOWS
2011-07-07 00:00:50 ----D---- C:\Documents and Settings\Administrator\Data aplikací\skypePM
2011-07-06 20:58:10 ----D---- C:\WINDOWS\system32\CatRoot2
2011-07-06 20:05:26 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-05 12:04:56 ----D---- C:\WINDOWS\system32
2011-07-04 16:27:52 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Winamp
2011-07-04 16:27:30 ----D---- C:\WINDOWS\Minidump
2011-07-04 14:59:47 ----SHD---- C:\WINDOWS\Installer
2011-07-04 13:58:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype Extras
2011-07-03 19:19:50 ----D---- C:\WINDOWS\system32\DirectX
2011-07-03 19:19:49 ----HD---- C:\WINDOWS\inf
2011-06-28 15:32:36 ----RSD---- C:\WINDOWS\assembly
2011-06-28 15:08:07 ----D---- C:\WINDOWS\WinSxS
2011-06-28 14:37:42 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-06-27 16:23:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-06-25 12:31:11 ----D---- C:\Program Files\Common Files
2011-06-25 12:30:53 ----D---- C:\Program Files\Java
2011-06-16 10:56:43 ----A---- C:\WINDOWS\wincmd.ini
2011-06-16 10:55:27 ----A---- C:\WINDOWS\wcx_ftp.ini
2011-06-13 12:51:00 ----D---- C:\WINDOWS\Help
2011-06-13 12:50:51 ----D---- C:\Documents and Settings
2011-06-13 12:50:47 ----D---- C:\Program Files\NVIDIA Corporation
2011-06-13 12:50:26 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-06-13 12:50:04 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-06-13 12:49:53 ----D---- C:\WINDOWS\system32\drivers
2011-06-13 12:39:41 ----D---- C:\WINDOWS\Microsoft.NET
2011-06-13 12:39:03 ----D---- C:\WINDOWS\Logs
2011-06-12 23:37:08 ----SD---- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
2011-06-12 23:36:06 ----D---- C:\Documents and Settings\Administrator\Data aplikací\go
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-03-28 717296]
R1 easdrv;easdrv; C:\WINDOWS\System32\DRIVERS\easdrv.sys [2008-03-13 29704]
R1 epfwtdi;epfwtdi; C:\WINDOWS\System32\DRIVERS\epfwtdi.sys [2008-03-13 54280]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 eamon;EAMON; C:\WINDOWS\System32\DRIVERS\eamon.sys [2008-03-13 40456]
R2 epfw;epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [2008-03-13 71176]
R2 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-06-25 35088]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\PfModNT.sys []
R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\System32\drivers\ctac32k.sys [2002-07-19 127948]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2002-07-19 837548]
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\System32\drivers\ctprxy2k.sys [2002-07-19 11068]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\System32\drivers\ctsfm2k.sys [2002-07-19 213860]
R3 E1000;Intel(R) PRO/1000 Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1000325.sys [2004-11-22 176128]
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\System32\drivers\emupia2k.sys [2002-07-19 156604]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\System32\DRIVERS\Epfwndis.sys [2008-03-13 30728]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2002-07-24 998004]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 LachesisFltr;Lachesis Mouse Driver; C:\WINDOWS\system32\drivers\Lachesis.sys [2007-08-08 12032]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2011-05-25 12753664]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2002-07-19 195432]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 a8tq7ydl;a8tq7ydl; C:\WINDOWS\system32\drivers\a8tq7ydl.sys []
S3 ctljystk;Game port pro zařízení Creative SB Live!; C:\WINDOWS\System32\DRIVERS\ctljystk.sys [2001-08-17 3712]
S3 dot4;Ovladač MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-14 206976]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 Dot4Scan;Ovladač třídy skeneru standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys [2001-08-17 8704]
S3 dot4usb;Filtr Dot4USB Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-13 44032]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2008-03-13 472320]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-05-04 153376]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2011-05-25 154728]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-25 2214504]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\System32\MsPMSPSv.exe [2000-06-26 53520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 NOD32FiXTemDono;Eset Nod32 Boot; C:\WINDOWS\system32\regedt32.exe [2001-10-25 3584]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2008-03-13 19200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2010-06-25 117264]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Díky za odpovědi.
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
problém s pomalým internetem
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: problém s pomalým internetem
Log vypadá čistý, ale co ten cracklý NOD? Odinstalujte, přejděte na některé free řešení: http://www.viry.cz/forum/viewforum.php?f=29 a potom budeme pokračovat.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: problém s pomalým internetem
jj nod jsem odinstaloval a nahodil si avast. Tady je log s avastem:
Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrator at 2011-07-07 13:29:59
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 993 MB (8%) free of 12 GB
Total RAM: 1023 MB (30% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:30:06, on 7.7.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Razer\Lachesis\razerhid.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Razer\Lachesis\OSD.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Razer\Lachesis\razertra.exe
C:\Program Files\Razer\Lachesis\razerofa.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
F:\programy\TRANSLAT\WTRAN32.EXE
C:\Program Files\TRADOS\T7_FL\TT\TW4Win.exe
C:\Program Files\uTorrent\utorrent.exe
C:\WINDOWS\System32\msiexec.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Documents and Settings\Administrator\Plocha\RSIT.exe
C:\Program Files\trend micro\Administrator.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: CleanMyPC Popup Blocker - {7A9BC6B1-7F27-47c6-A66D-13582E81E537} - C:\Program Files\CleanMyPC Popup Blocker\CleanBHO.dll
O2 - BHO: GamePlayLabsBHO - {984A9162-8891-4D19-8CFE-17648BB4E1EC} - (no file)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: CleanMyPC Toolbar - {04164EC4-1E48-4279-818E-3721931E7636} - C:\Program Files\CleanMyPC Popup Blocker\CleanBar.dll
O4 - HKLM\..\Run: [Lachesis] C:\Program Files\Razer\Lachesis\razerhid.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1292428093-162531612-682003330-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
--
End of file - 8966 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1292428093-162531612-682003330-500Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1292428093-162531612-682003330-500UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7A9BC6B1-7F27-47c6-A66D-13582E81E537}]
CleanMyPCPopupBlocker Class - C:\Program Files\CleanMyPC Popup Blocker\CleanBHO.dll [2004-12-10 65536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{984A9162-8891-4D19-8CFE-17648BB4E1EC}]
GamePlayLabsBHO Class
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-03-18 1164680]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-05-04 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{04164EC4-1E48-4279-818E-3721931E7636} - CleanMyPC Toolbar - C:\Program Files\CleanMyPC Popup Blocker\CleanBar.dll [2004-12-10 167936]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Lachesis"=C:\Program Files\Razer\Lachesis\razerhid.exe [2007-09-12 172032]
"NeroCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"WINDVDPatch"=C:\WINDOWS\system32\CTHELPER.EXE [2002-07-02 24576]
"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
"CTStartup"=C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE [2001-12-20 28672]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-05-25 13895272]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2011-05-05 1632360]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-07-04 3493720]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-04-01 486856]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-04-01 15145352]
"Google Update"=C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-03-28 133104]
"Pando Media Booster"=C:\Program Files\Pando Networks\Media Booster\PMB.exe [2011-07-03 3077528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-01-30 35736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataLayer]
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe [2005-03-31 1106944]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-03-28 133104]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jet Detection]
C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe [2001-11-29 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2005-03-22 167936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync]
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe [2005-04-20 847872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^Lingea Update Center.lnk]
C:\PROGRA~1\COMMON~1\LINGEA~1\luc.exe [2009-04-27 275736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2006-10-26 98632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HPAiODevice(hp psc 700 series) - 1.lnk]
C:\PROGRA~1\HEWLET~1\AiO\HPPSC7~1\Bin\hpobrt07.exe [2003-02-03 491580]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x5F000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDriveTypeAutoRun"=0x5F000000
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
======List of files/folders created in the last 1 months======
2011-07-07 13:24:41 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-07-07 13:24:41 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-07-07 13:24:39 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-07-07 13:24:39 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-07-07 13:24:38 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-07-07 13:24:38 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-07-07 13:24:38 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-07-07 13:24:37 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-07-07 13:24:13 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-07-07 13:24:00 ----D---- C:\Program Files\AVAST Software
2011-07-07 13:24:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-07-07 13:17:25 ----D---- C:\WINDOWS\LastGood
2011-07-07 13:15:21 ----SHD---- C:\Config.Msi
2011-07-07 12:19:03 ----D---- C:\rsit
2011-07-07 12:19:03 ----D---- C:\Program Files\trend micro
2011-07-06 20:08:39 ----A---- C:\WINDOWS\{00000000-00000000-00000009-00001102-00000002-80651102}.BAK
2011-07-03 18:12:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\PMB Files
2011-06-28 15:09:29 ----D---- C:\Ubisoft Game Launcher
2011-06-26 14:28:59 ----D---- C:\Program Files\Pando Networks
2011-06-26 14:21:03 ----D---- C:\Documents and Settings\Administrator\Data aplikací\LolClient
2011-06-25 12:31:11 ----D---- C:\Program Files\Common Files\Java
2011-06-25 12:30:56 ----A---- C:\WINDOWS\system32\javaws.exe
2011-06-25 12:30:56 ----A---- C:\WINDOWS\system32\javaw.exe
2011-06-25 12:30:56 ----A---- C:\WINDOWS\system32\java.exe
2011-06-24 19:00:45 ----D---- C:\Program Files\Garena
2011-06-13 12:50:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA
2011-06-13 12:50:39 ----A---- C:\WINDOWS\system32\easyupdatusapiu.dll
2011-06-13 12:48:55 ----A---- C:\WINDOWS\system32\nvgenco322090.dll
2011-06-13 12:48:55 ----A---- C:\WINDOWS\system32\nvdispco3220150.dll
2011-06-13 12:45:06 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-06-13 12:40:45 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2011-06-13 12:40:45 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2011-06-13 12:40:45 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2011-06-13 12:40:44 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2011-06-13 12:40:44 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2011-06-13 12:40:44 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2011-06-13 12:40:43 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2011-06-13 12:40:43 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2011-06-13 12:40:42 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2011-06-13 12:40:42 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2011-06-13 12:40:42 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2011-06-13 12:40:41 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2011-06-13 12:40:41 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2011-06-13 12:40:40 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2011-06-13 12:40:40 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2011-06-13 12:40:39 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2011-06-13 12:40:39 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2011-06-13 12:40:38 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2011-06-13 12:40:37 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2011-06-13 12:40:37 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2011-06-13 12:40:36 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2011-06-13 12:40:36 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2011-06-13 12:40:36 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2011-06-13 12:40:35 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2011-06-13 12:40:35 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2011-06-13 12:40:34 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2011-06-13 12:40:34 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2011-06-13 12:40:34 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2011-06-13 12:40:33 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2011-06-13 12:40:33 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2011-06-13 12:40:33 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2011-06-13 12:40:32 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2011-06-13 12:40:31 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2011-06-13 12:40:31 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2011-06-13 12:40:31 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2011-06-13 12:40:30 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2011-06-13 12:40:30 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2011-06-13 12:40:29 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2011-06-13 12:40:28 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2011-06-13 12:40:28 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2011-06-13 12:40:28 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2011-06-13 12:40:27 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2011-06-13 12:40:27 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2011-06-13 12:40:27 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2011-06-13 12:40:26 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2011-06-13 12:40:26 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2011-06-13 12:40:25 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2011-06-13 12:40:25 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2011-06-13 12:40:24 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2011-06-13 12:40:24 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2011-06-13 12:40:23 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2011-06-13 12:40:23 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2011-06-13 12:40:22 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2011-06-13 12:40:22 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2011-06-13 12:40:21 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2011-06-13 12:40:21 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2011-06-13 12:40:20 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2011-06-13 12:40:20 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2011-06-13 12:40:20 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2011-06-13 12:40:19 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2011-06-13 12:40:19 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2011-06-13 12:40:19 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2011-06-13 12:40:18 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2011-06-13 12:40:15 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2011-06-13 12:40:09 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2011-06-13 12:40:05 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2011-06-13 12:40:00 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2011-06-13 12:40:00 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2011-06-13 12:39:52 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2011-06-13 12:39:51 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2011-06-13 12:39:51 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2011-06-13 12:39:50 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2011-06-13 12:39:50 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2011-06-13 12:39:50 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2011-06-13 12:39:50 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2011-06-13 12:39:49 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2011-06-13 12:39:49 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2011-06-13 12:39:49 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2011-06-13 12:39:49 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2011-06-13 12:39:39 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2011-06-13 12:39:39 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2011-06-13 12:39:39 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2011-06-13 12:39:39 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2011-06-13 12:39:39 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2011-06-13 12:39:38 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2011-06-13 12:39:38 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2011-06-13 12:39:38 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2011-06-13 12:39:37 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2011-06-13 12:39:36 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2011-06-12 23:37:08 ----D---- C:\WINDOWS\system32\appmgmt
======List of files/folders modified in the last 1 months======
2011-07-07 13:29:47 ----D---- C:\Documents and Settings\Administrator\Data aplikací\uTorrent
2011-07-07 13:26:50 ----D---- C:\WINDOWS\Temp
2011-07-07 13:24:41 ----D---- C:\WINDOWS\system32\drivers
2011-07-07 13:24:29 ----SHD---- C:\WINDOWS\Installer
2011-07-07 13:24:26 ----D---- C:\WINDOWS\WinSxS
2011-07-07 13:24:14 ----D---- C:\WINDOWS
2011-07-07 13:24:13 ----D---- C:\WINDOWS\system32
2011-07-07 13:24:00 ----RD---- C:\Program Files
2011-07-07 13:18:47 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Skype
2011-07-07 13:17:39 ----HD---- C:\WINDOWS\inf
2011-07-07 13:17:27 ----D---- C:\WINDOWS\system32\CatRoot2
2011-07-07 12:33:09 ----A---- C:\WINDOWS\WTRAN32.INI
2011-07-07 12:19:23 ----D---- C:\WINDOWS\Prefetch
2011-07-07 12:13:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\Easybits GO
2011-07-07 12:12:34 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-07-07 09:24:04 ----D---- C:\WINDOWS\Minidump
2011-07-07 00:00:50 ----D---- C:\Documents and Settings\Administrator\Data aplikací\skypePM
2011-07-06 20:05:26 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-04 16:27:52 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Winamp
2011-07-04 13:58:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype Extras
2011-07-03 19:19:50 ----D---- C:\WINDOWS\system32\DirectX
2011-06-28 15:32:36 ----RSD---- C:\WINDOWS\assembly
2011-06-28 14:37:42 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-06-27 16:23:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-06-25 12:31:11 ----D---- C:\Program Files\Common Files
2011-06-25 12:30:53 ----D---- C:\Program Files\Java
2011-06-16 10:56:43 ----A---- C:\WINDOWS\wincmd.ini
2011-06-16 10:55:27 ----A---- C:\WINDOWS\wcx_ftp.ini
2011-06-13 12:51:00 ----D---- C:\WINDOWS\Help
2011-06-13 12:50:51 ----D---- C:\Documents and Settings
2011-06-13 12:50:47 ----D---- C:\Program Files\NVIDIA Corporation
2011-06-13 12:50:26 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-06-13 12:50:04 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-06-13 12:39:41 ----D---- C:\WINDOWS\Microsoft.NET
2011-06-13 12:39:03 ----D---- C:\WINDOWS\Logs
2011-06-12 23:37:08 ----SD---- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
2011-06-12 23:36:06 ----D---- C:\Documents and Settings\Administrator\Data aplikací\go
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-03-28 717296]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-07-04 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-07-04 25432]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-07-04 309848]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-07-04 43608]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-07-04 19544]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-07-04 102616]
R2 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-06-25 35088]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\PfModNT.sys []
R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\System32\drivers\ctac32k.sys [2002-07-19 127948]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2002-07-19 837548]
