Logfile of random's system information tool 1.06 (written by random/random)
Run by uživatel at 2010-02-10 08:36:57
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 29 GB (37%) free of 76 GB
Total RAM: 511 MB (41% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:37:23, on 10.2.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\rserver30\RServer3.exe
C:\WINDOWS\system32\r_server.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\rserver30\FamItrfc.Exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
C:\WINDOWS\system32\NWTRAY.EXE
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\PDF\pdfSaver\pdfSaver3.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Salamander\SALAMAND.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\uživatel\Plocha\RSIT.exe
C:\Program Files\trend micro\uživatel.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.10.0.3:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: IEFriendly Class - {A5483501-070C-41DD-AF44-9BD8864B3015} - C:\Program Files\Httper\httper.dll
O3 - Toolbar: Zipclix - {319A68DB-06D0-46DA-9F93-A810D5A70836} - C:\Program Files\Zipclix\zipclix.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [NWTRAY] NWTRAY.EXE
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [SpySpotter] C:\PROGRA~1\SPYSPO~1\SpySpotter.exe
O4 - HKLM\..\Run: [ImInstaller_IncrediMail] C:\DOCUME~1\UŽIVATEL\LOCALS~1\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe -startup -product IncrediMail -cluster 2
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [System Soap Pro] C:\PROGRA~1\SYSTEM~1\soap.exe min
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [Svátky a výročí] C:\Program Files\OKsoftware\Svátky a výročí\Vyroci.exe
O4 - HKCU\..\Run: [pdfSaver3] "C:\Program Files\PDF\pdfSaver\pdfSaver3.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {421A63BA-4632-43E0-A942-3B4AB645BE51} - http://download-ak.systemsoap.com/ssoap ... oappro.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 0664639890
O16 - DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} (Active602XMLFiller Control) - https://www.mojedatovaschranka.cz/stati ... b?3,14,8,0
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 1575712984
O16 - DPF: {FC67BB52-AAB6-4282-9D51-2DAFFE73AFD0} - http://download.spyspotter.com/spyspott ... nstall.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\rserver30\newtstop.dll
O23 - Service: AutoComplete Service (Autocomplete) - Internet Washer - C:\PROGRA~1\SYSTEM~1\autocomp.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Radmin Server V3 (RServer3) - Famatech International Corp. - C:\WINDOWS\system32\rserver30\RServer3.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\system32\r_server.exe
--
End of file - 8184 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#Deskjet#5550.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-05-15 50376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5483501-070C-41DD-AF44-9BD8864B3015}]
IEFriendly Class - C:\Program Files\Httper\httper.dll [2003-06-05 110592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{319A68DB-06D0-46DA-9F93-A810D5A70836} - Zipclix - C:\Program Files\Zipclix\zipclix.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2002-09-27 4214784]
"nwiz"=nwiz.exe /install []
"WINDVDPatch"=C:\WINDOWS\system32\CTHELPER.EXE [2002-07-02 24576]
"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
"Jet Detection"=C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe [2001-11-29 28672]
