Dobry den, poprosil by som o kontrolu logu nakolko par dni dozadu som restartoval PC a ten restartoval stale dookola, az som ho musel vypnut natvrdo, pockat cca 10 minut a az potom sa zapol. a dnes to iste az po modru obrazovku smrti niekolko krat zasebou a ked system nabehol napisalo Vas system bol obnoveny po zavaznej chybe: Prikladam chybu:
BCCode : 50 BCP1 : F79D4000 BCP2 : 00000000 BCP3 : EBDDB0A6
BCP4 : 00000000 OSVer : 5_1_2600 SP : 3_0 Product : 256_1
C:\DOCUME~1\pocitac\LOCALS~1\Temp\WER5c58.dir00\Mini040213-03.dmp
C:\DOCUME~1\pocitac\LOCALS~1\Temp\WER5c58.dir00\sysdata.xml
A tu log z RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by pocitac at 2013-04-02 13:47:35
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 2 GB (8%) free of 20 GB
Total RAM: 959 MB (35% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:47:40, on 2.4.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS1\System32\smss.exe
C:\WINDOWS1\system32\winlogon.exe
C:\WINDOWS1\system32\services.exe
C:\WINDOWS1\system32\lsass.exe
C:\WINDOWS1\system32\svchost.exe
C:\WINDOWS1\System32\svchost.exe
C:\WINDOWS1\system32\svchost.exe
C:\WINDOWS1\Explorer.EXE
C:\WINDOWS1\system32\ctfmon.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS1\system32\spoolsv.exe
C:\WINDOWS1\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS1\System32\svchost.exe
C:\WINDOWS1\system32\nvsvc32.exe
C:\WINDOWS1\System32\svchost.exe
C:\WINDOWS1\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS1\system32\wscntfy.exe
C:\WINDOWS1\system32\wbem\wmiapsrv.exe
C:\WINDOWS1\system32\RUNDLL32.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
C:\Program Files\Notebook Hardware Control\nhc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\ICQ7.5\ICQ.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS1\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Documents and Settings\pocitac\Plocha\RSIT.exe
C:\Program Files\trend micro\pocitac.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.ro
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 213.192.37.242:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS1\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS1\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [NotebookHardwareControl] "C:\Program Files\Notebook Hardware Control\nhc.exe" -quiet
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS1\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.5\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS1\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout pomocí NetXferu - C:\Program Files\Xi\NetXfer\NXAddLink.html
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM obsah FLV videa - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Stáhnout vše pomocí Net&Xferu - C:\Program Files\Xi\NetXfer\NXAddList.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HP Chytrý výběr - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS1\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS1\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: HiDownload - {F4FBA929-A891-492C-A0F6-5C79CC4F1742} - C:\Program Files\StreamingStar\HiDownload\hidownload.exe (HKCU)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file://C:\Program Files\Elf Bowling Holiday Pack\Images\stg_drm.ocx
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 2528473234
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS1\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS1\system32\browseui.dll
O22 - SharedTaskScheduler: Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - (no file)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NPVR Recording Service - Unknown owner - C:\Program Files\NPVR\NRecord.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS1\system32\nvsvc32.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 9769 bytes
======Scheduled tasks folder======
C:\WINDOWS1\tasks\avast! Emergency Update.job
C:\WINDOWS1\tasks\GoforFilesUpdate.job
C:\WINDOWS1\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS1\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\pocitac\Data aplikací\Mozilla\Firefox\Profiles\as9ii7al.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.google.sk"
prefs.js - "extensions.enabledItems" - "{3112ca9c-de6d-4884-a869-9855de68056c}:7.1.20110512W, mozilla_cc@internetdownloadmanager.com:6.4, jqs@sun.com:1.0, {35106bca-6c78-48c7-ac28-56df30b51d2a}:1.3.8, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.16"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... =SB_CUI&q="
"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS1\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"ntfdsaftsfdfdxx@mozilla.org"=C:\Documents and Settings\pocitac\Data aplikací\iPumper\extension_firefox.xpi
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\WINDOWS1\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS1\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@alexiptv.org/vlc;version=5.0.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\alexiptv\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX® Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Kinomania.org/vlc;version=1.0.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\Kinomania\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS1\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448]
"Description"=6.0.12.448
"Path"=c:\program files\real\realplayer\Netscape6\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=1.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
aboutCertError.js
aboutPrivateBrowsing.js
aboutRights.js
aboutRobots.js
aboutSessionRestore.js
binary.manifest
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
compreg.dat
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsHandlerService.js
nsHelperAppDlg.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPostUpdateWin.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
xpti.dat
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
npdivx32.dll
npdivx32.xpt
npDivxPlayerPlugin.dll
npnul32.dll
nsIDivxPlayerPlugin.xpt
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml
C:\Documents and Settings\pocitac\Data aplikací\Mozilla\Firefox\Profiles\as9ii7al.default\extensions\
firefox@red-cog.com
{3112ca9c-de6d-4884-a869-9855de68056c}
{35106bca-6c78-48c7-ac28-56df30b51d2a}
{9EB34849-81D3-4841-939D-666D522B889A}
C:\Documents and Settings\pocitac\Data aplikací\Mozilla\Firefox\Profiles\as9ii7al.default\searchplugins\
conduit.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin.xml
qipsearch.xml
sfd.xml
sweetim.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2009-05-07 169392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2008-03-27 322880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2011-11-10 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-10 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-11-10 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2008-03-27 501056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS1\system32\NvMcTray.dll [2007-08-24 81920]
"NvCplDaemon"=C:\WINDOWS1\system32\NvCpl.dll [2007-08-24 8478720]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-01-10 472776]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS1\system32\CHDAudPropShortcut.exe [2006-07-26 61952]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-03-13 81920]
"NotebookHardwareControl"=C:\Program Files\Notebook Hardware Control\nhc.exe [2007-05-04 2629632]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2011-01-03 198160]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-07 4767304]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WIAWizardMenu"=C:\WINDOWS1\system32\sti_ci.dll [2008-04-14 136704]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ICQ"=C:\Program Files\ICQ7.5\ICQ.exe [2011-08-01 124480]
"ctfmon.exe"=C:\WINDOWS1\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-01-08 18705664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2008-03-25 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2007-12-13 1688872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MX Skype Recorder]
C:\Documents and Settings\pocitac\Local Settings\Data aplikací\MXSkypeRecorder\MXSkypeRecorder.exe [2009-06-18 561064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-12-03 2213160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\openvpn-gui]
C:\Program Files\OpenVPN\bin\openvpn-gui.exe [2009-12-10 99328]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2011-01-03 198160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS1^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2008-03-25 214360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS1^Nabídka Start^Programy^Po spuštění^IP-TV Player Agent.lnk]
C:\PROGRA~1\IP-TVP~1\IPTVPL~1.EXE /agent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS1^Nabídka Start^Programy^Po spuštění^Ralink Wireless Utility.lnk]
C:\PROGRA~1\RALINK\Common\RaUI.exe -s []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^pocitac^Nabídka Start^Programy^Po spuštění^Ubisoft register.lnk]
C:\PROGRA~1\Ubisoft\Register\schedule.exe /10.7.2009 10:39:21 /game= /language=English /country=Afghanistan /url=http://register-it.ubi.com/register.asp []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SlingAgentService"=2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS1\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Xi\NetXfer\NetTransport.exe"="C:\Program Files\Xi\NetXfer\NetTransport.exe:*:Enabled:NetXfer Download Manager"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"%windir%\system32\sopocx.ocx"="%windir%\system32\sopocx.ocx:*:Enabled:sopocx.ocx"
"%windir%\system32\tvu49.ocx"="%windir%\system32\tvu49.ocx:*:Enabled:tvu49.ocx"
"C:\Program Files\TeamViewer\Version4\TeamViewer.exe"="C:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"C:\Program Files\TVAnts\Tvants.exe"="C:\Program Files\TVAnts\Tvants.exe:*:Enabled:TVAnts"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\Program Files\Tv Player\TvPlayer.exe"="C:\Program Files\Tv Player\TvPlayer.exe:*:Enabled:Tv Player"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"C:\Program Files\Zattoo\zattood.exe"="C:\Program Files\Zattoo\zattood.exe:*:Enabled:zattood"
"C:\Program Files\Zattoo\Zattoo.exe"="C:\Program Files\Zattoo\Zattoo.exe:*:Enabled: "
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\FiSTiNG4FUN\Commview for Wifi\CommViewWiFi\WEPdecoder.exe"="C:\Program Files\FiSTiNG4FUN\Commview for Wifi\CommViewWiFi\WEPdecoder.exe:*:Enabled:WEP key recovery"
"C:\Program Files\RayV\RayV\RayV.exe"="C:\Program Files\RayV\RayV\RayV.exe:*:Enabled:RayV"
