Jsem tu novej takze nevim co kde jak a proc.. takze prosim o radu co stahnout nebo cim mam PC projet eventuelne kam mam hodit nejaky log 
dik za pomoc..
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosim o radu a zkontrolovani PC :)
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Prosim o radu a zkontrolovani PC :)
Ahoj mam ted posledni dobou nejak pomalej pocitac a v posledni dobe jsem mel i problemy jakoby s harddiskem ze mi vzdy PC po startu PC ho to kontrolovalo a vzdy se mi proste po case PC tak sekal ze neslo nic delat.. to ovsem po par testech polevilo kazdopadne bych si rad necim projel PC a zbavil se viru ktere urcite mam a delaj mi v PC bordel.. ted jsem si cistil program files a nejmene pulku veci jsem tam vubec nedaval a dalsi pulka veci nejde smazat.. Jsem tu novej takze nevim co kde jak a proc.. takze prosim o radu co stahnout nebo cim mam PC projet eventuelne kam mam hodit nejaky log dik za pomoc..
Jsem tu novej takze nevim co kde jak a proc.. takze prosim o radu co stahnout nebo cim mam PC projet eventuelne kam mam hodit nejaky log dik za pomoc..-
Unlimited_Killer
- Přítel fóra
- Příspěvky: 1969
- Registrován: 24 srp 2009 16:18
Re: Prosim o radu a zkontrolovani PC :)
Zdravím. 
~~~
Random's System Information Tool
~~~
Random's System Information Tool
- Stáhněte a uložte na Plochu RSIT.
- Spusťte, nechte v rolovacím menu '1 month' a klikněte na 'Continue'.
- Vyčkejte několik vteřin, než se vygeneruje log se jménem log.txt
- Pokud nebude log vygenerován, naleznete jej v C:\rsit\log.txt
- Obsah tohoto logu vložte do svého příspěvku.
inactive
Re: Prosim o radu a zkontrolovani PC :)
No pride mi to desne dlouhe snad se to sem vejde
Logfile of random's system information tool 1.06 (written by random/random)
Run by Machr at 2010-02-14 11:25:28
Systém Microsoft Windows XP Professional Service Pack 3
System drive E: has 21 GB (16%) free of 133 GB
Total RAM: 2046 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:25:49, on 14.2.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\COMODO\EasyVPN\crdphService.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
E:\Program Files\Alwil Software\Avast4\ashServ.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\COMODO\EasyVPN\Vpnservice.exe
E:\Program Files\Java\jre6\bin\jqs.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\WINDOWS\system32\PnkBstrB.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
E:\WINDOWS\system32\wbem\wmiapsrv.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\mHotkey.exe
E:\WINDOWS\RTHDCPL.EXE
E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
E:\WINDOWS\system32\ctfmon.exe
E:\WINDOWS\system32\wbem\unsecapp.exe
E:\Program Files\Stardock\ObjectDock\ObjectDock.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
E:\Program Files\RelevantKnowledge\rlvknlg.exe
E:\PROGRA~1\ALWILS~1\Avast4\ashQuick.exe
E:\WINDOWS\system32\wuauclt.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Documents and Settings\Machr\Plocha\RSIT.exe
E:\Program Files\Trend Micro\HijackThis\Machr.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.europowersearch.com/Search.h ... rchLang=CZ
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.ask.com/web?q={searchTerms}&o=14677&l=dis
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - E:\Documents and Settings\hip-hop forever\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Google Plus - {01677B4B-0610-4814-94A0-5F570DD7A88F} - E:\PROGRA~1\GOOGLE~1\17GOOG~1.DLL (file missing)
O2 - BHO: Super-Search -Find more of what you need - {0286A85D-CD62-43bb-B7A9-A87D1D027160} - E:\PROGRA~1\EASYSE~1\BHO\11SUPE~1.DLL (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - E:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - E:\Documents and Settings\hip-hop forever\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Recfree toolbar helper - {D286E828-E6B9-484d-A058-D7323666DE33} - E:\Program Files\RecFree.com\RecFreeToolbar\1.3.13.0\escort.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - E:\Program Files\BS_Player\tbBS_1.dll (file missing)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - E:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll (file missing)
O3 - Toolbar: RecFree Toolbar - {0508F8F1-08E3-43EE-AAA8-09AD09803084} - E:\Program Files\RecFree.com\RecFreeToolbar\1.3.13.0\escorTlbr.dll (file missing)
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - E:\Program Files\BS_Player\tbBS_1.dll (file missing)
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = E:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: &Download All by FlashGet - E:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
O8 - Extra context menu item: &Download by FlashGet - E:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
O8 - Extra context menu item: &Search the web - http://toolbar.recfree.com/rcfr/ctxmnu.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\Program Files\ICQ6.5\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\Program Files\ICQ6.5\ICQ.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: RelevantKnowledge - E:\Program Files\RelevantKnowledge\rlls.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: COMODO EasyVPN VNC Service (CrdphService) - COMODO - E:\Program Files\COMODO\EasyVPN\crdphService.exe
O23 - Service: COMODO EasyVPN Service (EasyVpnAdpt) - Unknown owner - E:\Program Files\COMODO\EasyVPN\Vpnservice.exe
O23 - Service: Findbasic Service - Unknown owner - E:\Documents and Settings\All Users\Data aplikací\Findbasic\findbasic115.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate1ca300ec6a5bc4a) (gupdate1ca300ec6a5bc4a) - Unknown owner - E:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: PnkBstrA - Unknown owner - E:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - E:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - E:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: ServiceLayer - Unknown owner - E:\Program Files\PC Connectivity Solution\ServiceLayer.exe (file missing)
--
End of file - 9412 bytes
======Scheduled tasks folder======
E:\WINDOWS\tasks\AppleSoftwareUpdate.job
E:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
E:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01677B4B-0610-4814-94A0-5F570DD7A88F}]
Google Plus - E:\PROGRA~1\GOOGLE~1\17GOOG~1.DLL []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0286A85D-CD62-43bb-B7A9-A87D1D027160}]
Super-Search -Find more of what you need - E:\PROGRA~1\EASYSE~1\BHO\11SUPE~1.DLL []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F364306-AA45-47B5-9F9D-39A8B94E7EF1}]
FG2CatchUrl - E:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll [2008-08-19 104016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - E:\Documents and Settings\hip-hop forever\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2009-02-10 119808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D286E828-E6B9-484d-A058-D7323666DE33}]
CescrtHlpr Object - E:\Program Files\RecFree.com\RecFreeToolbar\1.3.13.0\escort.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - E:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-15 41368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-15 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
BS Player Toolbar - E:\Program Files\BS_Player\tbBS_1.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - E:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll []
{0508F8F1-08E3-43EE-AAA8-09AD09803084} - RecFree Toolbar - E:\Program Files\RecFree.com\RecFreeToolbar\1.3.13.0\escorTlbr.dll []
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - BS Player Toolbar - E:\Program Files\BS_Player\tbBS_1.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CHotkey"=E:\WINDOWS\mHotkey.exe [2004-12-08 550912]
"RTHDCPL"=E:\WINDOWS\RTHDCPL.EXE [2009-09-11 18717696]
"StartCCC"=E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-09-25 98304]
"avast!"=E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"QuickTime Task"=E:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=E:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
E:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
E:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2009-11-02 611712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comodo EasyVPN]
E:\Program Files\COMODO\EasyVPN\EasyVPN.exe [2009-09-28 3563768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
E:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
E:\Program Files\ICQ6.5\ICQ.exe silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite]
E:\Program Files\ICQLite\ICQLite.exe -minimize []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Update Machine]
sjhtfpkqy.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
E:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
E:\Program Files\Nokia\Nokia Music\NokiaMusic.exe [2009-07-02 2327840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
E:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP2005]
E:\Program Files\QIP\qip.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
E:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
E:\Hry\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiteVacuum]
E:\Program Files\EasySearch\SiteVacuumClient.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
E:\Program Files\Skype\Phone\Skype.exe [2009-07-16 25604904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
e:\program files\steam\steam.exe [2009-11-25 1217808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^Machr^Nabídka Start^Programy^Po spuštění^Automatické vypnutí počítače.lnk]
E:\PROGRA~1\AUTOMA~1\avp.exe [2004-12-28 443392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^Machr^Nabídka Start^Programy^Po spuštění^hamachi.lnk]
E:\PROGRA~1\Hamachi\hamachi.exe []
E:\Documents and Settings\Machr\Nabídka Start\Programy\Po spuštění
Stardock ObjectDock.lnk - E:\Program Files\Stardock\ObjectDock\ObjectDock.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
E:\WINDOWS\system32\Ati2evxx.dll [2009-09-23 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RelevantKnowledge]
E:\Program Files\RelevantKnowledge\rlls.dll [2010-01-29 385664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - E:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Hry\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="E:\Hry\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"E:\Hry\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe"="E:\Hry\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"G:\Games\Assassin's Creed\AssassinsCreed_Dx9.exe"="G:\Games\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"G:\Games\Assassin's Creed\AssassinsCreed_Dx10.exe"="G:\Games\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"G:\Games\Assassin's Creed\AssassinsCreed_Launcher.exe"="G:\Games\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"E:\Program Files\ICQ6\ICQ.exe"="E:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"E:\Hry\Pro Evolution Soccer 2009\CSP2009.exe"="E:\Hry\Pro Evolution Soccer 2009\CSP2009.exe:*:Enabled:Pro Evolution Soccer 2009"
"E:\WINDOWS\system32\PnkBstrA.exe"="E:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"E:\WINDOWS\system32\PnkBstrB.exe"="E:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"G:\Games\Call of DUTZ 5\CoDWaWmp.exe"="G:\Games\Call of DUTZ 5\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
"G:\Games\Call of DUTZ 5\CoDWaW.exe"="G:\Games\Call of DUTZ 5\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
"G:\Games\UT 3\Binaries\UT3.exe"="G:\Games\UT 3\Binaries\UT3.exe:*:Enabled:Unreal Tournament 3"
"G:\Games\PES 09\CSP2009.exe"="G:\Games\PES 09\CSP2009.exe:*:Enabled:Pro Evolution Soccer 2009"
"E:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="E:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"E:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="E:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"E:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="E:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"G:\Hry - INSTALACE\Warhammer Dawn of War 2\Warhammer_Dawn_of_War_2-WiCKED\DOW2.exe"="G:\Hry - INSTALACE\Warhammer Dawn of War 2\Warhammer_Dawn_of_War_2-WiCKED\DOW2.exe:*:Enabled:DOW2"
"G:\Games\The Battle for Middle-earth (tm) II\game.dat"="G:\Games\The Battle for Middle-earth (tm) II\game.dat:*:Enabled:The Battle for Middle-earth(tm) II"
"E:\Hry\Electronic Arts\The Lord of the Rings, The Rise of the Witch-king\game.dat"="E:\Hry\Electronic Arts\The Lord of the Rings, The Rise of the Witch-king\game.dat:*:Enabled:Bitva o Stoedozem II:Vzkoí1ení eernokni3ného krále"
"E:\Program Files\mIRC\mirc.exe"="E:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"E:\Hry\NHL 09\nhl2009.exe"="E:\Hry\NHL 09\nhl2009.exe:*:Enabled:nhl2009"
"G:\Games\The Lord of The Rings The Battle For Middle Earth 2 The Rise Of The Witch King\game.dat"="G:\Games\The Lord of The Rings The Battle For Middle Earth 2 The Rise Of The Witch King\game.dat:*:Enabled:The Lord of the Rings, The Rise of the Witch-king"
"G:\Games\UT 3 CZ\Binaries\UT3.exe"="G:\Games\UT 3 CZ\Binaries\UT3.exe:*:Enabled:UT3"
"G:\Games\Left4Dead\hl2.exe"="G:\Games\Left4Dead\hl2.exe:*:Enabled:hl2"
"E:\Hry\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="E:\Hry\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"E:\Program Files\uTorrent\utorrent.exe"="E:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"G:\Games\Warhamar\DOW2.exe"="G:\Games\Warhamar\DOW2.exe:*:Enabled:DOW2"
"G:\Games\Counter Strike\hl2.exe"="G:\Games\Counter Strike\hl2.exe:*:Enabled:hl2"
"G:\Games\Call of Duty 5\CoDWaW.exe"="G:\Games\Call of Duty 5\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"G:\Games\Call of Duty 5\CoDWaWmp.exe"="G:\Games\Call of Duty 5\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"G:\Games\Call of Duty 5\CoDWaW-lanfix 1.5.exe"="G:\Games\Call of Duty 5\CoDWaW-lanfix 1.5.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop"
"E:\Program Files\ICQLite\ICQLite.exe"="E:\Program Files\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite"
"E:\Program Files\QIP\qip.exe"="E:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"G:\Games\Call of Duty 5\CoDWaW_LANFixed.exe"="G:\Games\Call of Duty 5\CoDWaW_LANFixed.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop"
