Spomaleny comp

Zpráva

Strata2 · #1 Příspěvek od **Strata2** » 29 črc 2011 12:08

Pocitac je velmi spomaleny po zapnuti, ak ho dam do usporneho rezimu a prebudim tak ide ok.
Dik za pomoc

Logfile of random's system information tool 1.09 (written by random/random)
Run by Vlado at 2011-07-29 13:04:26
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 3 GB (16%) free of 20 GB
Total RAM: 255 MB (29% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:04:52, on 29. 7. 2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
D:\Program Files\Domáce programy\Flash cs3\papervision 3d\tortoiseSVN\bin\TSVNCache.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
D:\Program Files\Domáce programy\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\soundman.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
D:\Program Files\Internet programy\Spyware Terminator\sp_rsser.exe
D:\Program Files\Internet programy\Firefox\firefox.exe
D:\Program Files\Internet programy\Firefox\plugin-container.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\explorer.exe
D:\My Downloads\RSIT.exe
C:\Program Files\trend micro\Vlado.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: Media Star Toolbar - {dfabc5b5-039b-4865-979a-de31cdf3e351} - C:\Program Files\Media_Star\prxtbMed2.dll
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: LinkAirBrowserHelper HistoryTriggerBHO - {21A88CB9-84D2-4020-A2D1-B25A21034884} - D:\Program Files\Zvláštne programy\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Media Star - {dfabc5b5-039b-4865-979a-de31cdf3e351} - C:\Program Files\Media_Star\prxtbMed2.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Media Star Toolbar - {dfabc5b5-039b-4865-979a-de31cdf3e351} - C:\Program Files\Media_Star\prxtbMed2.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [SoundMan] soundman.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "D:\Program Files\Internet programy\Spyware Terminator\SpywareTerminatorUpdate.exe"
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: LG Air Sync (R-Click) - Save as Mobile Image - res://D:\Program Files\Zvláštne programy\LG PC Suite IV\LinkAir\IEContextMenu.dll/206
O8 - Extra context menu item: LG Air Sync (R-Click) - Save as Mobile Memo - res://D:\Program Files\Zvláštne programy\LG PC Suite IV\LinkAir\IEContextMenu.dll/208
O8 - Extra context menu item: LG Air Sync (R-Click) - Save as Mobile Text file - res://D:\Program Files\Zvláštne programy\LG PC Suite IV\LinkAir\IEContextMenu.dll/210
O8 - Extra context menu item: LG Air Sync (R-Click) - Set as Mobile Wallpaper - res://D:\Program Files\Zvláštne programy\LG PC Suite IV\LinkAir\IEContextMenu.dll/205
O8 - Extra context menu item: LG Air Sync Option - res://D:\Program Files\Zvláštne programy\LG PC Suite IV\LinkAir\IEContextMenu.dll/209
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - D:\Program Files\Internet programy\ICQ 7.5\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - D:\Program Files\Internet programy\ICQ 7.5\ICQ7.5\ICQ.exe
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - D:\Program Files\Internet programy\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - D:\Program Files\Internet programy\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\inethttpfilter.dll
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NMSAccessU - Unknown owner - D:\Program Files\Domáce programy\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - D:\Program Files\Internet programy\Spyware Terminator\sp_rsser.exe

--
End of file - 9073 bytes

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Vlado\Data aplikací\Mozilla\Firefox\Profiles\vrppkprc.default

prefs.js - "browser.startup.homepage" - "http://www.google.sk/"
prefs.js - "extensions.enabledItems" - "jqs@sun.com:1.0, {00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}:1.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.18"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.1.9&q="

"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}"=D:\Program Files\Zvláštne programy\LG PC Suite IV\LinkAir\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/flashplayer]
"Description"=Adobe® Flash® Player 10
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=D:\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

D:\Program Files\Internet programy\Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{800b5000-a755-47e1-992b-48a1c1357f07}

D:\Program Files\Internet programy\Firefox\components\
xpti.dat
brwsrcmp.dll
compreg.dat
nsSafebrowsingApplication.js
FeedConverter.js
browser.xpt
nsSearchService.js
FeedProcessor.js
nsSessionStartup.js
browserdirprovider.dll
nsSessionStore.js
FeedWriter.js
nsURLFormatter.js
WebContentConverter.js
nsUpdateService.js
nsUrlClassifierLib.js
nsExtensionManager.js
nsSidebar.js
nsUrlClassifierListManager.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsDefaultCLH.js
components.list
fuelApplication.js
nsHelperAppDlg.js
nsLivemarkService.js
nsMicrosummaryService.js
nsPrivateBrowsingService.js
nsBadCertHandler.js
nsContentPrefService.js
nsIQTScriptablePlugin.xpt
nsContentDispatchChooser.js
nsDownloadManagerUI.js
nsFormAutoComplete.js
nsHandlerService.js
nsINIProcessor.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsProxyAutoConfig.js
nsSearchSuggestions.js
nsSetDefaultBrowser.js
nsTaggingService.js
nsTryToClose.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
npCouponPrinter.xpt

D:\Program Files\Internet programy\Firefox\plugins\
npMozCouponPrinter.dll
npCouponPrinter.dll
npnul32.dll

D:\Program Files\Internet programy\Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Vlado\Data aplikací\Mozilla\Firefox\Profiles\vrppkprc.default\extensions\
howtovideosidebar@wonderhowto.com
{5c8bfb7c-9a54-11dc-8314-0800200c9a66}