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\System32\drivers\ctprxy2k.sys [2002-07-19 11068]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\System32\drivers\ctsfm2k.sys [2002-07-19 213860]
R3 E1000;Intel(R) PRO/1000 Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1000325.sys [2004-11-22 176128]
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\System32\drivers\emupia2k.sys [2002-07-19 156604]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2002-07-24 998004]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 LachesisFltr;Lachesis Mouse Driver; C:\WINDOWS\system32\drivers\Lachesis.sys [2007-08-08 12032]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2011-05-25 12753664]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2002-07-19 195432]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R4 eamon;EAMON; C:\WINDOWS\System32\DRIVERS\eamon.sys []
R4 epfw;epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys []
R4 Epfwndis;Eset Personal Firewall; C:\WINDOWS\System32\DRIVERS\Epfwndis.sys []
R4 epfwtdi;epfwtdi; C:\WINDOWS\System32\DRIVERS\epfwtdi.sys []
S1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-07-04 441176]
S3 a8tq7ydl;a8tq7ydl; C:\WINDOWS\system32\drivers\a8tq7ydl.sys []
S3 ctljystk;Game port pro zařízení Creative SB Live!; C:\WINDOWS\System32\DRIVERS\ctljystk.sys [2001-08-17 3712]
S3 dot4;Ovladač MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-14 206976]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 Dot4Scan;Ovladač třídy skeneru standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys [2001-08-17 8704]
S3 dot4usb;Filtr Dot4USB Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S4 easdrv;easdrv; C:\WINDOWS\System32\DRIVERS\easdrv.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-07-04 42184]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-13 44032]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-05-04 153376]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2011-05-25 154728]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-25 2214504]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\System32\MsPMSPSv.exe [2000-06-26 53520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 NOD32FiXTemDono;Eset Nod32 Boot; C:\WINDOWS\system32\regedt32.exe [2001-10-25 3584]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2010-06-25 117264]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrator at 2011-07-07 13:29:59
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 993 MB (8%) free of 12 GB
Total RAM: 1023 MB (30% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:30:06, on 7.7.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Razer\Lachesis\razerhid.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Razer\Lachesis\OSD.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Razer\Lachesis\razertra.exe
C:\Program Files\Razer\Lachesis\razerofa.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
F:\programy\TRANSLAT\WTRAN32.EXE
C:\Program Files\TRADOS\T7_FL\TT\TW4Win.exe
C:\Program Files\uTorrent\utorrent.exe
C:\WINDOWS\System32\msiexec.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Documents and Settings\Administrator\Plocha\RSIT.exe
C:\Program Files\trend micro\Administrator.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: CleanMyPC Popup Blocker - {7A9BC6B1-7F27-47c6-A66D-13582E81E537} - C:\Program Files\CleanMyPC Popup Blocker\CleanBHO.dll
O2 - BHO: GamePlayLabsBHO - {984A9162-8891-4D19-8CFE-17648BB4E1EC} - (no file)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: CleanMyPC Toolbar - {04164EC4-1E48-4279-818E-3721931E7636} - C:\Program Files\CleanMyPC Popup Blocker\CleanBar.dll
O4 - HKLM\..\Run: [Lachesis] C:\Program Files\Razer\Lachesis\razerhid.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1292428093-162531612-682003330-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
--
End of file - 8966 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1292428093-162531612-682003330-500Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1292428093-162531612-682003330-500UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7A9BC6B1-7F27-47c6-A66D-13582E81E537}]
CleanMyPCPopupBlocker Class - C:\Program Files\CleanMyPC Popup Blocker\CleanBHO.dll [2004-12-10 65536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{984A9162-8891-4D19-8CFE-17648BB4E1EC}]
GamePlayLabsBHO Class
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-03-18 1164680]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-05-04 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{04164EC4-1E48-4279-818E-3721931E7636} - CleanMyPC Toolbar - C:\Program Files\CleanMyPC Popup Blocker\CleanBar.dll [2004-12-10 167936]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Lachesis"=C:\Program Files\Razer\Lachesis\razerhid.exe [2007-09-12 172032]
"NeroCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"WINDVDPatch"=C:\WINDOWS\system32\CTHELPER.EXE [2002-07-02 24576]
"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
"CTStartup"=C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE [2001-12-20 28672]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-05-25 13895272]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2011-05-05 1632360]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-07-04 3493720]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-04-01 486856]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-04-01 15145352]
"Google Update"=C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-03-28 133104]
"Pando Media Booster"=C:\Program Files\Pando Networks\Media Booster\PMB.exe [2011-07-03 3077528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-01-30 35736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataLayer]
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe [2005-03-31 1106944]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-03-28 133104]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jet Detection]
C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe [2001-11-29 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2005-03-22 167936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync]
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe [2005-04-20 847872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^Lingea Update Center.lnk]
C:\PROGRA~1\COMMON~1\LINGEA~1\luc.exe [2009-04-27 275736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2006-10-26 98632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HPAiODevice(hp psc 700 series) - 1.lnk]
C:\PROGRA~1\HEWLET~1\AiO\HPPSC7~1\Bin\hpobrt07.exe [2003-02-03 491580]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x5F000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDriveTypeAutoRun"=0x5F000000
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
======List of files/folders created in the last 1 months======
2011-07-07 13:24:41 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-07-07 13:24:41 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-07-07 13:24:39 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-07-07 13:24:39 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-07-07 13:24:38 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-07-07 13:24:38 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-07-07 13:24:38 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-07-07 13:24:37 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-07-07 13:24:13 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-07-07 13:24:00 ----D---- C:\Program Files\AVAST Software
2011-07-07 13:24:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-07-07 13:17:25 ----D---- C:\WINDOWS\LastGood
2011-07-07 13:15:21 ----SHD---- C:\Config.Msi
2011-07-07 12:19:03 ----D---- C:\rsit
2011-07-07 12:19:03 ----D---- C:\Program Files\trend micro
2011-07-06 20:08:39 ----A---- C:\WINDOWS\{00000000-00000000-00000009-00001102-00000002-80651102}.BAK
2011-07-03 18:12:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\PMB Files
2011-06-28 15:09:29 ----D---- C:\Ubisoft Game Launcher
2011-06-26 14:28:59 ----D---- C:\Program Files\Pando Networks
2011-06-26 14:21:03 ----D---- C:\Documents and Settings\Administrator\Data aplikací\LolClient
2011-06-25 12:31:11 ----D---- C:\Program Files\Common Files\Java
2011-06-25 12:30:56 ----A---- C:\WINDOWS\system32\javaws.exe
2011-06-25 12:30:56 ----A---- C:\WINDOWS\system32\javaw.exe
2011-06-25 12:30:56 ----A---- C:\WINDOWS\system32\java.exe
2011-06-24 19:00:45 ----D---- C:\Program Files\Garena
2011-06-13 12:50:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA
2011-06-13 12:50:39 ----A---- C:\WINDOWS\system32\easyupdatusapiu.dll
2011-06-13 12:48:55 ----A---- C:\WINDOWS\system32\nvgenco322090.dll
2011-06-13 12:48:55 ----A---- C:\WINDOWS\system32\nvdispco3220150.dll
2011-06-13 12:45:06 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-06-13 12:40:45 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2011-06-13 12:40:45 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2011-06-13 12:40:45 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2011-06-13 12:40:44 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2011-06-13 12:40:44 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2011-06-13 12:40:44 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2011-06-13 12:40:43 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2011-06-13 12:40:43 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2011-06-13 12:40:42 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2011-06-13 12:40:42 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2011-06-13 12:40:42 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2011-06-13 12:40:41 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2011-06-13 12:40:41 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2011-06-13 12:40:40 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2011-06-13 12:40:40 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2011-06-13 12:40:39 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2011-06-13 12:40:39 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2011-06-13 12:40:38 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2011-06-13 12:40:37 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2011-06-13 12:40:37 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2011-06-13 12:40:36 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2011-06-13 12:40:36 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2011-06-13 12:40:36 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2011-06-13 12:40:35 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2011-06-13 12:40:35 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2011-06-13 12:40:34 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2011-06-13 12:40:34 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2011-06-13 12:40:34 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2011-06-13 12:40:33 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2011-06-13 12:40:33 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2011-06-13 12:40:33 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2011-06-13 12:40:32 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2011-06-13 12:40:31 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2011-06-13 12:40:31 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2011-06-13 12:40:31 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2011-06-13 12:40:30 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2011-06-13 12:40:30 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2011-06-13 12:40:29 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2011-06-13 12:40:28 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2011-06-13 12:40:28 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2011-06-13 12:40:28 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2011-06-13 12:40:27 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2011-06-13 12:40:27 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2011-06-13 12:40:27 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2011-06-13 12:40:26 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2011-06-13 12:40:26 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2011-06-13 12:40:25 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2011-06-13 12:40:25 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2011-06-13 12:40:24 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2011-06-13 12:40:24 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2011-06-13 12:40:23 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2011-06-13 12:40:23 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2011-06-13 12:40:22 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2011-06-13 12:40:22 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2011-06-13 12:40:21 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2011-06-13 12:40:21 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2011-06-13 12:40:20 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2011-06-13 12:40:20 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2011-06-13 12:40:20 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2011-06-13 12:40:19 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2011-06-13 12:40:19 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2011-06-13 12:40:19 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2011-06-13 12:40:18 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2011-06-13 12:40:15 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2011-06-13 12:40:09 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2011-06-13 12:40:05 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2011-06-13 12:40:00 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2011-06-13 12:40:00 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2011-06-13 12:39:52 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2011-06-13 12:39:51 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2011-06-13 12:39:51 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2011-06-13 12:39:50 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2011-06-13 12:39:50 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2011-06-13 12:39:50 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2011-06-13 12:39:50 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2011-06-13 12:39:49 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2011-06-13 12:39:49 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2011-06-13 12:39:49 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2011-06-13 12:39:49 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2011-06-13 12:39:39 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2011-06-13 12:39:39 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2011-06-13 12:39:39 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2011-06-13 12:39:39 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2011-06-13 12:39:39 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2011-06-13 12:39:38 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2011-06-13 12:39:38 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2011-06-13 12:39:38 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2011-06-13 12:39:37 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2011-06-13 12:39:36 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2011-06-12 23:37:08 ----D---- C:\WINDOWS\system32\appmgmt
======List of files/folders modified in the last 1 months======
2011-07-07 13:29:47 ----D---- C:\Documents and Settings\Administrator\Data aplikací\uTorrent
2011-07-07 13:26:50 ----D---- C:\WINDOWS\Temp
2011-07-07 13:24:41 ----D---- C:\WINDOWS\system32\drivers
2011-07-07 13:24:29 ----SHD---- C:\WINDOWS\Installer
2011-07-07 13:24:26 ----D---- C:\WINDOWS\WinSxS
2011-07-07 13:24:14 ----D---- C:\WINDOWS
2011-07-07 13:24:13 ----D---- C:\WINDOWS\system32
2011-07-07 13:24:00 ----RD---- C:\Program Files
2011-07-07 13:18:47 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Skype
2011-07-07 13:17:39 ----HD---- C:\WINDOWS\inf
2011-07-07 13:17:27 ----D---- C:\WINDOWS\system32\CatRoot2
2011-07-07 12:33:09 ----A---- C:\WINDOWS\WTRAN32.INI
2011-07-07 12:19:23 ----D---- C:\WINDOWS\Prefetch
2011-07-07 12:13:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\Easybits GO
2011-07-07 12:12:34 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-07-07 09:24:04 ----D---- C:\WINDOWS\Minidump
2011-07-07 00:00:50 ----D---- C:\Documents and Settings\Administrator\Data aplikací\skypePM
2011-07-06 20:05:26 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-04 16:27:52 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Winamp
2011-07-04 13:58:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype Extras
2011-07-03 19:19:50 ----D---- C:\WINDOWS\system32\DirectX
2011-06-28 15:32:36 ----RSD---- C:\WINDOWS\assembly
2011-06-28 14:37:42 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-06-27 16:23:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-06-25 12:31:11 ----D---- C:\Program Files\Common Files
2011-06-25 12:30:53 ----D---- C:\Program Files\Java
2011-06-16 10:56:43 ----A---- C:\WINDOWS\wincmd.ini
2011-06-16 10:55:27 ----A---- C:\WINDOWS\wcx_ftp.ini
2011-06-13 12:51:00 ----D---- C:\WINDOWS\Help
2011-06-13 12:50:51 ----D---- C:\Documents and Settings
2011-06-13 12:50:47 ----D---- C:\Program Files\NVIDIA Corporation
2011-06-13 12:50:26 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-06-13 12:50:04 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-06-13 12:39:41 ----D---- C:\WINDOWS\Microsoft.NET
2011-06-13 12:39:03 ----D---- C:\WINDOWS\Logs
2011-06-12 23:37:08 ----SD---- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
2011-06-12 23:36:06 ----D---- C:\Documents and Settings\Administrator\Data aplikací\go
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-03-28 717296]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-07-04 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-07-04 25432]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-07-04 309848]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-07-04 43608]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-07-04 19544]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-07-04 102616]
R2 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-06-25 35088]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\PfModNT.sys []
R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\System32\drivers\ctac32k.sys [2002-07-19 127948]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2002-07-19 837548]
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\System32\drivers\ctprxy2k.sys [2002-07-19 11068]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\System32\drivers\ctsfm2k.sys [2002-07-19 213860]
R3 E1000;Intel(R) PRO/1000 Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1000325.sys [2004-11-22 176128]
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\System32\drivers\emupia2k.sys [2002-07-19 156604]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2002-07-24 998004]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 LachesisFltr;Lachesis Mouse Driver; C:\WINDOWS\system32\drivers\Lachesis.sys [2007-08-08 12032]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2011-05-25 12753664]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2002-07-19 195432]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R4 eamon;EAMON; C:\WINDOWS\System32\DRIVERS\eamon.sys []
R4 epfw;epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys []
R4 Epfwndis;Eset Personal Firewall; C:\WINDOWS\System32\DRIVERS\Epfwndis.sys []
R4 epfwtdi;epfwtdi; C:\WINDOWS\System32\DRIVERS\epfwtdi.sys []
S1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-07-04 441176]
S3 a8tq7ydl;a8tq7ydl; C:\WINDOWS\system32\drivers\a8tq7ydl.sys []
S3 ctljystk;Game port pro zařízení Creative SB Live!; C:\WINDOWS\System32\DRIVERS\ctljystk.sys [2001-08-17 3712]
S3 dot4;Ovladač MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-14 206976]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 Dot4Scan;Ovladač třídy skeneru standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys [2001-08-17 8704]
S3 dot4usb;Filtr Dot4USB Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S4 easdrv;easdrv; C:\WINDOWS\System32\DRIVERS\easdrv.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-07-04 42184]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-13 44032]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-05-04 153376]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2011-05-25 154728]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-25 2214504]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\System32\MsPMSPSv.exe [2000-06-26 53520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 NOD32FiXTemDono;Eset Nod32 Boot; C:\WINDOWS\system32\regedt32.exe [2001-10-25 3584]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2010-06-25 117264]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: problém s pomalým internetem
Toto je OK. Ještě poprosím o log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: problém s pomalým internetem
ok, hned se vrhnu na combofix. Ještě zasílám screenshot po kontrole avastem.