"E:\DC ++\StrongDC.exe"="E:\DC ++\StrongDC.exe:*:Enabled:StrongDC++"
"G:\Games\World of Warcraft ORIGINAL\Launcher.exe"="G:\Games\World of Warcraft ORIGINAL\Launcher.exe:*:Enabled:Blizzard Launcher"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.0.9.9551-to-3.1.0.9767-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.0.9.9551-to-3.1.0.9767-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\World of Warcraft ORIGINAL\BackgroundDownloader.exe"="G:\Games\World of Warcraft ORIGINAL\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"E:\Documents and Settings\Machr\Plocha\CSS\hl2.exe"="E:\Documents and Settings\Machr\Plocha\CSS\hl2.exe:*:Enabled:hl2"
"G:\Games\Burnout Paradise\BurnoutLauncher.exe"="G:\Games\Burnout Paradise\BurnoutLauncher.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"G:\Games\Burnout Paradise\BurnoutConfigTool.exe"="G:\Games\Burnout Paradise\BurnoutConfigTool.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"G:\Games\Burnout Paradise\BurnoutParadise.exe"="G:\Games\Burnout Paradise\BurnoutParadise.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"E:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="E:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Hry\Football Manager 09\fm.exe"="E:\Hry\Football Manager 09\fm.exe:*:Enabled:Football Manager 2009"
"E:\Program Files\Mozilla Firefox\firefox.exe"="E:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"G:\Games\Left4Dead\left4dead.exe"="G:\Games\Left4Dead\left4dead.exe:*:Enabled:left4dead"
"E:\Program Files\Garena\Garena.exe"="E:\Program Files\Garena\Garena.exe:*:Enabled:Garena"
"G:\Games\nhl 2002\nhl2002.exe"="G:\Games\nhl 2002\nhl2002.exe:*:Enabled:nhl2002"
"G:\Games\Call of Duty\CoDMP.exe"="G:\Games\Call of Duty\CoDMP.exe:*:Enabled:CoDMP"
"E:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="E:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"E:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="E:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"E:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe"="E:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe:*:Enabled:Media Player Classic - Homecinema"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Program Files\GIT\Git.exe"="E:\Program Files\GIT\Git.exe:*:Enabled:Gamer's Internet Tunnel"
"G:\Games\Call of Duty 5\server.exe"="G:\Games\Call of Duty 5\server.exe:*:Enabled:Call of Duty(R): World at War Multiplayer"
"C:\QIP Infium JadrisPack\infium.exe"="C:\QIP Infium JadrisPack\infium.exe:*:Enabled:QIP Infium"
"E:\Program Files\HLSW\hlsw.exe"="E:\Program Files\HLSW\hlsw.exe:*:Enabled:hlsw"
"E:\Program Files\Opera\opera.exe"="E:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"E:\Program Files\QIP8092\qip.exe"="E:\Program Files\QIP8092\qip.exe:*:Enabled:Quiet Internet Pager"
"E:\Hry\NHL 09-EVROPA\nhl2009.exe"="E:\Hry\NHL 09-EVROPA\nhl2009.exe:*:Enabled:nhl2009"
"G:\Games\NHL 09\nhl2009.exe"="G:\Games\NHL 09\nhl2009.exe:*:Enabled:nhl2009"
"E:\Hry\Warcraft III\Warcraft III.exe"="E:\Hry\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"G:\Games\World of Warcraft 3.1.3\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"="G:\Games\World of Warcraft 3.1.3\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\World of Warcraft 3.1.3\Launcher.exe"="G:\Games\World of Warcraft 3.1.3\Launcher.exe:*:Enabled:Blizzard Launcher"
"G:\Games\World of Warcraft 3.1.3\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"="G:\Games\World of Warcraft 3.1.3\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\NHL 2004\nhl2004.exe"="G:\Games\NHL 2004\nhl2004.exe:*:Enabled:nhl2004"
"E:\DOCUME~1\HIP-HO~1\LOCALS~1\Temp\Rar$EX00.406\Install.exe"="E:\DOCUME~1\HIP-HO~1\LOCALS~1\Temp\Rar$EX00.406\Install.exe:*:Enabled:Windows Messanger"
"E:\\3kQBghwpv.exe"="E:\\3kQBghwpv.exe:*:Enabled:Windows Messanger"
"E:\WINDOWS\system32\yudwhxwfa.exe"="E:\WINDOWS\system32\yudwhxwfa.exe:*:Enabled:Windows Messanger"
"E:\Program Files\TeamViewer\Version4\TeamViewer.exe"="E:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"E:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="E:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
"E:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="E:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
"E:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="E:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\WoW 3.0.9\WoW-3.2.0-enGB-downloader.exe"="G:\Games\WoW 3.0.9\WoW-3.2.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\WoW 3.0.9\Launcher.exe"="G:\Games\WoW 3.0.9\Launcher.exe:*:Enabled:Blizzard Launcher"
"G:\Games\WoW 3.0.9\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"="G:\Games\WoW 3.0.9\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\Call of Duty 4\iw3mp.exe"="G:\Games\Call of Duty 4\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\WINDOWS\system32\sjhtfpkqy.exe"="E:\WINDOWS\system32\sjhtfpkqy.exe:*:Enabled:Windows Messanger"
"G:\Games\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"="G:\Games\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Documents and Settings\Machr\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe"="E:\Documents and Settings\Machr\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player"
"G:\Games\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe"="G:\Games\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe:*:Enabled:Batman: Arkham Asylum"
"G:\Games\Warcraft III\Warcraft III.exe"="G:\Games\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"G:\Games\Warcraft III\war3.exe"="G:\Games\Warcraft III\war3.exe:*:Enabled:Warcraft III"
"G:\Games\Pro Evolution Soccer 2010\pes2010.exe"="G:\Games\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"G:\Games\TmNationsForever\TmForever.exe"="G:\Games\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"E:\Documents and Settings\Machr\Local Settings\Temp\~os51D.tmp\rlvknlg.exe"="E:\Documents and Settings\Machr\Local Settings\Temp\~os51D.tmp\rlvknlg.exe:*:Enabled:rlvknlg.exe"
"E:\Documents and Settings\Machr\Local Settings\Temp\~os4.tmp\rlvknlg.exe"="E:\Documents and Settings\Machr\Local Settings\Temp\~os4.tmp\rlvknlg.exe:*:Enabled:rlvknlg.exe"
"G:\Games\bbbbbb\Binaries\Borderlands.exe"="G:\Games\bbbbbb\Binaries\Borderlands.exe:*:Enabled:Borderlands"
"G:\Games\Pro Evolution Soccer 2010\PESFanatic 2010.exe"="G:\Games\Pro Evolution Soccer 2010\PESFanatic 2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"E:\Program Files\SopCast\SopCast.exe"="E:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"E:\Program Files\SopCast\adv\SopAdver.exe"="E:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"G:\Games\Modern Warfare 2\iw4sp.exe"="G:\Games\Modern Warfare 2\iw4sp.exe:*:Enabled:iw4sp"
"E:\Program Files\Steam\Steam.exe"="E:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"G:\Games\Modern Warfare 2\iw4mp.exe"="G:\Games\Modern Warfare 2\iw4mp.exe:*:Enabled:iw4mp"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2010-02-14 11:25:28 ----D---- E:\rsit
2010-02-10 20:52:52 ----HDC---- E:\WINDOWS\$NtUninstallKB978262$
2010-02-10 20:52:47 ----HDC---- E:\WINDOWS\$NtUninstallKB971468$
2010-02-10 20:48:55 ----HDC---- E:\WINDOWS\$NtUninstallKB978037$
2010-02-10 20:48:51 ----HDC---- E:\WINDOWS\$NtUninstallKB975713$
2010-02-10 20:48:46 ----HDC---- E:\WINDOWS\$NtUninstallKB978251$
2010-02-10 20:48:39 ----HDC---- E:\WINDOWS\$NtUninstallKB975560$
2010-02-10 20:47:42 ----HDC---- E:\WINDOWS\$NtUninstallKB977914$
2010-02-10 20:47:29 ----HDC---- E:\WINDOWS\$NtUninstallKB978706$
2010-02-10 20:47:12 ----HDC---- E:\WINDOWS\$NtUninstallKB977165$
2010-02-08 13:31:21 ----D---- E:\Documents and Settings\Machr\Data aplikací\Facebook
======List of files/folders modified in the last 1 months======
2010-02-14 11:25:33 ----D---- E:\WINDOWS\Prefetch
2010-02-14 11:23:37 ----D---- E:\WINDOWS\Temp
2010-02-14 11:22:54 ----D---- E:\Program Files\Mozilla Firefox
2010-02-13 23:58:16 ----RD---- E:\Program Files
2010-02-13 23:57:57 ----D---- E:\Program Files\Windows Media Connect 2
2010-02-13 23:56:17 ----D---- E:\Program Files\RelevantKnowledge
2010-02-13 23:19:49 ----D---- E:\Documents and Settings\Machr\Data aplikací\vlc
2010-02-13 21:29:07 ----D---- E:\Program Files\mIRC
2010-02-13 11:09:53 ----D---- E:\Mp3
2010-02-12 14:02:04 ----D---- E:\WINDOWS\system32
2010-02-12 12:38:08 ----D---- E:\WINDOWS\system32\CatRoot2
2010-02-11 21:56:50 ----A---- E:\WINDOWS\SchedLgU.Txt
2010-02-11 11:10:12 ----RD---- E:\Filmy
2010-02-11 09:33:39 ----D---- E:\WINDOWS\system32\config
2010-02-10 20:55:59 ----D---- E:\WINDOWS
2010-02-10 20:52:54 ----HD---- E:\WINDOWS\inf
2010-02-10 20:52:51 ----HD---- E:\WINDOWS\$hf_mig$
2010-02-10 20:52:49 ----RSHDC---- E:\WINDOWS\system32\dllcache
2010-02-10 20:52:49 ----D---- E:\WINDOWS\system32\drivers
2010-02-10 20:52:49 ----A---- E:\WINDOWS\imsins.BAK
2010-02-10 20:48:35 ----SHD---- E:\WINDOWS\Installer
2010-02-10 20:48:34 ----D---- E:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-02-09 15:27:16 ----D---- E:\Documents and Settings\Machr\Data aplikací\BITS
2010-02-09 10:30:58 ----A---- E:\WINDOWS\win.ini
2010-02-09 10:30:58 ----A---- E:\WINDOWS\system.ini
2010-02-08 23:56:08 ----D---- E:\WINDOWS\pss
2010-02-08 23:52:46 ----D---- E:\Program Files\Steam
2010-02-08 23:52:13 ----A---- E:\WINDOWS\avp.ini
2010-02-08 23:20:04 ----D---- E:\Documents and Settings\Machr\Data aplikací\dvdcss
2010-02-08 11:05:20 ----D---- E:\Program Files\Internet Explorer
2010-02-01 20:26:20 ----A---- E:\WINDOWS\system32\MRT.exe
2010-01-22 12:53:17 ----D---- E:\WINDOWS\ie8updates
2010-01-22 08:43:04 ----D---- E:\Program Files\Microsoft Silverlight
2010-01-17 17:40:42 ----RD---- E:\Program Files\Programy atd
2010-01-15 20:11:31 ----D---- E:\WINDOWS\Minidump
2010-01-15 19:30:48 ----D---- E:\Documents and Settings\Machr\Data aplikací\ICQ
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; E:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; E:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; E:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Řadič procesoru Intel; E:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; E:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 adfs;adfs; E:\WINDOWS\system32\drivers\adfs.sys [2009-11-02 73312]
R2 aswFsBlk;aswFsBlk; E:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; E:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R3 aswRdr;aswRdr; E:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; E:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-09-23 4481024]
R3 ATP;Comodo EasyVPN Miniport Driver; E:\WINDOWS\system32\DRIVERS\cmdatp.sys [2008-12-10 17424]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; E:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; E:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); E:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-09-11 5911552]
R3 mouhid;Ovladač myši standardu HID; E:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; E:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-10-30 117888]
R3 tap0901;TAP-Win32 Adapter V9; E:\WINDOWS\system32\DRIVERS\tap0901.sys [2008-01-30 25216]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; E:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; E:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; E:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; E:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 Ambfilt;Ambfilt; E:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 Arp1394;Protokol 1394 ARP Client; E:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 attx5v94;attx5v94; E:\WINDOWS\system32\drivers\attx5v94.sys []
S3 GarenaPEngine;GarenaPEngine; \??\E:\DOCUME~1\Machr\LOCALS~1\Temp\LQF1F.tmp []
S3 gdrv;gdrv; \??\E:\WINDOWS\gdrv.sys []
S3 hamachi;Hamachi Network Interface; E:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 Monfilt;Monfilt; E:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; E:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 NIC1394;1394 Net Driver; E:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 nmwcd;Nokia USB Phone Parent; E:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; E:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; E:\WINDOWS\system32\drivers\nmwcdnsu.sys [2009-03-19 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; E:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2009-03-19 8320]
S3 NPF;NetGroup Packet Filter Driver; E:\WINDOWS\system32\drivers\npf.sys [2003-04-04 30336]
S3 pccsmcfd;PCCS Mode Change Filter Driver; E:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; E:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; E:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
S3 usbser;USB Modem Driver; E:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; E:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; E:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; E:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; E:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 IntelIde;IntelIde; E:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; E:\WINDOWS\system32\Ati2evxx.exe [2009-09-23 602112]
R2 avast! Antivirus;avast! Antivirus; E:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 CrdphService;COMODO EasyVPN VNC Service; E:\Program Files\COMODO\EasyVPN\crdphService.exe [2009-08-11 491768]
R2 EasyVpnAdpt;COMODO EasyVPN Service; E:\Program Files\COMODO\EasyVPN\Vpnservice.exe [2009-08-11 45304]
R2 JavaQuickStarterService;Java Quick Starter; E:\Program Files\Java\jre6\bin\jqs.exe [2009-07-15 152984]
R2 PnkBstrA;PnkBstrA; E:\WINDOWS\system32\PnkBstrA.exe [2009-09-28 75064]
R2 PnkBstrB;PnkBstrB; E:\WINDOWS\system32\PnkBstrB.exe [2009-10-11 190144]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; E:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; E:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 ATI Smart;ATI Smart; E:\WINDOWS\system32\ati2sgag.exe [2009-09-25 593920]
S2 Findbasic Service;Findbasic Service; E:\Documents and Settings\All Users\Data aplikací\Findbasic\findbasic115.exe [2009-06-30 54776]