C:\Documents and Settings\Vlado\Data aplikací\Mozilla\Firefox\Profiles\vrppkprc.default\searchplugins\
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
sweetim.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21A88CB9-84D2-4020-A2D1-B25A21034884}]
HistoryTriggerBHO Class - D:\Program Files\Zvláštne programy\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll [2010-08-05 35688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dfabc5b5-039b-4865-979a-de31cdf3e351}]
Media Star Toolbar - C:\Program Files\Media_Star\prxtbMed2.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-10 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{dfabc5b5-039b-4865-979a-de31cdf3e351} - Media Star Toolbar - C:\Program Files\Media_Star\prxtbMed2.dll [2011-01-17 175912]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-11-21 1054520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\soundman.exe [2001-12-20 124416]
"nwiz"=nwiz.exe /install []
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe [2003-05-14 188416]
""= []
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2011-04-21 281768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"=D:\Program Files\Internet programy\Spyware Terminator\SpywareTerminatorUpdate.exe [2011-07-29 3318784]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Internet programy\uTorrent\utorrent.exe"="D:\Program Files\Internet programy\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\Internet programy\BitTorrent\BitLord\BitLord.exe"="D:\Program Files\Internet programy\BitTorrent\BitLord\BitLord.exe:*:Enabled:BitLord"
"D:\Program Files\Domáce programy\Swift 3D\Program\Swift3D.exe"="D:\Program Files\Domáce programy\Swift 3D\Program\Swift3D.exe:*:Disabled:Swift 3D"
"D:\3dsmax\monitor.exe"="D:\3dsmax\monitor.exe:*:Enabled:backburner 2.3 monitor"
"D:\3dsmax\manager.exe"="D:\3dsmax\manager.exe:*:Enabled:backburner 2.3 manager"
"D:\3dsmax\server.exe"="D:\3dsmax\server.exe:*:Enabled:backburner 2.3 server"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"D:\Program Files\Domáce programy\Flash cs3\Adobe Flash CS3\Flash.exe"="D:\Program Files\Domáce programy\Flash cs3\Adobe Flash CS3\Flash.exe:*:Disabled:Adobe Flash CS3"
"D:\Program Files\Domáce programy\Real FLow 4\realflow.exe"="D:\Program Files\Domáce programy\Real FLow 4\realflow.exe:*:Disabled:realflow"
"D:\hry\Stronghold Crusader\Stronghold Crusader.exe"="D:\hry\Stronghold Crusader\Stronghold Crusader.exe:*:Enabled:Stronghold Crusader"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Disabled:Crawler Spyware Terminator"
"D:\Program Files\Internet programy\ICQ6.5\ICQ.exe"="D:\Program Files\Internet programy\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"D:\hry\CounterStrike\hl.exe"="D:\hry\CounterStrike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\TorrentBitch\TorrentBitch.exe"="C:\Program Files\TorrentBitch\TorrentBitch.exe:*:Enabled:TorrentBitch"
"C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe"="C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe:LocalSubNet:Enabled:HP Device Setup"
"D:\Program Files\Internet programy\Skype\Phone\Skype.exe"="D:\Program Files\Internet programy\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"D:\Program Files\Internet programy\Skype\Plugin Manager\skypePM.exe"="D:\Program Files\Internet programy\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\Program Files\Internet programy\ICQ 7.5\ICQ7.5\ICQ.exe"="D:\Program Files\Internet programy\ICQ 7.5\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"D:\Program Files\Internet programy\Spyware Terminator\SpywareTerminatorUpdate.exe"="D:\Program Files\Internet programy\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Spyware Terminator Update Support"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Internet programy\ICQ 7.5\ICQ7.5\ICQ.exe"="D:\Program Files\Internet programy\ICQ 7.5\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"midi"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.CFHD"=cfhd.dll
"VIDC.ACDV"=ACDV.dll
"MSVideo8"=VfWWDM32.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll

======List of files/folders created in the last 1 month======

2011-07-11 15:06:27 ----D---- C:\WINDOWS\system32\NtmsData
2011-07-06 21:47:17 ----D---- C:\Documents and Settings\Vlado\Data aplikací\Avira
2011-07-06 21:36:24 ----A---- C:\WINDOWS\system32\drivers\ssmdrv.sys
2011-07-06 21:36:22 ----A---- C:\WINDOWS\system32\drivers\avipbb.sys
2011-07-06 21:36:22 ----A---- C:\WINDOWS\system32\drivers\avgntmgr.sys
2011-07-06 21:36:22 ----A---- C:\WINDOWS\system32\drivers\avgntflt.sys
2011-07-06 21:36:22 ----A---- C:\WINDOWS\system32\drivers\avgntdd.sys
2011-07-06 21:36:18 ----D---- C:\Program Files\Avira
2011-07-06 21:36:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avira
2011-07-06 21:12:52 ----D---- C:\Documents and Settings\Vlado\Data aplikací\Spyware Terminator
2011-07-06 21:12:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2011-07-06 21:12:45 ----D---- C:\Program Files\Spyware Terminator
2011-07-06 21:11:58 ----D---- C:\Program Files\HotPotatoes6
2011-07-06 21:11:57 ----D---- C:\Program Files\Dosli
2011-07-06 21:11:51 ----HD---- C:\WINDOWS\msdownld.tmp
2011-07-06 21:11:27 ----D---- C:\Qoobox
2011-07-06 21:11:26 ----D---- C:\fixwareout
2011-07-06 21:11:20 ----D---- C:\rsit
2011-07-06 21:11:11 ----D---- C:\Program Files\SweetIM
2011-07-06 21:11:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\SweetIM
2011-07-06 21:11:11 ----D---- C:\Config.Msi

======List of files/folders modified in the last 1 month======

2011-07-29 13:04:34 ----D---- C:\Program Files\trend micro
2011-07-29 13:04:31 ----D---- C:\WINDOWS\Prefetch
2011-07-29 12:48:34 ----D---- C:\WINDOWS\temp
2011-07-29 12:18:55 ----RD---- C:\Program Files
2011-07-29 11:17:40 ----D---- C:\WINDOWS\system32\CatRoot2
2011-07-29 00:14:07 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-07-28 13:47:40 ----D---- C:\Documents and Settings\Vlado\Data aplikací\ICQ
2011-07-15 13:53:18 ----D---- C:\Program Files\ICQ6Toolbar
2011-07-15 13:53:13 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-15 13:53:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2011-07-11 18:41:28 ----D---- C:\WINDOWS
2011-07-11 18:40:36 ----D---- C:\WINDOWS\Debug
2011-07-11 15:10:05 ----SHD---- C:\System Volume Information
2011-07-11 15:06:27 ----D---- C:\WINDOWS\system32
2011-07-11 15:06:26 ----D---- C:\WINDOWS\repair
2011-07-11 15:06:22 ----D---- C:\WINDOWS\Registration
2011-07-06 21:36:24 ----D---- C:\WINDOWS\system32\drivers
2011-07-06 21:16:08 ----D---- C:\WINDOWS\system32\config
2011-07-06 21:15:05 ----D---- C:\WINDOWS\system32\wbem
2011-07-06 21:13:38 ----SHD---- C:\WINDOWS\Installer
2011-07-06 21:08:50 ----D---- C:\Documents and Settings\Vlado\Data aplikací\gtk-2.0
2011-07-06 21:06:00 ----D---- C:\WINDOWS\system32\Restore
2011-07-06 20:25:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2011-07-02 14:29:29 ----D---- C:\WINDOWS\Minidump
2011-07-02 12:15:20 ----D---- C:\WINDOWS\system32\drivers\etc
2011-07-01 23:10:56 ----SD---- C:\Documents and Settings\Vlado\Data aplikací\Microsoft
2011-07-01 22:25:22 ----SD---- C:\WINDOWS\Tasks
2011-07-01 09:27:53 ----D---- C:\WINDOWS\WinSxS