"CTStartup"=C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE [2001-12-20 28672]
"NeroCheck"=C:\WINDOWS\System32\\NeroCheck.exe [2001-07-09 155648]
"HPDJ Taskbar Utility"=C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe [2002-12-10 188416]
"NWTRAY"=C:\WINDOWS\system32\NWTRAY.EXE [2001-12-18 28672]
"zBrowser Launcher"=C:\Program Files\Logitech\iTouch\iTouch.exe [2002-05-29 520192]
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\point32.exe [2003-05-16 163840]
"SpySpotter"=C:\PROGRA~1\SPYSPO~1\SpySpotter.exe []
"pdfSaver3"= []
"ImInstaller_IncrediMail"=C:\DOCUME~1\UŽIVATEL\LOCALS~1\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe -startup -product IncrediMail -cluster 2 []
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-11-16 2054360]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-02-26 67128]
"System Soap Pro"=C:\PROGRA~1\SYSTEM~1\soap.exe min []
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE [2003-04-23 413775]
""= []
"Svátky a výročí"=C:\Program Files\OKsoftware\Svátky a výročí\Vyroci.exe [2004-12-12 960512]
"pdfSaver3"=C:\Program Files\PDF\pdfSaver\pdfSaver3.exe [2004-05-19 385024]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\WINDOWS\system32\rserver30\newtstop.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwv1_0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"CompatibleRUPSecurity"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Documents and Settings\uživatel\Local Settings\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe"="C:\Documents and Settings\uživatel\Local Settings\Temp\ImInstaller\IncrediMail\incredimail_install[1].exe:*:Enabled:IncrediMail Installer"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\System32\rserver30\rserver3.exe"="C:\WINDOWS\System32\rserver30\rserver3.exe:*:Enabled:Radmin Server 3"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{96e19172-74cb-11dd-87b3-000c7617cfc2}]
shell\AutoRun\command - E:\setupSNK.exe
======List of files/folders created in the last 1 months======
2010-02-10 08:36:57 ----D---- C:\rsit
2010-02-10 08:36:57 ----D---- C:\Program Files\trend micro
2010-02-10 08:23:21 ----HD---- C:\WINDOWS\$NtUninstallKB971513$
2010-02-10 08:16:12 ----D---- C:\WINDOWS\system32\XPSViewer
2010-02-10 08:16:09 ----D---- C:\Program Files\MSBuild
2010-02-10 08:16:07 ----D---- C:\WINDOWS\system32\en-US
2010-02-10 08:16:01 ----D---- C:\Program Files\Reference Assemblies
2010-02-10 08:15:11 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2010-02-10 08:15:11 ----N---- C:\WINDOWS\system32\prntvpt.dll
2010-02-10 08:15:10 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2010-02-10 08:15:07 ----D---- C:\1bd627f149ae41c96f21adf2
2010-02-10 08:13:05 ----SHD---- C:\Config.Msi
2010-02-10 08:10:46 ----D---- C:\e54f40495c63765917f3e23027f0
2010-02-10 08:10:15 ----HD---- C:\WINDOWS\$NtUninstallbasecsp$
2010-02-10 08:10:13 ----D---- C:\Documents and Settings\uživatel\Data aplikací\Windows Desktop Search
2010-02-10 08:09:38 ----D---- C:\WINDOWS\system32\GroupPolicy
2010-02-10 08:09:38 ----D---- C:\Program Files\Windows Desktop Search
2010-02-10 08:09:19 ----HD---- C:\WINDOWS\$NtUninstallKB940157$
2010-02-10 08:09:08 ----HD---- C:\WINDOWS\$NtUninstallKB915800-v4$
2010-02-10 08:08:48 ----D---- C:\447b7693655670f0f16ae50f62
2010-02-10 08:07:24 ----RSD---- C:\WINDOWS\assembly
2010-02-10 08:07:23 ----D---- C:\WINDOWS\Microsoft.NET
2010-02-10 08:07:22 ----D---- C:\WINDOWS\system32\URTTemp