"C:\Program Files\RayV\RayV\RayV.dll"="C:\Program Files\RayV\RayV\RayV.dll:*:Enabled:RayV"
"C:\Program Files\S.A.D\CyberGhost VPN\CGStarter.exe"="C:\Program Files\S.A.D\CyberGhost VPN\CGStarter.exe:*:Enabled:CyberGhost VPN"
"C:\Program Files\StreamTorrent 1.0\StreamTorrent.exe"="C:\Program Files\StreamTorrent 1.0\StreamTorrent.exe:*:Enabled:StreamTorrent Media Player"
"C:\Documents and Settings\pocitac\Plocha\PLOCHA\RapidWareX.exe"="C:\Documents and Settings\pocitac\Plocha\PLOCHA\RapidWareX.exe:*:Enabled:RapidWareX"
"C:\Program Files\NetTVPlus Player2new\nettvplayer.exe"="C:\Program Files\NetTVPlus Player2new\nettvplayer.exe:*:Enabled:Net TV Plus Player"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe"="C:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe:*:Enabled:Media Player Classic"
"C:\Program Files\NetTVProfessional\NetTVProfessional.exe"="C:\Program Files\NetTVProfessional\NetTVProfessional.exe:*:Enabled:NetTvPlayer"
"C:\Documents and Settings\pocitac\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe"="C:\Documents and Settings\pocitac\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Nero\Nero8\Nero ShowTime\ShowTime.exe"="C:\Program Files\Nero\Nero8\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime"
"C:\Program Files\Windows Media Player\wmplayer.exe"="C:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player"
"C:\Program Files\Net TV Plus Player 3.0\ntvplayer.exe"="C:\Program Files\Net TV Plus Player 3.0\ntvplayer.exe:*:Enabled:Net TV Plus Player"
"C:\Documents and Settings\pocitac\temp\TeamViewer\Version4\TeamViewer.exe"="C:\Documents and Settings\pocitac\temp\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"C:\Program Files\Sling Media\SlingPlayer\SlingPlayer.exe"="C:\Program Files\Sling Media\SlingPlayer\SlingPlayer.exe:*:Enabled:SlingPlayer"
"C:\Program Files\Alextv\alextv.exe"="C:\Program Files\Alextv\alextv.exe:*:Enabled:alextv"
"C:\Program Files\SportPlayer\SportPlayer.exe"="C:\Program Files\SportPlayer\SportPlayer.exe:*:Enabled:SportPlayer"
"C:\Program Files\Internet Download Manager\IDMan.exe"="C:\Program Files\Internet Download Manager\IDMan.exe:*:Enabled:Internet Download Manager (IDM)"
"C:\Program Files\MulticastTV\MulticastTV.exe"="C:\Program Files\MulticastTV\MulticastTV.exe:*:Enabled:MulticastTV"
"C:\Documents and Settings\pocitac\Plocha\Tiiveni_TV_190111.exe"="C:\Documents and Settings\pocitac\Plocha\Tiiveni_TV_190111.exe:*:Enabled:Tiiveni TV Player"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"D:\Movies\rapid\winbox.exe"="D:\Movies\rapid\winbox.exe:*:Enabled:winbox"
"C:\Program Files\Wild Media Server\wms.exe"="C:\Program Files\Wild Media Server\wms.exe:*:Enabled:Wild Media Server (UPnP, DLNA, HTTP)"
"C:\Documents and Settings\pocitac\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\pocitac\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Program Files\TeamViewer\Version6\TeamViewer.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Documents and Settings\pocitac\temp\TeamViewer3\TeamViewer.exe"="C:\Documents and Settings\pocitac\temp\TeamViewer3\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"C:\Documents and Settings\pocitac\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe"="C:\Documents and Settings\pocitac\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player"
"C:\WINDOWS1\system32\msiexec.exe"="C:\WINDOWS1\system32\msiexec.exe:*:Enabled:UpdateManagerSetup"
"C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe"="C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe:*:Enabled:SweetPacksUpdateManager"
"C:\Documents and Settings\pocitac\Local Settings\Data aplikací\AntikVirtualSTB\AntikVirtualSTB.exe"="C:\Documents and Settings\pocitac\Local Settings\Data aplikací\AntikVirtualSTB\AntikVirtualSTB.exe:*:Enabled:AntikVirtualSTB"
"D:\Movies\rapid\fibertv-win\fibertv-2.0.1\fibertv_prehravac_win.exe"="D:\Movies\rapid\fibertv-win\fibertv-2.0.1\fibertv_prehravac_win.exe:*:Enabled:VLC media player 2.0.1"
"C:\Program Files\WinPcap\rpcapd.exe"="C:\Program Files\WinPcap\rpcapd.exe:*:Enabled:Remote Packet Capture Daemon"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\Stunnix-JavaScript-Obfuscator\lib\gui\httpd\httpd-x86-windows\apache.exe"="C:\Program Files\Stunnix-JavaScript-Obfuscator\lib\gui\httpd\httpd-x86-windows\apache.exe:127.0.0.1,LocalSubnet:Enabled:Apache web server"
"C:\Program Files\Stunnix-JavaScript-Obfuscator\lib\gui\perl\win32\wperl.exe"="C:\Program Files\Stunnix-JavaScript-Obfuscator\lib\gui\perl\win32\wperl.exe:127.0.0.1,LocalSubnet:Enabled:Perl interpreter - part of Stunnix Web Server"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS1\system32\Iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS1\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"msacm.divxa32"=msaud32_divx.acm
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"msacm.avis"=ff_acm.acm
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
======List of files/folders created in the last 1 month======
2013-04-02 13:47:35 ----D---- C:\rsit
2013-03-27 22:13:28 ----D---- C:\Documents and Settings\pocitac\Data aplikací\PowerISO
2013-03-25 17:33:10 ----D---- C:\Documents and Settings\pocitac\Data aplikací\{0ADE2412-31D5-40B4-827E-68B6B27C1BAD}
2013-03-21 21:55:39 ----A---- C:\WINDOWS1\system32\drivers\aswSP.sys
2013-03-21 21:55:39 ----A---- C:\WINDOWS1\system32\drivers\aswFsBlk.sys
2013-03-21 21:55:38 ----A---- C:\WINDOWS1\system32\drivers\aswTdi.sys
2013-03-21 21:55:38 ----A---- C:\WINDOWS1\system32\drivers\aswSnx.sys
2013-03-21 21:55:38 ----A---- C:\WINDOWS1\system32\drivers\aswRdr.sys
2013-03-21 21:55:37 ----A---- C:\WINDOWS1\system32\aswBoot.exe
2013-03-21 21:54:38 ----A---- C:\WINDOWS1\avastSS.scr
2013-03-21 21:16:56 ----A---- C:\WINDOWS1\ntbtlog.txt
2013-03-17 11:27:28 ----A---- C:\WINDOWS1\system32\drivers\aswVmm.sys
2013-03-17 11:27:28 ----A---- C:\WINDOWS1\system32\drivers\aswRvrt.sys
2013-03-17 11:27:27 ----A---- C:\WINDOWS1\system32\drivers\aswMonFlt.sys
2013-03-13 23:24:55 ----D---- C:\Documents and Settings\pocitac\Data aplikací\vptmpdownload
2013-03-12 22:46:51 ----D---- C:\Documents and Settings\pocitac\Data aplikací\{4530AD6C-8F37-48FC-A98E-05BC4DC37899}
2013-03-12 22:46:14 ----D---- C:\Documents and Settings\pocitac\Data aplikací\{51C471C6-A70A-495C-B2A6-718887CE5203}
======List of files/folders modified in the last 1 month======
2013-04-02 13:47:40 ----D---- C:\WINDOWS1\Prefetch
2013-04-02 13:47:37 ----D---- C:\Program Files\trend micro
2013-04-02 13:46:16 ----D---- C:\Documents and Settings\pocitac\Data aplikací\DMCache
2013-04-02 13:40:30 ----D---- C:\Program Files\Mozilla Firefox
2013-04-02 13:39:46 ----D---- C:\WINDOWS1\system32\drivers
2013-04-02 13:39:46 ----D---- C:\Program Files
2013-04-02 13:39:14 ----AD---- C:\Documents and Settings\All Users.WINDOWS1\Data aplikací\TEMP
2013-04-02 13:37:17 ----D---- C:\Documents and Settings\pocitac\Data aplikací\Skype
2013-04-02 13:35:45 ----D---- C:\Documents and Settings\pocitac\Data aplikací\ICQ
2013-04-02 13:35:17 ----D---- C:\WINDOWS1\temp
2013-04-02 13:24:07 ----D---- C:\WINDOWS1
2013-04-02 13:21:22 ----D---- C:\WINDOWS1\Minidump
2013-04-02 12:11:23 ----A---- C:\WINDOWS1\SchedLgU.Txt
2013-04-02 12:05:09 ----D---- C:\Documents and Settings\pocitac\Data aplikací\FileZilla
2013-04-02 12:04:38 ----D---- C:\Documents and Settings\pocitac\Data aplikací\vlc
2013-04-01 22:56:30 ----D---- C:\Program Files\URLSnooper2
2013-03-30 17:51:09 ----D---- C:\WINDOWS1\Microsoft.NET
2013-03-30 16:55:00 ----D---- C:\WINDOWS1\system32\CatRoot2
2013-03-28 12:43:41 ----D---- C:\Temp
2013-03-27 21:25:18 ----A---- C:\WINDOWS1\avisplitter.ini
2013-03-27 03:28:27 ----D---- C:\Documents and Settings\pocitac\Data aplikací\HPAppData
2013-03-21 21:55:39 ----SD---- C:\WINDOWS1\Tasks
2013-03-21 21:55:37 ----AD---- C:\WINDOWS1\system32
2013-03-21 21:55:21 ----SHD---- C:\WINDOWS1\Installer
2013-03-21 21:55:20 ----D---- C:\WINDOWS1\WinSxS
2013-03-21 21:53:47 ----D---- C:\Program Files\AVAST Software
2013-03-21 21:53:47 ----D---- C:\Documents and Settings\All Users.WINDOWS1\Data aplikací\AVAST Software
2013-03-21 21:21:20 ----D---- C:\WINDOWS1\system32\config
2013-03-21 21:20:31 ----D---- C:\WINDOWS1\system32\wbem
2013-03-21 21:20:27 ----D---- C:\WINDOWS1\Registration
2013-03-18 01:55:47 ----A---- C:\WINDOWS1\NeroDigital.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;aswRvrt; C:\WINDOWS1\system32\drivers\aswRvrt.sys [2013-03-07 49248]
R0 ExeLock;ExeLock; C:\WINDOWS1\system32\DRIVERS\ExeLock.sys [2010-04-24 35456]
R0 nvata;nvata; C:\WINDOWS1\system32\DRIVERS\nvata.sys [2006-04-24 100736]
R0 PxHelp20;PxHelp20; C:\WINDOWS1\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 sptd;sptd; C:\WINDOWS1\System32\Drivers\sptd.sys [2011-08-15 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS1\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AswRdr;aswRdr; C:\WINDOWS1\system32\drivers\AswRdr.sys [2013-03-07 49760]
R1 aswSnx;aswSnx; C:\WINDOWS1\system32\drivers\aswSnx.sys [2013-03-07 765736]
R1 aswSP;aswSP; C:\WINDOWS1\system32\drivers\aswSP.sys [2013-03-07 368176]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS1\system32\drivers\aswTdi.sys [2013-03-07 62376]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS1\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS1\system32\DRIVERS\tcpip6.sys [2008-06-20 225856]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS1\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS1\system32\drivers\aswFsBlk.sys [2013-03-07 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS1\system32\drivers\aswMonFlt.sys []
R2 irda;Protokol IrDA; C:\WINDOWS1\system32\DRIVERS\irda.sys [2008-04-14 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS1\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 windrvNT;windrvNT; \??\C:\WINDOWS1\system32\windrvNT.sys []
R3 HBtnKey;HBtnKey; C:\WINDOWS1\system32\DRIVERS\cpqbttn.sys [2008-04-28 9344]
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS1\system32\drivers\CHDAud.sys [2006-07-26 581632]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS1\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS1\system32\DRIVERS\HSF_DPV.sys [2006-08-29 990592]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS1\system32\DRIVERS\HSFHWAZL.sys [2006-08-29 208384]
R3 nhcDriverDevice;Notebook Hardware Control Driver; \??\C:\WINDOWS1\system32\drivers\nhcDriver.sys []
R3 nv;nv; C:\WINDOWS1\system32\DRIVERS\nv4_mini.sys [2007-08-24 6844864]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS1\system32\DRIVERS\NVENETFD.sys [2006-03-03 34176]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS1\system32\DRIVERS\nvnetbus.sys [2006-03-03 13056]