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\system32\DRIVERS\PxHelp20.sys [2008-11-20 43872]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-11-15 717296]
R0 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-14 42240]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2002-07-23 32128]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2011-07-06 138192]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R1 VIAPFD;VIAPFD; C:\WINDOWS\System32\Drivers\VIAPFD.SYS [2001-12-18 3279]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2011-07-06 66616]
R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CDAC15BA.SYS []
R3 ALCXWDM;Service for Avance AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2001-12-20 243164]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-12-28 25280]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2002-07-16 981466]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-14 20992]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-14 48128]
S3 a86svq1t;a86svq1t; C:\WINDOWS\system32\drivers\a86svq1t.sys []
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-14 38912]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 cpuz130;cpuz130; \??\C:\DOCUME~1\Vlado\LOCALS~1\Temp\cpuz130\cpuz_x32.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\D:\Program Files\Zvláštne programy\MediaCoder\SysInfo.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-14 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-11-12 7168]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S4 FileObjInfo;STFileDriver; \??\C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator\FileObjInfo.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2011-07-06 269480]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2011-04-21 136360]
R2 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-01-03 72704]
R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2008-11-16 54784]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
R2 NMSAccessU;NMSAccessU; D:\Program Files\Domáce programy\CDBurnerXP\NMSAccessU.exe [2009-07-13 71096]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2002-07-16 61440]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; D:\Program Files\Internet programy\Spyware Terminator\sp_rsser.exe [2011-07-29 496128]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-04 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-04 136176]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-01 136120]
S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [2009-01-24 68096]
S3 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; D:\Program Files\Domáce programy\Sony Vegas\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; D:\Program Files\Domáce programy\Sony Vegas\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-10 152984]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-10-09 724992]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 29 črc 2011 12:35

Poprosím o log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Strata2 · #3 Příspěvek od **Strata2** » 29 črc 2011 13:02