http://imageshack.us/f/577/avastr.jpg/
http://imageshack.us/f/577/avastr.jpg/
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: problém s pomalým internetem
AdWare v Documents and settings a něco v záloze systému. Uvidíme dál.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: problém s pomalým internetem
tak tady to je:
ComboFix 11-07-07.02 - Administrator 07.07.2011 14:36:28.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.611 [GMT 2:00]
Spuštěný z: f:\programy\antidefence\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-07 do 2011-07-07 )))))))))))))))))))))))))))))))
.
.
2011-07-07 10:19 . 2011-07-07 11:30 -------- d-----w- c:\program files\trend micro
2011-07-07 10:19 . 2011-07-07 10:19 -------- d-----w- C:\rsit
2011-07-03 16:12 . 2011-07-07 12:40 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\PMB Files
2011-06-28 13:10 . 2011-06-28 13:26 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Ubisoft Game Launcher
2011-06-28 13:09 . 2011-06-28 13:10 -------- d-----w- C:\Ubisoft Game Launcher
2011-06-26 12:29 . 2011-06-26 12:29 -------- d-----w- c:\documents and settings\All Users\Data aplikac
2011-06-26 12:28 . 2011-06-26 12:28 -------- d-----w- c:\program files\Pando Networks
2011-06-26 12:21 . 2011-06-26 12:21 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\LolClient
2011-06-25 10:31 . 2011-06-25 10:31 -------- d-----w- c:\program files\Common Files\Java
2011-06-24 17:00 . 2011-06-24 17:02 -------- d-----w- c:\program files\Garena
2011-06-13 10:50 . 2011-06-13 10:50 -------- d-----w- c:\documents and settings\UpdatusUser
2011-06-13 10:50 . 2011-05-25 06:09 543336 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2011-06-13 10:48 . 2011-05-25 06:09 899688 ----a-w- c:\windows\system32\nvdispco3220150.dll
2011-06-13 10:48 . 2011-05-25 06:09 865896 ----a-w- c:\windows\system32\nvgenco322090.dll
2011-06-13 10:45 . 2011-06-13 10:45 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2011-06-13 10:39 . 2007-03-12 14:42 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-25 06:09 . 2010-10-08 00:28 54272 ----a-w- c:\windows\system32\nvwddi.dll
2011-05-25 06:09 . 2010-10-08 00:28 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-05-25 06:09 . 2010-10-08 00:28 154728 ----a-w- c:\windows\system32\nvsvc32.exe
2011-05-25 06:09 . 2010-10-08 00:28 13895272 ----a-w- c:\windows\system32\nvcpl.dll
2011-05-25 06:09 . 2011-03-28 17:56 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-25 06:09 . 2011-03-28 17:56 2082408 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-05-25 06:09 . 2010-10-08 00:28 145000 ----a-w- c:\windows\system32\nvcolor.exe
2011-05-25 06:09 . 2009-02-18 12:44 2808936 ----a-w- c:\windows\system32\nvcuvid.dll
2011-05-25 06:09 . 2009-02-18 12:44 16068608 ----a-w- c:\windows\system32\nvoglnt.dll
2011-05-25 06:09 . 2011-03-28 17:56 13004800 ----a-w- c:\windows\system32\nvcompiler.dll
2011-05-25 06:09 . 2009-02-18 12:44 5332992 ----a-w- c:\windows\system32\nvcuda.dll
2011-05-25 06:09 . 2009-02-18 12:44 4198272 ----a-w- c:\windows\system32\nv4_disp.dll
2011-05-25 06:09 . 2009-02-18 12:44 2328576 ----a-w- c:\windows\system32\nvapi.dll
2011-05-25 06:09 . 2009-02-18 12:44 12753664 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2011-05-04 02:52 . 2011-03-28 19:52 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-04 00:25 . 2011-03-28 19:44 73728 ----a-w- c:\windows\system32\javacpl.cpl
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-04-01 486856]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-04-01 15145352]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2011-07-03 3077528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Lachesis"="c:\program files\Razer\Lachesis\razerhid.exe" [2007-09-12 172032]
"NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"WINDVDPatch"="CTHELPER.EXE" [2002-07-02 24576]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"CTStartup"="c:\program files\Creative\Splash Screen\CTEaxSpl.EXE" [2001-12-19 28672]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-05-25 13895272]
"NvMediaCenter"="NvMCTray.dll" [2011-05-25 111208]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-05-04 1632360]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^Lingea Update Center.lnk]
path=c:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\Lingea Update Center.lnk
backup=c:\windows\pss\Lingea Update Center.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HPAiODevice(hp psc 700 series) - 1.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\HPAiODevice(hp psc 700 series) - 1.lnk
backup=c:\windows\pss\HPAiODevice(hp psc 700 series) - 1.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-11-15 19:02 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-30 15:45 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataLayer]
2005-03-31 07:30 1106944 ----a-w- c:\program files\Common Files\PCSuite\DataLayer\DataLayer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-03-21 18:56 1230704 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-03-28 18:24 133104 ----atw- c:\documents and settings\Administrator\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 22:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jet Detection]
2001-11-28 23:00 28672 ----a-w- c:\program files\Creative\SBLive\Program\ADGJDet.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
2005-03-22 07:39 167936 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync]
2005-04-20 07:57 847872 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"57602:TCP"= 57602:TCP:Pando Media Booster
"57602:UDP"= 57602:UDP:Pando Media Booster
"58463:TCP"= 58463:TCP:Pando Media Booster
"58463:UDP"= 58463:UDP:Pando Media Booster
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [28.3.2011 20:01 717296]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [7.7.2011 13:24 309848]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [7.7.2011 13:24 19544]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [25.6.2010 19:07 35088]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [13.6.2011 12:50 2214504]
R3 LachesisFltr;Lachesis Mouse Driver;c:\windows\system32\drivers\Lachesis.sys [28.3.2011 19:59 12032]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [7.7.2011 13:24 441176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [25.10.2001 14:00 3584]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - AAVMKER4
*NewlyCreated* - ASWFSBLK
*NewlyCreated* - ASWMON2
*NewlyCreated* - ASWRDR
*NewlyCreated* - ASWSP
*NewlyCreated* - ASWTDI
*NewlyCreated* - AVAST!_ANTIVIRUS
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-HijackThis - c:\docume~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.391\HijackThis.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-07 14:41
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CTStartup = c:\program files\Creative\Splash Screen\CTEaxSpl.EXE /run???h??????s?????\?w? ?w???????w???w4???????.??w4???????4???TA?s4????????&??????\??? ??? ???\???\???????????5?7~e?7~\???\???????p?_??????C@?\???\??????s????\??????s\????&??A??s?&???C@?x???`|?w\?????@
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2011-07-07 14:43:12
ComboFix-quarantined-files.txt 2011-07-07 12:42
.
Před spuštěním: 965 017 600
Po spuštění: 969 281 536
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 6C1D5FB5987ADAFFB0AA43F5A7A6E13B
ComboFix 11-07-07.02 - Administrator 07.07.2011 14:36:28.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.611 [GMT 2:00]
Spuštěný z: f:\programy\antidefence\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-07 do 2011-07-07 )))))))))))))))))))))))))))))))
.
.