R3 nvsmu;nvsmu; C:\WINDOWS1\system32\DRIVERS\nvsmu.sys [2006-03-05 11136]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS1\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 tap0801;TAP-Win32 Adapter V8; C:\WINDOWS1\system32\DRIVERS\tap0801.sys [2009-12-10 26624]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS1\system32\DRIVERS\tunmp.sys [2008-04-14 12288]
R3 winachsf;winachsf; C:\WINDOWS1\system32\DRIVERS\HSF_CNXT.sys [2006-08-29 728576]
S0 xmasscsi;xmasscsi; C:\WINDOWS1\System32\Drivers\xmasscsi.sys []
S2 StudioPro;StudioPro webcam; C:\WINDOWS1\system32\DRIVERS\StudioPro.sys [2007-01-05 120320]
S3 ASPI;Advanced SCSI Programming Interface Driver; \??\C:\WINDOWS1\System32\DRIVERS\ASPI32.sys []
S3 aswVmm;aswVmm; C:\WINDOWS1\system32\drivers\aswVmm.sys [2013-03-07 164736]
S3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\WINDOWS1\system32\DRIVERS\bcmwl5.sys [2006-11-01 604928]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS1\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 CFcatchme;CFcatchme; \??\C:\DOCUME~1\pocitac\LOCALS~1\Temp\CFcatchme.sys []
S3 EuMusDesignVirtualAudioCableWdm;StudioPro audio (WDM); C:\WINDOWS1\system32\DRIVERS\vrtaucbl.sys [2007-04-22 38784]
S3 gogoTunnelDevice;gogo6 Multi-Virtual Tunnel Adapter; C:\WINDOWS1\system32\DRIVERS\gogotun.sys [2010-03-22 21064]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS1\system32\DRIVERS\hamachi.sys [2009-05-21 25280]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS1\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS1\system32\DRIVERS\HPZid412.sys [2008-01-24 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS1\system32\DRIVERS\HPZipr12.sys [2008-01-24 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS1\system32\DRIVERS\HPZius12.sys [2008-01-24 21568]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS1\system32\DRIVERS\ewusbmdm.sys [2008-03-17 101376]
S3 IT9135BDA;IT9135 BDA Devices; C:\WINDOWS1\System32\Drivers\IT9135BDA.sys []
S3 KCIRDA;%KCIRDA.ServiceDesc%; C:\WINDOWS1\system32\DRIVERS\KCIrNet.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS1\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MPE;BDA MPE Filter; C:\WINDOWS1\system32\DRIVERS\MPE.sys [2004-07-09 15104]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS1\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS1\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS1\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS1\system32\DRIVERS\NMnt.sys [2008-04-14 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS1\system32\drivers\npf.sys [2009-10-20 50704]
S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS1\system32\NSNDIS5.SYS []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS1\system32\DRIVERS\pccsmcfd.sys [2012-06-27 19072]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS1\System32\Drivers\pcouffin.sys [2009-03-23 47360]
S3 RT73;RT73 USB Wireless LAN Card Driver; C:\WINDOWS1\system32\DRIVERS\rt73.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS1\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; C:\WINDOWS1\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 tap0901;TAP-Win32 Adapter V9; C:\WINDOWS1\system32\DRIVERS\tap0901.sys [2010-02-25 25216]
S3 tapavpn;Steganos Anonym VPN Adapter; C:\WINDOWS1\system32\DRIVERS\tapavpn.sys [2007-10-19 24320]
S3 UIUSys;Conexant Setup API; C:\WINDOWS1\system32\DRIVERS\UIUSYS.SYS []
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS1\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS1\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS1\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS1\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS1\system32\drivers\usbser.sys [2008-04-14 26112]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS1\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS1\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS1\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS1\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS1\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS1\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS1\system32\svchost.exe [2008-04-14 14336]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-07 45248]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS1\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS1\system32\svchost.exe [2008-04-14 14336]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS1\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-11-10 153376]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-12-03 869672]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS1\System32\svchost.exe [2008-04-14 14336]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS1\system32\nvsvc32.exe [2007-08-24 155716]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS1\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS1\system32\svchost.exe [2008-04-14 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS1\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-04 116648]
S2 NPVR Recording Service;NPVR Recording Service; C:\Program Files\NPVR\NRecord.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS1\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS1\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS1\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-04 116648]
S3 idsvc;Windows CardSpace; C:\WINDOWS1\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-11 115168]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-12-13 447784]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 OpenVPNService;OpenVPN Service; C:\Program Files\OpenVPN\bin\openvpnserv.exe [2009-12-10 16384]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2009-10-20 117264]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-10-03 725400]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS1\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS1\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NvUpdSrv;NVIDIA Update Server; C:\Documents and Settings\pocitac\Local Settings\Data aplikací\NVIDIA Corporation\Update\nvupd32.exe /svc []
S4 SlingAgentService;SlingAgentService; C:\Program Files\Sling Media\SlingAgent\SlingAgentService.exe [2009-09-25 93960]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Modra obrazovka :-(
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119524
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Modra obrazovka :-(
Zdravím!
1. Otevřte adresář c:\windows\minidump, jeho obsah zabalte do raru a přiložte k vašemu příštímu postu.
2. Máte kritický nedostatek místa na disku. Po kontrole minidumpu a příp. nápravě vyčistíme PC.
1. Otevřte adresář c:\windows\minidump, jeho obsah zabalte do raru a přiložte k vašemu příštímu postu.
2. Máte kritický nedostatek místa na disku. Po kontrole minidumpu a příp. nápravě vyčistíme PC.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Modra obrazovka :-(
Dobry den, vdaka za pomoc, pocitac je akysi pomalsi aj pri dlhsej necinnosti ze sa na PC nic nerobi zrazu je pomalsi a seka aj obycajne otvaranie okien, otvara ich dlhsie, aj pri pisani tejto odpovede zrazu mozila prestane reagovat a trva cca 30 sekund kym mozem pokracovat vpisani a z 20 GB na C mam ani nie 2 GB a zopar nainstalovanych programov, aj som vela rpogramov odinstaloval, pouzivam aj CC cleaner a neviem kde sa mi straca pamet z disku C. Prikladam rarko:
- Přílohy
-
- Minidump.rar
- minidrump
- (18.33 KiB) Staženo 52 x
-
Rudy
- Site Admin
- Příspěvky: 119524
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Modra obrazovka :-(
Problém může způsobovat jak virus, tak hardware. Zkusíme se na to podívat hlouběji. Dejte log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Modra obrazovka :-(
praca combofixu trvala 40 minut, to sa mi zda vcelku dlho, tu je vysledok.
ComboFix 13-04-02.01 - pocitac 02.04.2013 19:58:57.9.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.959.246 [GMT 2:00]
Spuštěný z: c:\documents and settings\pocitac\Plocha\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows1\iun6002.exe
c:\windows1\pkunzip.pif
c:\windows1\pkzip.pif
c:\windows1\system32\aosmtp.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-02 do 2013-04-02 )))))))))))))))))))))))))))))))
.
.
2013-04-02 11:47 . 2013-04-02 11:47 -------- d-----w- C:\rsit
2013-03-27 20:13 . 2013-03-27 20:13 -------- d-----w- c:\documents and settings\pocitac\Data aplikací\PowerISO
2013-03-25 15:33 . 2013-03-25 15:33 -------- d-----w- c:\documents and settings\pocitac\Data aplikací\{0ADE2412-31D5-40B4-827E-68B6B27C1BAD}
2013-03-21 19:55 . 2013-03-06 23:33 368176 ----a-w- c:\windows1\system32\drivers\aswSP.sys
2013-03-21 19:55 . 2013-03-06 23:33 29816 ----a-w- c:\windows1\system32\drivers\aswFsBlk.sys
2013-03-21 19:55 . 2013-03-06 23:33 765736 ----a-w- c:\windows1\system32\drivers\aswSnx.sys
2013-03-21 19:55 . 2013-03-06 23:33 62376 ----a-w- c:\windows1\system32\drivers\aswTdi.sys
2013-03-21 19:55 . 2013-03-06 23:33 49760 ----a-w- c:\windows1\system32\drivers\aswRdr.sys
2013-03-21 19:55 . 2013-03-06 23:32 228600 ----a-w- c:\windows1\system32\aswBoot.exe
2013-03-21 19:54 . 2013-03-06 23:32 41664 ----a-w- c:\windows1\avastSS.scr
2013-03-21 19:20 . 2013-03-21 19:20 -------- d-----w- c:\windows1\system32\wbem\Repository
2013-03-17 09:27 . 2013-03-06 23:33 49248 ----a-w- c:\windows1\system32\drivers\aswRvrt.sys
2013-03-17 09:27 . 2013-03-06 23:33 164736 ----a-w- c:\windows1\system32\drivers\aswVmm.sys
2013-03-17 09:27 . 2013-03-06 23:33 66336 ----a-w- c:\windows1\system32\drivers\aswMonFlt.sys
2013-03-13 21:24 . 2013-03-13 21:25 -------- d-----w- c:\documents and settings\pocitac\Data aplikací\vptmpdownload
2013-03-12 20:46 . 2013-03-12 20:46 -------- d-----w- c:\documents and settings\pocitac\Data aplikací\{4530AD6C-8F37-48FC-A98E-05BC4DC37899}
2013-03-12 20:46 . 2013-03-12 20:46 -------- d-----w- c:\documents and settings\pocitac\Data aplikací\{51C471C6-A70A-495C-B2A6-718887CE5203}
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-02 11:35 . 2009-03-23 14:49 22528 ----a-w- c:\windows1\system32\drivers\nhcDriver.sys
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files\ICQ7.5\ICQ.exe" [2011-08-01 124480]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-01-08 18705664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="nwiz.exe" [2007-08-23 1626112]
"NvMediaCenter"="c:\windows1\system32\NvMcTray.dll" [2007-08-23 81920]
"NvCplDaemon"="c:\windows1\system32\NvCpl.dll" [2007-08-23 8478720]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-01-10 472776]