ComboFix 11-07-29.01 - Vlado . 07. 2011 13:43:38.6.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1029.18.255.120 [GMT 2:00]
Running from: c:\documents and settings\Vlado\Plocha\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Vlado\WINDOWS
c:\windows\iun6002.exe
.
c:\windows\system32\grpconv.exe . . . is missing!!
.
c:\windows\system32\proquota.exe . . . is missing!!
.
.
((((((((((((((((((((((((( Files Created from 2011-06-28 to 2011-07-29 )))))))))))))))))))))))))))))))
.
.
2011-07-11 13:06 . 2011-07-11 13:07 -------- d-----w- c:\windows\system32\NtmsData
2011-07-06 19:47 . 2011-07-06 19:47 -------- d-----w- c:\documents and settings\Vlado\Data aplikací\Avira
2011-07-06 19:36 . 2011-07-06 20:02 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-07-06 19:36 . 2011-07-06 20:02 138192 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-07-06 19:36 . 2010-06-17 13:27 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2011-07-06 19:36 . 2010-06-17 13:27 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2011-07-06 19:36 . 2011-07-06 19:36 -------- d-----w- c:\program files\Avira
2011-07-06 19:36 . 2011-07-06 19:36 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Avira
2011-07-06 19:15 . 2011-07-06 19:15 -------- d-----w- c:\windows\system32\wbem\Repository
2011-07-06 19:12 . 2011-07-29 09:58 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Spyware Terminator
2011-07-06 19:12 . 2011-07-29 09:42 -------- d-----w- c:\documents and settings\Vlado\Data aplikací\Spyware Terminator
2011-07-06 19:12 . 2011-07-06 19:12 -------- d-----w- c:\program files\Spyware Terminator
2011-07-06 19:11 . 2011-07-06 19:11 -------- d-----w- c:\program files\HotPotatoes6
2011-07-06 19:11 . 2011-07-06 19:11 -------- d-----w- c:\program files\Dosli
2011-07-06 19:11 . 2011-07-06 19:11 -------- d--h--w- c:\windows\msdownld.tmp
2011-07-06 19:11 . 2011-07-06 19:11 -------- d-----w- C:\fixwareout
2011-07-06 19:11 . 2011-07-29 11:04 -------- d-----w- C:\rsit
2011-07-06 19:11 . 2011-07-06 19:11 -------- d-----w- c:\program files\SweetIM
2011-07-06 19:11 . 2011-07-06 19:11 -------- d-----w- c:\documents and settings\All Users\Data aplikací\SweetIM
2011-07-01 21:02 . 2011-07-01 21:02 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Data aplikací\MindGems
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-19 17:51 . 2008-11-15 06:03 67688 ----a-w- c:\program files\mozilla firefox\components\jar50.dll
2008-12-19 17:51 . 2008-11-15 06:03 54368 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll
2008-12-19 17:51 . 2008-11-15 06:03 34944 ----a-w- c:\program files\mozilla firefox\components\myspell.dll
2008-12-19 17:51 . 2008-11-15 06:03 46712 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll
2008-12-19 17:51 . 2008-11-15 06:03 172136 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{dfabc5b5-039b-4865-979a-de31cdf3e351}"= "c:\program files\Media_Star\prxtbMed2.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{dfabc5b5-039b-4865-979a-de31cdf3e351}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 14:54 175912 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{dfabc5b5-039b-4865-979a-de31cdf3e351}]
2011-01-17 14:54 175912 ----a-w- c:\program files\Media_Star\prxtbMed2.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{dfabc5b5-039b-4865-979a-de31cdf3e351}"= "c:\program files\Media_Star\prxtbMed2.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{dfabc5b5-039b-4865-979a-de31cdf3e351}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792]
"{DFABC5B5-039B-4865-979A-DE31CDF3E351}"= "c:\program files\Media_Star\prxtbMed2.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE]
.
[HKEY_CLASSES_ROOT\clsid\{dfabc5b5-039b-4865-979a-de31cdf3e351}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"="d:\program files\Internet programy\Spyware Terminator\SpywareTerminatorUpdate.exe" [2011-07-29 3318784]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="soundman.exe" [2001-12-20 124416]
"nwiz"="nwiz.exe" [2002-07-16 372736]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb07.exe" [2003-05-14 188416]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-04-21 281768]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\Internet programy\\uTorrent\\utorrent.exe"=
"d:\\Program Files\\Internet programy\\BitTorrent\\BitLord\\BitLord.exe"=
"d:\\Program Files\\Domáce programy\\Swift 3D\\Program\\Swift3D.exe"=
"d:\\3dsmax\\monitor.exe"=
"d:\\3dsmax\\manager.exe"=
"d:\\3dsmax\\server.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"d:\\Program Files\\Domáce programy\\Flash cs3\\Adobe Flash CS3\\Flash.exe"=
"d:\\Program Files\\Domáce programy\\Real FLow 4\\realflow.exe"=
"d:\\hry\\Stronghold Crusader\\Stronghold Crusader.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"d:\\hry\\CounterStrike\\hl.exe"=
"c:\\Program Files\\TorrentBitch\\TorrentBitch.exe"=
"d:\\Program Files\\Internet programy\\Skype\\Phone\\Skype.exe"=
"d:\\Program Files\\Internet programy\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\Internet programy\\ICQ 7.5\\ICQ7.5\\ICQ.exe"=
"d:\\Program Files\\Internet programy\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [15.11.2008 23:58 717296]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [6.7.2011 21:36 136360]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [15.11.2008 20:12 247608]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [4.9.2010 22:36 136176]
S3 cpuz130;cpuz130;\??\c:\docume~1\Vlado\LOCALS~1\Temp\cpuz130\cpuz_x32.sys --> c:\docume~1\Vlado\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [?]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [4.9.2010 22:36 136176]
S3 Hisc2tp;Hisc2tp; [x]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - SP_RSSRV
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://home.sweetim.com
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: LG Air Sync (R-Click) - Save as Mobile Image - d:\program files\Zvláštne programy\LG PC Suite IV\LinkAir\IEContextMenu.dll/206
IE: LG Air Sync (R-Click) - Save as Mobile Memo - d:\program files\Zvláštne programy\LG PC Suite IV\LinkAir\IEContextMenu.dll/208
IE: LG Air Sync (R-Click) - Save as Mobile Text file - d:\program files\Zvláštne programy\LG PC Suite IV\LinkAir\IEContextMenu.dll/210
IE: LG Air Sync (R-Click) - Set as Mobile Wallpaper - d:\program files\Zvláštne programy\LG PC Suite IV\LinkAir\IEContextMenu.dll/205
IE: LG Air Sync Option - d:\program files\Zvláštne programy\LG PC Suite IV\LinkAir\IEContextMenu.dll/209
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - d:\program files\Internet programy\ICQ 7.5\ICQ7.5\ICQ.exe
LSP: c:\windows\system32\INetHTTPFilter.dll
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Vlado\Data aplikací\Mozilla\Firefox\Profiles\vrppkprc.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - d:\program files\Internet programy\Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-Picasa 3 - d:\picasa3\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-29 13:54
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\ShockwaveFlash.ShockwaveFlash]
@DACL=(02 0000)
@="Shockwave Flash Object"
.
Completion time: 2011-07-29 13:59:06
ComboFix-quarantined-files.txt 2011-07-29 11:59
.
Pre-Run: 3 287 728 128
Post-Run: 3 541 409 792
.
- - End Of File - - D3661B28E0E00AA33BE98DA750F0CD44

#4 Příspěvek od **Rudy** » 29 črc 2011 18:15

Nejprve stáhněte přiložené soubory a rozbalte je na plochu. Otevřte poznámkový blok a zkopírujte do něj:

FCopy::
c:\documents and settings\Vlado\Plocha\grpconv.exe | c:\windows\system32\grpconv.exe
c:\documents and settings\Vlado\Plocha\proquota.exe | c:\windows\system32\proquota.exe

Uložte na plochu jhako CFScript.txt. Pak jej myší přetáhněte nad ikionu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

proquota.rar: (20.12 KiB) Staženo 68 x

grpconv.rar: (18.22 KiB) Staženo 58 x

Strata2 · #5 Příspěvek od **Strata2** » 29 črc 2011 18:56

spravene tu je log :