2010-02-10 07:42:59 ----HD---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-10 07:42:47 ----HD---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-10 07:40:44 ----D---- C:\WINDOWS\ie7updates
2010-02-10 07:39:50 ----D---- C:\WINDOWS\WBEM
2010-02-10 07:38:12 ----HD---- C:\WINDOWS\ie7
2010-02-10 07:37:54 ----HD---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2010-02-10 07:36:51 ----HD---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2010-02-10 07:28:39 ----D---- C:\7ca61143c2016b8d6dca727d31
2010-02-10 07:27:09 ----HD---- C:\WINDOWS\$NtUninstallKB951978$
2010-02-10 07:26:59 ----HD---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-10 07:26:48 ----HD---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-10 07:26:37 ----HD---- C:\WINDOWS\$NtUninstallKB956744$
2010-02-10 07:26:24 ----HD---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-10 07:26:13 ----HD---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-10 07:25:54 ----HD---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-10 07:25:25 ----HD---- C:\WINDOWS\$NtUninstallKB978706$
2010-02-10 07:25:07 ----HD---- C:\WINDOWS\$NtUninstallKB977165$
2010-02-09 15:38:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2010-02-09 15:29:46 ----D---- C:\WINDOWS\system32\rserver30
2010-02-09 15:25:33 ----D---- C:\Program Files\IrfanView
2010-02-09 15:23:15 ----SD---- C:\%APPDATA%
2010-02-09 15:14:03 ----D---- C:\WINDOWS\Prefetch
2010-02-09 15:11:41 ----HD---- C:\WINDOWS\$NtUninstallKB978207$
2010-02-09 15:10:59 ----HD---- C:\WINDOWS\$NtUninstallKB955759$
2010-02-09 15:10:18 ----HD---- C:\WINDOWS\$NtUninstallKB972270$
2010-02-09 15:09:35 ----HD---- C:\WINDOWS\$NtUninstallKB970430$
2010-02-09 15:08:55 ----HD---- C:\WINDOWS\$NtUninstallKB974318$
2010-02-09 15:08:15 ----HD---- C:\WINDOWS\$NtUninstallKB976325$
2010-02-09 15:07:34 ----HD---- C:\WINDOWS\$NtUninstallKB974392$
2010-02-09 15:06:47 ----HD---- C:\WINDOWS\$NtUninstallKB971737$
2010-02-09 15:06:07 ----HD---- C:\WINDOWS\$NtUninstallKB973687$
2010-02-09 15:05:26 ----HD---- C:\WINDOWS\$NtUninstallKB969947$
2010-02-09 15:04:46 ----HD---- C:\WINDOWS\$NtUninstallKB976749$
2010-02-09 15:04:00 ----HD---- C:\WINDOWS\$NtUninstallKB971486$
2010-02-09 15:03:15 ----HD---- C:\WINDOWS\$NtUninstallKB974455$
2010-02-09 15:02:35 ----HD---- C:\WINDOWS\$NtUninstallKB969059$
2010-02-09 15:01:55 ----HD---- C:\WINDOWS\$NtUninstallKB975025$
2010-02-09 15:01:15 ----HD---- C:\WINDOWS\$NtUninstallKB974112$
2010-02-09 15:00:28 ----HD---- C:\WINDOWS\$NtUninstallKB974571$
2010-02-09 14:59:48 ----HD---- C:\WINDOWS\$NtUninstallKB975467$
2010-02-09 14:59:10 ----HD---- C:\WINDOWS\$NtUninstallKB956844$
2010-02-09 14:58:27 ----HD---- C:\WINDOWS\$NtUninstallKB968389$
2010-02-09 14:57:45 ----HD---- C:\WINDOWS\$NtUninstallKB973869$
2010-02-09 14:57:06 ----HD---- C:\WINDOWS\$NtUninstallKB973354$
2010-02-09 14:56:26 ----HD---- C:\WINDOWS\$NtUninstallKB971657$
2010-02-09 14:55:45 ----HD---- C:\WINDOWS\$NtUninstallKB960859$
2010-02-09 14:55:07 ----HD---- C:\WINDOWS\$NtUninstallKB971557$
2010-02-09 14:54:29 ----HD---- C:\WINDOWS\$NtUninstallKB973507$
2010-02-09 14:53:49 ----HD---- C:\WINDOWS\$NtUninstallKB973815$
2010-02-09 14:53:09 ----HD---- C:\WINDOWS\$NtUninstallKB972260$
2010-02-09 14:52:26 ----HD---- C:\WINDOWS\$NtUninstallKB971633$
2010-02-09 14:51:49 ----HD---- C:\WINDOWS\$NtUninstallKB961371$
2010-02-09 14:51:07 ----HD---- C:\WINDOWS\$NtUninstallKB961501$
2010-02-09 14:50:27 ----HD---- C:\WINDOWS\$NtUninstallKB969897$