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-07-26 61952]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920]
"NotebookHardwareControl"="c:\program files\Notebook Hardware Control\nhc.exe" [2007-05-04 2629632]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2011-01-03 198160]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"WIAWizardMenu"="c:\windows1\system32\sti_ci.dll" [2008-04-14 136704]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS1^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users.WINDOWS1\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
backup=c:\windows1\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS1^Nabídka Start^Programy^Po spuštění^IP-TV Player Agent.lnk]
path=c:\documents and settings\All Users.WINDOWS1\Nabídka Start\Programy\Po spuštění\IP-TV Player Agent.lnk
backup=c:\windows1\pss\IP-TV Player Agent.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS1^Nabídka Start^Programy^Po spuštění^Ralink Wireless Utility.lnk]
path=c:\documents and settings\All Users.WINDOWS1\Nabídka Start\Programy\Po spuštění\Ralink Wireless Utility.lnk
backup=c:\windows1\pss\Ralink Wireless Utility.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^pocitac^Nabídka Start^Programy^Po spuštění^Ubisoft register.lnk]
path=c:\documents and settings\pocitac\Nabídka Start\Programy\Po spuštění\Ubisoft register.lnk
backup=c:\windows1\pss\Ubisoft register.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:\Program Files
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\c:\program files\NetMeter
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 20:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\c:\program files\NetMeter\NetMeter.exe]
2004-03-04 13:47 266240 ----a-w- c:\program files\NetMeter\NetMeter.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2007-08-24 06:00 33648 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2008-03-25 19:27 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-12-13 17:10 1688872 ----a-w- c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 07:52 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MX Skype Recorder]
2009-06-18 21:13 561064 ----a-w- c:\documents and settings\pocitac\Local Settings\Data aplikací\MXSkypeRecorder\MXSkypeRecorder.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
2007-12-03 12:21 2213160 ----a-w- c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\openvpn-gui]
2009-12-10 13:43 99328 ----a-w- c:\program files\OpenVPN\bin\openvpn-gui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-06-09 12:06 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2011-01-03 13:28 198160 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SlingAgentService"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\system32\\sopocx.ocx"=
"%windir%\\system32\\tvu49.ocx"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Documents and Settings\\pocitac\\Plocha\\PLOCHA\\RapidWareX.exe"=
"c:\\Program Files\\NetTVPlus Player2new\\nettvplayer.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\K-Lite Codec Pack\\Media Player Classic\\mplayerc.exe"=
"c:\\Program Files\\Nero\\Nero8\\Nero ShowTime\\ShowTime.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\Documents and Settings\\pocitac\\temp\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Program Files\\Sling Media\\SlingPlayer\\SlingPlayer.exe"=
"c:\\Program Files\\SportPlayer\\SportPlayer.exe"=
"c:\\Program Files\\Internet Download Manager\\IDMan.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Documents and Settings\\pocitac\\Local Settings\\Data aplikací\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
"c:\\Documents and Settings\\pocitac\\temp\\TeamViewer3\\TeamViewer.exe"=
"c:\\WINDOWS1\\system32\\msiexec.exe"=
"c:\\Documents and Settings\\pocitac\\Local Settings\\Data aplikací\\AntikVirtualSTB\\AntikVirtualSTB.exe"=
"d:\\Movies\\rapid\\fibertv-win\\fibertv-2.0.1\\fibertv_prehravac_win.exe"=
"c:\\Program Files\\WinPcap\\rpcapd.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 aswRvrt;aswRvrt;c:\windows1\system32\drivers\aswRvrt.sys [17.3.2013 11:27 49248]
R0 ExeLock;ExeLock;c:\windows1\system32\drivers\ExeLock.sys [24.4.2010 1:36 35456]
R0 sptd;sptd;c:\windows1\system32\drivers\sptd.sys [15.8.2011 15:24 691696]
R1 aswSnx;aswSnx;c:\windows1\system32\drivers\aswSnx.sys [21.3.2013 21:55 765736]
R1 aswSP;aswSP;c:\windows1\system32\drivers\aswSP.sys [21.3.2013 21:55 368176]
R2 aswFsBlk;aswFsBlk;c:\windows1\system32\drivers\aswFsBlk.sys [21.3.2013 21:55 29816]
R2 aswMonFlt;aswMonFlt;c:\windows1\system32\drivers\aswMonFlt.sys [17.3.2013 11:27 66336]
R3 tap0801;TAP-Win32 Adapter V8;c:\windows1\system32\drivers\tap0801.sys [15.2.2007 19:48 26624]
S0 xmasscsi;xmasscsi;c:\windows1\system32\Drivers\xmasscsi.sys --> c:\windows1\system32\Drivers\xmasscsi.sys [?]
S2 NPVR Recording Service;NPVR Recording Service;"c:\program files\NPVR\NRecord.exe" --> c:\program files\NPVR\NRecord.exe [?]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [8.1.2013 13:55 161536]
S2 StudioPro;StudioPro webcam;c:\windows1\system32\drivers\StudioPro.sys [8.7.2010 1:04 120320]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows1\system32\drivers\ASPI32.SYS [24.4.2009 15:42 16512]
S3 aswVmm;aswVmm;c:\windows1\system32\drivers\aswVmm.sys [17.3.2013 11:27 164736]
S3 CFcatchme;CFcatchme;\??\c:\docume~1\pocitac\LOCALS~1\Temp\CFcatchme.sys --> c:\docume~1\pocitac\LOCALS~1\Temp\CFcatchme.sys [?]
S3 EuMusDesignVirtualAudioCableWdm;StudioPro audio (WDM);c:\windows1\system32\drivers\vrtaucbl.sys [8.7.2010 1:04 38784]
S3 gogoTunnelDevice;gogo6 Multi-Virtual Tunnel Adapter;c:\windows1\system32\drivers\gogotun.sys [22.3.2010 18:29 21064]
S3 IT9135BDA;IT9135 BDA Devices;c:\windows1\system32\Drivers\IT9135BDA.sys --> c:\windows1\system32\Drivers\IT9135BDA.sys [?]
S3 KCIRDA;%KCIRDA.ServiceDesc%;c:\windows1\system32\DRIVERS\KCIrNet.sys --> c:\windows1\system32\DRIVERS\KCIrNet.sys [?]
S3 NPF;NetGroup Packet Filter Driver;c:\windows1\system32\drivers\npf.sys [20.10.2009 20:19 50704]
S3 pcouffin;VSO Software pcouffin;c:\windows1\system32\drivers\pcouffin.sys [23.3.2009 16:24 47360]
S3 tapavpn;Steganos Anonym VPN Adapter;c:\windows1\system32\drivers\tapavpn.sys [19.10.2007 10:50 24320]
S4 NvUpdSrv;NVIDIA Update Server;c:\documents and settings\pocitac\Local Settings\Data aplikací\NVIDIA Corporation\Update\nvupd32.exe /svc --> c:\documents and settings\pocitac\Local Settings\Data aplikací\NVIDIA Corporation\Update\nvupd32.exe [?]
S4 SlingAgentService;SlingAgentService;c:\program files\Sling Media\SlingAgent\SlingAgentService.exe [25.9.2009 13:16 93960]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-01 15:20 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.43\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-02 c:\windows1\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-03-21 23:32]
.
2013-04-02 c:\windows1\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-09 21:29]
.
2013-04-02 c:\windows1\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-09 21:29]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.sk/
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = 213.192.37.242:8080
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Stáhnout pomocí NetXferu - c:\program files\Xi\NetXfer\NXAddLink.html
IE: Stáhnout s IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM obsah FLV videa - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Stáhnout s IDM všechny odkazy - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Stáhnout vše pomocí Net&Xferu - c:\program files\Xi\NetXfer\NXAddList.html
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 217.75.71.141 217.75.71.142
FF - ProfilePath - c:\documents and settings\pocitac\Data aplikací\Mozilla\Firefox\Profiles\as9ii7al.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279141&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ÄŚSFD
FF - prefs.js: browser.startup.homepage - www.google.sk
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279141&SearchSource=2&CUI=SB_CUI&q=
FF - ExtSQL: !HIDDEN! 2009-08-26 13:32; smartwebprinting@hp.com; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
FF - user.js: extensions.autoDisableScopes - 14
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-NetXfer (Multilingual)_is1 - c:\program files\Xi\NetXfer\unins000.exe
AddRemove-Recuva - f:\recuva\uninst.exe
AddRemove-Octoshape add-in for Adobe Flash Player - c:\documents and settings\pocitac\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-04-02 20:17
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
C:\sccfg.sys 222 bytes
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1482476501-1177238915-1801674531-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{11B5C8DC-3FEA-1682-D4F0355518481497}\{414E0745-768E-27E6-1A22BEEA50FFC306}\{0F77990A-A8C5-E83C-A2DEB9098A2A23DE}*]
"{3EE4C831-B7E0-4ed1-B9FC-EDC523C9612F}1"=hex:01,00,01,00,0c,00,00,00,d6,cc,56,
f3,44,6f,47,ae,a6,1b,ea,9e,74,fa,4e,21,5c,35,90,55,3a,22,13,75,89,89,29,dd,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS1\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS1\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{79DD782F-DD9B-90C8-01AB82140B2B65EB}\{DE7D83BF-EB3B-F5D9-D52C430ACBAFB5F9}\{D743F1FE-35C6-E579-63E67F5CCF1E1FA7}*]
"1D1OWFM6WKF6TLM3S2BGKKUUDG1"=hex:01,00,01,00,00,00,00,00,71,4a,e0,45,b7,4f,44,
fb,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BF11F383-757D-CF48-6D213AC2BB6130AD}\{12507465-D6D8-AFB1-97ED5D21195D77D5}\{90E47118-DD98-E716-1AABCD138C042D55}*]
"{3EE4C831-B7E0-4ed1-B9FC-EDC523C9612F}1"=hex:01,00,01,00,0c,00,00,00,d6,cc,56,
f3,44,6f,47,ae,a6,1b,ea,9e,74,fa,4e,21,5c,35,90,55,3a,22,13,75,89,89,29,dd,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EDCF6AC6-CDE0-1F6D-043771A983FAB740}\{0B884C8F-0AAB-F925-A63B97C7F3A43931}\{965D33BD-6599-2D1D-7E8A152D666CAEE5}*]
"1D1OWFM6WKF6TLM3S2BGKKUUDG1"=hex:01,00,01,00,00,00,00,00,71,4a,e0,45,b7,4f,44,
fb,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2013-04-02 20:23:31
ComboFix-quarantined-files.txt 2013-04-02 18:23
.
Před spuštěním: 1 496 367 104
Po spuštění: 1 592 745 984
.
- - End Of File - - 2070FC5F97850177509FBB67D48C5B9B
ComboFix 13-04-02.01 - pocitac 02.04.2013 19:58:57.9.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.959.246 [GMT 2:00]
Spuštěný z: c:\documents and settings\pocitac\Plocha\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows1\iun6002.exe
c:\windows1\pkunzip.pif
c:\windows1\pkzip.pif
c:\windows1\system32\aosmtp.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-02 do 2013-04-02 )))))))))))))))))))))))))))))))
.