ComboFix 11-07-29.01 - Vlado . 07. 2011 19:27:38.7.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1029.18.255.134 [GMT 2:00]
Running from: c:\documents and settings\Vlado\Plocha\ComboFix.exe
Command switches used :: c:\documents and settings\Vlado\Plocha\CFScript.txt
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Infected copy of c:\windows\system32\userinit.exe was found and disinfected
Restored copy from - c:\windows\ERDNT\cache\userinit.exe
.
.
--------------- FCopy ---------------
.
c:\documents and settings\Vlado\Plocha\grpconv.exe --> c:\windows\system32\grpconv.exe
c:\documents and settings\Vlado\Plocha\proquota.exe --> c:\windows\system32\proquota.exe
.
((((((((((((((((((((((((( Files Created from 2011-06-28 to 2011-07-29 )))))))))))))))))))))))))))))))
.
.
2011-07-29 17:27 . 2000-03-20 00:00 47888 ----a-w- c:\windows\system32\proquota.exe
2011-07-29 17:27 . 2000-03-20 00:00 41232 ----a-w- c:\windows\system32\grpconv.exe
2011-07-11 13:06 . 2011-07-11 13:07 -------- d-----w- c:\windows\system32\NtmsData
2011-07-06 19:47 . 2011-07-06 19:47 -------- d-----w- c:\documents and settings\Vlado\Data aplikací\Avira
2011-07-06 19:36 . 2011-07-06 20:02 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-07-06 19:36 . 2011-07-06 20:02 138192 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-07-06 19:36 . 2010-06-17 13:27 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2011-07-06 19:36 . 2010-06-17 13:27 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2011-07-06 19:36 . 2011-07-06 19:36 -------- d-----w- c:\program files\Avira
2011-07-06 19:36 . 2011-07-06 19:36 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Avira
2011-07-06 19:15 . 2011-07-06 19:15 -------- d-----w- c:\windows\system32\wbem\Repository
2011-07-06 19:12 . 2011-07-29 09:58 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Spyware Terminator
2011-07-06 19:12 . 2011-07-29 09:42 -------- d-----w- c:\documents and settings\Vlado\Data aplikací\Spyware Terminator
2011-07-06 19:12 . 2011-07-06 19:12 -------- d-----w- c:\program files\Spyware Terminator
2011-07-06 19:11 . 2011-07-06 19:11 -------- d-----w- c:\program files\HotPotatoes6
2011-07-06 19:11 . 2011-07-06 19:11 -------- d-----w- c:\program files\Dosli
2011-07-06 19:11 . 2011-07-06 19:11 -------- d--h--w- c:\windows\msdownld.tmp
2011-07-06 19:11 . 2011-07-06 19:11 -------- d-----w- C:\fixwareout
2011-07-06 19:11 . 2011-07-29 11:04 -------- d-----w- C:\rsit
2011-07-06 19:11 . 2011-07-06 19:11 -------- d-----w- c:\program files\SweetIM
2011-07-06 19:11 . 2011-07-06 19:11 -------- d-----w- c:\documents and settings\All Users\Data aplikací\SweetIM
2011-07-01 21:02 . 2011-07-01 21:02 -------- d-----w- c:\documents and settings\Vlado\Local Settings\Data aplikací\MindGems
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-19 17:51 . 2008-11-15 06:03 67688 ----a-w- c:\program files\mozilla firefox\components\jar50.dll
2008-12-19 17:51 . 2008-11-15 06:03 54368 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll
2008-12-19 17:51 . 2008-11-15 06:03 34944 ----a-w- c:\program files\mozilla firefox\components\myspell.dll
2008-12-19 17:51 . 2008-11-15 06:03 46712 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll
2008-12-19 17:51 . 2008-11-15 06:03 172136 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{dfabc5b5-039b-4865-979a-de31cdf3e351}"= "c:\program files\Media_Star\prxtbMed2.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{dfabc5b5-039b-4865-979a-de31cdf3e351}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 14:54 175912 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{dfabc5b5-039b-4865-979a-de31cdf3e351}]
2011-01-17 14:54 175912 ----a-w- c:\program files\Media_Star\prxtbMed2.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{dfabc5b5-039b-4865-979a-de31cdf3e351}"= "c:\program files\Media_Star\prxtbMed2.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{dfabc5b5-039b-4865-979a-de31cdf3e351}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792]
"{DFABC5B5-039B-4865-979A-DE31CDF3E351}"= "c:\program files\Media_Star\prxtbMed2.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE]
.
[HKEY_CLASSES_ROOT\clsid\{dfabc5b5-039b-4865-979a-de31cdf3e351}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"="d:\program files\Internet programy\Spyware Terminator\SpywareTerminatorUpdate.exe" [2011-07-29 3318784]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="soundman.exe" [2001-12-20 124416]
"nwiz"="nwiz.exe" [2002-07-16 372736]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb07.exe" [2003-05-14 188416]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-04-21 281768]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\Internet programy\\uTorrent\\utorrent.exe"=
"d:\\Program Files\\Internet programy\\BitTorrent\\BitLord\\BitLord.exe"=
"d:\\Program Files\\Domáce programy\\Swift 3D\\Program\\Swift3D.exe"=
"d:\\3dsmax\\monitor.exe"=
"d:\\3dsmax\\manager.exe"=
"d:\\3dsmax\\server.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"d:\\Program Files\\Domáce programy\\Flash cs3\\Adobe Flash CS3\\Flash.exe"=
"d:\\Program Files\\Domáce programy\\Real FLow 4\\realflow.exe"=
"d:\\hry\\Stronghold Crusader\\Stronghold Crusader.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"d:\\hry\\CounterStrike\\hl.exe"=
"c:\\Program Files\\TorrentBitch\\TorrentBitch.exe"=
"d:\\Program Files\\Internet programy\\Skype\\Phone\\Skype.exe"=
"d:\\Program Files\\Internet programy\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\Internet programy\\ICQ 7.5\\ICQ7.5\\ICQ.exe"=
"d:\\Program Files\\Internet programy\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [15.11.2008 23:58 717296]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [6.7.2011 21:36 136360]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [15.11.2008 20:12 247608]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [4.9.2010 22:36 136176]
S3 cpuz130;cpuz130;\??\c:\docume~1\Vlado\LOCALS~1\Temp\cpuz130\cpuz_x32.sys --> c:\docume~1\Vlado\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [?]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [4.9.2010 22:36 136176]
S3 Hisc2tp;Hisc2tp; [x]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://home.sweetim.com
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: LG Air Sync (R-Click) - Save as Mobile Image - d:\program files\Zvláštne programy\LG PC Suite IV\LinkAir\IEContextMenu.dll/206
IE: LG Air Sync (R-Click) - Save as Mobile Memo - d:\program files\Zvláštne programy\LG PC Suite IV\LinkAir\IEContextMenu.dll/208
IE: LG Air Sync (R-Click) - Save as Mobile Text file - d:\program files\Zvláštne programy\LG PC Suite IV\LinkAir\IEContextMenu.dll/210
IE: LG Air Sync (R-Click) - Set as Mobile Wallpaper - d:\program files\Zvláštne programy\LG PC Suite IV\LinkAir\IEContextMenu.dll/205
IE: LG Air Sync Option - d:\program files\Zvláštne programy\LG PC Suite IV\LinkAir\IEContextMenu.dll/209
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - d:\program files\Internet programy\ICQ 7.5\ICQ7.5\ICQ.exe
LSP: c:\windows\system32\INetHTTPFilter.dll
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Vlado\Data aplikací\Mozilla\Firefox\Profiles\vrppkprc.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - d:\program files\Internet programy\Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-29 19:44
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\ShockwaveFlash.ShockwaveFlash]
@DACL=(02 0000)
@="Shockwave Flash Object"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(3728)
c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
d:\program files\Domáce programy\Flash cs3\papervision 3d\tortoiseSVN\bin\TortoiseStub.dll
d:\program files\Domáce programy\Flash cs3\papervision 3d\tortoiseSVN\bin\TortoiseSVN.dll
d:\program files\Domáce programy\Flash cs3\papervision 3d\tortoiseSVN\bin\intl3_tsvn.dll
.
------------------------ Other Running Processes ------------------------
.
d:\program files\Domáce programy\Flash cs3\papervision 3d\tortoiseSVN\bin\TSVNCache.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
c:\windows\system32\drivers\CDAC11BA.EXE
c:\windows\soundman.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
d:\program files\Domáce programy\CDBurnerXP\NMSAccessU.exe
c:\windows\system32\nvsvc32.exe
d:\program files\Internet programy\Spyware Terminator\sp_rsser.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2011-07-29 19:51:22 - machine was rebooted
ComboFix-quarantined-files.txt 2011-07-29 17:51
ComboFix2.txt 2011-07-29 11:59
.
Pre-Run: 3 552 358 400
Post-Run: 3 487 879 168
.
- - End Of File - - 829F7D6D449D4C92859FE12DB6B80ADB