2011-07-07 10:19 . 2011-07-07 11:30 -------- d-----w- c:\program files\trend micro
2011-07-07 10:19 . 2011-07-07 10:19 -------- d-----w- C:\rsit
2011-07-03 16:12 . 2011-07-07 12:40 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\PMB Files
2011-06-28 13:10 . 2011-06-28 13:26 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Ubisoft Game Launcher
2011-06-28 13:09 . 2011-06-28 13:10 -------- d-----w- C:\Ubisoft Game Launcher
2011-06-26 12:29 . 2011-06-26 12:29 -------- d-----w- c:\documents and settings\All Users\Data aplikac
2011-06-26 12:28 . 2011-06-26 12:28 -------- d-----w- c:\program files\Pando Networks
2011-06-26 12:21 . 2011-06-26 12:21 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\LolClient
2011-06-25 10:31 . 2011-06-25 10:31 -------- d-----w- c:\program files\Common Files\Java
2011-06-24 17:00 . 2011-06-24 17:02 -------- d-----w- c:\program files\Garena
2011-06-13 10:50 . 2011-06-13 10:50 -------- d-----w- c:\documents and settings\UpdatusUser
2011-06-13 10:50 . 2011-05-25 06:09 543336 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2011-06-13 10:48 . 2011-05-25 06:09 899688 ----a-w- c:\windows\system32\nvdispco3220150.dll
2011-06-13 10:48 . 2011-05-25 06:09 865896 ----a-w- c:\windows\system32\nvgenco322090.dll
2011-06-13 10:45 . 2011-06-13 10:45 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2011-06-13 10:39 . 2007-03-12 14:42 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-25 06:09 . 2010-10-08 00:28 54272 ----a-w- c:\windows\system32\nvwddi.dll
2011-05-25 06:09 . 2010-10-08 00:28 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-05-25 06:09 . 2010-10-08 00:28 154728 ----a-w- c:\windows\system32\nvsvc32.exe
2011-05-25 06:09 . 2010-10-08 00:28 13895272 ----a-w- c:\windows\system32\nvcpl.dll
2011-05-25 06:09 . 2011-03-28 17:56 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-25 06:09 . 2011-03-28 17:56 2082408 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-05-25 06:09 . 2010-10-08 00:28 145000 ----a-w- c:\windows\system32\nvcolor.exe
2011-05-25 06:09 . 2009-02-18 12:44 2808936 ----a-w- c:\windows\system32\nvcuvid.dll
2011-05-25 06:09 . 2009-02-18 12:44 16068608 ----a-w- c:\windows\system32\nvoglnt.dll
2011-05-25 06:09 . 2011-03-28 17:56 13004800 ----a-w- c:\windows\system32\nvcompiler.dll
2011-05-25 06:09 . 2009-02-18 12:44 5332992 ----a-w- c:\windows\system32\nvcuda.dll
2011-05-25 06:09 . 2009-02-18 12:44 4198272 ----a-w- c:\windows\system32\nv4_disp.dll
2011-05-25 06:09 . 2009-02-18 12:44 2328576 ----a-w- c:\windows\system32\nvapi.dll
2011-05-25 06:09 . 2009-02-18 12:44 12753664 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2011-05-04 02:52 . 2011-03-28 19:52 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-04 00:25 . 2011-03-28 19:44 73728 ----a-w- c:\windows\system32\javacpl.cpl
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-04-01 486856]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-04-01 15145352]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2011-07-03 3077528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Lachesis"="c:\program files\Razer\Lachesis\razerhid.exe" [2007-09-12 172032]
"NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"WINDVDPatch"="CTHELPER.EXE" [2002-07-02 24576]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"CTStartup"="c:\program files\Creative\Splash Screen\CTEaxSpl.EXE" [2001-12-19 28672]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-05-25 13895272]
"NvMediaCenter"="NvMCTray.dll" [2011-05-25 111208]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-05-04 1632360]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^Lingea Update Center.lnk]
path=c:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\Lingea Update Center.lnk
backup=c:\windows\pss\Lingea Update Center.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HPAiODevice(hp psc 700 series) - 1.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\HPAiODevice(hp psc 700 series) - 1.lnk
backup=c:\windows\pss\HPAiODevice(hp psc 700 series) - 1.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-11-15 19:02 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-30 15:45 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataLayer]
2005-03-31 07:30 1106944 ----a-w- c:\program files\Common Files\PCSuite\DataLayer\DataLayer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-03-21 18:56 1230704 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-03-28 18:24 133104 ----atw- c:\documents and settings\Administrator\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 22:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jet Detection]
2001-11-28 23:00 28672 ----a-w- c:\program files\Creative\SBLive\Program\ADGJDet.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
2005-03-22 07:39 167936 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync]
2005-04-20 07:57 847872 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"57602:TCP"= 57602:TCP:Pando Media Booster
"57602:UDP"= 57602:UDP:Pando Media Booster
"58463:TCP"= 58463:TCP:Pando Media Booster
"58463:UDP"= 58463:UDP:Pando Media Booster
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [28.3.2011 20:01 717296]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [7.7.2011 13:24 309848]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [7.7.2011 13:24 19544]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [25.6.2010 19:07 35088]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [13.6.2011 12:50 2214504]
R3 LachesisFltr;Lachesis Mouse Driver;c:\windows\system32\drivers\Lachesis.sys [28.3.2011 19:59 12032]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [7.7.2011 13:24 441176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [25.10.2001 14:00 3584]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - AAVMKER4
*NewlyCreated* - ASWFSBLK
*NewlyCreated* - ASWMON2
*NewlyCreated* - ASWRDR
*NewlyCreated* - ASWSP
*NewlyCreated* - ASWTDI
*NewlyCreated* - AVAST!_ANTIVIRUS
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-HijackThis - c:\docume~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.391\HijackThis.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-07 14:41
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CTStartup = c:\program files\Creative\Splash Screen\CTEaxSpl.EXE /run???h??????s?????\?w? ?w???????w???w4???????.??w4???????4???TA?s4????????&??????\??? ??? ???\???\???????????5?7~e?7~\???\???????p?_??????C@?\???\??????s????\??????s\????&??A??s?&???C@?x???`|?w\?????@
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2011-07-07 14:43:12
ComboFix-quarantined-files.txt 2011-07-07 12:42
.
Před spuštěním: 965 017 600
Po spuštění: 969 281 536
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 6C1D5FB5987ADAFFB0AA43F5A7A6E13B
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: problém s pomalým internetem
Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.KillAll::
Driver::
NOD32FiXTemDono
Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"57602:TCP"=-
"57602:UDP"=-
"58463:TCP"=-
"58463:UDP"=-
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: problém s pomalým internetem
Tady to je po použitém scriptu:
ComboFix 11-07-07.02 - Administrator 07.07.2011 15:05:58.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.548 [GMT 2:00]
Spuštěný z: f:\programy\antidefence\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Administrator\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NOD32FiXTemDono
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-07 do 2011-07-07 )))))))))))))))))))))))))))))))
.
.
2011-07-07 11:24 . 2011-07-04 11:36 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-07 11:24 . 2011-07-04 11:32 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-07-07 11:24 . 2011-07-04 11:35 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-07 11:24 . 2011-07-04 11:32 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-07 11:24 . 2011-07-04 11:36 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-07 11:24 . 2011-07-04 11:35 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-07-07 11:24 . 2011-07-04 11:35 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-07-07 11:24 . 2011-07-04 11:32 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-07-07 11:24 . 2011-07-04 11:43 40112 ----a-w- c:\windows\avastSS.scr
2011-07-07 11:24 . 2011-07-04 11:43 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-07 11:24 . 2011-07-07 11:24 -------- d-----w- c:\program files\AVAST Software
2011-07-07 10:19 . 2011-07-07 11:30 -------- d-----w- c:\program files\trend micro
2011-07-07 10:19 . 2011-07-07 10:19 -------- d-----w- C:\rsit
2011-07-03 16:12 . 2011-07-07 13:16 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\PMB Files
2011-06-28 13:10 . 2011-06-28 13:26 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Ubisoft Game Launcher
2011-06-28 13:09 . 2011-06-28 13:10 -------- d-----w- C:\Ubisoft Game Launcher
2011-06-26 12:29 . 2011-06-26 12:29 -------- d-----w- c:\documents and settings\All Users\Data aplikac
2011-06-26 12:28 . 2011-06-26 12:28 -------- d-----w- c:\program files\Pando Networks
2011-06-26 12:21 . 2011-06-26 12:21 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\LolClient
2011-06-25 10:31 . 2011-06-25 10:31 -------- d-----w- c:\program files\Common Files\Java
2011-06-24 17:00 . 2011-06-24 17:02 -------- d-----w- c:\program files\Garena
2011-06-13 10:50 . 2011-06-13 10:50 -------- d-----w- c:\documents and settings\UpdatusUser
2011-06-13 10:50 . 2011-05-25 06:09 543336 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2011-06-13 10:48 . 2011-05-25 06:09 899688 ----a-w- c:\windows\system32\nvdispco3220150.dll
2011-06-13 10:48 . 2011-05-25 06:09 865896 ----a-w- c:\windows\system32\nvgenco322090.dll
2011-06-13 10:45 . 2011-06-13 10:45 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2011-06-13 10:39 . 2007-03-12 14:42 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-25 06:09 . 2010-10-08 00:28 54272 ----a-w- c:\windows\system32\nvwddi.dll
2011-05-25 06:09 . 2010-10-08 00:28 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-05-25 06:09 . 2010-10-08 00:28 154728 ----a-w- c:\windows\system32\nvsvc32.exe
2011-05-25 06:09 . 2010-10-08 00:28 13895272 ----a-w- c:\windows\system32\nvcpl.dll
2011-05-25 06:09 . 2011-03-28 17:56 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-25 06:09 . 2011-03-28 17:56 2082408 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-05-25 06:09 . 2010-10-08 00:28 145000 ----a-w- c:\windows\system32\nvcolor.exe
2011-05-25 06:09 . 2009-02-18 12:44 2808936 ----a-w- c:\windows\system32\nvcuvid.dll
2011-05-25 06:09 . 2009-02-18 12:44 16068608 ----a-w- c:\windows\system32\nvoglnt.dll
2011-05-25 06:09 . 2011-03-28 17:56 13004800 ----a-w- c:\windows\system32\nvcompiler.dll
2011-05-25 06:09 . 2009-02-18 12:44 5332992 ----a-w- c:\windows\system32\nvcuda.dll
2011-05-25 06:09 . 2009-02-18 12:44 4198272 ----a-w- c:\windows\system32\nv4_disp.dll
2011-05-25 06:09 . 2009-02-18 12:44 2328576 ----a-w- c:\windows\system32\nvapi.dll
2011-05-25 06:09 . 2009-02-18 12:44 12753664 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2011-05-04 02:52 . 2011-03-28 19:52 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-04 00:25 . 2011-03-28 19:44 73728 ----a-w- c:\windows\system32\javacpl.cpl
.
.
((((((((((((((((((((((((((((( SnapShot@2011-07-07_12.41.09 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-07-07 13:15 . 2011-07-07 13:15 16384 c:\windows\Temp\Perflib_Perfdata_b9c.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-04-01 486856]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-04-01 15145352]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2011-07-03 3077528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Lachesis"="c:\program files\Razer\Lachesis\razerhid.exe" [2007-09-12 172032]
"NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"WINDVDPatch"="CTHELPER.EXE" [2002-07-02 24576]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"CTStartup"="c:\program files\Creative\Splash Screen\CTEaxSpl.EXE" [2001-12-19 28672]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-05-25 13895272]
"NvMediaCenter"="NvMCTray.dll" [2011-05-25 111208]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-05-04 1632360]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^Lingea Update Center.lnk]
path=c:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\Lingea Update Center.lnk
backup=c:\windows\pss\Lingea Update Center.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HPAiODevice(hp psc 700 series) - 1.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\HPAiODevice(hp psc 700 series) - 1.lnk
backup=c:\windows\pss\HPAiODevice(hp psc 700 series) - 1.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-11-15 19:02 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-30 15:45 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataLayer]
2005-03-31 07:30 1106944 ----a-w- c:\program files\Common Files\PCSuite\DataLayer\DataLayer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-03-21 18:56 1230704 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-03-28 18:24 133104 ----atw- c:\documents and settings\Administrator\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 22:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jet Detection]
2001-11-28 23:00 28672 ----a-w- c:\program files\Creative\SBLive\Program\ADGJDet.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
2005-03-22 07:39 167936 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync]
2005-04-20 07:57 847872 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"f:\\programy\\best miranda\\Miranda IM\\miranda32.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [28.3.2011 20:01 717296]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [7.7.2011 13:24 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [7.7.2011 13:24 309848]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [7.7.2011 13:24 19544]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [25.6.2010 19:07 35088]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [13.6.2011 12:50 2214504]
R3 LachesisFltr;Lachesis Mouse Driver;c:\windows\system32\drivers\Lachesis.sys [28.3.2011 19:59 12032]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-07 15:15
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CTStartup = c:\program files\Creative\Splash Screen\CTEaxSpl.EXE /run???h??????s?????\?w? ?w???????w???w4???????.??w4???????4???TA?s4????????&??????\??? ??? ???\???\???????????5?7~e?7~\???\????????ga??????C@?\???\??????s????\??????s\????&??A??s?&???C@?x???`|?w\?????@
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\RunDLL32.exe
c:\program files\Razer\Lachesis\OSD.exe
c:\program files\Razer\Lachesis\razertra.exe
c:\program files\Razer\Lachesis\razerofa.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\windows\system32\CTsvcCDA.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wdfmgr.exe
c:\windows\System32\MsPMSPSv.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2011-07-07 15:19:03 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-07 13:18
ComboFix2.txt 2011-07-07 12:43
.
Před spuštěním: 993 247 232
Po spuštění: 887 660 544
.
- - End Of File - - F33E381773F6C34B9878BD9851E7C4B7
ComboFix 11-07-07.02 - Administrator 07.07.2011 15:05:58.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.548 [GMT 2:00]
Spuštěný z: f:\programy\antidefence\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Administrator\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NOD32FiXTemDono
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-07 do 2011-07-07 )))))))))))))))))))))))))))))))
.
.