.
2013-04-02 11:47 . 2013-04-02 11:47 -------- d-----w- C:\rsit
2013-03-27 20:13 . 2013-03-27 20:13 -------- d-----w- c:\documents and settings\pocitac\Data aplikací\PowerISO
2013-03-25 15:33 . 2013-03-25 15:33 -------- d-----w- c:\documents and settings\pocitac\Data aplikací\{0ADE2412-31D5-40B4-827E-68B6B27C1BAD}
2013-03-21 19:55 . 2013-03-06 23:33 368176 ----a-w- c:\windows1\system32\drivers\aswSP.sys
2013-03-21 19:55 . 2013-03-06 23:33 29816 ----a-w- c:\windows1\system32\drivers\aswFsBlk.sys
2013-03-21 19:55 . 2013-03-06 23:33 765736 ----a-w- c:\windows1\system32\drivers\aswSnx.sys
2013-03-21 19:55 . 2013-03-06 23:33 62376 ----a-w- c:\windows1\system32\drivers\aswTdi.sys
2013-03-21 19:55 . 2013-03-06 23:33 49760 ----a-w- c:\windows1\system32\drivers\aswRdr.sys
2013-03-21 19:55 . 2013-03-06 23:32 228600 ----a-w- c:\windows1\system32\aswBoot.exe
2013-03-21 19:54 . 2013-03-06 23:32 41664 ----a-w- c:\windows1\avastSS.scr
2013-03-21 19:20 . 2013-03-21 19:20 -------- d-----w- c:\windows1\system32\wbem\Repository
2013-03-17 09:27 . 2013-03-06 23:33 49248 ----a-w- c:\windows1\system32\drivers\aswRvrt.sys
2013-03-17 09:27 . 2013-03-06 23:33 164736 ----a-w- c:\windows1\system32\drivers\aswVmm.sys
2013-03-17 09:27 . 2013-03-06 23:33 66336 ----a-w- c:\windows1\system32\drivers\aswMonFlt.sys
2013-03-13 21:24 . 2013-03-13 21:25 -------- d-----w- c:\documents and settings\pocitac\Data aplikací\vptmpdownload
2013-03-12 20:46 . 2013-03-12 20:46 -------- d-----w- c:\documents and settings\pocitac\Data aplikací\{4530AD6C-8F37-48FC-A98E-05BC4DC37899}
2013-03-12 20:46 . 2013-03-12 20:46 -------- d-----w- c:\documents and settings\pocitac\Data aplikací\{51C471C6-A70A-495C-B2A6-718887CE5203}
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-02 11:35 . 2009-03-23 14:49 22528 ----a-w- c:\windows1\system32\drivers\nhcDriver.sys
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files\ICQ7.5\ICQ.exe" [2011-08-01 124480]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-01-08 18705664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="nwiz.exe" [2007-08-23 1626112]
"NvMediaCenter"="c:\windows1\system32\NvMcTray.dll" [2007-08-23 81920]
"NvCplDaemon"="c:\windows1\system32\NvCpl.dll" [2007-08-23 8478720]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-01-10 472776]
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-07-26 61952]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920]
"NotebookHardwareControl"="c:\program files\Notebook Hardware Control\nhc.exe" [2007-05-04 2629632]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2011-01-03 198160]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"WIAWizardMenu"="c:\windows1\system32\sti_ci.dll" [2008-04-14 136704]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS1^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users.WINDOWS1\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
backup=c:\windows1\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS1^Nabídka Start^Programy^Po spuštění^IP-TV Player Agent.lnk]
path=c:\documents and settings\All Users.WINDOWS1\Nabídka Start\Programy\Po spuštění\IP-TV Player Agent.lnk
backup=c:\windows1\pss\IP-TV Player Agent.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS1^Nabídka Start^Programy^Po spuštění^Ralink Wireless Utility.lnk]
path=c:\documents and settings\All Users.WINDOWS1\Nabídka Start\Programy\Po spuštění\Ralink Wireless Utility.lnk
backup=c:\windows1\pss\Ralink Wireless Utility.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^pocitac^Nabídka Start^Programy^Po spuštění^Ubisoft register.lnk]
path=c:\documents and settings\pocitac\Nabídka Start\Programy\Po spuštění\Ubisoft register.lnk
backup=c:\windows1\pss\Ubisoft register.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:\Program Files
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\c:\program files\NetMeter
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 20:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\c:\program files\NetMeter\NetMeter.exe]
2004-03-04 13:47 266240 ----a-w- c:\program files\NetMeter\NetMeter.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2007-08-24 06:00 33648 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2008-03-25 19:27 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-12-13 17:10 1688872 ----a-w- c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 07:52 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MX Skype Recorder]
2009-06-18 21:13 561064 ----a-w- c:\documents and settings\pocitac\Local Settings\Data aplikací\MXSkypeRecorder\MXSkypeRecorder.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
2007-12-03 12:21 2213160 ----a-w- c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\openvpn-gui]
2009-12-10 13:43 99328 ----a-w- c:\program files\OpenVPN\bin\openvpn-gui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-06-09 12:06 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2011-01-03 13:28 198160 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SlingAgentService"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\system32\\sopocx.ocx"=
"%windir%\\system32\\tvu49.ocx"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Documents and Settings\\pocitac\\Plocha\\PLOCHA\\RapidWareX.exe"=
"c:\\Program Files\\NetTVPlus Player2new\\nettvplayer.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\K-Lite Codec Pack\\Media Player Classic\\mplayerc.exe"=
"c:\\Program Files\\Nero\\Nero8\\Nero ShowTime\\ShowTime.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\Documents and Settings\\pocitac\\temp\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Program Files\\Sling Media\\SlingPlayer\\SlingPlayer.exe"=
"c:\\Program Files\\SportPlayer\\SportPlayer.exe"=
"c:\\Program Files\\Internet Download Manager\\IDMan.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Documents and Settings\\pocitac\\Local Settings\\Data aplikací\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
"c:\\Documents and Settings\\pocitac\\temp\\TeamViewer3\\TeamViewer.exe"=
"c:\\WINDOWS1\\system32\\msiexec.exe"=
"c:\\Documents and Settings\\pocitac\\Local Settings\\Data aplikací\\AntikVirtualSTB\\AntikVirtualSTB.exe"=
"d:\\Movies\\rapid\\fibertv-win\\fibertv-2.0.1\\fibertv_prehravac_win.exe"=
"c:\\Program Files\\WinPcap\\rpcapd.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 aswRvrt;aswRvrt;c:\windows1\system32\drivers\aswRvrt.sys [17.3.2013 11:27 49248]
R0 ExeLock;ExeLock;c:\windows1\system32\drivers\ExeLock.sys [24.4.2010 1:36 35456]
R0 sptd;sptd;c:\windows1\system32\drivers\sptd.sys [15.8.2011 15:24 691696]
R1 aswSnx;aswSnx;c:\windows1\system32\drivers\aswSnx.sys [21.3.2013 21:55 765736]
R1 aswSP;aswSP;c:\windows1\system32\drivers\aswSP.sys [21.3.2013 21:55 368176]
R2 aswFsBlk;aswFsBlk;c:\windows1\system32\drivers\aswFsBlk.sys [21.3.2013 21:55 29816]
R2 aswMonFlt;aswMonFlt;c:\windows1\system32\drivers\aswMonFlt.sys [17.3.2013 11:27 66336]
R3 tap0801;TAP-Win32 Adapter V8;c:\windows1\system32\drivers\tap0801.sys [15.2.2007 19:48 26624]
S0 xmasscsi;xmasscsi;c:\windows1\system32\Drivers\xmasscsi.sys --> c:\windows1\system32\Drivers\xmasscsi.sys [?]
S2 NPVR Recording Service;NPVR Recording Service;"c:\program files\NPVR\NRecord.exe" --> c:\program files\NPVR\NRecord.exe [?]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [8.1.2013 13:55 161536]
S2 StudioPro;StudioPro webcam;c:\windows1\system32\drivers\StudioPro.sys [8.7.2010 1:04 120320]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows1\system32\drivers\ASPI32.SYS [24.4.2009 15:42 16512]
S3 aswVmm;aswVmm;c:\windows1\system32\drivers\aswVmm.sys [17.3.2013 11:27 164736]
S3 CFcatchme;CFcatchme;\??\c:\docume~1\pocitac\LOCALS~1\Temp\CFcatchme.sys --> c:\docume~1\pocitac\LOCALS~1\Temp\CFcatchme.sys [?]
S3 EuMusDesignVirtualAudioCableWdm;StudioPro audio (WDM);c:\windows1\system32\drivers\vrtaucbl.sys [8.7.2010 1:04 38784]
S3 gogoTunnelDevice;gogo6 Multi-Virtual Tunnel Adapter;c:\windows1\system32\drivers\gogotun.sys [22.3.2010 18:29 21064]
S3 IT9135BDA;IT9135 BDA Devices;c:\windows1\system32\Drivers\IT9135BDA.sys --> c:\windows1\system32\Drivers\IT9135BDA.sys [?]
S3 KCIRDA;%KCIRDA.ServiceDesc%;c:\windows1\system32\DRIVERS\KCIrNet.sys --> c:\windows1\system32\DRIVERS\KCIrNet.sys [?]
S3 NPF;NetGroup Packet Filter Driver;c:\windows1\system32\drivers\npf.sys [20.10.2009 20:19 50704]
S3 pcouffin;VSO Software pcouffin;c:\windows1\system32\drivers\pcouffin.sys [23.3.2009 16:24 47360]
S3 tapavpn;Steganos Anonym VPN Adapter;c:\windows1\system32\drivers\tapavpn.sys [19.10.2007 10:50 24320]
S4 NvUpdSrv;NVIDIA Update Server;c:\documents and settings\pocitac\Local Settings\Data aplikací\NVIDIA Corporation\Update\nvupd32.exe /svc --> c:\documents and settings\pocitac\Local Settings\Data aplikací\NVIDIA Corporation\Update\nvupd32.exe [?]
S4 SlingAgentService;SlingAgentService;c:\program files\Sling Media\SlingAgent\SlingAgentService.exe [25.9.2009 13:16 93960]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-01 15:20 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.43\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-02 c:\windows1\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-03-21 23:32]
.
2013-04-02 c:\windows1\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-09 21:29]
.