#6 Příspěvek od **Rudy** » 29 črc 2011 19:37

Log již vypadá čistý. Nastala nějaká změna?

Strata2 · #7 Příspěvek od **Strata2** » 30 črc 2011 14:12

Nic sa nezmenilo, stale ak zapnem pocitac tak avire trva nejakych 10 min kym zapne štity a aj po ich zapnuti je pocitac totalne spomaleny, nwm nedavno som preinstalovaval antivir z esetu na avast a potom na aviru, je mozne aby to robila avira ?? alebo mozno som neodinstaloval cely avst alebo eset pred tym a teraz sa biju? ale nikde po nich nevidim ziadne zbytky tak neviem

#8 Příspěvek od **Rudy** » 30 črc 2011 16:18

To by možné bylo. Zkuste pomocí odinstalačních utilit odinstalovat Avast a NOD: http://www.avast.com/cs-cz/uninstall-utility a http://eches.net/nod32-removal-tool-rem ... antivirus/ . Pak ještě příp. reinstalujte Aviru.

Strata2 · #9 Příspěvek od **Strata2** » 30 črc 2011 17:44

v tomto asi problem nieje, pretoze aj po odinstalovani aviri (teda aj bez akehokolvek antiviru) sa problem nevyriesil, stale je velmi spomaleny aj ked obcas po zapnuti pracuje normalne

#10 Příspěvek od **Rudy** » 30 črc 2011 18:17

Zkuste PC vyčistit CCleanerem: http://www.viry.cz/forum/viewtopic.php?f=46&t=7478 od balastu a defragmentovat disk. 256 MB RAM není nic moc pro provoz WinXP.

Strata2 · #11 Příspěvek od **Strata2** » 30 črc 2011 18:40

disk som nedavno defragmentoval a ccleaner tiez pouzivam a nepomohol, ono ja viem ze 256 mb RAM je nic moc ale tiez viem ako isiel pocitac 6 rokov doteraz a nikdy som nemusel cakat minutu kym sa zapne mozilla alebo cakat na otvorenie noveho okna 30 sek

#12 Příspěvek od **Rudy** » 30 črc 2011 18:41

Co jste instaloval těsně před tím, než se problém objevil?

Strata2 · #13 Příspěvek od **Strata2** » 30 črc 2011 18:48

avast a potom aviru, ono ten problem sa taha mozno uz aj 3 tyzden lebo zo zaciatku bol comp spomaleny mozno kazde 5 zapnutie a cim dalej tym viac a viac a teraz uz prakticky vzdy, mozno by pomohlo obnovenie systemu ??

#14 Příspěvek od **Rudy** » 30 črc 2011 19:01

Obnova by pomoci mohla, pokud máte natolik vzdálený bod obnovy.

Strata2 · #15 Příspěvek od **Strata2** » 05 srp 2011 13:31

Sorry bol som na dovolenke, a nepomohlo to

, no musi to byt virus kedze pocitac neustalku pracuje, davam novy log z rsit :

Logfile of random's system information tool 1.09 (written by random/random)
Run by Vlado at 2011-08-05 14:25:51
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 9 GB (45%) free of 20 GB
Total RAM: 255 MB (15% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:26:34, on 5. 8. 2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Domáce programy\Flash cs3\papervision 3d\tortoiseSVN\bin\TSVNCache.exe
C:\WINDOWS\soundman.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
D:\Program Files\Domáce programy\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\SPYWAR~1\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
D:\Program Files\Internet programy\Firefox\firefox.exe
D:\Program Files\Internet programy\Firefox\plugin-container.exe
D:\My Downloads\RSIT.exe
C:\Program Files\trend micro\Vlado.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: LinkAirBrowserHelper HistoryTriggerBHO - {21A88CB9-84D2-4020-A2D1-B25A21034884} - D:\Program Files\Zvláštne programy\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMan] soundman.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: LG Air Sync (R-Click) - Save as Mobile Image - res://D:\Program Files\Zvláštne programy\LG PC Suite IV\LinkAir\IEContextMenu.dll/206
O8 - Extra context menu item: LG Air Sync (R-Click) - Save as Mobile Memo - res://D:\Program Files\Zvláštne programy\LG PC Suite IV\LinkAir\IEContextMenu.dll/208
O8 - Extra context menu item: LG Air Sync (R-Click) - Save as Mobile Text file - res://D:\Program Files\Zvláštne programy\LG PC Suite IV\LinkAir\IEContextMenu.dll/210
O8 - Extra context menu item: LG Air Sync (R-Click) - Set as Mobile Wallpaper - res://D:\Program Files\Zvláštne programy\LG PC Suite IV\LinkAir\IEContextMenu.dll/205
O8 - Extra context menu item: LG Air Sync Option - res://D:\Program Files\Zvláštne programy\LG PC Suite IV\LinkAir\IEContextMenu.dll/209
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - D:\Program Files\Internet programy\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - D:\Program Files\Internet programy\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\inethttpfilter.dll
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NMSAccessU - Unknown owner - D:\Program Files\Domáce programy\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\PROGRA~1\SPYWAR~1\sp_rsser.exe