S2 gupdate1ca300ec6a5bc4a;Služba Google Update (gupdate1ca300ec6a5bc4a); E:\Program Files\Google\Update\GoogleUpdate.exe /svc []
S3 aspnet_state;Stavová služba ASP.NET; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-08-02 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; E:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; E:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; E:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; E:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); E:\Program Files\WinPcap\rpcapd.exe -d -f E:\Program Files\WinPcap\rpcapd.ini []
S3 ServiceLayer;ServiceLayer; E:\Program Files\PC Connectivity Solution\ServiceLayer.exe []
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; E:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by Machr at 2010-02-14 11:25:28
Systém Microsoft Windows XP Professional Service Pack 3
System drive E: has 21 GB (16%) free of 133 GB
Total RAM: 2046 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:25:49, on 14.2.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\COMODO\EasyVPN\crdphService.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
E:\Program Files\Alwil Software\Avast4\ashServ.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\COMODO\EasyVPN\Vpnservice.exe
E:\Program Files\Java\jre6\bin\jqs.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\WINDOWS\system32\PnkBstrB.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
E:\WINDOWS\system32\wbem\wmiapsrv.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\mHotkey.exe
E:\WINDOWS\RTHDCPL.EXE
E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
E:\WINDOWS\system32\ctfmon.exe
E:\WINDOWS\system32\wbem\unsecapp.exe
E:\Program Files\Stardock\ObjectDock\ObjectDock.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
E:\Program Files\RelevantKnowledge\rlvknlg.exe
E:\PROGRA~1\ALWILS~1\Avast4\ashQuick.exe
E:\WINDOWS\system32\wuauclt.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Documents and Settings\Machr\Plocha\RSIT.exe
E:\Program Files\Trend Micro\HijackThis\Machr.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.europowersearch.com/Search.h ... rchLang=CZ
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.ask.com/web?q={searchTerms}&o=14677&l=dis
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - E:\Documents and Settings\hip-hop forever\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Google Plus - {01677B4B-0610-4814-94A0-5F570DD7A88F} - E:\PROGRA~1\GOOGLE~1\17GOOG~1.DLL (file missing)
O2 - BHO: Super-Search -Find more of what you need - {0286A85D-CD62-43bb-B7A9-A87D1D027160} - E:\PROGRA~1\EASYSE~1\BHO\11SUPE~1.DLL (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - E:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - E:\Documents and Settings\hip-hop forever\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Recfree toolbar helper - {D286E828-E6B9-484d-A058-D7323666DE33} - E:\Program Files\RecFree.com\RecFreeToolbar\1.3.13.0\escort.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - E:\Program Files\BS_Player\tbBS_1.dll (file missing)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - E:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll (file missing)
O3 - Toolbar: RecFree Toolbar - {0508F8F1-08E3-43EE-AAA8-09AD09803084} - E:\Program Files\RecFree.com\RecFreeToolbar\1.3.13.0\escorTlbr.dll (file missing)
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - E:\Program Files\BS_Player\tbBS_1.dll (file missing)
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = E:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: &Download All by FlashGet - E:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
O8 - Extra context menu item: &Download by FlashGet - E:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
O8 - Extra context menu item: &Search the web - http://toolbar.recfree.com/rcfr/ctxmnu.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\Program Files\ICQ6.5\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\Program Files\ICQ6.5\ICQ.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: RelevantKnowledge - E:\Program Files\RelevantKnowledge\rlls.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: COMODO EasyVPN VNC Service (CrdphService) - COMODO - E:\Program Files\COMODO\EasyVPN\crdphService.exe
O23 - Service: COMODO EasyVPN Service (EasyVpnAdpt) - Unknown owner - E:\Program Files\COMODO\EasyVPN\Vpnservice.exe
O23 - Service: Findbasic Service - Unknown owner - E:\Documents and Settings\All Users\Data aplikací\Findbasic\findbasic115.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate1ca300ec6a5bc4a) (gupdate1ca300ec6a5bc4a) - Unknown owner - E:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: PnkBstrA - Unknown owner - E:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - E:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - E:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: ServiceLayer - Unknown owner - E:\Program Files\PC Connectivity Solution\ServiceLayer.exe (file missing)
--
End of file - 9412 bytes
======Scheduled tasks folder======
E:\WINDOWS\tasks\AppleSoftwareUpdate.job
E:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
E:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01677B4B-0610-4814-94A0-5F570DD7A88F}]
Google Plus - E:\PROGRA~1\GOOGLE~1\17GOOG~1.DLL []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0286A85D-CD62-43bb-B7A9-A87D1D027160}]
Super-Search -Find more of what you need - E:\PROGRA~1\EASYSE~1\BHO\11SUPE~1.DLL []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F364306-AA45-47B5-9F9D-39A8B94E7EF1}]
FG2CatchUrl - E:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll [2008-08-19 104016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - E:\Documents and Settings\hip-hop forever\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2009-02-10 119808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D286E828-E6B9-484d-A058-D7323666DE33}]
CescrtHlpr Object - E:\Program Files\RecFree.com\RecFreeToolbar\1.3.13.0\escort.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - E:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-15 41368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-15 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
BS Player Toolbar - E:\Program Files\BS_Player\tbBS_1.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - E:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll []
{0508F8F1-08E3-43EE-AAA8-09AD09803084} - RecFree Toolbar - E:\Program Files\RecFree.com\RecFreeToolbar\1.3.13.0\escorTlbr.dll []
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - BS Player Toolbar - E:\Program Files\BS_Player\tbBS_1.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CHotkey"=E:\WINDOWS\mHotkey.exe [2004-12-08 550912]
"RTHDCPL"=E:\WINDOWS\RTHDCPL.EXE [2009-09-11 18717696]
"StartCCC"=E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-09-25 98304]
"avast!"=E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"QuickTime Task"=E:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=E:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
E:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
E:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2009-11-02 611712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comodo EasyVPN]
E:\Program Files\COMODO\EasyVPN\EasyVPN.exe [2009-09-28 3563768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
E:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
E:\Program Files\ICQ6.5\ICQ.exe silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite]
E:\Program Files\ICQLite\ICQLite.exe -minimize []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Update Machine]
sjhtfpkqy.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
E:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
E:\Program Files\Nokia\Nokia Music\NokiaMusic.exe [2009-07-02 2327840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
E:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP2005]
E:\Program Files\QIP\qip.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
E:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
E:\Hry\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiteVacuum]
E:\Program Files\EasySearch\SiteVacuumClient.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
E:\Program Files\Skype\Phone\Skype.exe [2009-07-16 25604904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
e:\program files\steam\steam.exe [2009-11-25 1217808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^Machr^Nabídka Start^Programy^Po spuštění^Automatické vypnutí počítače.lnk]
E:\PROGRA~1\AUTOMA~1\avp.exe [2004-12-28 443392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^Machr^Nabídka Start^Programy^Po spuštění^hamachi.lnk]
E:\PROGRA~1\Hamachi\hamachi.exe []
E:\Documents and Settings\Machr\Nabídka Start\Programy\Po spuštění
Stardock ObjectDock.lnk - E:\Program Files\Stardock\ObjectDock\ObjectDock.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
E:\WINDOWS\system32\Ati2evxx.dll [2009-09-23 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RelevantKnowledge]
E:\Program Files\RelevantKnowledge\rlls.dll [2010-01-29 385664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - E:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Hry\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="E:\Hry\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"E:\Hry\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe"="E:\Hry\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"G:\Games\Assassin's Creed\AssassinsCreed_Dx9.exe"="G:\Games\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"G:\Games\Assassin's Creed\AssassinsCreed_Dx10.exe"="G:\Games\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"G:\Games\Assassin's Creed\AssassinsCreed_Launcher.exe"="G:\Games\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"E:\Program Files\ICQ6\ICQ.exe"="E:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"E:\Hry\Pro Evolution Soccer 2009\CSP2009.exe"="E:\Hry\Pro Evolution Soccer 2009\CSP2009.exe:*:Enabled:Pro Evolution Soccer 2009"
"E:\WINDOWS\system32\PnkBstrA.exe"="E:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"E:\WINDOWS\system32\PnkBstrB.exe"="E:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"G:\Games\Call of DUTZ 5\CoDWaWmp.exe"="G:\Games\Call of DUTZ 5\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
"G:\Games\Call of DUTZ 5\CoDWaW.exe"="G:\Games\Call of DUTZ 5\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
"G:\Games\UT 3\Binaries\UT3.exe"="G:\Games\UT 3\Binaries\UT3.exe:*:Enabled:Unreal Tournament 3"
"G:\Games\PES 09\CSP2009.exe"="G:\Games\PES 09\CSP2009.exe:*:Enabled:Pro Evolution Soccer 2009"
"E:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="E:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"E:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="E:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"E:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="E:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"G:\Hry - INSTALACE\Warhammer Dawn of War 2\Warhammer_Dawn_of_War_2-WiCKED\DOW2.exe"="G:\Hry - INSTALACE\Warhammer Dawn of War 2\Warhammer_Dawn_of_War_2-WiCKED\DOW2.exe:*:Enabled:DOW2"
"G:\Games\The Battle for Middle-earth (tm) II\game.dat"="G:\Games\The Battle for Middle-earth (tm) II\game.dat:*:Enabled:The Battle for Middle-earth(tm) II"
"E:\Hry\Electronic Arts\The Lord of the Rings, The Rise of the Witch-king\game.dat"="E:\Hry\Electronic Arts\The Lord of the Rings, The Rise of the Witch-king\game.dat:*:Enabled:Bitva o Stoedozem II:Vzkoí1ení eernokni3ného krále"
"E:\Program Files\mIRC\mirc.exe"="E:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"E:\Hry\NHL 09\nhl2009.exe"="E:\Hry\NHL 09\nhl2009.exe:*:Enabled:nhl2009"
"G:\Games\The Lord of The Rings The Battle For Middle Earth 2 The Rise Of The Witch King\game.dat"="G:\Games\The Lord of The Rings The Battle For Middle Earth 2 The Rise Of The Witch King\game.dat:*:Enabled:The Lord of the Rings, The Rise of the Witch-king"
"G:\Games\UT 3 CZ\Binaries\UT3.exe"="G:\Games\UT 3 CZ\Binaries\UT3.exe:*:Enabled:UT3"
"G:\Games\Left4Dead\hl2.exe"="G:\Games\Left4Dead\hl2.exe:*:Enabled:hl2"
"E:\Hry\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="E:\Hry\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"E:\Program Files\uTorrent\utorrent.exe"="E:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"G:\Games\Warhamar\DOW2.exe"="G:\Games\Warhamar\DOW2.exe:*:Enabled:DOW2"
"G:\Games\Counter Strike\hl2.exe"="G:\Games\Counter Strike\hl2.exe:*:Enabled:hl2"
"G:\Games\Call of Duty 5\CoDWaW.exe"="G:\Games\Call of Duty 5\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"G:\Games\Call of Duty 5\CoDWaWmp.exe"="G:\Games\Call of Duty 5\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"G:\Games\Call of Duty 5\CoDWaW-lanfix 1.5.exe"="G:\Games\Call of Duty 5\CoDWaW-lanfix 1.5.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop"
"E:\Program Files\ICQLite\ICQLite.exe"="E:\Program Files\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite"
"E:\Program Files\QIP\qip.exe"="E:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"G:\Games\Call of Duty 5\CoDWaW_LANFixed.exe"="G:\Games\Call of Duty 5\CoDWaW_LANFixed.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop"
"E:\DC ++\StrongDC.exe"="E:\DC ++\StrongDC.exe:*:Enabled:StrongDC++"
"G:\Games\World of Warcraft ORIGINAL\Launcher.exe"="G:\Games\World of Warcraft ORIGINAL\Launcher.exe:*:Enabled:Blizzard Launcher"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.0.9.9551-to-3.1.0.9767-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.0.9.9551-to-3.1.0.9767-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\World of Warcraft ORIGINAL\BackgroundDownloader.exe"="G:\Games\World of Warcraft ORIGINAL\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"E:\Documents and Settings\Machr\Plocha\CSS\hl2.exe"="E:\Documents and Settings\Machr\Plocha\CSS\hl2.exe:*:Enabled:hl2"