2011-07-07 11:24 . 2011-07-04 11:36 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-07 11:24 . 2011-07-04 11:32 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-07-07 11:24 . 2011-07-04 11:35 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-07 11:24 . 2011-07-04 11:32 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-07 11:24 . 2011-07-04 11:36 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-07 11:24 . 2011-07-04 11:35 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-07-07 11:24 . 2011-07-04 11:35 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-07-07 11:24 . 2011-07-04 11:32 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-07-07 11:24 . 2011-07-04 11:43 40112 ----a-w- c:\windows\avastSS.scr
2011-07-07 11:24 . 2011-07-04 11:43 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-07 11:24 . 2011-07-07 11:24 -------- d-----w- c:\program files\AVAST Software
2011-07-07 10:19 . 2011-07-07 11:30 -------- d-----w- c:\program files\trend micro
2011-07-07 10:19 . 2011-07-07 10:19 -------- d-----w- C:\rsit
2011-07-03 16:12 . 2011-07-07 13:16 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\PMB Files
2011-06-28 13:10 . 2011-06-28 13:26 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Ubisoft Game Launcher
2011-06-28 13:09 . 2011-06-28 13:10 -------- d-----w- C:\Ubisoft Game Launcher
2011-06-26 12:29 . 2011-06-26 12:29 -------- d-----w- c:\documents and settings\All Users\Data aplikac
2011-06-26 12:28 . 2011-06-26 12:28 -------- d-----w- c:\program files\Pando Networks
2011-06-26 12:21 . 2011-06-26 12:21 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\LolClient
2011-06-25 10:31 . 2011-06-25 10:31 -------- d-----w- c:\program files\Common Files\Java
2011-06-24 17:00 . 2011-06-24 17:02 -------- d-----w- c:\program files\Garena
2011-06-13 10:50 . 2011-06-13 10:50 -------- d-----w- c:\documents and settings\UpdatusUser
2011-06-13 10:50 . 2011-05-25 06:09 543336 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2011-06-13 10:48 . 2011-05-25 06:09 899688 ----a-w- c:\windows\system32\nvdispco3220150.dll
2011-06-13 10:48 . 2011-05-25 06:09 865896 ----a-w- c:\windows\system32\nvgenco322090.dll
2011-06-13 10:45 . 2011-06-13 10:45 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2011-06-13 10:39 . 2007-03-12 14:42 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-25 06:09 . 2010-10-08 00:28 54272 ----a-w- c:\windows\system32\nvwddi.dll
2011-05-25 06:09 . 2010-10-08 00:28 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-05-25 06:09 . 2010-10-08 00:28 154728 ----a-w- c:\windows\system32\nvsvc32.exe
2011-05-25 06:09 . 2010-10-08 00:28 13895272 ----a-w- c:\windows\system32\nvcpl.dll
2011-05-25 06:09 . 2011-03-28 17:56 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-25 06:09 . 2011-03-28 17:56 2082408 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-05-25 06:09 . 2010-10-08 00:28 145000 ----a-w- c:\windows\system32\nvcolor.exe
2011-05-25 06:09 . 2009-02-18 12:44 2808936 ----a-w- c:\windows\system32\nvcuvid.dll
2011-05-25 06:09 . 2009-02-18 12:44 16068608 ----a-w- c:\windows\system32\nvoglnt.dll
2011-05-25 06:09 . 2011-03-28 17:56 13004800 ----a-w- c:\windows\system32\nvcompiler.dll
2011-05-25 06:09 . 2009-02-18 12:44 5332992 ----a-w- c:\windows\system32\nvcuda.dll
2011-05-25 06:09 . 2009-02-18 12:44 4198272 ----a-w- c:\windows\system32\nv4_disp.dll
2011-05-25 06:09 . 2009-02-18 12:44 2328576 ----a-w- c:\windows\system32\nvapi.dll
2011-05-25 06:09 . 2009-02-18 12:44 12753664 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2011-05-04 02:52 . 2011-03-28 19:52 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-04 00:25 . 2011-03-28 19:44 73728 ----a-w- c:\windows\system32\javacpl.cpl
.
.
((((((((((((((((((((((((((((( SnapShot@2011-07-07_12.41.09 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-07-07 13:15 . 2011-07-07 13:15 16384 c:\windows\Temp\Perflib_Perfdata_b9c.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-04-01 486856]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-04-01 15145352]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2011-07-03 3077528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Lachesis"="c:\program files\Razer\Lachesis\razerhid.exe" [2007-09-12 172032]
"NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"WINDVDPatch"="CTHELPER.EXE" [2002-07-02 24576]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"CTStartup"="c:\program files\Creative\Splash Screen\CTEaxSpl.EXE" [2001-12-19 28672]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-05-25 13895272]
"NvMediaCenter"="NvMCTray.dll" [2011-05-25 111208]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-05-04 1632360]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^Lingea Update Center.lnk]
path=c:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\Lingea Update Center.lnk
backup=c:\windows\pss\Lingea Update Center.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HPAiODevice(hp psc 700 series) - 1.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\HPAiODevice(hp psc 700 series) - 1.lnk
backup=c:\windows\pss\HPAiODevice(hp psc 700 series) - 1.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-11-15 19:02 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-30 15:45 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataLayer]
2005-03-31 07:30 1106944 ----a-w- c:\program files\Common Files\PCSuite\DataLayer\DataLayer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-03-21 18:56 1230704 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-03-28 18:24 133104 ----atw- c:\documents and settings\Administrator\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 22:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jet Detection]
2001-11-28 23:00 28672 ----a-w- c:\program files\Creative\SBLive\Program\ADGJDet.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
2005-03-22 07:39 167936 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync]
2005-04-20 07:57 847872 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"f:\\programy\\best miranda\\Miranda IM\\miranda32.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [28.3.2011 20:01 717296]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [7.7.2011 13:24 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [7.7.2011 13:24 309848]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [7.7.2011 13:24 19544]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [25.6.2010 19:07 35088]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [13.6.2011 12:50 2214504]
R3 LachesisFltr;Lachesis Mouse Driver;c:\windows\system32\drivers\Lachesis.sys [28.3.2011 19:59 12032]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-07 15:15
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CTStartup = c:\program files\Creative\Splash Screen\CTEaxSpl.EXE /run???h??????s?????\?w? ?w???????w???w4???????.??w4???????4???TA?s4????????&??????\??? ??? ???\???\???????????5?7~e?7~\???\????????ga??????C@?\???\??????s????\??????s\????&??A??s?&???C@?x???`|?w\?????@
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\RunDLL32.exe
c:\program files\Razer\Lachesis\OSD.exe
c:\program files\Razer\Lachesis\razertra.exe
c:\program files\Razer\Lachesis\razerofa.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\windows\system32\CTsvcCDA.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wdfmgr.exe
c:\windows\System32\MsPMSPSv.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2011-07-07 15:19:03 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-07 13:18
ComboFix2.txt 2011-07-07 12:43
.
Před spuštěním: 993 247 232
Po spuštění: 887 660 544
.
- - End Of File - - F33E381773F6C34B9878BD9851E7C4B7
Re: problém s pomalým internetem
Tak to vypadá, že všechno fachčí, JUCH! Mockrát díky!!!
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: problém s pomalým internetem
Log již vypadá čistý. Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: problém s pomalým internetem
Zdravím, tak problém je zpátky. Internet se vypíná nebo nenajíždí. Spustil jsem Avast kontrolu po restartu pc a našel asi 3-4 viry, které infikovaly asi 18 souborů v "system volume restoration" a programu "Daemon". Toto najelo po restartu: http://imageshack.us/f/715/generichost.jpg/
http://imageshack.us/f/52/generichost2.jpg/
Tady posílám ještě log z RSITu:
Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrator at 2011-07-09 12:13:33
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 653 MB (5%) free of 12 GB
Total RAM: 1023 MB (43% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:13:37, on 9.7.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Razer\Lachesis\razerhid.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\aadrive32.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Razer\Lachesis\OSD.exe
C:\Program Files\Razer\Lachesis\razertra.exe
C:\Program Files\Razer\Lachesis\razerofa.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\System32\alg.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
F:\programy\best miranda\Miranda IM\miranda32.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
F:\programy\antidefence\RSIT.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Program Files\trend micro\Administrator.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: CleanMyPC Popup Blocker - {7A9BC6B1-7F27-47c6-A66D-13582E81E537} - C:\Program Files\CleanMyPC Popup Blocker\CleanBHO.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: CleanMyPC Toolbar - {04164EC4-1E48-4279-818E-3721931E7636} - C:\Program Files\CleanMyPC Popup Blocker\CleanBar.dll
O4 - HKLM\..\Run: [Lachesis] C:\Program Files\Razer\Lachesis\razerhid.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Microsoft Driver Setup] C:\WINDOWS\aadrive32.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Tnaww] C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1413\syitm.exe
O4 - HKCU\..\Run: [12CFG214-K641-12SF-N85P] C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe
O4 - HKLM\..\Policies\Explorer\Run: [Microsoft Driver Setup] C:\WINDOWS\aadrive32.exe
O4 - HKUS\S-1-5-21-1292428093-162531612-682003330-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
--
End of file - 9571 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7A9BC6B1-7F27-47c6-A66D-13582E81E537}]
CleanMyPCPopupBlocker Class - C:\Program Files\CleanMyPC Popup Blocker\CleanBHO.dll [2004-12-10 65536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-03-18 1164680]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-05-04 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{04164EC4-1E48-4279-818E-3721931E7636} - CleanMyPC Toolbar - C:\Program Files\CleanMyPC Popup Blocker\CleanBar.dll [2004-12-10 167936]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Lachesis"=C:\Program Files\Razer\Lachesis\razerhid.exe [2007-09-12 172032]
"NeroCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"WINDVDPatch"=C:\WINDOWS\system32\CTHELPER.EXE [2002-07-02 24576]
"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
"CTStartup"=C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE [2001-12-20 28672]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-05-25 13895272]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2011-05-05 1632360]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-07-04 3493720]
"Microsoft Driver Setup"=C:\WINDOWS\aadrive32.exe [2011-07-08 161280]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Microsoft Driver Setup"=C:\WINDOWS\aadrive32.exe [2011-07-08 161280]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-04-01 486856]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-04-01 15145352]
"Pando Media Booster"=C:\Program Files\Pando Networks\Media Booster\PMB.exe [2011-07-03 3077528]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Tnaww"=C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1413\syitm.exe [2011-07-09 121344]
"12CFG214-K641-12SF-N85P"=C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe [2011-07-08 121856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-01-30 35736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataLayer]
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe [2005-03-31 1106944]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-03-28 133104]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jet Detection]
C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe [2001-11-29 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2005-03-22 167936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync]
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe [2005-04-20 847872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^Lingea Update Center.lnk]
C:\PROGRA~1\COMMON~1\LINGEA~1\luc.exe [2009-04-27 275736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2006-10-26 98632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HPAiODevice(hp psc 700 series) - 1.lnk]
C:\PROGRA~1\HEWLET~1\AiO\HPPSC7~1\Bin\hpobrt07.exe [2003-02-03 491580]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"F:\programy\best miranda\Miranda IM\miranda32.exe"="F:\programy\best miranda\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
======List of files/folders created in the last 1 months======
2011-07-09 11:53:52 ----A---- C:\Documents and Settings\Administrator\Data aplikací\13.tmp
2011-07-09 11:53:35 ----A---- C:\Documents and Settings\Administrator\Data aplikací\11.tmp
2011-07-08 21:39:15 ----A---- C:\Documents and Settings\Administrator\Data aplikací\10.tmp
2011-07-08 21:39:10 ----A---- C:\Documents and Settings\Administrator\Data aplikací\D.tmp
2011-07-08 21:25:53 ----RSH---- C:\WINDOWS\aadrive32.exe
2011-07-08 21:25:50 ----A---- C:\Documents and Settings\Administrator\Data aplikací\F.tmp
2011-07-08 21:25:47 ----A---- C:\Documents and Settings\Administrator\Data aplikací\E.tmp
2011-07-08 11:34:24 ----A---- C:\WINDOWS\system32\48.exe
2011-07-08 00:21:26 ----A---- C:\Documents and Settings\Administrator\Data aplikací\5.tmp
2011-07-07 15:31:02 ----SHD---- C:\RECYCLER
2011-07-07 15:19:04 ----A---- C:\ComboFix.txt
2011-07-07 14:35:50 ----A---- C:\Boot.bak
2011-07-07 14:35:45 ----RASHD---- C:\cmdcons
2011-07-07 14:32:25 ----A---- C:\WINDOWS\zip.exe
2011-07-07 14:32:25 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-07-07 14:32:25 ----A---- C:\WINDOWS\SWSC.exe
2011-07-07 14:32:25 ----A---- C:\WINDOWS\SWREG.exe
2011-07-07 14:32:25 ----A---- C:\WINDOWS\sed.exe
2011-07-07 14:32:25 ----A---- C:\WINDOWS\PEV.exe
2011-07-07 14:32:25 ----A---- C:\WINDOWS\NIRCMD.exe
2011-07-07 14:32:25 ----A---- C:\WINDOWS\MBR.exe
2011-07-07 14:32:25 ----A---- C:\WINDOWS\grep.exe
2011-07-07 14:31:21 ----D---- C:\WINDOWS\ERDNT
2011-07-07 14:30:35 ----D---- C:\Qoobox
2011-07-07 13:24:41 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-07-07 13:24:41 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-07-07 13:24:39 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-07-07 13:24:39 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-07-07 13:24:38 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-07-07 13:24:38 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-07-07 13:24:38 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-07-07 13:24:37 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-07-07 13:24:13 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-07-07 13:24:00 ----D---- C:\Program Files\AVAST Software
2011-07-07 13:24:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-07-07 13:15:21 ----D---- C:\Config.Msi
2011-07-07 12:19:03 ----D---- C:\rsit
2011-07-07 12:19:03 ----D---- C:\Program Files\trend micro
2011-07-06 20:08:39 ----A---- C:\WINDOWS\{00000000-00000000-00000009-00001102-00000002-80651102}.BAK
2011-07-03 18:12:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\PMB Files
2011-06-28 15:09:29 ----D---- C:\Ubisoft Game Launcher
2011-06-26 14:28:59 ----D---- C:\Program Files\Pando Networks
2011-06-26 14:21:03 ----D---- C:\Documents and Settings\Administrator\Data aplikací\LolClient
2011-06-25 12:31:11 ----D---- C:\Program Files\Common Files\Java
2011-06-25 12:30:56 ----A---- C:\WINDOWS\system32\javaws.exe
2011-06-25 12:30:56 ----A---- C:\WINDOWS\system32\javaw.exe
2011-06-25 12:30:56 ----A---- C:\WINDOWS\system32\java.exe
2011-06-24 19:00:45 ----D---- C:\Program Files\Garena
2011-06-13 12:50:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA
2011-06-13 12:50:39 ----A---- C:\WINDOWS\system32\easyupdatusapiu.dll
2011-06-13 12:48:55 ----A---- C:\WINDOWS\system32\nvgenco322090.dll
2011-06-13 12:48:55 ----A---- C:\WINDOWS\system32\nvdispco3220150.dll