--
End of file - 7016 bytes

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Vlado\Data aplikací\Mozilla\Firefox\Profiles\vrppkprc.default

prefs.js - "browser.startup.homepage" - "http://www.google.sk/"
prefs.js - "extensions.enabledItems" - "jqs@sun.com:1.0, {00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}:1.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.18"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.1.9&q="

"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}"=D:\Program Files\Zvláštne programy\LG PC Suite IV\LinkAir\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/flashplayer]
"Description"=Adobe® Flash® Player 10
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=D:\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

D:\Program Files\Internet programy\Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{800b5000-a755-47e1-992b-48a1c1357f07}

D:\Program Files\Internet programy\Firefox\components\
xpti.dat
brwsrcmp.dll
compreg.dat
nsSafebrowsingApplication.js
FeedConverter.js
browser.xpt
nsSearchService.js
FeedProcessor.js
nsSessionStartup.js
browserdirprovider.dll
nsSessionStore.js
FeedWriter.js
nsURLFormatter.js
WebContentConverter.js
nsUpdateService.js
nsUrlClassifierLib.js
nsExtensionManager.js
nsSidebar.js
nsUrlClassifierListManager.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsDefaultCLH.js
components.list
fuelApplication.js
nsHelperAppDlg.js
nsLivemarkService.js
nsMicrosummaryService.js
nsPrivateBrowsingService.js
nsBadCertHandler.js
nsContentPrefService.js
nsIQTScriptablePlugin.xpt
nsContentDispatchChooser.js
nsDownloadManagerUI.js
nsFormAutoComplete.js
nsHandlerService.js
nsINIProcessor.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsProxyAutoConfig.js
nsSearchSuggestions.js
nsSetDefaultBrowser.js
nsTaggingService.js
nsTryToClose.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
npCouponPrinter.xpt

D:\Program Files\Internet programy\Firefox\plugins\
npMozCouponPrinter.dll
npCouponPrinter.dll
npnul32.dll

D:\Program Files\Internet programy\Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Vlado\Data aplikací\Mozilla\Firefox\Profiles\vrppkprc.default\extensions\
howtovideosidebar@wonderhowto.com
{5c8bfb7c-9a54-11dc-8314-0800200c9a66}

C:\Documents and Settings\Vlado\Data aplikací\Mozilla\Firefox\Profiles\vrppkprc.default\searchplugins\
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.src
icqplugin.xml
sweetim.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21A88CB9-84D2-4020-A2D1-B25A21034884}]
HistoryTriggerBHO Class - D:\Program Files\Zvláštne programy\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll [2010-08-05 35688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-10 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\soundman.exe [2001-12-20 124416]
"nwiz"=nwiz.exe /install []
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe [2003-05-14 188416]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-10-07 1461080]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Internet programy\uTorrent\utorrent.exe"="D:\Program Files\Internet programy\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\Internet programy\BitTorrent\BitLord\BitLord.exe"="D:\Program Files\Internet programy\BitTorrent\BitLord\BitLord.exe:*:Enabled:BitLord"
"D:\Program Files\Domáce programy\Swift 3D\Program\Swift3D.exe"="D:\Program Files\Domáce programy\Swift 3D\Program\Swift3D.exe:*:Disabled:Swift 3D"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"D:\Program Files\Domáce programy\Flash cs3\Adobe Flash CS3\Flash.exe"="D:\Program Files\Domáce programy\Flash cs3\Adobe Flash CS3\Flash.exe:*:Disabled:Adobe Flash CS3"
"D:\Program Files\Domáce programy\Real FLow 4\realflow.exe"="D:\Program Files\Domáce programy\Real FLow 4\realflow.exe:*:Disabled:realflow"
"D:\hry\Stronghold Crusader\Stronghold Crusader.exe"="D:\hry\Stronghold Crusader\Stronghold Crusader.exe:*:Enabled:Stronghold Crusader"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Disabled:Crawler Spyware Terminator"
"D:\Program Files\Internet programy\ICQ6.5\ICQ.exe"="D:\Program Files\Internet programy\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"D:\hry\CounterStrike\hl.exe"="D:\hry\CounterStrike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\TorrentBitch\TorrentBitch.exe"="C:\Program Files\TorrentBitch\TorrentBitch.exe:*:Enabled:TorrentBitch"
"C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe"="C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe:LocalSubNet:Enabled:HP Device Setup"
"D:\Program Files\Internet programy\Skype\Phone\Skype.exe"="D:\Program Files\Internet programy\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"D:\Program Files\Internet programy\Skype\Plugin Manager\skypePM.exe"="D:\Program Files\Internet programy\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"midi"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.CFHD"=cfhd.dll
"VIDC.ACDV"=ACDV.dll
"MSVideo8"=VfWWDM32.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll

======List of files/folders created in the last 1 month======

2011-08-05 14:25:47 ----D---- C:\rsit
2011-08-05 14:00:22 ----SHD---- C:\RECYCLER
2011-08-04 23:18:51 ----D---- C:\WINDOWS\temp
2011-08-04 22:49:37 ----A---- C:\WINDOWS\zip.exe
2011-08-04 22:49:37 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-08-04 22:49:37 ----A---- C:\WINDOWS\SWSC.exe
2011-08-04 22:49:37 ----A---- C:\WINDOWS\SWREG.exe
2011-08-04 22:49:37 ----A---- C:\WINDOWS\sed.exe
2011-08-04 22:49:37 ----A---- C:\WINDOWS\PEV.exe
2011-08-04 22:49:37 ----A---- C:\WINDOWS\NIRCMD.exe
2011-08-04 22:49:37 ----A---- C:\WINDOWS\MBR.exe
2011-08-04 22:49:37 ----A---- C:\WINDOWS\grep.exe
2011-08-04 22:49:00 ----D---- C:\ComboFix
2011-08-02 14:47:32 ----A---- C:\WINDOWS\WTRAN32.INI
2011-07-31 18:29:44 ----H---- C:\WINDOWS\dsez7075.dat
2011-07-31 13:56:30 ----A---- C:\WINDOWS\system32\proquota.exe
2011-07-31 13:56:30 ----A---- C:\WINDOWS\system32\grpconv.exe
2011-07-30 20:33:17 ----D---- C:\Documents and Settings\Vlado\Data aplikací\Spyware Terminator
2011-07-30 20:33:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2011-07-30 20:33:16 ----D---- C:\Program Files\Spyware Terminator
2011-07-30 20:32:23 ----D---- C:\Program Files\ESET
2011-07-30 20:31:59 ----D---- C:\Qoobox
2011-07-30 20:31:43 ----D---- C:\Program Files\SweetIM
2011-07-30 20:31:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\SweetIM
2011-07-30 20:24:28 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2011-07-30 17:45:49 ----ASH---- C:\hiberfil.sys
2011-07-11 15:06:27 ----D---- C:\WINDOWS\system32\NtmsData
2011-07-06 21:12:52 ----D---- C:\Documents and Settings\Vlado\Data aplikací\Spyware Terminator(2)
2011-07-06 21:12:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator(2)
2011-07-06 21:11:27 ----D---- C:\Qoobox(2)
2011-07-06 21:11:11 ----D---- C:\Config.Msi