2010-02-09 14:49:42 ----HD---- C:\WINDOWS\$NtUninstallKB970238$
2010-02-09 14:49:00 ----HD---- C:\WINDOWS\$NtUninstallKB968537$
2010-02-09 14:48:12 ----HD---- C:\WINDOWS\$NtUninstallKB956572$
2010-02-09 14:47:27 ----HD---- C:\WINDOWS\$NtUninstallKB923561$
2010-02-09 14:46:46 ----HD---- C:\WINDOWS\$NtUninstallKB959426$
2010-02-09 14:46:07 ----HD---- C:\WINDOWS\$NtUninstallKB961373$
2010-02-09 14:45:25 ----HD---- C:\WINDOWS\$NtUninstallKB952004$
2010-02-09 14:44:45 ----HD---- C:\WINDOWS\$NtUninstallKB960803$
2010-02-09 14:43:58 ----HD---- C:\WINDOWS\$NtUninstallKB978207_1$
2010-02-09 14:43:14 ----HD---- C:\WINDOWS\$NtUninstallKB963027$
2010-02-09 14:42:36 ----HD---- C:\WINDOWS\$NtUninstallKB960225$
2010-02-09 14:41:58 ----HD---- C:\WINDOWS\$NtUninstallKB958690$
2010-02-09 14:41:12 ----HD---- C:\WINDOWS\$NtUninstallKB967715$
2010-02-09 14:40:30 ----HD---- C:\WINDOWS\$NtUninstallKB958687$
2010-02-09 14:39:48 ----HD---- C:\WINDOWS\$NtUninstallKB960714$
2010-02-09 14:39:03 ----HD---- C:\WINDOWS\$NtUninstallKB958215$
2010-02-09 14:38:21 ----HD---- C:\WINDOWS\$NtUninstallKB974112_1$
2010-02-09 14:37:45 ----HD---- C:\WINDOWS\$NtUninstallKB954600$
2010-02-09 14:37:04 ----HD---- C:\WINDOWS\$NtUninstallKB956802$
2010-02-09 14:36:25 ----HD---- C:\WINDOWS\$NtUninstallKB957097$
2010-02-09 14:35:44 ----HD---- C:\WINDOWS\$NtUninstallKB973687_1$
2010-02-09 14:35:06 ----HD---- C:\WINDOWS\$NtUninstallKB955069$
2010-02-09 14:34:28 ----HD---- C:\WINDOWS\$NtUninstallKB958644$
2010-02-09 14:33:51 ----HD---- C:\WINDOWS\$NtUninstallKB956803$
2010-02-09 14:33:07 ----HD---- C:\WINDOWS\$NtUninstallKB957095$
2010-02-09 14:32:25 ----HD---- C:\WINDOWS\$NtUninstallKB954211$
2010-02-09 14:31:44 ----HD---- C:\WINDOWS\$NtUninstallKB956841$
2010-02-09 14:30:59 ----HD---- C:\WINDOWS\$NtUninstallKB956390$
2010-02-09 14:30:25 ----HD---- C:\WINDOWS\$NtUninstallKB938464$
2010-02-09 14:29:52 ----HD---- C:\WINDOWS\$NtUninstallKB946648$
2010-02-09 14:29:13 ----HD---- C:\WINDOWS\$NtUninstallKB952287$
2010-02-09 14:28:35 ----HD---- C:\WINDOWS\$NtUninstallKB951066$
2010-02-09 14:27:58 ----HD---- C:\WINDOWS\$NtUninstallKB952954$
2010-02-09 14:27:17 ----HD---- C:\WINDOWS\$NtUninstallKB950974$
2010-02-09 14:26:30 ----HD---- C:\WINDOWS\$NtUninstallKB953838$
2010-02-09 14:25:47 ----HD---- C:\WINDOWS\$NtUninstallKB951748$
2010-02-09 14:25:08 ----HD---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-02-09 14:24:27 ----HD---- C:\WINDOWS\$NtUninstallKB950762$
2010-02-09 14:23:46 ----HD---- C:\WINDOWS\$NtUninstallKB951376$
2010-02-09 14:23:04 ----HD---- C:\WINDOWS\$NtUninstallKB951698$
2010-02-09 14:22:21 ----HD---- C:\WINDOWS\$NtUninstallKB950759$
2010-02-09 14:18:23 ----N---- C:\WINDOWS\system32\msxml6r.dll
2010-02-09 14:18:23 ----N---- C:\WINDOWS\system32\msxml6.dll
2010-02-09 14:18:21 ----N---- C:\WINDOWS\system32\smtpapi.dll
2010-02-09 14:18:21 ----N---- C:\WINDOWS\system32\rwnh.dll
2010-02-09 14:18:18 ----N---- C:\WINDOWS\system32\aaclient.dll
2010-02-09 14:18:17 ----N---- C:\WINDOWS\system32\dot3msm.dll
2010-02-09 14:18:17 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2010-02-09 14:18:17 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2010-02-09 14:18:17 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2010-02-09 14:18:17 ----N---- C:\WINDOWS\system32\dot3api.dll
2010-02-09 14:18:17 ----N---- C:\WINDOWS\system32\dimsroam.dll