2011-06-13 12:45:06 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-06-13 12:40:45 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2011-06-13 12:40:45 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2011-06-13 12:40:45 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2011-06-13 12:40:44 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2011-06-13 12:40:44 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2011-06-13 12:40:44 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2011-06-13 12:40:43 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2011-06-13 12:40:43 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2011-06-13 12:40:42 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2011-06-13 12:40:42 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2011-06-13 12:40:42 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2011-06-13 12:40:41 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2011-06-13 12:40:41 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2011-06-13 12:40:40 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2011-06-13 12:40:40 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2011-06-13 12:40:39 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2011-06-13 12:40:39 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2011-06-13 12:40:38 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2011-06-13 12:40:37 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2011-06-13 12:40:37 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2011-06-13 12:40:36 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2011-06-13 12:40:36 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2011-06-13 12:40:36 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2011-06-13 12:40:35 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2011-06-13 12:40:35 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2011-06-13 12:40:34 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2011-06-13 12:40:34 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2011-06-13 12:40:34 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2011-06-13 12:40:33 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2011-06-13 12:40:33 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2011-06-13 12:40:33 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2011-06-13 12:40:32 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2011-06-13 12:40:31 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2011-06-13 12:40:31 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2011-06-13 12:40:31 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2011-06-13 12:40:30 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2011-06-13 12:40:30 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2011-06-13 12:40:29 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2011-06-13 12:40:28 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2011-06-13 12:40:28 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2011-06-13 12:40:28 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2011-06-13 12:40:27 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2011-06-13 12:40:27 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2011-06-13 12:40:27 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2011-06-13 12:40:26 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2011-06-13 12:40:26 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2011-06-13 12:40:25 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2011-06-13 12:40:25 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2011-06-13 12:40:24 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2011-06-13 12:40:24 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2011-06-13 12:40:23 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2011-06-13 12:40:23 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2011-06-13 12:40:22 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2011-06-13 12:40:22 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2011-06-13 12:40:21 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2011-06-13 12:40:21 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2011-06-13 12:40:20 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2011-06-13 12:40:20 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2011-06-13 12:40:20 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2011-06-13 12:40:19 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2011-06-13 12:40:19 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2011-06-13 12:40:19 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2011-06-13 12:40:18 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2011-06-13 12:40:15 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2011-06-13 12:40:09 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2011-06-13 12:40:05 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2011-06-13 12:40:00 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2011-06-13 12:40:00 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2011-06-13 12:39:52 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2011-06-13 12:39:51 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2011-06-13 12:39:51 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2011-06-13 12:39:50 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2011-06-13 12:39:50 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2011-06-13 12:39:50 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2011-06-13 12:39:50 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2011-06-13 12:39:49 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2011-06-13 12:39:49 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2011-06-13 12:39:49 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2011-06-13 12:39:49 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2011-06-13 12:39:39 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2011-06-13 12:39:39 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2011-06-13 12:39:39 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2011-06-13 12:39:39 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2011-06-13 12:39:39 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2011-06-13 12:39:38 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2011-06-13 12:39:38 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2011-06-13 12:39:38 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2011-06-13 12:39:37 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2011-06-13 12:39:36 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2011-06-12 23:37:08 ----D---- C:\WINDOWS\system32\appmgmt
======List of files/folders modified in the last 1 months======
2011-07-09 12:07:16 ----D---- C:\WINDOWS\Temp
2011-07-09 11:53:40 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Skype
2011-07-09 11:53:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Easybits GO
2011-07-09 11:53:21 ----D---- C:\Documents and Settings\Administrator\Data aplikací\skypePM
2011-07-08 21:43:12 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-07-08 21:42:04 ----D---- C:\WINDOWS\system32\CatRoot2
2011-07-08 21:25:53 ----D---- C:\WINDOWS
2011-07-08 19:28:03 ----D---- C:\Documents and Settings\Administrator\Data aplikací\uTorrent
2011-07-08 18:40:51 ----A---- C:\WINDOWS\WTRAN32.INI
2011-07-08 11:34:24 ----D---- C:\WINDOWS\system32
2011-07-08 01:08:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype Extras
2011-07-07 15:19:10 ----D---- C:\WINDOWS\system32\drivers
2011-07-07 15:15:55 ----D---- C:\WINDOWS\Prefetch
2011-07-07 15:15:26 ----A---- C:\WINDOWS\system.ini
2011-07-07 15:14:36 ----D---- C:\WINDOWS\system32\drivers\etc
2011-07-07 15:13:08 ----D---- C:\WINDOWS\system32\config
2011-07-07 15:09:44 ----D---- C:\WINDOWS\AppPatch
2011-07-07 15:09:40 ----D---- C:\Program Files\Common Files
2011-07-07 14:42:03 ----SD---- C:\WINDOWS\Tasks
2011-07-07 14:35:50 ----RASH---- C:\boot.ini
2011-07-07 13:24:29 ----SHD---- C:\WINDOWS\Installer
2011-07-07 13:24:26 ----D---- C:\WINDOWS\WinSxS
2011-07-07 13:24:00 ----RD---- C:\Program Files
2011-07-07 13:17:39 ----HD---- C:\WINDOWS\inf
2011-07-07 09:24:04 ----D---- C:\WINDOWS\Minidump
2011-07-06 20:05:26 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-04 16:27:52 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Winamp
2011-07-03 19:19:50 ----D---- C:\WINDOWS\system32\DirectX
2011-06-28 15:32:36 ----RSD---- C:\WINDOWS\assembly
2011-06-28 14:37:42 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-06-27 16:23:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-06-25 12:30:53 ----D---- C:\Program Files\Java
2011-06-16 10:56:43 ----A---- C:\WINDOWS\wincmd.ini
2011-06-16 10:55:27 ----A---- C:\WINDOWS\wcx_ftp.ini
2011-06-13 12:51:00 ----D---- C:\WINDOWS\Help
2011-06-13 12:50:51 ----D---- C:\Documents and Settings
2011-06-13 12:50:47 ----D---- C:\Program Files\NVIDIA Corporation
2011-06-13 12:50:26 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-06-13 12:50:04 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-06-13 12:39:41 ----D---- C:\WINDOWS\Microsoft.NET
2011-06-13 12:39:03 ----D---- C:\WINDOWS\Logs
2011-06-12 23:37:08 ----SD---- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
2011-06-12 23:36:06 ----D---- C:\Documents and Settings\Administrator\Data aplikací\go
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-03-28 717296]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-07-04 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-07-04 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-07-04 441176]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-07-04 309848]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-07-04 43608]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-07-04 19544]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-07-04 102616]
R2 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-06-25 35088]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\PfModNT.sys []
R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\System32\drivers\ctac32k.sys [2002-07-19 127948]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2002-07-19 837548]
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\System32\drivers\ctprxy2k.sys [2002-07-19 11068]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\System32\drivers\ctsfm2k.sys [2002-07-19 213860]
R3 E1000;Intel(R) PRO/1000 Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1000325.sys [2004-11-22 176128]
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\System32\drivers\emupia2k.sys [2002-07-19 156604]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2002-07-24 998004]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 LachesisFltr;Lachesis Mouse Driver; C:\WINDOWS\system32\drivers\Lachesis.sys [2007-08-08 12032]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2011-05-25 12753664]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2002-07-19 195432]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 asqqt6cr;asqqt6cr; C:\WINDOWS\system32\drivers\asqqt6cr.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 ctljystk;Game port pro zařízení Creative SB Live!; C:\WINDOWS\System32\DRIVERS\ctljystk.sys [2001-08-17 3712]
S3 dot4;Ovladač MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-14 206976]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 Dot4Scan;Ovladač třídy skeneru standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys [2001-08-17 8704]
S3 dot4usb;Filtr Dot4USB Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\KODD.tmp []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\safedrv.sys []
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-07-04 42184]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-13 44032]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-05-04 153376]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2011-05-25 154728]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-25 2214504]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\System32\MsPMSPSv.exe [2000-06-26 53520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2010-06-25 117264]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
http://imageshack.us/f/52/generichost2.jpg/
Tady posílám ještě log z RSITu:
Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrator at 2011-07-09 12:13:33
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 653 MB (5%) free of 12 GB
Total RAM: 1023 MB (43% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:13:37, on 9.7.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Razer\Lachesis\razerhid.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\aadrive32.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Razer\Lachesis\OSD.exe
C:\Program Files\Razer\Lachesis\razertra.exe
C:\Program Files\Razer\Lachesis\razerofa.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\System32\alg.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
F:\programy\best miranda\Miranda IM\miranda32.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
F:\programy\antidefence\RSIT.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Program Files\trend micro\Administrator.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: CleanMyPC Popup Blocker - {7A9BC6B1-7F27-47c6-A66D-13582E81E537} - C:\Program Files\CleanMyPC Popup Blocker\CleanBHO.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: CleanMyPC Toolbar - {04164EC4-1E48-4279-818E-3721931E7636} - C:\Program Files\CleanMyPC Popup Blocker\CleanBar.dll
O4 - HKLM\..\Run: [Lachesis] C:\Program Files\Razer\Lachesis\razerhid.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Microsoft Driver Setup] C:\WINDOWS\aadrive32.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Tnaww] C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1413\syitm.exe
O4 - HKCU\..\Run: [12CFG214-K641-12SF-N85P] C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe
O4 - HKLM\..\Policies\Explorer\Run: [Microsoft Driver Setup] C:\WINDOWS\aadrive32.exe
O4 - HKUS\S-1-5-21-1292428093-162531612-682003330-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
--
End of file - 9571 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7A9BC6B1-7F27-47c6-A66D-13582E81E537}]
CleanMyPCPopupBlocker Class - C:\Program Files\CleanMyPC Popup Blocker\CleanBHO.dll [2004-12-10 65536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-03-18 1164680]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-05-04 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{04164EC4-1E48-4279-818E-3721931E7636} - CleanMyPC Toolbar - C:\Program Files\CleanMyPC Popup Blocker\CleanBar.dll [2004-12-10 167936]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Lachesis"=C:\Program Files\Razer\Lachesis\razerhid.exe [2007-09-12 172032]
"NeroCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"WINDVDPatch"=C:\WINDOWS\system32\CTHELPER.EXE [2002-07-02 24576]
"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
"CTStartup"=C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE [2001-12-20 28672]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-05-25 13895272]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2011-05-05 1632360]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-07-04 3493720]
"Microsoft Driver Setup"=C:\WINDOWS\aadrive32.exe [2011-07-08 161280]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Microsoft Driver Setup"=C:\WINDOWS\aadrive32.exe [2011-07-08 161280]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-04-01 486856]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-04-01 15145352]
"Pando Media Booster"=C:\Program Files\Pando Networks\Media Booster\PMB.exe [2011-07-03 3077528]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Tnaww"=C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1413\syitm.exe [2011-07-09 121344]
"12CFG214-K641-12SF-N85P"=C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe [2011-07-08 121856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-01-30 35736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataLayer]
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe [2005-03-31 1106944]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-03-28 133104]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jet Detection]
C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe [2001-11-29 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2005-03-22 167936]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync]
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe [2005-04-20 847872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^Lingea Update Center.lnk]
C:\PROGRA~1\COMMON~1\LINGEA~1\luc.exe [2009-04-27 275736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2006-10-26 98632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HPAiODevice(hp psc 700 series) - 1.lnk]
C:\PROGRA~1\HEWLET~1\AiO\HPPSC7~1\Bin\hpobrt07.exe [2003-02-03 491580]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"F:\programy\best miranda\Miranda IM\miranda32.exe"="F:\programy\best miranda\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
======List of files/folders created in the last 1 months======
2011-07-09 11:53:52 ----A---- C:\Documents and Settings\Administrator\Data aplikací\13.tmp
2011-07-09 11:53:35 ----A---- C:\Documents and Settings\Administrator\Data aplikací\11.tmp
2011-07-08 21:39:15 ----A---- C:\Documents and Settings\Administrator\Data aplikací\10.tmp
2011-07-08 21:39:10 ----A---- C:\Documents and Settings\Administrator\Data aplikací\D.tmp
2011-07-08 21:25:53 ----RSH---- C:\WINDOWS\aadrive32.exe
2011-07-08 21:25:50 ----A---- C:\Documents and Settings\Administrator\Data aplikací\F.tmp
2011-07-08 21:25:47 ----A---- C:\Documents and Settings\Administrator\Data aplikací\E.tmp
2011-07-08 11:34:24 ----A---- C:\WINDOWS\system32\48.exe
2011-07-08 00:21:26 ----A---- C:\Documents and Settings\Administrator\Data aplikací\5.tmp
2011-07-07 15:31:02 ----SHD---- C:\RECYCLER
2011-07-07 15:19:04 ----A---- C:\ComboFix.txt
2011-07-07 14:35:50 ----A---- C:\Boot.bak
2011-07-07 14:35:45 ----RASHD---- C:\cmdcons
2011-07-07 14:32:25 ----A---- C:\WINDOWS\zip.exe
2011-07-07 14:32:25 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-07-07 14:32:25 ----A---- C:\WINDOWS\SWSC.exe
2011-07-07 14:32:25 ----A---- C:\WINDOWS\SWREG.exe
2011-07-07 14:32:25 ----A---- C:\WINDOWS\sed.exe
2011-07-07 14:32:25 ----A---- C:\WINDOWS\PEV.exe
2011-07-07 14:32:25 ----A---- C:\WINDOWS\NIRCMD.exe
2011-07-07 14:32:25 ----A---- C:\WINDOWS\MBR.exe
2011-07-07 14:32:25 ----A---- C:\WINDOWS\grep.exe
2011-07-07 14:31:21 ----D---- C:\WINDOWS\ERDNT
2011-07-07 14:30:35 ----D---- C:\Qoobox
2011-07-07 13:24:41 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-07-07 13:24:41 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-07-07 13:24:39 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-07-07 13:24:39 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-07-07 13:24:38 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-07-07 13:24:38 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-07-07 13:24:38 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-07-07 13:24:37 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-07-07 13:24:13 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-07-07 13:24:00 ----D---- C:\Program Files\AVAST Software
2011-07-07 13:24:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-07-07 13:15:21 ----D---- C:\Config.Msi
2011-07-07 12:19:03 ----D---- C:\rsit
2011-07-07 12:19:03 ----D---- C:\Program Files\trend micro
2011-07-06 20:08:39 ----A---- C:\WINDOWS\{00000000-00000000-00000009-00001102-00000002-80651102}.BAK