2013-04-02 c:\windows1\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-09 21:29]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.sk/
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = 213.192.37.242:8080
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Stáhnout pomocí NetXferu - c:\program files\Xi\NetXfer\NXAddLink.html
IE: Stáhnout s IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM obsah FLV videa - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Stáhnout s IDM všechny odkazy - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Stáhnout vše pomocí Net&Xferu - c:\program files\Xi\NetXfer\NXAddList.html
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 217.75.71.141 217.75.71.142
FF - ProfilePath - c:\documents and settings\pocitac\Data aplikací\Mozilla\Firefox\Profiles\as9ii7al.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279141&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ÄŚSFD
FF - prefs.js: browser.startup.homepage - www.google.sk
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279141&SearchSource=2&CUI=SB_CUI&q=
FF - ExtSQL: !HIDDEN! 2009-08-26 13:32; smartwebprinting@hp.com; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
FF - user.js: extensions.autoDisableScopes - 14
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-NetXfer (Multilingual)_is1 - c:\program files\Xi\NetXfer\unins000.exe
AddRemove-Recuva - f:\recuva\uninst.exe
AddRemove-Octoshape add-in for Adobe Flash Player - c:\documents and settings\pocitac\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-04-02 20:17
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
C:\sccfg.sys 222 bytes
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1482476501-1177238915-1801674531-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{11B5C8DC-3FEA-1682-D4F0355518481497}\{414E0745-768E-27E6-1A22BEEA50FFC306}\{0F77990A-A8C5-E83C-A2DEB9098A2A23DE}*]
"{3EE4C831-B7E0-4ed1-B9FC-EDC523C9612F}1"=hex:01,00,01,00,0c,00,00,00,d6,cc,56,
f3,44,6f,47,ae,a6,1b,ea,9e,74,fa,4e,21,5c,35,90,55,3a,22,13,75,89,89,29,dd,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS1\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS1\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{79DD782F-DD9B-90C8-01AB82140B2B65EB}\{DE7D83BF-EB3B-F5D9-D52C430ACBAFB5F9}\{D743F1FE-35C6-E579-63E67F5CCF1E1FA7}*]
"1D1OWFM6WKF6TLM3S2BGKKUUDG1"=hex:01,00,01,00,00,00,00,00,71,4a,e0,45,b7,4f,44,
fb,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BF11F383-757D-CF48-6D213AC2BB6130AD}\{12507465-D6D8-AFB1-97ED5D21195D77D5}\{90E47118-DD98-E716-1AABCD138C042D55}*]
"{3EE4C831-B7E0-4ed1-B9FC-EDC523C9612F}1"=hex:01,00,01,00,0c,00,00,00,d6,cc,56,
f3,44,6f,47,ae,a6,1b,ea,9e,74,fa,4e,21,5c,35,90,55,3a,22,13,75,89,89,29,dd,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EDCF6AC6-CDE0-1F6D-043771A983FAB740}\{0B884C8F-0AAB-F925-A63B97C7F3A43931}\{965D33BD-6599-2D1D-7E8A152D666CAEE5}*]
"1D1OWFM6WKF6TLM3S2BGKKUUDG1"=hex:01,00,01,00,00,00,00,00,71,4a,e0,45,b7,4f,44,
fb,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2013-04-02 20:23:31
ComboFix-quarantined-files.txt 2013-04-02 18:23
.
Před spuštěním: 1 496 367 104
Po spuštění: 1 592 745 984
.
- - End Of File - - 2070FC5F97850177509FBB67D48C5B9B
-
Rudy
- Site Admin
- Příspěvky: 119524
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Modra obrazovka :-(
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.KillAll::
File::
c:\windows1\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows1\Tasks\GoogleUpdateTaskMachineUA.job
Firefox::
FF - ProfilePath - c:\documents and settings\pocitac\Data aplikací\Mozilla\Firefox\Profiles\as9ii7al.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ÄŚSFD
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.as ... =SB_CUI&q=
FF - ExtSQL: !HIDDEN! 2009-08-26 13:32; smartwebprinting@hp.com; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
FF - user.js: extensions.autoDisableScopes - 14
Regnull::
[HKEY_USERS\S-1-5-21-1482476501-1177238915-1801674531-1003\Software\Microsoft\SystemCertificates\AddressBook*][HKEY_LOCAL_MACHINE\software\Classes\CLSID\{11B5C8DC-3FEA-1682-D4F0355518481497}\{414E0745-768E-27E6-1A22BEEA50FFC306}\{0F77990A-A8C5-E83C-A2DEB9098A2A23DE}*]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{79DD782F-DD9B-90C8-01AB82140B2B65EB}\{DE7D83BF-EB3B-F5D9-D52C430ACBAFB5F9}\{D743F1FE-35C6-E579-63E67F5CCF1E1FA7}*]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BF11F383-757D-CF48-6D213AC2BB6130AD}\{12507465-D6D8-AFB1-97ED5D21195D77D5}\{90E47118-DD98-E716-1AABCD138C042D55}*]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EDCF6AC6-CDE0-1F6D-043771A983FAB740}\{0B884C8F-0AAB-F925-A63B97C7F3A43931}\{965D33BD-6599-2D1D-7E8A152D666CAEE5}*]
RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
Reboot::
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Modra obrazovka :-(
Precistene, combofix az do restartu a logu cistil 55 minut, nezda sa Vam to dlha doba? a co disk? uz je dostatok miesta? a bol to virus? tu je vysledny log po cisteny.
ComboFix 13-04-02.01 - pocitac 02.04.2013 21:38:11.10.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.959.446 [GMT 2:00]
Spuštěný z: c:\documents and settings\pocitac\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\pocitac\Plocha\CFScript.txt
.
FILE ::
"c:\windows1\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows1\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-02 do 2013-04-02 )))))))))))))))))))))))))))))))
.
.
2013-04-02 11:47 . 2013-04-02 11:47 -------- d-----w- C:\rsit
2013-03-27 20:13 . 2013-03-27 20:13 -------- d-----w- c:\documents and settings\pocitac\Data aplikací\PowerISO
2013-03-25 15:33 . 2013-03-25 15:33 -------- d-----w- c:\documents and settings\pocitac\Data aplikací\{0ADE2412-31D5-40B4-827E-68B6B27C1BAD}
2013-03-21 19:55 . 2013-03-06 23:33 368176 ----a-w- c:\windows1\system32\drivers\aswSP.sys
2013-03-21 19:55 . 2013-03-06 23:33 29816 ----a-w- c:\windows1\system32\drivers\aswFsBlk.sys
2013-03-21 19:55 . 2013-03-06 23:33 765736 ----a-w- c:\windows1\system32\drivers\aswSnx.sys
2013-03-21 19:55 . 2013-03-06 23:33 62376 ----a-w- c:\windows1\system32\drivers\aswTdi.sys
2013-03-21 19:55 . 2013-03-06 23:33 49760 ----a-w- c:\windows1\system32\drivers\aswRdr.sys
2013-03-21 19:55 . 2013-03-06 23:32 228600 ----a-w- c:\windows1\system32\aswBoot.exe
2013-03-21 19:54 . 2013-03-06 23:32 41664 ----a-w- c:\windows1\avastSS.scr
2013-03-21 19:20 . 2013-03-21 19:20 -------- d-----w- c:\windows1\system32\wbem\Repository
2013-03-17 09:27 . 2013-03-06 23:33 49248 ----a-w- c:\windows1\system32\drivers\aswRvrt.sys
2013-03-17 09:27 . 2013-03-06 23:33 164736 ----a-w- c:\windows1\system32\drivers\aswVmm.sys
2013-03-17 09:27 . 2013-03-06 23:33 66336 ----a-w- c:\windows1\system32\drivers\aswMonFlt.sys
2013-03-13 21:24 . 2013-03-13 21:25 -------- d-----w- c:\documents and settings\pocitac\Data aplikací\vptmpdownload
2013-03-12 20:46 . 2013-03-12 20:46 -------- d-----w- c:\documents and settings\pocitac\Data aplikací\{4530AD6C-8F37-48FC-A98E-05BC4DC37899}
2013-03-12 20:46 . 2013-03-12 20:46 -------- d-----w- c:\documents and settings\pocitac\Data aplikací\{51C471C6-A70A-495C-B2A6-718887CE5203}
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-02 19:58 . 2009-03-23 14:49 22528 ----a-w- c:\windows1\system32\drivers\nhcDriver.sys
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files\ICQ7.5\ICQ.exe" [2011-08-01 124480]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-01-08 18705664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="nwiz.exe" [2007-08-23 1626112]
"NvMediaCenter"="c:\windows1\system32\NvMcTray.dll" [2007-08-23 81920]
"NvCplDaemon"="c:\windows1\system32\NvCpl.dll" [2007-08-23 8478720]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-01-10 472776]
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-07-26 61952]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920]
"NotebookHardwareControl"="c:\program files\Notebook Hardware Control\nhc.exe" [2007-05-04 2629632]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2011-01-03 198160]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"WIAWizardMenu"="c:\windows1\system32\sti_ci.dll" [2008-04-14 136704]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS1^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users.WINDOWS1\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
backup=c:\windows1\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS1^Nabídka Start^Programy^Po spuštění^IP-TV Player Agent.lnk]
path=c:\documents and settings\All Users.WINDOWS1\Nabídka Start\Programy\Po spuštění\IP-TV Player Agent.lnk
backup=c:\windows1\pss\IP-TV Player Agent.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS1^Nabídka Start^Programy^Po spuštění^Ralink Wireless Utility.lnk]
path=c:\documents and settings\All Users.WINDOWS1\Nabídka Start\Programy\Po spuštění\Ralink Wireless Utility.lnk
backup=c:\windows1\pss\Ralink Wireless Utility.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^pocitac^Nabídka Start^Programy^Po spuštění^Ubisoft register.lnk]
path=c:\documents and settings\pocitac\Nabídka Start\Programy\Po spuštění\Ubisoft register.lnk
backup=c:\windows1\pss\Ubisoft register.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 20:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2007-08-24 06:00 33648 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2008-03-25 19:27 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-12-13 17:10 1688872 ----a-w- c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 07:52 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MX Skype Recorder]
2009-06-18 21:13 561064 ----a-w- c:\documents and settings\pocitac\Local Settings\Data aplikací\MXSkypeRecorder\MXSkypeRecorder.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
2007-12-03 12:21 2213160 ----a-w- c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\openvpn-gui]
2009-12-10 13:43 99328 ----a-w- c:\program files\OpenVPN\bin\openvpn-gui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-06-09 12:06 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2011-01-03 13:28 198160 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SlingAgentService"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\system32\\sopocx.ocx"=
"%windir%\\system32\\tvu49.ocx"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Documents and Settings\\pocitac\\Plocha\\PLOCHA\\RapidWareX.exe"=
"c:\\Program Files\\NetTVPlus Player2new\\nettvplayer.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\K-Lite Codec Pack\\Media Player Classic\\mplayerc.exe"=
"c:\\Program Files\\Nero\\Nero8\\Nero ShowTime\\ShowTime.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\Documents and Settings\\pocitac\\temp\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Program Files\\Sling Media\\SlingPlayer\\SlingPlayer.exe"=
"c:\\Program Files\\SportPlayer\\SportPlayer.exe"=
"c:\\Program Files\\Internet Download Manager\\IDMan.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Documents and Settings\\pocitac\\Local Settings\\Data aplikací\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
"c:\\Documents and Settings\\pocitac\\temp\\TeamViewer3\\TeamViewer.exe"=
"c:\\WINDOWS1\\system32\\msiexec.exe"=
"c:\\Documents and Settings\\pocitac\\Local Settings\\Data aplikací\\AntikVirtualSTB\\AntikVirtualSTB.exe"=
"d:\\Movies\\rapid\\fibertv-win\\fibertv-2.0.1\\fibertv_prehravac_win.exe"=
"c:\\Program Files\\WinPcap\\rpcapd.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 aswRvrt;aswRvrt;c:\windows1\system32\drivers\aswRvrt.sys [17.3.2013 11:27 49248]
R0 ExeLock;ExeLock;c:\windows1\system32\drivers\ExeLock.sys [24.4.2010 1:36 35456]
R0 sptd;sptd;c:\windows1\system32\drivers\sptd.sys [15.8.2011 15:24 691696]
R1 aswSnx;aswSnx;c:\windows1\system32\drivers\aswSnx.sys [21.3.2013 21:55 765736]
R1 aswSP;aswSP;c:\windows1\system32\drivers\aswSP.sys [21.3.2013 21:55 368176]
R2 aswFsBlk;aswFsBlk;c:\windows1\system32\drivers\aswFsBlk.sys [21.3.2013 21:55 29816]
R2 aswMonFlt;aswMonFlt;c:\windows1\system32\drivers\aswMonFlt.sys [17.3.2013 11:27 66336]
R3 tap0801;TAP-Win32 Adapter V8;c:\windows1\system32\drivers\tap0801.sys [15.2.2007 19:48 26624]
S0 xmasscsi;xmasscsi;c:\windows1\system32\Drivers\xmasscsi.sys --> c:\windows1\system32\Drivers\xmasscsi.sys [?]