"G:\Games\Burnout Paradise\BurnoutLauncher.exe"="G:\Games\Burnout Paradise\BurnoutLauncher.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"G:\Games\Burnout Paradise\BurnoutConfigTool.exe"="G:\Games\Burnout Paradise\BurnoutConfigTool.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"G:\Games\Burnout Paradise\BurnoutParadise.exe"="G:\Games\Burnout Paradise\BurnoutParadise.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"E:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="E:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Hry\Football Manager 09\fm.exe"="E:\Hry\Football Manager 09\fm.exe:*:Enabled:Football Manager 2009"
"E:\Program Files\Mozilla Firefox\firefox.exe"="E:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"G:\Games\Left4Dead\left4dead.exe"="G:\Games\Left4Dead\left4dead.exe:*:Enabled:left4dead"
"E:\Program Files\Garena\Garena.exe"="E:\Program Files\Garena\Garena.exe:*:Enabled:Garena"
"G:\Games\nhl 2002\nhl2002.exe"="G:\Games\nhl 2002\nhl2002.exe:*:Enabled:nhl2002"
"G:\Games\Call of Duty\CoDMP.exe"="G:\Games\Call of Duty\CoDMP.exe:*:Enabled:CoDMP"
"E:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="E:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"E:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="E:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"E:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe"="E:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe:*:Enabled:Media Player Classic - Homecinema"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Program Files\GIT\Git.exe"="E:\Program Files\GIT\Git.exe:*:Enabled:Gamer's Internet Tunnel"
"G:\Games\Call of Duty 5\server.exe"="G:\Games\Call of Duty 5\server.exe:*:Enabled:Call of Duty(R): World at War Multiplayer"
"C:\QIP Infium JadrisPack\infium.exe"="C:\QIP Infium JadrisPack\infium.exe:*:Enabled:QIP Infium"
"E:\Program Files\HLSW\hlsw.exe"="E:\Program Files\HLSW\hlsw.exe:*:Enabled:hlsw"
"E:\Program Files\Opera\opera.exe"="E:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"E:\Program Files\QIP8092\qip.exe"="E:\Program Files\QIP8092\qip.exe:*:Enabled:Quiet Internet Pager"
"E:\Hry\NHL 09-EVROPA\nhl2009.exe"="E:\Hry\NHL 09-EVROPA\nhl2009.exe:*:Enabled:nhl2009"
"G:\Games\NHL 09\nhl2009.exe"="G:\Games\NHL 09\nhl2009.exe:*:Enabled:nhl2009"
"E:\Hry\Warcraft III\Warcraft III.exe"="E:\Hry\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"G:\Games\World of Warcraft 3.1.3\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"="G:\Games\World of Warcraft 3.1.3\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\World of Warcraft 3.1.3\Launcher.exe"="G:\Games\World of Warcraft 3.1.3\Launcher.exe:*:Enabled:Blizzard Launcher"
"G:\Games\World of Warcraft 3.1.3\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"="G:\Games\World of Warcraft 3.1.3\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\NHL 2004\nhl2004.exe"="G:\Games\NHL 2004\nhl2004.exe:*:Enabled:nhl2004"
"E:\DOCUME~1\HIP-HO~1\LOCALS~1\Temp\Rar$EX00.406\Install.exe"="E:\DOCUME~1\HIP-HO~1\LOCALS~1\Temp\Rar$EX00.406\Install.exe:*:Enabled:Windows Messanger"
"E:\\3kQBghwpv.exe"="E:\\3kQBghwpv.exe:*:Enabled:Windows Messanger"
"E:\WINDOWS\system32\yudwhxwfa.exe"="E:\WINDOWS\system32\yudwhxwfa.exe:*:Enabled:Windows Messanger"
"E:\Program Files\TeamViewer\Version4\TeamViewer.exe"="E:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"E:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="E:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
"E:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="E:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
"E:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="E:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\WoW 3.0.9\WoW-3.2.0-enGB-downloader.exe"="G:\Games\WoW 3.0.9\WoW-3.2.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\WoW 3.0.9\Launcher.exe"="G:\Games\WoW 3.0.9\Launcher.exe:*:Enabled:Blizzard Launcher"
"G:\Games\WoW 3.0.9\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"="G:\Games\WoW 3.0.9\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\Call of Duty 4\iw3mp.exe"="G:\Games\Call of Duty 4\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\WINDOWS\system32\sjhtfpkqy.exe"="E:\WINDOWS\system32\sjhtfpkqy.exe:*:Enabled:Windows Messanger"
"G:\Games\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"="G:\Games\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Documents and Settings\Machr\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe"="E:\Documents and Settings\Machr\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player"
"G:\Games\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe"="G:\Games\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe:*:Enabled:Batman: Arkham Asylum"
"G:\Games\Warcraft III\Warcraft III.exe"="G:\Games\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"G:\Games\Warcraft III\war3.exe"="G:\Games\Warcraft III\war3.exe:*:Enabled:Warcraft III"
"G:\Games\Pro Evolution Soccer 2010\pes2010.exe"="G:\Games\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"G:\Games\TmNationsForever\TmForever.exe"="G:\Games\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"E:\Documents and Settings\Machr\Local Settings\Temp\~os51D.tmp\rlvknlg.exe"="E:\Documents and Settings\Machr\Local Settings\Temp\~os51D.tmp\rlvknlg.exe:*:Enabled:rlvknlg.exe"
"E:\Documents and Settings\Machr\Local Settings\Temp\~os4.tmp\rlvknlg.exe"="E:\Documents and Settings\Machr\Local Settings\Temp\~os4.tmp\rlvknlg.exe:*:Enabled:rlvknlg.exe"
"G:\Games\bbbbbb\Binaries\Borderlands.exe"="G:\Games\bbbbbb\Binaries\Borderlands.exe:*:Enabled:Borderlands"
"G:\Games\Pro Evolution Soccer 2010\PESFanatic 2010.exe"="G:\Games\Pro Evolution Soccer 2010\PESFanatic 2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"E:\Program Files\SopCast\SopCast.exe"="E:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"E:\Program Files\SopCast\adv\SopAdver.exe"="E:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"G:\Games\Modern Warfare 2\iw4sp.exe"="G:\Games\Modern Warfare 2\iw4sp.exe:*:Enabled:iw4sp"
"E:\Program Files\Steam\Steam.exe"="E:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"G:\Games\Modern Warfare 2\iw4mp.exe"="G:\Games\Modern Warfare 2\iw4mp.exe:*:Enabled:iw4mp"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2010-02-14 11:25:28 ----D---- E:\rsit
2010-02-10 20:52:52 ----HDC---- E:\WINDOWS\$NtUninstallKB978262$
2010-02-10 20:52:47 ----HDC---- E:\WINDOWS\$NtUninstallKB971468$
2010-02-10 20:48:55 ----HDC---- E:\WINDOWS\$NtUninstallKB978037$
2010-02-10 20:48:51 ----HDC---- E:\WINDOWS\$NtUninstallKB975713$
2010-02-10 20:48:46 ----HDC---- E:\WINDOWS\$NtUninstallKB978251$
2010-02-10 20:48:39 ----HDC---- E:\WINDOWS\$NtUninstallKB975560$
2010-02-10 20:47:42 ----HDC---- E:\WINDOWS\$NtUninstallKB977914$
2010-02-10 20:47:29 ----HDC---- E:\WINDOWS\$NtUninstallKB978706$
2010-02-10 20:47:12 ----HDC---- E:\WINDOWS\$NtUninstallKB977165$
2010-02-08 13:31:21 ----D---- E:\Documents and Settings\Machr\Data aplikací\Facebook
======List of files/folders modified in the last 1 months======
2010-02-14 11:25:33 ----D---- E:\WINDOWS\Prefetch
2010-02-14 11:23:37 ----D---- E:\WINDOWS\Temp
2010-02-14 11:22:54 ----D---- E:\Program Files\Mozilla Firefox
2010-02-13 23:58:16 ----RD---- E:\Program Files
2010-02-13 23:57:57 ----D---- E:\Program Files\Windows Media Connect 2
2010-02-13 23:56:17 ----D---- E:\Program Files\RelevantKnowledge
2010-02-13 23:19:49 ----D---- E:\Documents and Settings\Machr\Data aplikací\vlc
2010-02-13 21:29:07 ----D---- E:\Program Files\mIRC
2010-02-13 11:09:53 ----D---- E:\Mp3
2010-02-12 14:02:04 ----D---- E:\WINDOWS\system32
2010-02-12 12:38:08 ----D---- E:\WINDOWS\system32\CatRoot2
2010-02-11 21:56:50 ----A---- E:\WINDOWS\SchedLgU.Txt
2010-02-11 11:10:12 ----RD---- E:\Filmy
2010-02-11 09:33:39 ----D---- E:\WINDOWS\system32\config
2010-02-10 20:55:59 ----D---- E:\WINDOWS
2010-02-10 20:52:54 ----HD---- E:\WINDOWS\inf
2010-02-10 20:52:51 ----HD---- E:\WINDOWS\$hf_mig$
2010-02-10 20:52:49 ----RSHDC---- E:\WINDOWS\system32\dllcache
2010-02-10 20:52:49 ----D---- E:\WINDOWS\system32\drivers
2010-02-10 20:52:49 ----A---- E:\WINDOWS\imsins.BAK
2010-02-10 20:48:35 ----SHD---- E:\WINDOWS\Installer
2010-02-10 20:48:34 ----D---- E:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-02-09 15:27:16 ----D---- E:\Documents and Settings\Machr\Data aplikací\BITS
2010-02-09 10:30:58 ----A---- E:\WINDOWS\win.ini
2010-02-09 10:30:58 ----A---- E:\WINDOWS\system.ini
2010-02-08 23:56:08 ----D---- E:\WINDOWS\pss
2010-02-08 23:52:46 ----D---- E:\Program Files\Steam
2010-02-08 23:52:13 ----A---- E:\WINDOWS\avp.ini
2010-02-08 23:20:04 ----D---- E:\Documents and Settings\Machr\Data aplikací\dvdcss
2010-02-08 11:05:20 ----D---- E:\Program Files\Internet Explorer
2010-02-01 20:26:20 ----A---- E:\WINDOWS\system32\MRT.exe
2010-01-22 12:53:17 ----D---- E:\WINDOWS\ie8updates
2010-01-22 08:43:04 ----D---- E:\Program Files\Microsoft Silverlight
2010-01-17 17:40:42 ----RD---- E:\Program Files\Programy atd
2010-01-15 20:11:31 ----D---- E:\WINDOWS\Minidump
2010-01-15 19:30:48 ----D---- E:\Documents and Settings\Machr\Data aplikací\ICQ
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; E:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; E:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; E:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Řadič procesoru Intel; E:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; E:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 adfs;adfs; E:\WINDOWS\system32\drivers\adfs.sys [2009-11-02 73312]
R2 aswFsBlk;aswFsBlk; E:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; E:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R3 aswRdr;aswRdr; E:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; E:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-09-23 4481024]
R3 ATP;Comodo EasyVPN Miniport Driver; E:\WINDOWS\system32\DRIVERS\cmdatp.sys [2008-12-10 17424]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; E:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; E:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); E:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-09-11 5911552]
R3 mouhid;Ovladač myši standardu HID; E:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; E:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-10-30 117888]
R3 tap0901;TAP-Win32 Adapter V9; E:\WINDOWS\system32\DRIVERS\tap0901.sys [2008-01-30 25216]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; E:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; E:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; E:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; E:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 Ambfilt;Ambfilt; E:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 Arp1394;Protokol 1394 ARP Client; E:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 attx5v94;attx5v94; E:\WINDOWS\system32\drivers\attx5v94.sys []
S3 GarenaPEngine;GarenaPEngine; \??\E:\DOCUME~1\Machr\LOCALS~1\Temp\LQF1F.tmp []
S3 gdrv;gdrv; \??\E:\WINDOWS\gdrv.sys []
S3 hamachi;Hamachi Network Interface; E:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 Monfilt;Monfilt; E:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; E:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 NIC1394;1394 Net Driver; E:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 nmwcd;Nokia USB Phone Parent; E:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; E:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; E:\WINDOWS\system32\drivers\nmwcdnsu.sys [2009-03-19 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; E:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2009-03-19 8320]
S3 NPF;NetGroup Packet Filter Driver; E:\WINDOWS\system32\drivers\npf.sys [2003-04-04 30336]
S3 pccsmcfd;PCCS Mode Change Filter Driver; E:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; E:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; E:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
S3 usbser;USB Modem Driver; E:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; E:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; E:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; E:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; E:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 IntelIde;IntelIde; E:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; E:\WINDOWS\system32\Ati2evxx.exe [2009-09-23 602112]
R2 avast! Antivirus;avast! Antivirus; E:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 CrdphService;COMODO EasyVPN VNC Service; E:\Program Files\COMODO\EasyVPN\crdphService.exe [2009-08-11 491768]
R2 EasyVpnAdpt;COMODO EasyVPN Service; E:\Program Files\COMODO\EasyVPN\Vpnservice.exe [2009-08-11 45304]
R2 JavaQuickStarterService;Java Quick Starter; E:\Program Files\Java\jre6\bin\jqs.exe [2009-07-15 152984]
R2 PnkBstrA;PnkBstrA; E:\WINDOWS\system32\PnkBstrA.exe [2009-09-28 75064]
R2 PnkBstrB;PnkBstrB; E:\WINDOWS\system32\PnkBstrB.exe [2009-10-11 190144]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; E:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; E:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 ATI Smart;ATI Smart; E:\WINDOWS\system32\ati2sgag.exe [2009-09-25 593920]
S2 Findbasic Service;Findbasic Service; E:\Documents and Settings\All Users\Data aplikací\Findbasic\findbasic115.exe [2009-06-30 54776]
S2 gupdate1ca300ec6a5bc4a;Služba Google Update (gupdate1ca300ec6a5bc4a); E:\Program Files\Google\Update\GoogleUpdate.exe /svc []
S3 aspnet_state;Stavová služba ASP.NET; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-08-02 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; E:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; E:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; E:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; E:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); E:\Program Files\WinPcap\rpcapd.exe -d -f E:\Program Files\WinPcap\rpcapd.ini []
S3 ServiceLayer;ServiceLayer; E:\Program Files\PC Connectivity Solution\ServiceLayer.exe []
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; E:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
-
Unlimited_Killer
- Přítel fóra
- Příspěvky: 1969
- Registrován: 24 srp 2009 16:18
Re: Prosim o radu a zkontrolovani PC :)
Jdeme na to. 