2010-02-09 14:18:17 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2010-02-09 14:18:17 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2010-02-09 14:18:17 ----N---- C:\WINDOWS\system32\credssp.dll
2010-02-09 14:18:17 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2010-02-09 14:18:17 ----N---- C:\WINDOWS\system32\azroles.dll
2010-02-09 14:18:16 ----N---- C:\WINDOWS\system32\eapsvc.dll
2010-02-09 14:18:16 ----N---- C:\WINDOWS\system32\eapqec.dll
2010-02-09 14:18:16 ----N---- C:\WINDOWS\system32\eappprxy.dll
2010-02-09 14:18:16 ----N---- C:\WINDOWS\system32\eapphost.dll
2010-02-09 14:18:16 ----N---- C:\WINDOWS\system32\eappgnui.dll
2010-02-09 14:18:16 ----N---- C:\WINDOWS\system32\eappcfg.dll
2010-02-09 14:18:16 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2010-02-09 14:18:16 ----N---- C:\WINDOWS\system32\eapolqec.dll
2010-02-09 14:18:16 ----N---- C:\WINDOWS\system32\dot3ui.dll
2010-02-09 14:18:16 ----N---- C:\WINDOWS\system32\dot3svc.dll
2010-02-09 14:18:14 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2010-02-09 14:18:14 ----N---- C:\WINDOWS\system32\kmsvc.dll
2010-02-09 14:18:14 ----N---- C:\WINDOWS\system32\kbdpash.dll
2010-02-09 14:18:14 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2010-02-09 14:18:14 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2010-02-09 14:18:14 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2010-02-09 14:18:13 ----N---- C:\WINDOWS\system32\napmontr.dll
2010-02-09 14:18:13 ----N---- C:\WINDOWS\system32\napipsec.dll
2010-02-09 14:18:13 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2010-02-09 14:18:13 ----N---- C:\WINDOWS\system32\mssha.dll
2010-02-09 14:18:13 ----N---- C:\WINDOWS\system32\mmcperf.exe
2010-02-09 14:18:13 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2010-02-09 14:18:13 ----N---- C:\WINDOWS\system32\mmcex.dll
2010-02-09 14:18:13 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2010-02-09 14:18:12 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2010-02-09 14:18:12 ----N---- C:\WINDOWS\system32\rasqec.dll
2010-02-09 14:18:12 ----N---- C:\WINDOWS\system32\qutil.dll
2010-02-09 14:18:12 ----N---- C:\WINDOWS\system32\qcliprov.dll
2010-02-09 14:18:12 ----N---- C:\WINDOWS\system32\qagentrt.dll
2010-02-09 14:18:12 ----N---- C:\WINDOWS\system32\qagent.dll
2010-02-09 14:18:12 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2010-02-09 14:18:12 ----N---- C:\WINDOWS\system32\onex.dll
2010-02-09 14:18:12 ----N---- C:\WINDOWS\system32\napstat.exe
2010-02-09 14:18:11 ----N---- C:\WINDOWS\system32\setupn.exe
2010-02-09 14:18:10 ----N---- C:\WINDOWS\system32\tspkg.dll
2010-02-09 14:18:10 ----N---- C:\WINDOWS\system32\tsgqec.dll
2010-02-09 14:18:09 ----N---- C:\WINDOWS\system32\wmphoto.dll
2010-02-09 14:18:09 ----N---- C:\WINDOWS\system32\wlanapi.dll
2010-02-09 14:18:09 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2010-02-09 14:18:09 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2010-02-09 14:18:08 ----N---- C:\WINDOWS\system32\xmllite.dll
2010-02-09 14:18:07 ----D---- C:\WINDOWS\system32\cs-cz
2010-02-09 14:18:06 ----D---- C:\WINDOWS\system32\cs
2010-02-09 14:18:06 ----D---- C:\WINDOWS\l2schemas
2010-02-09 14:11:55 ----D---- C:\WINDOWS\network diagnostic
2010-02-09 14:09:41 ----A---- C:\WINDOWS\005663_.tmp
2010-02-09 13:58:10 ----SD---- C:\WINDOWS\%APPDATA%
2010-02-09 13:53:10 ----SD---- C:\WINDOWS\system32\%APPDATA%
2010-02-09 13:37:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\Yahoo!
2010-02-09 13:37:50 ----D---- C:\Documents and Settings\uživatel\Data aplikací\Yahoo!