S2 NPVR Recording Service;NPVR Recording Service;"c:\program files\NPVR\NRecord.exe" --> c:\program files\NPVR\NRecord.exe [?]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [8.1.2013 13:55 161536]
S2 StudioPro;StudioPro webcam;c:\windows1\system32\drivers\StudioPro.sys [8.7.2010 1:04 120320]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows1\system32\drivers\ASPI32.SYS [24.4.2009 15:42 16512]
S3 aswVmm;aswVmm;c:\windows1\system32\drivers\aswVmm.sys [17.3.2013 11:27 164736]
S3 CFcatchme;CFcatchme;\??\c:\docume~1\pocitac\LOCALS~1\Temp\CFcatchme.sys --> c:\docume~1\pocitac\LOCALS~1\Temp\CFcatchme.sys [?]
S3 EuMusDesignVirtualAudioCableWdm;StudioPro audio (WDM);c:\windows1\system32\drivers\vrtaucbl.sys [8.7.2010 1:04 38784]
S3 gogoTunnelDevice;gogo6 Multi-Virtual Tunnel Adapter;c:\windows1\system32\drivers\gogotun.sys [22.3.2010 18:29 21064]
S3 IT9135BDA;IT9135 BDA Devices;c:\windows1\system32\Drivers\IT9135BDA.sys --> c:\windows1\system32\Drivers\IT9135BDA.sys [?]
S3 KCIRDA;%KCIRDA.ServiceDesc%;c:\windows1\system32\DRIVERS\KCIrNet.sys --> c:\windows1\system32\DRIVERS\KCIrNet.sys [?]
S3 NPF;NetGroup Packet Filter Driver;c:\windows1\system32\drivers\npf.sys [20.10.2009 20:19 50704]
S3 pcouffin;VSO Software pcouffin;c:\windows1\system32\drivers\pcouffin.sys [23.3.2009 16:24 47360]
S3 tapavpn;Steganos Anonym VPN Adapter;c:\windows1\system32\drivers\tapavpn.sys [19.10.2007 10:50 24320]
S4 NvUpdSrv;NVIDIA Update Server;c:\documents and settings\pocitac\Local Settings\Data aplikací\NVIDIA Corporation\Update\nvupd32.exe /svc --> c:\documents and settings\pocitac\Local Settings\Data aplikací\NVIDIA Corporation\Update\nvupd32.exe [?]
S4 SlingAgentService;SlingAgentService;c:\program files\Sling Media\SlingAgent\SlingAgentService.exe [25.9.2009 13:16 93960]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-01 15:20 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.43\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-02 c:\windows1\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-03-21 23:32]
.
2013-04-02 c:\windows1\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-09 21:29]
.
2013-04-02 c:\windows1\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-09 21:29]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.sk/
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = 213.192.37.242:8080
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Stáhnout pomocí NetXferu - c:\program files\Xi\NetXfer\NXAddLink.html
IE: Stáhnout s IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM obsah FLV videa - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Stáhnout s IDM všechny odkazy - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Stáhnout vše pomocí Net&Xferu - c:\program files\Xi\NetXfer\NXAddList.html
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 217.75.71.141 217.75.71.142
FF - ProfilePath - c:\documents and settings\pocitac\Data aplikací\Mozilla\Firefox\Profiles\as9ii7al.default\
FF - prefs.js: browser.startup.homepage - www.google.sk
FF - ExtSQL: !HIDDEN! 2009-08-26 13:32; smartwebprinting@hp.com; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
FF - user.js: extensions.autoDisableScopes - 14
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-04-02 21:59
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1482476501-1177238915-1801674531-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{11B5C8DC-3FEA-1682-D4F0355518481497}\{414E0745-768E-27E6-1A22BEEA50FFC306}\{0F77990A-A8C5-E83C-A2DEB9098A2A23DE}*]
"{3EE4C831-B7E0-4ed1-B9FC-EDC523C9612F}1"=hex:01,00,01,00,0c,00,00,00,d6,cc,56,
f3,44,6f,47,ae,a6,1b,ea,9e,74,fa,4e,21,5c,35,90,55,3a,22,13,75,89,89,29,dd,\
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1800)
c:\windows1\system32\msi.dll
c:\windows1\system32\webcheck.dll
c:\windows1\system32\IEFRAME.dll
c:\windows1\system32\WPDShServiceObj.dll
c:\windows1\system32\PortableDeviceTypes.dll
c:\windows1\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows1\system32\nvsvc32.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows1\system32\wscntfy.exe
c:\windows1\system32\RUNDLL32.EXE
c:\windows1\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Celkový čas: 2013-04-02 22:04:48 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-04-02 20:04
ComboFix2.txt 2013-04-02 18:23
.
Před spuštěním: 1 648 877 568
Po spuštění: 1 516 412 928
.
- - End Of File - - 79A741623E64225CACFD3EA436D6776F
ComboFix 13-04-02.01 - pocitac 02.04.2013 21:38:11.10.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.959.446 [GMT 2:00]
Spuštěný z: c:\documents and settings\pocitac\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\pocitac\Plocha\CFScript.txt
.
FILE ::
"c:\windows1\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows1\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-02 do 2013-04-02 )))))))))))))))))))))))))))))))
.
.
2013-04-02 11:47 . 2013-04-02 11:47 -------- d-----w- C:\rsit
2013-03-27 20:13 . 2013-03-27 20:13 -------- d-----w- c:\documents and settings\pocitac\Data aplikací\PowerISO
2013-03-25 15:33 . 2013-03-25 15:33 -------- d-----w- c:\documents and settings\pocitac\Data aplikací\{0ADE2412-31D5-40B4-827E-68B6B27C1BAD}
2013-03-21 19:55 . 2013-03-06 23:33 368176 ----a-w- c:\windows1\system32\drivers\aswSP.sys
2013-03-21 19:55 . 2013-03-06 23:33 29816 ----a-w- c:\windows1\system32\drivers\aswFsBlk.sys
2013-03-21 19:55 . 2013-03-06 23:33 765736 ----a-w- c:\windows1\system32\drivers\aswSnx.sys
2013-03-21 19:55 . 2013-03-06 23:33 62376 ----a-w- c:\windows1\system32\drivers\aswTdi.sys
2013-03-21 19:55 . 2013-03-06 23:33 49760 ----a-w- c:\windows1\system32\drivers\aswRdr.sys
2013-03-21 19:55 . 2013-03-06 23:32 228600 ----a-w- c:\windows1\system32\aswBoot.exe
2013-03-21 19:54 . 2013-03-06 23:32 41664 ----a-w- c:\windows1\avastSS.scr
2013-03-21 19:20 . 2013-03-21 19:20 -------- d-----w- c:\windows1\system32\wbem\Repository
2013-03-17 09:27 . 2013-03-06 23:33 49248 ----a-w- c:\windows1\system32\drivers\aswRvrt.sys
2013-03-17 09:27 . 2013-03-06 23:33 164736 ----a-w- c:\windows1\system32\drivers\aswVmm.sys
2013-03-17 09:27 . 2013-03-06 23:33 66336 ----a-w- c:\windows1\system32\drivers\aswMonFlt.sys
2013-03-13 21:24 . 2013-03-13 21:25 -------- d-----w- c:\documents and settings\pocitac\Data aplikací\vptmpdownload
2013-03-12 20:46 . 2013-03-12 20:46 -------- d-----w- c:\documents and settings\pocitac\Data aplikací\{4530AD6C-8F37-48FC-A98E-05BC4DC37899}
2013-03-12 20:46 . 2013-03-12 20:46 -------- d-----w- c:\documents and settings\pocitac\Data aplikací\{51C471C6-A70A-495C-B2A6-718887CE5203}
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-02 19:58 . 2009-03-23 14:49 22528 ----a-w- c:\windows1\system32\drivers\nhcDriver.sys
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files\ICQ7.5\ICQ.exe" [2011-08-01 124480]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-01-08 18705664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="nwiz.exe" [2007-08-23 1626112]
"NvMediaCenter"="c:\windows1\system32\NvMcTray.dll" [2007-08-23 81920]
"NvCplDaemon"="c:\windows1\system32\NvCpl.dll" [2007-08-23 8478720]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-01-10 472776]
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-07-26 61952]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920]
"NotebookHardwareControl"="c:\program files\Notebook Hardware Control\nhc.exe" [2007-05-04 2629632]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2011-01-03 198160]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"WIAWizardMenu"="c:\windows1\system32\sti_ci.dll" [2008-04-14 136704]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS1^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users.WINDOWS1\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
backup=c:\windows1\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS1^Nabídka Start^Programy^Po spuštění^IP-TV Player Agent.lnk]
path=c:\documents and settings\All Users.WINDOWS1\Nabídka Start\Programy\Po spuštění\IP-TV Player Agent.lnk
backup=c:\windows1\pss\IP-TV Player Agent.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS1^Nabídka Start^Programy^Po spuštění^Ralink Wireless Utility.lnk]
path=c:\documents and settings\All Users.WINDOWS1\Nabídka Start\Programy\Po spuštění\Ralink Wireless Utility.lnk
backup=c:\windows1\pss\Ralink Wireless Utility.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^pocitac^Nabídka Start^Programy^Po spuštění^Ubisoft register.lnk]
path=c:\documents and settings\pocitac\Nabídka Start\Programy\Po spuštění\Ubisoft register.lnk
backup=c:\windows1\pss\Ubisoft register.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 20:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2007-08-24 06:00 33648 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2008-03-25 19:27 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-12-13 17:10 1688872 ----a-w- c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 07:52 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MX Skype Recorder]