1) OTMoveit3
1) OTMoveit3
- Stáhněte OTM3 na Plochu.
- Spusťte ho dvojklikem na OTM.exe, pokud to nepůjde, zkuste to s adminskými právy.
- Do levého okna 'Paste Instructions for Items to be Moved' vkopírujte následující skript:
Kód: Vybrat vše
:reg [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{95289393-33EA-4F8D-B952-483415B9C955}"=- [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01677B4B-0610-4814-94A0-5F570DD7A88F}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0286A85D-CD62-43bb-B7A9-A87D1D027160}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D286E828-E6B9-484d-A058-D7323666DE33}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{32099AAC-C132-4136-9E9A-4E364A424E17}"=- "{0508F8F1-08E3-43EE-AAA8-09AD09803084}"=- "{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"=- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "QuickTime Task"=- [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Update Machine] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP2005] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiteVacuum] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^Machr^Nabídka Start^Programy^Po spuštění^hamachi.lnk] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RelevantKnowledge] :files E:\Documents and Settings\hip-hop forever\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll E:\WINDOWS\tasks\AppleSoftwareUpdate.job E:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job E:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job E:\PROGRA~1\EASYSE~1 E:\Program Files\RecFree.com\RecFreeToolbar E:\Program Files\BS_Player\tbBS_1.dll E:\Program Files\DAEMON Tools Toolbar E:\Program Files\RelevantKnowledge :services JavaQuickStarterService :commands [emptytemp] [reboot] - Poté klikněte na červené tlačítko 'MoveIt!'.
- V zeleném okně vpravo by se měl zobrazit log, ten vkopírujete sem do fóra.
- Pokud se zobrazí hláška k restartování, klikněte na Yes.
- Po restartu se log otevře sám, nebo ho najdete v C:\_OTM\MovedFiles
- Stáhněte SystemLook na Plochu.
- Dvojklikem spusťte soubor SystemLook.exe
- Do textového pole vkopírujte následující skript:
Kód: Vybrat vše
:filefind sjhtfpkqy.exe sjhtfpkqy.* - Nyní klikněte na 'Look'.
- Poté se Vám otevře Poznámkový blok, jehož obsah vkopírujte sem do tématu.
- Stáhněte a uložte na Plochu ComboFix.
- Ještě před spuštěním vypněte rezidentní štít antiviru, či antispywaru.
- Spusťte ho s administrátorským oprávněním.
- Po spuštění se Vám zobrazí licenční podmínky, klikněte na 'Ano'.
- Budete také dotázáni na instalaci konzole pro zotavení, taktéž klikněte na 'Ano'.
- Celý sken bude trvat tak 5-10 minut, v závislosti na tom, kolika soubory se bude CF prodírat.
- Váš PC bude pravděpodobně restartován, tak se toho nelekněte.
- Než úplně skončí sken, nic nedělejte, hlavně neklikejte do spuštěného okna s ComboFixem.
- Po skončení skenu (či následném restartu) na Vás 'vypadne' log, který vkopírujete ve formě textu sem.
- Pokud žádný log 'nevypadne', naleznete jej v umístění C:\ComboFix.txt
inactive
Re: Prosim o radu a zkontrolovani PC :)
tak to prvni:
All processes killed
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{95289393-33EA-4F8D-B952-483415B9C955} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01677B4B-0610-4814-94A0-5F570DD7A88F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01677B4B-0610-4814-94A0-5F570DD7A88F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0286A85D-CD62-43bb-B7A9-A87D1D027160}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0286A85D-CD62-43bb-B7A9-A87D1D027160}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D286E828-E6B9-484d-A058-D7323666DE33}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D286E828-E6B9-484d-A058-D7323666DE33}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{0508F8F1-08E3-43EE-AAA8-09AD09803084} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0508F8F1-08E3-43EE-AAA8-09AD09803084}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Update Machine\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP2005\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiteVacuum\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^Machr^Nabídka Start^Programy^Po spuštění^hamachi.lnk\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RelevantKnowledge\ deleted successfully.
========== FILES ==========
E:\Documents and Settings\hip-hop forever\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
E:\WINDOWS\tasks\AppleSoftwareUpdate.job moved successfully.
E:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
E:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
File/Folder E:\PROGRA~1\EASYSE~1 not found.
File/Folder E:\Program Files\RecFree.com\RecFreeToolbar not found.
File/Folder E:\Program Files\BS_Player\tbBS_1.dll not found.
File/Folder E:\Program Files\DAEMON Tools Toolbar not found.
E:\Program Files\RelevantKnowledge folder moved successfully.
========== SERVICES/DRIVERS ==========
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: hip-hop forever
->Temp folder emptied: 104660310 bytes
->Temporary Internet Files folder emptied: 273202570 bytes
->Java cache emptied: 13425503 bytes
->FireFox cache emptied: 69731967 bytes
->Opera cache emptied: 7501646 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Machr
->Temp folder emptied: 883040891 bytes
->Temporary Internet Files folder emptied: 134032505 bytes
->Java cache emptied: 12905193 bytes
->FireFox cache emptied: 70430537 bytes
->Opera cache emptied: 5283659 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1095499 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2708084 bytes
%systemroot%\System32 .tmp files removed: 3032520 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 42652151 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 13483320 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 1537298165 bytes
Total Files Cleaned = 3 028,00 mb
OTM by OldTimer - Version 3.1.8.0 log created on 02142010_143445
Files moved on Reboot...
File E:\WINDOWS\temp\_avast4_\Webshlock.txt not found!
E:\WINDOWS\temp\Perflib_Perfdata_318.dat moved successfully.
E:\WINDOWS\temp\Perflib_Perfdata_d78.dat moved successfully.
Registry entries deleted on Reboot...
Cislo 2:
SystemLook v1.0 by jpshortstuff (11.01.10)
Log created at 14:44 on 14/02/2010 by Machr (Administrator - Elevation successful)
========== filefind ==========
Searching for "sjhtfpkqy.exe"
No files found.
Searching for "sjhtfpkqy.*"
No files found.
-=End Of File=-
Cislo 3:
ComboFix 10-02-12.01 - Machr 14.02.2010 14:57:08.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1549 [GMT 1:00]
Spuštěný z: e:\documents and settings\Machr\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100214-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\install.exe
E:\melt.bat
e:\program files\FlashGet Network
e:\program files\FlashGet Network\FlashGet universal\btcore.dll
e:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\4add9fed.torrent
e:\program files\FlashGet Network\FlashGet universal\btwrap.dll
e:\program files\FlashGet Network\FlashGet universal\BugReport.dll
e:\program files\FlashGet Network\FlashGet universal\BugReport.exe
e:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
e:\program files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll
e:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhocfg.ini
e:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
e:\program files\FlashGet Network\FlashGet universal\ComDlls\ComDlls.ini
e:\program files\FlashGet Network\FlashGet universal\ComDlls\flashget.xpi
e:\program files\FlashGet Network\FlashGet universal\ComDlls\FlashgetXpi.dll
e:\program files\FlashGet Network\FlashGet universal\ComDlls\IFlashgetXpi.xpt
e:\program files\FlashGet Network\FlashGet universal\dbghelp.dll
e:\program files\FlashGet Network\FlashGet universal\DBTrans.dll
e:\program files\FlashGet Network\FlashGet universal\dbtrans_verbose.log
e:\program files\FlashGet Network\FlashGet universal\DBTransC.exe
e:\program files\FlashGet Network\FlashGet universal\ed2kwrap.dll
e:\program files\FlashGet Network\FlashGet universal\explorerbar.dll
e:\program files\FlashGet Network\FlashGet universal\fgoption.ini
e:\program files\FlashGet Network\FlashGet universal\FGVer.dll
e:\program files\FlashGet Network\FlashGet universal\flashget.exe
e:\program files\FlashGet Network\FlashGet universal\gt.exe
e:\program files\FlashGet Network\FlashGet universal\hashgen.dll
e:\program files\FlashGet Network\FlashGet universal\Help\license.txt
e:\program files\FlashGet Network\FlashGet universal\Help\Readme.txt
e:\program files\FlashGet Network\FlashGet universal\Help\WHATSNEW.TXT
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddBatchLinksDlg.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddBTTask.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Added.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddEMTask.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddHpFpLink.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddLinksDlg.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddLinksDlgEx.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddLinksModern.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\BrowserPlugins.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\BTOption.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\CategoryView.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ComfirmWhenExitDialog.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\CommonDlg.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ConfirmInvalidLinks.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ContextMenu.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\DefaultDownloadsDialog.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\DeleteFilesDialog.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\DetailStatus.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\EMOption.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\EMServers.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ExplorerPane.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ExtensionRuleDlg.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FG2SearchTopPlugin.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FileListCtrl.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FileRemovedDialog.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FindTaskDialog.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FlashgetAbout.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FlashGetDlg.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FSUStatusBar.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\GarageLoginDialog.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\GarageView.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\HotResource.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\HpFpOption.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Info.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\LogsOutput.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MACReader.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MainMenu.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MainToolbar.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MonitorOption.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\NormalOption.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\NotifyOption.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Option.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\P4PPluginMain.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ProxySetting.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SearchBar.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Security.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SecurityOption.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SecurityScan.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SecurityToolbar.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Shutdown.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\StatusBar.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\TaskDefOption.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\TaskListView.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\TaskNotify.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\UserListCtrl.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\XpEnhance.ini
e:\program files\FlashGet Network\FlashGet universal\libupnp.dll
e:\program files\FlashGet Network\FlashGet universal\LiveUpdateUI.dll
e:\program files\FlashGet Network\FlashGet universal\modules\ComHelper\ComHelper.dll
e:\program files\FlashGet Network\FlashGet universal\modules\ComHelper\Info.ini
e:\program files\FlashGet Network\FlashGet universal\modules\Downstat\Downstat.dll
e:\program files\FlashGet Network\FlashGet universal\modules\Downstat\Info.ini
e:\program files\FlashGet Network\FlashGet universal\modules\P4pclient\Info.ini
e:\program files\FlashGet Network\FlashGet universal\modules\P4pclient\P4pclient.dll
e:\program files\FlashGet Network\FlashGet universal\modules\P4pclient\Thumbs.db
e:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Info.ini
e:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource.ini
e:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\iexplorer.bmp
e:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\resource.bmp
e:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\resource.xml
e:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\search.bmp
e:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\subscribe.bmp
e:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\Thumbs.db
e:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\SearchTop.dll
e:\program files\FlashGet Network\FlashGet universal\modules\Security\FunctionalRepair.bmp
e:\program files\FlashGet Network\FlashGet universal\modules\Security\Info.ini
e:\program files\FlashGet Network\FlashGet universal\modules\Security\Scanning.bmp
e:\program files\FlashGet Network\FlashGet universal\modules\Security\Security.bmp
e:\program files\FlashGet Network\FlashGet universal\modules\Security\SECURITY.dll