2011-07-03 18:12:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\PMB Files
2011-06-28 15:09:29 ----D---- C:\Ubisoft Game Launcher
2011-06-26 14:28:59 ----D---- C:\Program Files\Pando Networks
2011-06-26 14:21:03 ----D---- C:\Documents and Settings\Administrator\Data aplikací\LolClient
2011-06-25 12:31:11 ----D---- C:\Program Files\Common Files\Java
2011-06-25 12:30:56 ----A---- C:\WINDOWS\system32\javaws.exe
2011-06-25 12:30:56 ----A---- C:\WINDOWS\system32\javaw.exe
2011-06-25 12:30:56 ----A---- C:\WINDOWS\system32\java.exe
2011-06-24 19:00:45 ----D---- C:\Program Files\Garena
2011-06-13 12:50:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA
2011-06-13 12:50:39 ----A---- C:\WINDOWS\system32\easyupdatusapiu.dll
2011-06-13 12:48:55 ----A---- C:\WINDOWS\system32\nvgenco322090.dll
2011-06-13 12:48:55 ----A---- C:\WINDOWS\system32\nvdispco3220150.dll
2011-06-13 12:45:06 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-06-13 12:40:45 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2011-06-13 12:40:45 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2011-06-13 12:40:45 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2011-06-13 12:40:44 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2011-06-13 12:40:44 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2011-06-13 12:40:44 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2011-06-13 12:40:43 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2011-06-13 12:40:43 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2011-06-13 12:40:42 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2011-06-13 12:40:42 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2011-06-13 12:40:42 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2011-06-13 12:40:41 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2011-06-13 12:40:41 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2011-06-13 12:40:40 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2011-06-13 12:40:40 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2011-06-13 12:40:39 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2011-06-13 12:40:39 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2011-06-13 12:40:38 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2011-06-13 12:40:37 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2011-06-13 12:40:37 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2011-06-13 12:40:36 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2011-06-13 12:40:36 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2011-06-13 12:40:36 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2011-06-13 12:40:35 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2011-06-13 12:40:35 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2011-06-13 12:40:34 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2011-06-13 12:40:34 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2011-06-13 12:40:34 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2011-06-13 12:40:33 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2011-06-13 12:40:33 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2011-06-13 12:40:33 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2011-06-13 12:40:32 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2011-06-13 12:40:31 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2011-06-13 12:40:31 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2011-06-13 12:40:31 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2011-06-13 12:40:30 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2011-06-13 12:40:30 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2011-06-13 12:40:29 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2011-06-13 12:40:28 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2011-06-13 12:40:28 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2011-06-13 12:40:28 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2011-06-13 12:40:27 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2011-06-13 12:40:27 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2011-06-13 12:40:27 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2011-06-13 12:40:26 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2011-06-13 12:40:26 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2011-06-13 12:40:25 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2011-06-13 12:40:25 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2011-06-13 12:40:24 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2011-06-13 12:40:24 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2011-06-13 12:40:23 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2011-06-13 12:40:23 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2011-06-13 12:40:22 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2011-06-13 12:40:22 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2011-06-13 12:40:21 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2011-06-13 12:40:21 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2011-06-13 12:40:20 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2011-06-13 12:40:20 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2011-06-13 12:40:20 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2011-06-13 12:40:19 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2011-06-13 12:40:19 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2011-06-13 12:40:19 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2011-06-13 12:40:18 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2011-06-13 12:40:15 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2011-06-13 12:40:09 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2011-06-13 12:40:05 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2011-06-13 12:40:00 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2011-06-13 12:40:00 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2011-06-13 12:39:52 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2011-06-13 12:39:51 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2011-06-13 12:39:51 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2011-06-13 12:39:50 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2011-06-13 12:39:50 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2011-06-13 12:39:50 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2011-06-13 12:39:50 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2011-06-13 12:39:49 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2011-06-13 12:39:49 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2011-06-13 12:39:49 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2011-06-13 12:39:49 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2011-06-13 12:39:39 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2011-06-13 12:39:39 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2011-06-13 12:39:39 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2011-06-13 12:39:39 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2011-06-13 12:39:39 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2011-06-13 12:39:38 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2011-06-13 12:39:38 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2011-06-13 12:39:38 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2011-06-13 12:39:37 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2011-06-13 12:39:36 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2011-06-12 23:37:08 ----D---- C:\WINDOWS\system32\appmgmt
======List of files/folders modified in the last 1 months======
2011-07-09 12:07:16 ----D---- C:\WINDOWS\Temp
2011-07-09 11:53:40 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Skype
2011-07-09 11:53:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Easybits GO
2011-07-09 11:53:21 ----D---- C:\Documents and Settings\Administrator\Data aplikací\skypePM
2011-07-08 21:43:12 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-07-08 21:42:04 ----D---- C:\WINDOWS\system32\CatRoot2
2011-07-08 21:25:53 ----D---- C:\WINDOWS
2011-07-08 19:28:03 ----D---- C:\Documents and Settings\Administrator\Data aplikací\uTorrent
2011-07-08 18:40:51 ----A---- C:\WINDOWS\WTRAN32.INI
2011-07-08 11:34:24 ----D---- C:\WINDOWS\system32
2011-07-08 01:08:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype Extras
2011-07-07 15:19:10 ----D---- C:\WINDOWS\system32\drivers
2011-07-07 15:15:55 ----D---- C:\WINDOWS\Prefetch
2011-07-07 15:15:26 ----A---- C:\WINDOWS\system.ini
2011-07-07 15:14:36 ----D---- C:\WINDOWS\system32\drivers\etc
2011-07-07 15:13:08 ----D---- C:\WINDOWS\system32\config
2011-07-07 15:09:44 ----D---- C:\WINDOWS\AppPatch
2011-07-07 15:09:40 ----D---- C:\Program Files\Common Files
2011-07-07 14:42:03 ----SD---- C:\WINDOWS\Tasks
2011-07-07 14:35:50 ----RASH---- C:\boot.ini
2011-07-07 13:24:29 ----SHD---- C:\WINDOWS\Installer
2011-07-07 13:24:26 ----D---- C:\WINDOWS\WinSxS
2011-07-07 13:24:00 ----RD---- C:\Program Files
2011-07-07 13:17:39 ----HD---- C:\WINDOWS\inf
2011-07-07 09:24:04 ----D---- C:\WINDOWS\Minidump
2011-07-06 20:05:26 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-04 16:27:52 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Winamp
2011-07-03 19:19:50 ----D---- C:\WINDOWS\system32\DirectX
2011-06-28 15:32:36 ----RSD---- C:\WINDOWS\assembly
2011-06-28 14:37:42 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-06-27 16:23:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-06-25 12:30:53 ----D---- C:\Program Files\Java
2011-06-16 10:56:43 ----A---- C:\WINDOWS\wincmd.ini
2011-06-16 10:55:27 ----A---- C:\WINDOWS\wcx_ftp.ini
2011-06-13 12:51:00 ----D---- C:\WINDOWS\Help
2011-06-13 12:50:51 ----D---- C:\Documents and Settings
2011-06-13 12:50:47 ----D---- C:\Program Files\NVIDIA Corporation
2011-06-13 12:50:26 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-06-13 12:50:04 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-06-13 12:39:41 ----D---- C:\WINDOWS\Microsoft.NET
2011-06-13 12:39:03 ----D---- C:\WINDOWS\Logs
2011-06-12 23:37:08 ----SD---- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
2011-06-12 23:36:06 ----D---- C:\Documents and Settings\Administrator\Data aplikací\go
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-03-28 717296]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-07-04 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-07-04 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-07-04 441176]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-07-04 309848]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-07-04 43608]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-07-04 19544]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-07-04 102616]
R2 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-06-25 35088]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\PfModNT.sys []
R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\System32\drivers\ctac32k.sys [2002-07-19 127948]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2002-07-19 837548]
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\System32\drivers\ctprxy2k.sys [2002-07-19 11068]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\System32\drivers\ctsfm2k.sys [2002-07-19 213860]
R3 E1000;Intel(R) PRO/1000 Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1000325.sys [2004-11-22 176128]
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\System32\drivers\emupia2k.sys [2002-07-19 156604]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2002-07-24 998004]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 LachesisFltr;Lachesis Mouse Driver; C:\WINDOWS\system32\drivers\Lachesis.sys [2007-08-08 12032]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2011-05-25 12753664]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2002-07-19 195432]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 asqqt6cr;asqqt6cr; C:\WINDOWS\system32\drivers\asqqt6cr.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 ctljystk;Game port pro zařízení Creative SB Live!; C:\WINDOWS\System32\DRIVERS\ctljystk.sys [2001-08-17 3712]
S3 dot4;Ovladač MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-14 206976]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 Dot4Scan;Ovladač třídy skeneru standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys [2001-08-17 8704]
S3 dot4usb;Filtr Dot4USB Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\KODD.tmp []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\safedrv.sys []
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-07-04 42184]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-13 44032]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-05-04 153376]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2011-05-25 154728]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-25 2214504]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\System32\MsPMSPSv.exe [2000-06-26 53520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2010-06-25 117264]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: problém s pomalým internetem
1. vypněte obnovu systému, restartujte PC a obnovu opět zapněte.
2. Dejte nový log z ComboFix.
2. Dejte nový log z ComboFix.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: problém s pomalým internetem
Jestli to pomůže, tak se počítač chová tak, že vypíná zvuk v určitých aplikacích a nepovolí mě se dostat do nastavení zvuku. Pak jakoby se přepne dolní lišta windows do "klasického zobrazení", přepne se zpět a vypne se ten proces "generic host"...
Tady to je:
ComboFix 11-07-08.03 - Administrator 09.07.2011 13:04:21.3.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.558 [GMT 2:00]
Spuštěný z: f:\programy\antidefence\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrator\Data aplikací\10.tmp
c:\documents and settings\Administrator\Data aplikací\11.tmp
c:\documents and settings\Administrator\Data aplikací\13.tmp
c:\documents and settings\Administrator\Data aplikací\5.tmp
c:\documents and settings\Administrator\Data aplikací\D.tmp
c:\documents and settings\Administrator\Data aplikací\E.tmp
c:\documents and settings\Administrator\Data aplikací\F.tmp
c:\documents and settings\Administrator\Data aplikací\Taqsql.exe
c:\windows\system32\48.exe
c:\windows\vb.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-09 do 2011-07-09 )))))))))))))))))))))))))))))))
.
.
2011-07-07 11:24 . 2011-07-04 11:36 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-07 11:24 . 2011-07-04 11:32 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-07-07 11:24 . 2011-07-04 11:35 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-07 11:24 . 2011-07-04 11:32 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-07 11:24 . 2011-07-04 11:36 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-07 11:24 . 2011-07-04 11:35 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-07-07 11:24 . 2011-07-04 11:35 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-07-07 11:24 . 2011-07-04 11:32 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-07-07 11:24 . 2011-07-04 11:43 40112 ----a-w- c:\windows\avastSS.scr
2011-07-07 11:24 . 2011-07-04 11:43 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-07 11:24 . 2011-07-07 11:24 -------- d-----w- c:\program files\AVAST Software
2011-07-07 10:19 . 2011-07-09 10:13 -------- d-----w- c:\program files\trend micro
2011-07-07 10:19 . 2011-07-07 10:19 -------- d-----w- C:\rsit
2011-07-03 16:12 . 2011-07-09 11:15 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\PMB Files
2011-06-28 13:10 . 2011-06-28 13:26 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Ubisoft Game Launcher
2011-06-28 13:09 . 2011-06-28 13:10 -------- d-----w- C:\Ubisoft Game Launcher
2011-06-26 12:29 . 2011-06-26 12:29 -------- d-----w- c:\documents and settings\All Users\Data aplikac
2011-06-26 12:28 . 2011-06-26 12:28 -------- d-----w- c:\program files\Pando Networks
2011-06-26 12:21 . 2011-06-26 12:21 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\LolClient
2011-06-25 10:31 . 2011-06-25 10:31 -------- d-----w- c:\program files\Common Files\Java
2011-06-24 17:00 . 2011-07-08 19:27 -------- d-----w- c:\program files\Garena
2011-06-13 10:50 . 2011-06-13 10:50 -------- d-----w- c:\documents and settings\UpdatusUser
2011-06-13 10:50 . 2011-05-25 06:09 543336 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2011-06-13 10:48 . 2011-05-25 06:09 899688 ----a-w- c:\windows\system32\nvdispco3220150.dll
2011-06-13 10:48 . 2011-05-25 06:09 865896 ----a-w- c:\windows\system32\nvgenco322090.dll
2011-06-13 10:45 . 2011-06-13 10:45 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2011-06-13 10:39 . 2007-03-12 14:42 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-25 06:09 . 2010-10-08 00:28 54272 ----a-w- c:\windows\system32\nvwddi.dll
2011-05-25 06:09 . 2010-10-08 00:28 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-05-25 06:09 . 2010-10-08 00:28 154728 ----a-w- c:\windows\system32\nvsvc32.exe
2011-05-25 06:09 . 2010-10-08 00:28 13895272 ----a-w- c:\windows\system32\nvcpl.dll
2011-05-25 06:09 . 2011-03-28 17:56 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-25 06:09 . 2011-03-28 17:56 2082408 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-05-25 06:09 . 2010-10-08 00:28 145000 ----a-w- c:\windows\system32\nvcolor.exe
2011-05-25 06:09 . 2009-02-18 12:44 2808936 ----a-w- c:\windows\system32\nvcuvid.dll
2011-05-25 06:09 . 2009-02-18 12:44 16068608 ----a-w- c:\windows\system32\nvoglnt.dll
2011-05-25 06:09 . 2011-03-28 17:56 13004800 ----a-w- c:\windows\system32\nvcompiler.dll
2011-05-25 06:09 . 2009-02-18 12:44 5332992 ----a-w- c:\windows\system32\nvcuda.dll
2011-05-25 06:09 . 2009-02-18 12:44 4198272 ----a-w- c:\windows\system32\nv4_disp.dll
2011-05-25 06:09 . 2009-02-18 12:44 2328576 ----a-w- c:\windows\system32\nvapi.dll
2011-05-25 06:09 . 2009-02-18 12:44 12753664 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2011-05-04 02:52 . 2011-03-28 19:52 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-04 00:25 . 2011-03-28 19:44 73728 ----a-w- c:\windows\system32\javacpl.cpl
.