2010-01-22 16:05:42 ----HD---- C:\WINDOWS\$NtUninstallKB978207_0$
2010-01-13 15:52:55 ----HD---- C:\WINDOWS\$NtUninstallKB955759_0$
2010-01-13 15:52:45 ----HD---- C:\WINDOWS\$NtUninstallKB972270_0$
======List of files/folders modified in the last 1 months======
2010-02-10 08:28:30 ----A---- C:\WINDOWS\{00000002-00000000-00000002-00001102-00000002-80651102}.BAK
2010-02-10 08:25:24 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-10 08:21:40 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-02-10 08:10:30 ----A---- C:\WINDOWS\imsins.BAK
2010-02-09 15:23:20 ----A---- C:\WINDOWS\OEWABLog.txt
2010-02-09 15:14:38 ----A---- C:\WINDOWS\setuplog.txt
2010-02-09 15:12:34 ----A---- C:\WINDOWS\iis6.BAK
2010-02-01 20:26:20 ----A---- C:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2004-01-22 82380]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-11-16 96408]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 raddrvv3;raddrvv3; \??\C:\WINDOWS\system32\rserver30\raddrvv3.sys []
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-11-16 116520]
R2 hardlock;hardlock; \??\C:\WINDOWS\System32\drivers\hardlock.sys []
R2 Haspnt;Haspnt; \??\C:\WINDOWS\System32\drivers\Haspnt.sys []
R2 NetwareWorkstation;Novell Client for Windows; C:\WINDOWS\System32\NetWare\nwfs.sys [2003-04-07 385824]
R2 NWDHCP;Novell DHCP Inform Client; C:\WINDOWS\System32\NetWare\nwdhcp.sys [2002-10-04 15712]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\System32\DRIVERS\nwlnknb.sys [2003-04-16 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [2003-04-16 55936]
R2 NWSIPX32;Novell NetWare IPX/SPX Transport Interface; C:\WINDOWS\System32\NetWare\nwsipx32.sys [2002-05-29 40592]
R2 RESMGR;Novell NetWare Resource Manager; C:\WINDOWS\System32\NetWare\resmgr.sys [2001-10-23 29229]
R2 SRVLOC;Novell Service Location; C:\WINDOWS\System32\NetWare\srvloc.sys [2003-02-20 119855]
R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\System32\drivers\ctac32k.sys [2002-07-19 127948]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2002-07-19 837548]
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\System32\drivers\ctprxy2k.sys [2002-07-19 11068]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\System32\drivers\ctsfm2k.sys [2002-07-19 213860]
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\System32\drivers\emupia2k.sys [2002-07-19 156604]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2002-07-24 998004]
R3 itchfltr;iTouch Keyboard Filter; C:\WINDOWS\System32\DRIVERS\itchfltr.sys [2002-05-23 10432]
R3 mirrorv3;mirrorv3; C:\WINDOWS\system32\DRIVERS\rminiv3.sys [2006-11-01 3328]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2002-09-27 1104282]
R3 NWDNS;Novell DNS Name Space Service Provider; C:\WINDOWS\System32\NetWare\nwdns.sys [2003-04-07 32174]
R3 NWHOST;Novell Host File Name Space Service Provider; C:\WINDOWS\System32\NetWare\NWHOST.sys [2001-10-23 11760]
R3 NWSAP;Novell SAP Name Space Provider; C:\WINDOWS\System32\NetWare\NWSAP.sys [2003-01-17 23264]
R3 NWSLP;Novell SLP Name Space Service Provider; C:\WINDOWS\System32\NetWare\nwslp.sys [2003-02-13 19456]
R3 NWSNS;Novell Simple Naming Services; C:\WINDOWS\System32\NetWare\NWSNS.sys [2003-02-13 5808]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2002-07-19 195432]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-01-23 9856]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\System32\DRIVERS\point32.sys [2003-05-16 19072]
R3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\System32\DRIVERS\R8139n51.SYS [2002-10-04 46976]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\System32\drivers\btserial.sys []
S2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS\System32\drivers\btslbcsp.sys []
S3 BtAudio;Bluetooth Audio; C:\WINDOWS\System32\DRIVERS\btaudio.sys []
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\System32\DRIVERS\btport.sys []
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\System32\DRIVERS\btwdndis.sys []
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2002-10-24 65076]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 ctljystk;Game port pro zařízení Creative SB Live!; C:\WINDOWS\System32\DRIVERS\ctljystk.sys [2001-08-17 3712]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2003-04-16 5888]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [2003-02-22 31273]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-04-16 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-11-16 735960]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-19 322120]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2002-09-27 65536]
R2 r_server;Remote Administrator Service; C:\WINDOWS\system32\r_server.exe [2001-07-24 241664]
R2 RServer3;Radmin Server V3; C:\WINDOWS\system32\rserver30\RServer3.exe [2008-04-24 1238344]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autocomplete;AutoComplete Service; C:\PROGRA~1\SYSTEM~1\autocomp.exe [2003-08-12 24064]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-11-16 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosim o preventivku
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosim o preventivku
Pročistěte PC programem Ccleaner, položky čistič (cleaner) a registry (iussues). Stáhněte si a nainstalujte MBAM, podle návodu vytvořte log a vložte jej sem. Bez předešlé konzultace sám nic nemažte!