e:\program files\FlashGet Network\FlashGet universal\modules\Security\Security.xml
e:\program files\FlashGet Network\FlashGet universal\modules\Security\SystemFix.bmp
e:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\Info.ini
e:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\SamplerCli.dll
e:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\SnapShot.dll
e:\program files\FlashGet Network\FlashGet universal\modules\tasknotifier\Info.ini
e:\program files\FlashGet Network\FlashGet universal\modules\tasknotifier\tasknotifier.dll
e:\program files\FlashGet Network\FlashGet universal\P2PCfg.ini
e:\program files\FlashGet Network\FlashGet universal\P2PCore.dll
e:\program files\FlashGet Network\FlashGet universal\p2pprot.dll
e:\program files\FlashGet Network\FlashGet universal\p2snetio.dll
e:\program files\FlashGet Network\FlashGet universal\p2spmgr.dll
e:\program files\FlashGet Network\FlashGet universal\p2spmgr.ini
e:\program files\FlashGet Network\FlashGet universal\p2sprot.dll
e:\program files\FlashGet Network\FlashGet universal\p2spwrap.dll
e:\program files\FlashGet Network\FlashGet universal\p4spmgr.ini
e:\program files\FlashGet Network\FlashGet universal\Profiles\config.dat
e:\program files\FlashGet Network\FlashGet universal\Profiles\tasks.dat
e:\program files\FlashGet Network\FlashGet universal\Skins\close_default.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\close_press.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\close_select.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\max_default.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\max_press.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\max_select.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\min_default.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\min_press.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\min_select.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\notify.wav
e:\program files\FlashGet Network\FlashGet universal\Skins\notify_board.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\notify_icon.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Back.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Backward.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\BrowserBarCT.xml
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\FlashgetResource.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Forward.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Home.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Backward.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\BrowserBarDisableCT.xml
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Forward.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Home.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Resource.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Available.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\CategoryTreeCT.xml
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Downloaded.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Downloading.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Favorite.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Flashget.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Release.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Rubbish.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Search.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\Expbar.xml
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\garage.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\resource.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\transfer.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\BT.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\EM.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\GlobalOptionCT.xml
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\HpFp.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Monitor.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Normal.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Notify.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Proxy.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\TaskDef.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\Info.ini
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\About.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\DeleteTask.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\folder.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\MainMenuCT.xml
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\MoveDownTask.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\MoveUpTask.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\NewTask.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\open.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\Option.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\PauseTask.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\Resource.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\StartTask.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\TaskProperties.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\About.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\DeleteTask.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Folder.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\MainToolbarCT.xml
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\NewTask.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Open.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Option.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\PauseTask.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Resource.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\StartTask.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\TaskProperties.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\About.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\DeleteTask.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Folder.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\MainToolbarDisableCT.xml
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\NewTask.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Open.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Option.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\PauseTask.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Resource.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\StartTask.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\TaskProperties.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\Monitor\InfoBkg.Bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\Monitor\MonitorBkg.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Down.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Error.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Normal.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\OutpuLogCT.xml
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Up.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\All.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Book.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Bt.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Game.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Movie.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Music.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Phone.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Picture.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\SobarIconCT.xml
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Software.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Error.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\hashing.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\OK.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Pause.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Pin.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Schedule.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Start.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\TaskListCT.xml
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Upload.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Wait.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\Thumbs.db
e:\program files\FlashGet Network\FlashGet universal\storage.dll
e:\program files\FlashGet Network\FlashGet universal\SysOpt.exe
e:\program files\FlashGet Network\FlashGet universal\transaction.log
e:\program files\FlashGet Network\FlashGet universal\uninst.exe
e:\program files\FlashGet Network\FlashGet universal\zlib.dll
e:\program files\RelevantKnowledge
e:\program files\RelevantKnowledge\components\rlxg.dll
e:\program files\RelevantKnowledge\chrome.manifest
e:\program files\RelevantKnowledge\install.rdf
e:\program files\RelevantKnowledge\msvcp71.dll
e:\program files\RelevantKnowledge\msvcr71.dll
e:\program files\RelevantKnowledge\rlls.dll
e:\program files\RelevantKnowledge\rlls64.dll
e:\program files\RelevantKnowledge\rloci.bin
e:\program files\RelevantKnowledge\rlph.dll
e:\program files\RelevantKnowledge\rlservice.exe
e:\program files\RelevantKnowledge\rlvknlg.exe
e:\program files\RelevantKnowledge\rlvknlg64.exe
e:\program files\RelevantKnowledge\rlxf.dll
e:\recycler\S-1-5-21-602162358-1500820517-839522115-1003
e:\recycler\S-1-5-21-602162358-1500820517-839522115-1008
e:\recycler\S-1-5-21-602162358-1500820517-839522115-500
e:\windows\system32\drivers\npf.sys
e:\windows\system32\Ijl11.dll
e:\windows\system32\kernel1.exe
e:\windows\system32\Packet.dll
e:\windows\system32\pthreadVC.dll
e:\windows\system32\vbpng1.dll
e:\windows\system32\wpcap.dll
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NPF
-------\Service_NPF
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-14 do 2010-02-14 )))))))))))))))))))))))))))))))
.
2010-02-14 13:34 . 2010-02-14 13:34 -------- d-----w- E:\_OTM
2010-02-14 10:25 . 2010-02-14 10:25 -------- d-----w- E:\rsit
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-14 13:50 . 2009-07-16 19:35 664 ----a-w- e:\windows\system32\d3d9caps.dat
2010-02-13 22:57 . 2009-07-15 18:43 -------- d-----w- e:\program files\Windows Media Connect 2
2010-02-13 20:29 . 2009-07-16 16:02 -------- d-----w- e:\program files\mIRC
2010-02-08 22:52 . 2009-11-16 11:46 -------- d-----w- e:\program files\Steam
2010-01-22 07:43 . 2009-11-01 15:49 -------- d-----w- e:\program files\Microsoft Silverlight
2010-01-17 16:40 . 2009-05-04 18:04 -------- d-----r- e:\program files\Programy atd
2010-01-12 17:51 . 2010-01-12 17:51 -------- d-----w- e:\program files\Ventrilo
2010-01-12 17:51 . 2009-07-17 20:59 -------- d-----w- e:\program files\Common Files\Wise Installation Wizard
2010-01-09 21:26 . 2010-01-09 21:26 -------- d-----w- e:\program files\Automatické vypnutí počítače
2010-01-01 20:42 . 2009-07-09 10:53 -------- d--h--w- e:\program files\InstallShield Installation Information
2009-12-31 16:50 . 2009-07-09 09:52 353792 ----a-w- e:\windows\system32\drivers\srv.sys
2009-12-27 18:32 . 2009-12-27 18:32 413696 ----a-w- e:\windows\system32\wrap_oal.dll
2009-12-27 18:32 . 2009-12-27 18:32 110592 ----a-w- e:\windows\system32\OpenAL32.dll
2009-12-27 18:32 . 2009-12-27 18:32 -------- d-----w- e:\program files\OpenAL
2009-12-22 13:15 . 2009-07-09 10:01 82634 ----a-w- e:\windows\system32\perfc005.dat
2009-12-22 13:15 . 2009-07-09 10:01 440604 ----a-w- e:\windows\system32\perfh005.dat
2009-12-21 19:08 . 2009-07-09 10:00 916480 ----a-w- e:\windows\system32\wininet.dll
2009-12-17 07:42 . 2009-07-09 10:32 343552 ----a-w- e:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2009-07-09 09:41 33280 ----a-w- e:\windows\system32\csrsrv.dll
2009-12-09 10:11 . 2009-07-09 09:50 2147328 ----a-w- e:\windows\system32\ntoskrnl.exe
2009-12-09 10:11 . 2008-04-14 08:06 2025984 ----a-w- e:\windows\system32\ntkrnlpa.exe
2009-12-04 18:22 . 2009-07-09 09:43 455424 ----a-w- e:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:14 . 2009-07-09 09:51 1294336 ----a-w- e:\windows\system32\quartz.dll
2009-11-27 17:14 . 2008-04-14 08:51 17920 ----a-w- e:\windows\system32\msyuv.dll
2009-11-27 16:09 . 2009-07-09 09:44 28672 ----a-w- e:\windows\system32\msvidc32.dll
2009-11-27 16:09 . 2001-10-24 12:25 8704 ----a-w- e:\windows\system32\tsbyuv.dll
2009-11-27 16:09 . 2009-07-09 09:43 11264 ----a-w- e:\windows\system32\msrle32.dll
2009-11-27 16:09 . 2009-07-09 09:41 84992 ----a-w- e:\windows\system32\avifil32.dll
2009-11-27 16:09 . 2008-04-14 08:51 48128 ----a-w- e:\windows\system32\iyuv_32.dll
2009-11-24 23:54 . 2009-11-18 18:25 1280480 ----a-w- e:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-11-18 18:26 93424 ----a-w- e:\windows\system32\drivers\aswmon.sys
2009-11-24 23:50 . 2009-11-18 18:26 94160 ----a-w- e:\windows\system32\drivers\aswmon2.sys
2009-11-24 23:50 . 2009-11-18 18:26 114768 ----a-w- e:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2009-11-18 18:26 20560 ----a-w- e:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2009-11-18 18:26 48560 ----a-w- e:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-11-18 18:26 23120 ----a-w- e:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-11-18 18:26 27408 ----a-w- e:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-11-18 18:26 97480 ----a-w- e:\windows\system32\AvastSS.scr
2009-11-22 10:22 . 2009-11-22 10:22 3400 ----a-w- e:\windows\system32\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.dat
2009-11-22 10:22 . 2009-11-22 10:22 10890928 ----a-w- e:\windows\system32\SpoonUninstall.exe
2009-11-21 16:03 . 2009-07-09 09:40 471552 ----a-w- e:\windows\AppPatch\aclayers.dll
2009-07-15 21:31 . 2009-07-15 21:31 1243716 ----a-w- e:\program files\Apr2006_d3dx9_30_x64.cab
2009-03-16 12:36 . 2009-03-16 12:36 1078954 ----a-w- e:\program files\Apr2005_d3dx9_25_x86.cab
2009-03-16 12:36 . 2009-03-16 12:36 1347346 ----a-w- e:\program files\Apr2005_d3dx9_25_x64.cab
2009-04-07 18:52 . 2009-04-07 18:52 28672 ----a-w- e:\program files\mozilla firefox\components\GooglePlusVideosXPCOM.dll
2008-10-19 09:58 . 2008-10-19 09:58 49152 ----a-w- e:\program files\mozilla firefox\components\SiteVacuumXPCOM.dll
2009-08-09 21:14 . 2009-08-09 21:14 49152 ----a-w- e:\program files\mozilla firefox\components\SuperSearchXPCOM.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CHotkey"="mHotkey.exe" [2004-12-08 550912]