======List of files/folders modified in the last 1 month======

2011-08-05 14:26:03 ----D---- C:\Program Files\trend micro
2011-08-05 14:25:51 ----D---- C:\WINDOWS\Prefetch
2011-08-04 23:19:28 ----D---- C:\WINDOWS
2011-08-04 23:19:28 ----A---- C:\WINDOWS\system.ini
2011-08-04 23:11:44 ----D---- C:\WINDOWS\system32\drivers
2011-08-04 23:11:44 ----D---- C:\WINDOWS\system32
2011-08-04 23:11:44 ----D---- C:\WINDOWS\AppPatch
2011-08-04 23:11:32 ----D---- C:\Program Files\Common Files
2011-08-04 22:52:19 ----D---- C:\WINDOWS\system32\CatRoot2
2011-08-04 22:51:36 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-08-03 17:05:08 ----D---- C:\Documents and Settings\Vlado\Data aplikací\uTorrent
2011-08-03 15:50:00 ----D---- C:\kamera
2011-08-02 20:42:28 ----SHD---- C:\WINDOWS\Installer
2011-08-02 15:04:49 ----A---- C:\WINDOWS\3DHOME.INI
2011-08-02 15:00:07 ----D---- C:\Documents and Settings\Vlado\Data aplikací\OpenOffice.org2
2011-08-02 14:47:29 ----A---- C:\WINDOWS\WDICT32.INI
2011-08-01 01:15:26 ----RD---- C:\Program Files
2011-07-31 14:30:40 ----D---- C:\WINDOWS\system32\drivers\etc
2011-07-30 20:40:03 ----D---- C:\WINDOWS\system32\config
2011-07-30 20:38:52 ----D---- C:\WINDOWS\system32\wbem
2011-07-30 20:38:52 ----D---- C:\WINDOWS\Registration
2011-07-30 20:33:56 ----D---- C:\WINDOWS\WinSxS
2011-07-30 20:29:23 ----D---- C:\Documents and Settings\Vlado\Data aplikací\gtk-2.0
2011-07-30 20:28:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2011-07-30 20:26:17 ----D---- C:\WINDOWS\repair
2011-07-30 20:25:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2011-07-30 20:25:45 ----D---- C:\Program Files\ICQ6Toolbar
2011-07-30 20:25:45 ----D---- C:\Documents and Settings\Vlado\Data aplikací\ICQ
2011-07-30 20:24:05 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-07-30 19:33:09 ----D---- C:\WINDOWS\Debug
2011-07-29 19:39:33 ----D---- C:\WINDOWS\ERDNT
2011-07-15 13:53:13 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-11 15:10:05 ----SHD---- C:\System Volume Information
2011-07-06 21:06:00 ----D---- C:\WINDOWS\system32\Restore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\system32\DRIVERS\PxHelp20.sys [2008-11-20 43872]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-11-15 717296]
R0 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-14 42240]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2002-07-23 32128]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2009-10-07 54184]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-10-07 35168]
R1 VIAPFD;VIAPFD; C:\WINDOWS\System32\Drivers\VIAPFD.SYS [2001-12-18 3279]
R2 CdaC15BA;CdaC15BA; \??\C:\WINDOWS\system32\drivers\CDAC15BA.SYS []
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-10-07 40824]
R3 ALCXWDM;Service for Avance AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2001-12-20 243164]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-12-28 25280]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2002-07-16 981466]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-14 20992]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-14 48128]
S3 a1zu9a2f;a1zu9a2f; C:\WINDOWS\system32\drivers\a1zu9a2f.sys []
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-14 38912]
S3 catchme;catchme; \??\C:\DOCUME~1\Vlado\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 cpuz130;cpuz130; \??\C:\DOCUME~1\Vlado\LOCALS~1\Temp\cpuz130\cpuz_x32.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\D:\Program Files\Zvláštne programy\MediaCoder\SysInfo.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-14 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-11-12 7168]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-01-03 72704]
R2 C-DillaCdaC11BA;C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [2008-11-16 54784]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-10-07 472280]
R2 NMSAccessU;NMSAccessU; D:\Program Files\Domáce programy\CDBurnerXP\NMSAccessU.exe [2009-07-13 71096]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2002-07-16 61440]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\PROGRA~1\SPYWAR~1\sp_rsser.exe [2009-07-13 487424]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-10-07 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-01-24 654848]
S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [2009-01-24 68096]
S3 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; D:\Program Files\Domáce programy\Sony Vegas\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; D:\Program Files\Domáce programy\Sony Vegas\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-10 152984]

-----------------EOF-----------------

VIRY.CZ

Spomaleny comp

Spomaleny comp

Re: Spomaleny comp

Re: Spomaleny comp

Re: Spomaleny comp

Re: Spomaleny comp

Re: Spomaleny comp

Re: Spomaleny comp

Re: Spomaleny comp

Re: Spomaleny comp

Re: Spomaleny comp

Re: Spomaleny comp

Re: Spomaleny comp

Re: Spomaleny comp

Re: Spomaleny comp

Re: Spomaleny comp