2009-06-18 21:13 561064 ----a-w- c:\documents and settings\pocitac\Local Settings\Data aplikací\MXSkypeRecorder\MXSkypeRecorder.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
2007-12-03 12:21 2213160 ----a-w- c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\openvpn-gui]
2009-12-10 13:43 99328 ----a-w- c:\program files\OpenVPN\bin\openvpn-gui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-06-09 12:06 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2011-01-03 13:28 198160 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SlingAgentService"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\system32\\sopocx.ocx"=
"%windir%\\system32\\tvu49.ocx"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Documents and Settings\\pocitac\\Plocha\\PLOCHA\\RapidWareX.exe"=
"c:\\Program Files\\NetTVPlus Player2new\\nettvplayer.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\K-Lite Codec Pack\\Media Player Classic\\mplayerc.exe"=
"c:\\Program Files\\Nero\\Nero8\\Nero ShowTime\\ShowTime.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\Documents and Settings\\pocitac\\temp\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Program Files\\Sling Media\\SlingPlayer\\SlingPlayer.exe"=
"c:\\Program Files\\SportPlayer\\SportPlayer.exe"=
"c:\\Program Files\\Internet Download Manager\\IDMan.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Documents and Settings\\pocitac\\Local Settings\\Data aplikací\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
"c:\\Documents and Settings\\pocitac\\temp\\TeamViewer3\\TeamViewer.exe"=
"c:\\WINDOWS1\\system32\\msiexec.exe"=
"c:\\Documents and Settings\\pocitac\\Local Settings\\Data aplikací\\AntikVirtualSTB\\AntikVirtualSTB.exe"=
"d:\\Movies\\rapid\\fibertv-win\\fibertv-2.0.1\\fibertv_prehravac_win.exe"=
"c:\\Program Files\\WinPcap\\rpcapd.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 aswRvrt;aswRvrt;c:\windows1\system32\drivers\aswRvrt.sys [17.3.2013 11:27 49248]
R0 ExeLock;ExeLock;c:\windows1\system32\drivers\ExeLock.sys [24.4.2010 1:36 35456]
R0 sptd;sptd;c:\windows1\system32\drivers\sptd.sys [15.8.2011 15:24 691696]
R1 aswSnx;aswSnx;c:\windows1\system32\drivers\aswSnx.sys [21.3.2013 21:55 765736]
R1 aswSP;aswSP;c:\windows1\system32\drivers\aswSP.sys [21.3.2013 21:55 368176]
R2 aswFsBlk;aswFsBlk;c:\windows1\system32\drivers\aswFsBlk.sys [21.3.2013 21:55 29816]
R2 aswMonFlt;aswMonFlt;c:\windows1\system32\drivers\aswMonFlt.sys [17.3.2013 11:27 66336]
R3 tap0801;TAP-Win32 Adapter V8;c:\windows1\system32\drivers\tap0801.sys [15.2.2007 19:48 26624]
S0 xmasscsi;xmasscsi;c:\windows1\system32\Drivers\xmasscsi.sys --> c:\windows1\system32\Drivers\xmasscsi.sys [?]
S2 NPVR Recording Service;NPVR Recording Service;"c:\program files\NPVR\NRecord.exe" --> c:\program files\NPVR\NRecord.exe [?]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [8.1.2013 13:55 161536]
S2 StudioPro;StudioPro webcam;c:\windows1\system32\drivers\StudioPro.sys [8.7.2010 1:04 120320]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows1\system32\drivers\ASPI32.SYS [24.4.2009 15:42 16512]
S3 aswVmm;aswVmm;c:\windows1\system32\drivers\aswVmm.sys [17.3.2013 11:27 164736]
S3 CFcatchme;CFcatchme;\??\c:\docume~1\pocitac\LOCALS~1\Temp\CFcatchme.sys --> c:\docume~1\pocitac\LOCALS~1\Temp\CFcatchme.sys [?]
S3 EuMusDesignVirtualAudioCableWdm;StudioPro audio (WDM);c:\windows1\system32\drivers\vrtaucbl.sys [8.7.2010 1:04 38784]
S3 gogoTunnelDevice;gogo6 Multi-Virtual Tunnel Adapter;c:\windows1\system32\drivers\gogotun.sys [22.3.2010 18:29 21064]
S3 IT9135BDA;IT9135 BDA Devices;c:\windows1\system32\Drivers\IT9135BDA.sys --> c:\windows1\system32\Drivers\IT9135BDA.sys [?]
S3 KCIRDA;%KCIRDA.ServiceDesc%;c:\windows1\system32\DRIVERS\KCIrNet.sys --> c:\windows1\system32\DRIVERS\KCIrNet.sys [?]
S3 NPF;NetGroup Packet Filter Driver;c:\windows1\system32\drivers\npf.sys [20.10.2009 20:19 50704]
S3 pcouffin;VSO Software pcouffin;c:\windows1\system32\drivers\pcouffin.sys [23.3.2009 16:24 47360]
S3 tapavpn;Steganos Anonym VPN Adapter;c:\windows1\system32\drivers\tapavpn.sys [19.10.2007 10:50 24320]
S4 NvUpdSrv;NVIDIA Update Server;c:\documents and settings\pocitac\Local Settings\Data aplikací\NVIDIA Corporation\Update\nvupd32.exe /svc --> c:\documents and settings\pocitac\Local Settings\Data aplikací\NVIDIA Corporation\Update\nvupd32.exe [?]
S4 SlingAgentService;SlingAgentService;c:\program files\Sling Media\SlingAgent\SlingAgentService.exe [25.9.2009 13:16 93960]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-01 15:20 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.43\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-02 c:\windows1\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-03-21 23:32]
.
2013-04-02 c:\windows1\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-09 21:29]
.
2013-04-02 c:\windows1\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-09 21:29]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.sk/
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = 213.192.37.242:8080
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Stáhnout pomocí NetXferu - c:\program files\Xi\NetXfer\NXAddLink.html
IE: Stáhnout s IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM obsah FLV videa - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Stáhnout s IDM všechny odkazy - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Stáhnout vše pomocí Net&Xferu - c:\program files\Xi\NetXfer\NXAddList.html
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 217.75.71.141 217.75.71.142
FF - ProfilePath - c:\documents and settings\pocitac\Data aplikací\Mozilla\Firefox\Profiles\as9ii7al.default\
FF - prefs.js: browser.startup.homepage - www.google.sk
FF - ExtSQL: !HIDDEN! 2009-08-26 13:32; smartwebprinting@hp.com; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
FF - user.js: extensions.autoDisableScopes - 14
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-04-02 21:59
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1482476501-1177238915-1801674531-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{11B5C8DC-3FEA-1682-D4F0355518481497}\{414E0745-768E-27E6-1A22BEEA50FFC306}\{0F77990A-A8C5-E83C-A2DEB9098A2A23DE}*]
"{3EE4C831-B7E0-4ed1-B9FC-EDC523C9612F}1"=hex:01,00,01,00,0c,00,00,00,d6,cc,56,
f3,44,6f,47,ae,a6,1b,ea,9e,74,fa,4e,21,5c,35,90,55,3a,22,13,75,89,89,29,dd,\
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1800)
c:\windows1\system32\msi.dll
c:\windows1\system32\webcheck.dll
c:\windows1\system32\IEFRAME.dll
c:\windows1\system32\WPDShServiceObj.dll
c:\windows1\system32\PortableDeviceTypes.dll
c:\windows1\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows1\system32\nvsvc32.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows1\system32\wscntfy.exe
c:\windows1\system32\RUNDLL32.EXE
c:\windows1\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Celkový čas: 2013-04-02 22:04:48 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-04-02 20:04
ComboFix2.txt 2013-04-02 18:23
.
Před spuštěním: 1 648 877 568
Po spuštění: 1 516 412 928
.
- - End Of File - - 79A741623E64225CACFD3EA436D6776F
-
Rudy
- Site Admin
- Příspěvky: 119524
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Modra obrazovka :-(
Log ji již OK. Z CF bohužel nepoznám obsazení disku. Zkuste Počítqč>klik pravým myšítkem na vlastnosti. Tam se dovíte velikost volného a obsazeného místa. Volného místa by mělo být alespoň 4GB.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Modra obrazovka :-(
Dakujem za pomoc, tak som mal iba 1,5 GB volne, odinstaloval som co som mohol, ted mam volne 4,5 GB, viac uz nemam co odinstalovat, mam uz len nero, ofiice a zopar malych programov, dokonca viac ako rok mam vypnute aktualizacie win a aj tak neviem kde sa podeli zvysne GB z 20 GB na disku C. ,kedze pravidelne cistim PC ccleanerom. nemam tam ani filmy, hudbu, to vse je na disku D, ked som to pocital system Xp ma cca 3 GB + nainstalovane programi maximalne 3 GB+ aktulaizacie cca 2 GB+ volne miesto 4,5 Gb = spolu cca 13 GB a 7 GB dakde je.Pravdepodobne uz asi nebude nejaka moznost ako disk este precistit ? alebo sa mylim ?
-
Rudy
- Site Admin
- Příspěvky: 119524
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Modra obrazovka :-(
Disk je vyčištěn. Popravdě řečeno systémový disk o velikosti 20GB je i pro WinXP malý. Ještě byste mohl nějaké dokumenty, fotky, videa, hudbu apod. (pokud máte) přesunout na nějakou flešku. 4,5GB stačí, PC bude ale chtít často čistit od dočasných souborů: http://forum.viry.cz/viewtopic.php?f=46&t=7478 . Nyní PC hlídejte, a pokud by se znovu objevil BSOD, dejte vědět. Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?