"RTHDCPL"="RTHDCPL.EXE" [2009-09-11 18717696]
"StartCCC"="e:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-25 98304]
"avast!"="e:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="e:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
e:\documents and settings\hip-hop forever\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - e:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]
e:\documents and settings\Machr\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Stardock ObjectDock.lnk - e:\program files\Stardock\ObjectDock\ObjectDock.exe [2009-7-21 3581680]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\E:^Documents and Settings^Machr^Nabídka Start^Programy^Po spuštění^Automatické vypnutí počítače.lnk]
path=e:\documents and settings\Machr\Nabídka Start\Programy\Po spuštění\Automatické vypnutí počítače.lnk
backup=e:\windows\pss\Automatické vypnutí počítače.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
e:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-09-04 11:08 935288 ----a-r- e:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
2009-11-02 14:27 611712 ----a-w- e:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comodo EasyVPN]
2009-09-28 16:36 3563768 ----a-w- e:\program files\COMODO\EasyVPN\EasyVPN.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-04-23 13:51 691656 ----a-w- e:\program files\DAEMON Tools Lite\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 10:44 31072 ----a-w- e:\program files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
2009-07-02 07:28 2327840 ----a-w- e:\program files\Nokia\Nokia Music\NokiaMusic.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-06-25 14:12 1414144 ----a-w- e:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2009-07-16 11:20 25604904 ----a-r- e:\program files\Skype\Phone\Skype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2009-11-25 16:02 1217808 ----a-w- e:\program files\Steam\steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"g:\\Games\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"g:\\Games\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"g:\\Games\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"e:\\WINDOWS\\system32\\PnkBstrA.exe"=
"e:\\WINDOWS\\system32\\PnkBstrB.exe"=
"g:\\Games\\PES 09\\CSP2009.exe"=
"e:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"e:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"e:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"g:\\Hry - INSTALACE\\Warhammer Dawn of War 2\\Warhammer_Dawn_of_War_2-WiCKED\\DOW2.exe"=
"g:\\Games\\The Battle for Middle-earth (tm) II\\game.dat"=
"e:\\Program Files\\mIRC\\mirc.exe"=
"g:\\Games\\The Lord of The Rings The Battle For Middle Earth 2 The Rise Of The Witch King\\game.dat"=
"g:\\Games\\UT 3 CZ\\Binaries\\UT3.exe"=
"g:\\Games\\Left4Dead\\hl2.exe"=
"e:\\Program Files\\uTorrent\\utorrent.exe"=
"g:\\Games\\Counter Strike\\hl2.exe"=
"g:\\Games\\Call of Duty 5\\CoDWaW.exe"=
"g:\\Games\\Call of Duty 5\\CoDWaWmp.exe"=
"g:\\Games\\Call of Duty 5\\CoDWaW-lanfix 1.5.exe"=
"g:\\Games\\Call of Duty 5\\CoDWaW_LANFixed.exe"=
"e:\\DC ++\\StrongDC.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\Launcher.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.0.9.9551-to-3.1.0.9767-enGB-downloader.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\BackgroundDownloader.exe"=
"g:\\Games\\Burnout Paradise\\BurnoutLauncher.exe"=
"g:\\Games\\Burnout Paradise\\BurnoutConfigTool.exe"=
"g:\\Games\\Burnout Paradise\\BurnoutParadise.exe"=
"e:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"=
"e:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"g:\\Games\\Left4Dead\\left4dead.exe"=
"g:\\Games\\Call of Duty\\CoDMP.exe"=
"e:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"e:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"e:\\Program Files\\K-Lite Codec Pack\\Media Player Classic\\mplayerc.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"=
"g:\\Games\\Call of Duty 5\\server.exe"=
"c:\\QIP Infium JadrisPack\\infium.exe"=
"e:\\Program Files\\HLSW\\hlsw.exe"=
"e:\\Program Files\\Opera\\opera.exe"=
"e:\\Program Files\\QIP8092\\qip.exe"=
"e:\\Hry\\NHL 09-EVROPA\\nhl2009.exe"=
"g:\\Games\\NHL 2004\\nhl2004.exe"=
"e:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"=
"g:\\Games\\Call of Duty 4\\iw3mp.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.2.0-enGB-downloader.exe"=
"e:\\Documents and Settings\\Machr\\Data aplikací\\Macromedia\\Flash Player\\www.macromedia.com\\bin\\octoshape\\octoshape.exe"=
"g:\\Games\\Batman Arkham Asylum\\Binaries\\ShippingPC-BmGame.exe"=
"g:\\Games\\Warcraft III\\Warcraft III.exe"=
"g:\\Games\\Warcraft III\\war3.exe"=
"g:\\Games\\Pro Evolution Soccer 2010\\pes2010.exe"=
"g:\\Games\\TmNationsForever\\TmForever.exe"=
"e:\\Program Files\\SopCast\\SopCast.exe"=
"e:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"g:\\Games\\Modern Warfare 2\\iw4sp.exe"=
"e:\\Program Files\\Steam\\Steam.exe"=
"g:\\Games\\Modern Warfare 2\\iw4mp.exe"=
"g:\\Games\\FM2010\\fm.exe"=
"e:\\Program Files\\Skype\\Phone\\Skype.exe"=
"e:\\Program Files\\COMODO\\EasyVPN\\EasyVPN.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.2.2.10505-to-3.3.0.10958-enGB-downloader.exe"=
"e:\\Program Files\\Steam\\steamapps\\common\\zero gear\\Server\\ZeroGearServer.exe"=
"e:\\Program Files\\Steam\\steamapps\\common\\zero gear\\Server\\iw4mp.exe"=
"g:\\Games\\Ubisoft\\Demo\\James Cameron's AVATAR - THE GAME (Demo)\\bin\\AvatarDemo.exe"=
"g:\\Games\\WoW 3.1.3\\Launcher.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.3.0.11159-to-3.3.2.11403-enGB-downloader.exe"=
"e:\\Program Files\\Steam\\steamapps\\common\\zero gear\\ZeroGear.bat"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"5353:TCP"= 5353:TCP:Adobe CSI CS4
R0 sptd;sptd;e:\windows\system32\drivers\sptd.sys [15.7.2009 23:18 721904]
R1 aswSP;avast! Self Protection;e:\windows\system32\drivers\aswSP.sys [18.11.2009 19:26 114768]
R2 aswFsBlk;aswFsBlk;e:\windows\system32\drivers\aswFsBlk.sys [18.11.2009 19:26 20560]
R2 CrdphService;COMODO EasyVPN VNC Service;e:\program files\COMODO\EasyVPN\crdphService.exe [11.8.2009 18:47 491768]
R2 EasyVpnAdpt;COMODO EasyVPN Service;e:\program files\COMODO\EasyVPN\Vpnservice.exe [11.8.2009 18:46 45304]
R3 ATP;Comodo EasyVPN Miniport Driver;e:\windows\system32\drivers\cmdatp.sys [8.12.2009 20:49 17424]
S2 Findbasic Service;Findbasic Service;e:\documents and settings\All Users\Data aplikací\Findbasic\findbasic115.exe [7.8.2009 5:10 54776]
S2 gupdate1ca300ec6a5bc4a;Služba Google Update (gupdate1ca300ec6a5bc4a);"e:\program files\Google\Update\GoogleUpdate.exe" /svc --> e:\program files\Google\Update\GoogleUpdate.exe [?]
S3 Ambfilt;Ambfilt;e:\windows\system32\drivers\Ambfilt.sys [15.7.2009 11:10 1684736]
S3 GarenaPEngine;GarenaPEngine;\??\e:\docume~1\Machr\LOCALS~1\Temp\LQF1F.tmp --> e:\docume~1\Machr\LOCALS~1\Temp\LQF1F.tmp [?]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;e:\windows\system32\drivers\nmwcdnsu.sys [20.7.2009 15:40 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;e:\windows\system32\drivers\nmwcdnsuc.sys [20.7.2009 15:40 8320]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
mStart Page = hxxp://www.europowersearch.com/Search.html?Sel ... rchLang=CZ
IE: &Download All by FlashGet - e:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
IE: &Download by FlashGet - e:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
IE: &Search the web - http://toolbar.recfree.com/rcfr/ctxmnu.html
IE: E&xportovat do aplikace Microsoft Excel - e:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - e:\documents and settings\Machr\Data aplikací\Mozilla\Firefox\Profiles\bjpf8uuf.default\
FF - prefs.js: browser.search.selectedEngine - Seznam
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - component: e:\documents and settings\Machr\Data aplikací\Mozilla\Firefox\Profiles\bjpf8uuf.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - component: e:\program files\Mozilla Firefox\components\GooglePlusVideosXPCOM.dll
FF - component: e:\program files\Mozilla Firefox\components\SiteVacuumXPCOM.dll
FF - component: e:\program files\Mozilla Firefox\components\SuperSearchXPCOM.dll
FF - plugin: e:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: e:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: e:\program files\mozilla firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - e:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
e:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
WebBrowser-{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - (no file)
AddRemove-3FA1705966809259F916AF817C59B4F389F4572C - e:\progra~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe
AddRemove-504244733D18C8F63FF584AEB290E3904E791693 - e:\progra~1\DIFX\B4723E9A0713E5B1\dpinst.exe
AddRemove-BS_Player Toolbar - e:\progra~1\BS_PLA~1\UNWISE.EXE
AddRemove-Cheat Engine 5.5_is1 - e:\program files\Cheat Engine\unins000.exe
AddRemove-DAEMON Tools Toolbar - e:\program files\DAEMON Tools Toolbar\uninst.exe
AddRemove-E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84 - e:\progra~1\DIFX\270581355A767BF1\dpinst.exe
AddRemove-F.E.A.R.2 Reborn_is1 - g:\games\Fear 2 Project Origin\unins000.exe
AddRemove-F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7 - e:\progra~1\DIFX\270581355A767BF1\dpinst.exe
AddRemove-FlashGet 2.0 - e:\program files\FlashGet Network\FlashGet universal\uninst.exe
AddRemove-Football Manager 2009 - e:\hry\Football Manager 09\Uninstall_Football Manager 2009\Uninstall Football Manager 2009.exe
AddRemove-Game Cam - e:\program files\Game Cam V2\uninst.exe
AddRemove-GameParkClient_is1 - e:\program files\GamePark\unins000.exe
AddRemove-GamersInternetTunnel_is1 - e:\program files\GIT\unins000.exe
AddRemove-Garena - e:\program files\Garena\uninst.exe
AddRemove-Icy Tower v1.4_is1 - g:\games\icytower1.4\unins000.exe
AddRemove-n2n Gui_is1 - e:\program files\n2n Gui\unins000.exe
AddRemove-RecFreeToolbar - e:\program files\RecFree.com\RecFreeToolbar\1.3.13.0\uninstall.exe
AddRemove-Recuva - e:\program files\Recuva\uninst.exe
AddRemove-SiteVacuum - e:\program files\EasySearch\uninst.exe
AddRemove-SmartPCRecorder - e:\program files\freebird\SmartRecorder\Uninstall.exe
AddRemove-StreamTorrent 1.0 - e:\program files\StreamTorrent 1.0\uninstall.exe
AddRemove-WinPcapInst - e:\program files\WinPcap\Uninstall.exe
AddRemove-{d08d9f98-1c78-4704-87e6-368b0023d831} - e:\program files\RelevantKnowledge\rlvknlg.exe
AddRemove-Herniserver.cz Game Client - e:\program files\Herniserver.cz Game Client\Uninstal.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-14 15:05
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spdl.sys >>UNKNOWN [0x89BC0938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf765bf28
\Driver\ACPI -> ACPI.sys @ 0xf7495cb8
\Driver\atapi -> atapi.sys @ 0xf7978b40
IoDeviceObjectType ->\Device\Harddisk0\DR0 ->NDIS: Realtek RTL8168C(P)/8111C(P) PCI-E Gigabit Ethernet NIC -> SendCompleteHandler -> NDIS.sys @ 0xba65fbb0
PacketIndicateHandler -> NDIS.sys @ 0xba66ca21
SendHandler -> NDIS.sys @ 0xba64a87b
user & kernel MBR OK
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\e:\docume~1\Machr\LOCALS~1\Temp\LQF1F.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-448539723-179605362-1417001333-1003\Software\SecuROM\License information*]
"datasecu"=hex:1c,22,0c,e2,e7,86,d2,2d,b4,2f,bb,83,c6,b6,a4,b7,5a,3c,94,a9,6c,
dc,e9,98,67,05,c7,25,06,21,41,47,1d,b6,07,0c,5b,f7,ac,e5,74,ac,33,67,df,a4,\
"rkeysecu"=hex:76,89,a9,6c,2b,86,9d,0c,17,a5,e0,ae,33,85,dc,21
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1172)
e:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(3512)
e:\program files\Stardock\ObjectDock\DockShellHook.dll
e:\program files\Windows Media Player\wmpband.dll
e:\windows\system32\webcheck.dll
e:\windows\system32\WPDShServiceObj.dll
e:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
e:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
e:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
e:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
e:\windows\system32\PortableDeviceTypes.dll
e:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
e:\windows\system32\Ati2evxx.exe
e:\program files\Alwil Software\Avast4\aswUpdSv.exe
e:\program files\Alwil Software\Avast4\ashServ.exe
e:\windows\system32\Ati2evxx.exe
e:\windows\system32\PnkBstrA.exe
e:\windows\system32\PnkBstrB.exe
e:\program files\Alwil Software\Avast4\ashMaiSv.exe
e:\program files\Alwil Software\Avast4\ashWebSv.exe
e:\windows\mHotkey.exe
e:\windows\RTHDCPL.EXE
e:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
e:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Celkový čas: 2010-02-14 15:10:28 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-02-14 14:10
Před spuštěním: Volných bajtů: 24 772 497 408
Po spuštění: Volných bajtů: 26 103 791 616
- - End Of File - - 1CD025BA54243767087E6F3811B596C6
All processes killed
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{95289393-33EA-4F8D-B952-483415B9C955} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01677B4B-0610-4814-94A0-5F570DD7A88F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01677B4B-0610-4814-94A0-5F570DD7A88F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0286A85D-CD62-43bb-B7A9-A87D1D027160}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0286A85D-CD62-43bb-B7A9-A87D1D027160}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D286E828-E6B9-484d-A058-D7323666DE33}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D286E828-E6B9-484d-A058-D7323666DE33}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{0508F8F1-08E3-43EE-AAA8-09AD09803084} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0508F8F1-08E3-43EE-AAA8-09AD09803084}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Update Machine\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP2005\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiteVacuum\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^Machr^Nabídka Start^Programy^Po spuštění^hamachi.lnk\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RelevantKnowledge\ deleted successfully.