Re: Prosim o preventivku
Tady to je (RemoteAdmin je normalne nainstalovan) :
Malwarebytes' Anti-Malware 1.44
Verze databáze: 3718
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
10.2.2010 12:11:52
mbam-log-2010-02-10 (12-11-43).txt
Typ kontroly: Kompletní kontrola (C:\|)
Zkontrolované objekty: 261164
Uplynulý čas: 44 minute(s), 37 second(s)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 1
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 8
Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované moduly v paměti:
C:\WINDOWS\system32\admdll.dll (PUP.RemoteAdmin) -> No action taken.
Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)
Infikované soubory:
C:\WINDOWS\system32\admdll.dll (PUP.RemoteAdmin) -> No action taken.
C:\WINDOWS\system32\raddrv.dll (PUP.RemoteAdmin) -> No action taken.
C:\Program Files\Radmin\AdmDll.dll (PUP.RemoteAdmin) -> No action taken.
C:\Program Files\Radmin\raddrv.dll (PUP.RemoteAdmin) -> No action taken.
C:\StarePC\Program Files\Radmin\AdmDll.dll (PUP.RemoteAdmin) -> No action taken.
C:\StarePC\Program Files\Radmin\raddrv.dll (PUP.RemoteAdmin) -> No action taken.
C:\StarePC\WINDOWS\SYSTEM\admdll.dll (PUP.RemoteAdmin) -> No action taken.
C:\StarePC\WINDOWS\SYSTEM\raddrv.dll (PUP.RemoteAdmin) -> No action taken.
Malwarebytes' Anti-Malware 1.44
Verze databáze: 3718
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
10.2.2010 12:11:52
mbam-log-2010-02-10 (12-11-43).txt
Typ kontroly: Kompletní kontrola (C:\|)
Zkontrolované objekty: 261164
Uplynulý čas: 44 minute(s), 37 second(s)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 1
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 8
Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované moduly v paměti:
C:\WINDOWS\system32\admdll.dll (PUP.RemoteAdmin) -> No action taken.
Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)
Infikované soubory:
C:\WINDOWS\system32\admdll.dll (PUP.RemoteAdmin) -> No action taken.
C:\WINDOWS\system32\raddrv.dll (PUP.RemoteAdmin) -> No action taken.
C:\Program Files\Radmin\AdmDll.dll (PUP.RemoteAdmin) -> No action taken.
C:\Program Files\Radmin\raddrv.dll (PUP.RemoteAdmin) -> No action taken.
C:\StarePC\Program Files\Radmin\AdmDll.dll (PUP.RemoteAdmin) -> No action taken.
C:\StarePC\Program Files\Radmin\raddrv.dll (PUP.RemoteAdmin) -> No action taken.
C:\StarePC\WINDOWS\SYSTEM\admdll.dll (PUP.RemoteAdmin) -> No action taken.
C:\StarePC\WINDOWS\SYSTEM\raddrv.dll (PUP.RemoteAdmin) -> No action taken.
Re: Prosim o preventivku
Otevřete poznámkový blok a zkopírujte do něj následující text:
Soubor uložte pomocí "uložit jako" (typ: všechny soubory), název zadejte "smazani.reg" a uložte jej třeba na plochu. Na takto vytvořený soubor dvakrát klikněte a potvrďte dialogové okno. Tak a máme hotovo.REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5483501-070C-41DD-AF44-9BD8864B3015}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{319A68DB-06D0-46DA-9F93-A810D5A70836}"=-
Re: Prosim o preventivku
Provedeno...
Díky za čas a pomoc...
Díky za čas a pomoc...
Přispějete na provoz fóra?