.
((((((((((((((((((((((((((((( SnapShot@2011-07-07_12.41.09 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-07-09 11:15 . 2011-07-09 11:15 16384 c:\windows\Temp\Perflib_Perfdata_81c.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-04-01 486856]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-04-01 15145352]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2011-07-03 3077528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Lachesis"="c:\program files\Razer\Lachesis\razerhid.exe" [2007-09-12 172032]
"NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"WINDVDPatch"="CTHELPER.EXE" [2002-07-02 24576]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"CTStartup"="c:\program files\Creative\Splash Screen\CTEaxSpl.EXE" [2001-12-19 28672]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-05-25 13895272]
"NvMediaCenter"="NvMCTray.dll" [2011-05-25 111208]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-05-04 1632360]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^Lingea Update Center.lnk]
path=c:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\Lingea Update Center.lnk
backup=c:\windows\pss\Lingea Update Center.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HPAiODevice(hp psc 700 series) - 1.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\HPAiODevice(hp psc 700 series) - 1.lnk
backup=c:\windows\pss\HPAiODevice(hp psc 700 series) - 1.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-11-15 19:02 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-30 15:45 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataLayer]
2005-03-31 07:30 1106944 ----a-w- c:\program files\Common Files\PCSuite\DataLayer\DataLayer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-03-21 18:56 1230704 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-03-28 18:24 133104 ----atw- c:\documents and settings\Administrator\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 22:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jet Detection]
2001-11-28 23:00 28672 ----a-w- c:\program files\Creative\SBLive\Program\ADGJDet.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
2005-03-22 07:39 167936 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync]
2005-04-20 07:57 847872 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"f:\\programy\\best miranda\\Miranda IM\\miranda32.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [28.3.2011 20:01 717296]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [7.7.2011 13:24 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [7.7.2011 13:24 309848]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [7.7.2011 13:24 19544]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [25.6.2010 19:07 35088]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [13.6.2011 12:50 2214504]
R3 LachesisFltr;Lachesis Mouse Driver;c:\windows\system32\drivers\Lachesis.sys [28.3.2011 19:59 12032]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\ADMINI~1\LOCALS~1\Temp\KODD.tmp --> c:\docume~1\ADMINI~1\LOCALS~1\Temp\KODD.tmp [?]
S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\Garena\safedrv.sys --> c:\program files\Garena\safedrv.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-Taqsql - c:\documents and settings\Administrator\Data aplikací\Taqsql.exe
AddRemove-GamePlayLabs Plugin - c:\documents and settings\Administrator\Local Settings\Data aplikací\GamePlayLabs Plugin\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-09 13:15
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CTStartup = c:\program files\Creative\Splash Screen\CTEaxSpl.EXE /run???h??????s?????\?w? ?w???????w???w4???????.??w4???????4???TA?s4????????&??????\??? ??? ???\???\???????????5?7~e?7~\???\???????8?a??????C@?\???\??????s????\??????s\????&??A??s?&???C@?x???`|?w\?????@
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\ADMINI~1\LOCALS~1\Temp\KODD.tmp"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\RunDLL32.exe
c:\program files\Razer\Lachesis\OSD.exe
c:\program files\Razer\Lachesis\razertra.exe
c:\windows\system32\CTsvcCDA.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Razer\Lachesis\razerofa.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wdfmgr.exe
c:\windows\System32\MsPMSPSv.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2011-07-09 13:19:06 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-09 11:19
ComboFix2.txt 2011-07-07 13:19
ComboFix3.txt 2011-07-07 12:43
.
Před spuštěním: 1 563 435 008
Po spuštění: 1 568 641 024
.
- - End Of File - - CDBC91D87C911AC16904268159026A83
Tady to je:
ComboFix 11-07-08.03 - Administrator 09.07.2011 13:04:21.3.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.558 [GMT 2:00]
Spuštěný z: f:\programy\antidefence\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrator\Data aplikací\10.tmp
c:\documents and settings\Administrator\Data aplikací\11.tmp
c:\documents and settings\Administrator\Data aplikací\13.tmp
c:\documents and settings\Administrator\Data aplikací\5.tmp
c:\documents and settings\Administrator\Data aplikací\D.tmp
c:\documents and settings\Administrator\Data aplikací\E.tmp
c:\documents and settings\Administrator\Data aplikací\F.tmp
c:\documents and settings\Administrator\Data aplikací\Taqsql.exe
c:\windows\system32\48.exe
c:\windows\vb.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-09 do 2011-07-09 )))))))))))))))))))))))))))))))
.
.
2011-07-07 11:24 . 2011-07-04 11:36 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-07 11:24 . 2011-07-04 11:32 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-07-07 11:24 . 2011-07-04 11:35 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-07 11:24 . 2011-07-04 11:32 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-07 11:24 . 2011-07-04 11:36 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-07 11:24 . 2011-07-04 11:35 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-07-07 11:24 . 2011-07-04 11:35 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-07-07 11:24 . 2011-07-04 11:32 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-07-07 11:24 . 2011-07-04 11:43 40112 ----a-w- c:\windows\avastSS.scr
2011-07-07 11:24 . 2011-07-04 11:43 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-07 11:24 . 2011-07-07 11:24 -------- d-----w- c:\program files\AVAST Software
2011-07-07 10:19 . 2011-07-09 10:13 -------- d-----w- c:\program files\trend micro
2011-07-07 10:19 . 2011-07-07 10:19 -------- d-----w- C:\rsit
2011-07-03 16:12 . 2011-07-09 11:15 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\PMB Files
2011-06-28 13:10 . 2011-06-28 13:26 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Ubisoft Game Launcher
2011-06-28 13:09 . 2011-06-28 13:10 -------- d-----w- C:\Ubisoft Game Launcher
2011-06-26 12:29 . 2011-06-26 12:29 -------- d-----w- c:\documents and settings\All Users\Data aplikac
2011-06-26 12:28 . 2011-06-26 12:28 -------- d-----w- c:\program files\Pando Networks
2011-06-26 12:21 . 2011-06-26 12:21 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\LolClient
2011-06-25 10:31 . 2011-06-25 10:31 -------- d-----w- c:\program files\Common Files\Java
2011-06-24 17:00 . 2011-07-08 19:27 -------- d-----w- c:\program files\Garena
2011-06-13 10:50 . 2011-06-13 10:50 -------- d-----w- c:\documents and settings\UpdatusUser
2011-06-13 10:50 . 2011-05-25 06:09 543336 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2011-06-13 10:48 . 2011-05-25 06:09 899688 ----a-w- c:\windows\system32\nvdispco3220150.dll
2011-06-13 10:48 . 2011-05-25 06:09 865896 ----a-w- c:\windows\system32\nvgenco322090.dll
2011-06-13 10:45 . 2011-06-13 10:45 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2011-06-13 10:39 . 2007-03-12 14:42 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-25 06:09 . 2010-10-08 00:28 54272 ----a-w- c:\windows\system32\nvwddi.dll
2011-05-25 06:09 . 2010-10-08 00:28 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-05-25 06:09 . 2010-10-08 00:28 154728 ----a-w- c:\windows\system32\nvsvc32.exe
2011-05-25 06:09 . 2010-10-08 00:28 13895272 ----a-w- c:\windows\system32\nvcpl.dll
2011-05-25 06:09 . 2011-03-28 17:56 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-25 06:09 . 2011-03-28 17:56 2082408 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-05-25 06:09 . 2010-10-08 00:28 145000 ----a-w- c:\windows\system32\nvcolor.exe
2011-05-25 06:09 . 2009-02-18 12:44 2808936 ----a-w- c:\windows\system32\nvcuvid.dll
2011-05-25 06:09 . 2009-02-18 12:44 16068608 ----a-w- c:\windows\system32\nvoglnt.dll
2011-05-25 06:09 . 2011-03-28 17:56 13004800 ----a-w- c:\windows\system32\nvcompiler.dll
2011-05-25 06:09 . 2009-02-18 12:44 5332992 ----a-w- c:\windows\system32\nvcuda.dll
2011-05-25 06:09 . 2009-02-18 12:44 4198272 ----a-w- c:\windows\system32\nv4_disp.dll
2011-05-25 06:09 . 2009-02-18 12:44 2328576 ----a-w- c:\windows\system32\nvapi.dll
2011-05-25 06:09 . 2009-02-18 12:44 12753664 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2011-05-04 02:52 . 2011-03-28 19:52 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-04 00:25 . 2011-03-28 19:44 73728 ----a-w- c:\windows\system32\javacpl.cpl
.
.
((((((((((((((((((((((((((((( SnapShot@2011-07-07_12.41.09 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-07-09 11:15 . 2011-07-09 11:15 16384 c:\windows\Temp\Perflib_Perfdata_81c.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-04-01 486856]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-04-01 15145352]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2011-07-03 3077528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Lachesis"="c:\program files\Razer\Lachesis\razerhid.exe" [2007-09-12 172032]
"NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"WINDVDPatch"="CTHELPER.EXE" [2002-07-02 24576]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"CTStartup"="c:\program files\Creative\Splash Screen\CTEaxSpl.EXE" [2001-12-19 28672]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-05-25 13895272]
"NvMediaCenter"="NvMCTray.dll" [2011-05-25 111208]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-05-04 1632360]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^Lingea Update Center.lnk]
path=c:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\Lingea Update Center.lnk
backup=c:\windows\pss\Lingea Update Center.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HPAiODevice(hp psc 700 series) - 1.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\HPAiODevice(hp psc 700 series) - 1.lnk
backup=c:\windows\pss\HPAiODevice(hp psc 700 series) - 1.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-11-15 19:02 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-30 15:45 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataLayer]
2005-03-31 07:30 1106944 ----a-w- c:\program files\Common Files\PCSuite\DataLayer\DataLayer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-03-21 18:56 1230704 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-03-28 18:24 133104 ----atw- c:\documents and settings\Administrator\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 22:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jet Detection]
2001-11-28 23:00 28672 ----a-w- c:\program files\Creative\SBLive\Program\ADGJDet.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
2005-03-22 07:39 167936 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync]
2005-04-20 07:57 847872 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"f:\\programy\\best miranda\\Miranda IM\\miranda32.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [28.3.2011 20:01 717296]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [7.7.2011 13:24 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [7.7.2011 13:24 309848]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [7.7.2011 13:24 19544]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [25.6.2010 19:07 35088]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [13.6.2011 12:50 2214504]
R3 LachesisFltr;Lachesis Mouse Driver;c:\windows\system32\drivers\Lachesis.sys [28.3.2011 19:59 12032]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\ADMINI~1\LOCALS~1\Temp\KODD.tmp --> c:\docume~1\ADMINI~1\LOCALS~1\Temp\KODD.tmp [?]
S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\Garena\safedrv.sys --> c:\program files\Garena\safedrv.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-Taqsql - c:\documents and settings\Administrator\Data aplikací\Taqsql.exe
AddRemove-GamePlayLabs Plugin - c:\documents and settings\Administrator\Local Settings\Data aplikací\GamePlayLabs Plugin\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-09 13:15
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CTStartup = c:\program files\Creative\Splash Screen\CTEaxSpl.EXE /run???h??????s?????\?w? ?w???????w???w4???????.??w4???????4???TA?s4????????&??????\??? ??? ???\???\???????????5?7~e?7~\???\???????8?a??????C@?\???\??????s????\??????s\????&??A??s?&???C@?x???`|?w\?????@
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\ADMINI~1\LOCALS~1\Temp\KODD.tmp"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\RunDLL32.exe
c:\program files\Razer\Lachesis\OSD.exe
c:\program files\Razer\Lachesis\razertra.exe
c:\windows\system32\CTsvcCDA.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Razer\Lachesis\razerofa.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wdfmgr.exe
c:\windows\System32\MsPMSPSv.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2011-07-09 13:19:06 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-09 11:19
ComboFix2.txt 2011-07-07 13:19
ComboFix3.txt 2011-07-07 12:43
.
Před spuštěním: 1 563 435 008
Po spuštění: 1 568 641 024
.
- - End Of File - - CDBC91D87C911AC16904268159026A83
Re: problém s pomalým internetem
Vypíná mi to zvuk u filmů, ale jinak "zvuky windows" jedou :-|
Přispějete na provoz fóra?