========== FILES ==========
E:\Documents and Settings\hip-hop forever\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
E:\WINDOWS\tasks\AppleSoftwareUpdate.job moved successfully.
E:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
E:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
File/Folder E:\PROGRA~1\EASYSE~1 not found.
File/Folder E:\Program Files\RecFree.com\RecFreeToolbar not found.
File/Folder E:\Program Files\BS_Player\tbBS_1.dll not found.
File/Folder E:\Program Files\DAEMON Tools Toolbar not found.
E:\Program Files\RelevantKnowledge folder moved successfully.
========== SERVICES/DRIVERS ==========
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: hip-hop forever
->Temp folder emptied: 104660310 bytes
->Temporary Internet Files folder emptied: 273202570 bytes
->Java cache emptied: 13425503 bytes
->FireFox cache emptied: 69731967 bytes
->Opera cache emptied: 7501646 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Machr
->Temp folder emptied: 883040891 bytes
->Temporary Internet Files folder emptied: 134032505 bytes
->Java cache emptied: 12905193 bytes
->FireFox cache emptied: 70430537 bytes
->Opera cache emptied: 5283659 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1095499 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2708084 bytes
%systemroot%\System32 .tmp files removed: 3032520 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 42652151 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 13483320 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 1537298165 bytes
Total Files Cleaned = 3 028,00 mb
OTM by OldTimer - Version 3.1.8.0 log created on 02142010_143445
Files moved on Reboot...
File E:\WINDOWS\temp\_avast4_\Webshlock.txt not found!
E:\WINDOWS\temp\Perflib_Perfdata_318.dat moved successfully.
E:\WINDOWS\temp\Perflib_Perfdata_d78.dat moved successfully.
Registry entries deleted on Reboot...
Cislo 2:
SystemLook v1.0 by jpshortstuff (11.01.10)
Log created at 14:44 on 14/02/2010 by Machr (Administrator - Elevation successful)
========== filefind ==========
Searching for "sjhtfpkqy.exe"
No files found.
Searching for "sjhtfpkqy.*"
No files found.
-=End Of File=-
Cislo 3:
ComboFix 10-02-12.01 - Machr 14.02.2010 14:57:08.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1549 [GMT 1:00]
Spuštěný z: e:\documents and settings\Machr\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100214-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\install.exe
E:\melt.bat
e:\program files\FlashGet Network
e:\program files\FlashGet Network\FlashGet universal\btcore.dll
e:\program files\FlashGet Network\FlashGet universal\BtTorrentTemp\4add9fed.torrent
e:\program files\FlashGet Network\FlashGet universal\btwrap.dll
e:\program files\FlashGet Network\FlashGet universal\BugReport.dll
e:\program files\FlashGet Network\FlashGet universal\BugReport.exe
e:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
e:\program files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll
e:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhocfg.ini
e:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
e:\program files\FlashGet Network\FlashGet universal\ComDlls\ComDlls.ini
e:\program files\FlashGet Network\FlashGet universal\ComDlls\flashget.xpi
e:\program files\FlashGet Network\FlashGet universal\ComDlls\FlashgetXpi.dll
e:\program files\FlashGet Network\FlashGet universal\ComDlls\IFlashgetXpi.xpt
e:\program files\FlashGet Network\FlashGet universal\dbghelp.dll
e:\program files\FlashGet Network\FlashGet universal\DBTrans.dll
e:\program files\FlashGet Network\FlashGet universal\dbtrans_verbose.log
e:\program files\FlashGet Network\FlashGet universal\DBTransC.exe
e:\program files\FlashGet Network\FlashGet universal\ed2kwrap.dll
e:\program files\FlashGet Network\FlashGet universal\explorerbar.dll
e:\program files\FlashGet Network\FlashGet universal\fgoption.ini
e:\program files\FlashGet Network\FlashGet universal\FGVer.dll
e:\program files\FlashGet Network\FlashGet universal\flashget.exe
e:\program files\FlashGet Network\FlashGet universal\gt.exe
e:\program files\FlashGet Network\FlashGet universal\hashgen.dll
e:\program files\FlashGet Network\FlashGet universal\Help\license.txt
e:\program files\FlashGet Network\FlashGet universal\Help\Readme.txt
e:\program files\FlashGet Network\FlashGet universal\Help\WHATSNEW.TXT
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddBatchLinksDlg.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddBTTask.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Added.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddEMTask.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddHpFpLink.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddLinksDlg.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddLinksDlgEx.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddLinksModern.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\BrowserPlugins.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\BTOption.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\CategoryView.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ComfirmWhenExitDialog.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\CommonDlg.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ConfirmInvalidLinks.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ContextMenu.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\DefaultDownloadsDialog.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\DeleteFilesDialog.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\DetailStatus.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\EMOption.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\EMServers.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ExplorerPane.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ExtensionRuleDlg.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FG2SearchTopPlugin.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FileListCtrl.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FileRemovedDialog.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FindTaskDialog.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FlashgetAbout.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FlashGetDlg.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FSUStatusBar.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\GarageLoginDialog.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\GarageView.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\HotResource.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\HpFpOption.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Info.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\LogsOutput.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MACReader.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MainMenu.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MainToolbar.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MonitorOption.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\NormalOption.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\NotifyOption.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Option.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\P4PPluginMain.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ProxySetting.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SearchBar.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Security.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SecurityOption.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SecurityScan.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SecurityToolbar.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Shutdown.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\StatusBar.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\TaskDefOption.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\TaskListView.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\TaskNotify.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\UserListCtrl.ini
e:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\XpEnhance.ini
e:\program files\FlashGet Network\FlashGet universal\libupnp.dll
e:\program files\FlashGet Network\FlashGet universal\LiveUpdateUI.dll
e:\program files\FlashGet Network\FlashGet universal\modules\ComHelper\ComHelper.dll
e:\program files\FlashGet Network\FlashGet universal\modules\ComHelper\Info.ini
e:\program files\FlashGet Network\FlashGet universal\modules\Downstat\Downstat.dll
e:\program files\FlashGet Network\FlashGet universal\modules\Downstat\Info.ini
e:\program files\FlashGet Network\FlashGet universal\modules\P4pclient\Info.ini
e:\program files\FlashGet Network\FlashGet universal\modules\P4pclient\P4pclient.dll
e:\program files\FlashGet Network\FlashGet universal\modules\P4pclient\Thumbs.db
e:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Info.ini
e:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource.ini
e:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\iexplorer.bmp
e:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\resource.bmp
e:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\resource.xml
e:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\search.bmp
e:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\subscribe.bmp
e:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\Thumbs.db
e:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\SearchTop.dll
e:\program files\FlashGet Network\FlashGet universal\modules\Security\FunctionalRepair.bmp
e:\program files\FlashGet Network\FlashGet universal\modules\Security\Info.ini
e:\program files\FlashGet Network\FlashGet universal\modules\Security\Scanning.bmp
e:\program files\FlashGet Network\FlashGet universal\modules\Security\Security.bmp
e:\program files\FlashGet Network\FlashGet universal\modules\Security\SECURITY.dll
e:\program files\FlashGet Network\FlashGet universal\modules\Security\Security.xml
e:\program files\FlashGet Network\FlashGet universal\modules\Security\SystemFix.bmp
e:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\Info.ini
e:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\SamplerCli.dll
e:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\SnapShot.dll
e:\program files\FlashGet Network\FlashGet universal\modules\tasknotifier\Info.ini
e:\program files\FlashGet Network\FlashGet universal\modules\tasknotifier\tasknotifier.dll
e:\program files\FlashGet Network\FlashGet universal\P2PCfg.ini
e:\program files\FlashGet Network\FlashGet universal\P2PCore.dll
e:\program files\FlashGet Network\FlashGet universal\p2pprot.dll
e:\program files\FlashGet Network\FlashGet universal\p2snetio.dll
e:\program files\FlashGet Network\FlashGet universal\p2spmgr.dll
e:\program files\FlashGet Network\FlashGet universal\p2spmgr.ini
e:\program files\FlashGet Network\FlashGet universal\p2sprot.dll
e:\program files\FlashGet Network\FlashGet universal\p2spwrap.dll
e:\program files\FlashGet Network\FlashGet universal\p4spmgr.ini
e:\program files\FlashGet Network\FlashGet universal\Profiles\config.dat
e:\program files\FlashGet Network\FlashGet universal\Profiles\tasks.dat
e:\program files\FlashGet Network\FlashGet universal\Skins\close_default.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\close_press.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\close_select.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\max_default.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\max_press.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\max_select.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\min_default.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\min_press.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\min_select.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\notify.wav
e:\program files\FlashGet Network\FlashGet universal\Skins\notify_board.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\notify_icon.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Back.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Backward.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\BrowserBarCT.xml
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\FlashgetResource.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Forward.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Home.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Backward.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\BrowserBarDisableCT.xml
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Forward.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Home.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Resource.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Available.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\CategoryTreeCT.xml
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Downloaded.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Downloading.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Favorite.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Flashget.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Release.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Rubbish.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Search.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\Expbar.xml
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\garage.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\resource.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\transfer.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\BT.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\EM.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\GlobalOptionCT.xml
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\HpFp.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Monitor.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Normal.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Notify.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Proxy.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\TaskDef.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\Info.ini
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\About.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\DeleteTask.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\folder.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\MainMenuCT.xml
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\MoveDownTask.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\MoveUpTask.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\NewTask.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\open.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\Option.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\PauseTask.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\Resource.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\StartTask.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\TaskProperties.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\About.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\DeleteTask.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Folder.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\MainToolbarCT.xml
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\NewTask.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Open.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Option.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\PauseTask.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Resource.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\StartTask.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\TaskProperties.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\About.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\DeleteTask.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Folder.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\MainToolbarDisableCT.xml
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\NewTask.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Open.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Option.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\PauseTask.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Resource.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\StartTask.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\TaskProperties.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\Monitor\InfoBkg.Bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\Monitor\MonitorBkg.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Down.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Error.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Normal.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\OutpuLogCT.xml
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Up.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\All.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Book.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Bt.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Game.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Movie.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Music.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Phone.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Picture.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\SobarIconCT.xml
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Software.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Error.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\hashing.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\OK.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Pause.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Pin.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Schedule.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Start.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\TaskListCT.xml
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Upload.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Wait.bmp
e:\program files\FlashGet Network\FlashGet universal\Skins\Thumbs.db
e:\program files\FlashGet Network\FlashGet universal\storage.dll
e:\program files\FlashGet Network\FlashGet universal\SysOpt.exe
e:\program files\FlashGet Network\FlashGet universal\transaction.log
e:\program files\FlashGet Network\FlashGet universal\uninst.exe
e:\program files\FlashGet Network\FlashGet universal\zlib.dll
e:\program files\RelevantKnowledge
e:\program files\RelevantKnowledge\components\rlxg.dll
e:\program files\RelevantKnowledge\chrome.manifest
e:\program files\RelevantKnowledge\install.rdf
e:\program files\RelevantKnowledge\msvcp71.dll
e:\program files\RelevantKnowledge\msvcr71.dll
e:\program files\RelevantKnowledge\rlls.dll
e:\program files\RelevantKnowledge\rlls64.dll
e:\program files\RelevantKnowledge\rloci.bin
e:\program files\RelevantKnowledge\rlph.dll
e:\program files\RelevantKnowledge\rlservice.exe
e:\program files\RelevantKnowledge\rlvknlg.exe
e:\program files\RelevantKnowledge\rlvknlg64.exe
e:\program files\RelevantKnowledge\rlxf.dll
e:\recycler\S-1-5-21-602162358-1500820517-839522115-1003
e:\recycler\S-1-5-21-602162358-1500820517-839522115-1008
e:\recycler\S-1-5-21-602162358-1500820517-839522115-500
e:\windows\system32\drivers\npf.sys
e:\windows\system32\Ijl11.dll
e:\windows\system32\kernel1.exe
e:\windows\system32\Packet.dll
e:\windows\system32\pthreadVC.dll
e:\windows\system32\vbpng1.dll
e:\windows\system32\wpcap.dll
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NPF
-------\Service_NPF
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-14 do 2010-02-14 )))))))))))))))))))))))))))))))
.
2010-02-14 13:34 . 2010-02-14 13:34 -------- d-----w- E:\_OTM
2010-02-14 10:25 . 2010-02-14 10:25 -------- d-----w- E:\rsit
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-14 13:50 . 2009-07-16 19:35 664 ----a-w- e:\windows\system32\d3d9caps.dat
2010-02-13 22:57 . 2009-07-15 18:43 -------- d-----w- e:\program files\Windows Media Connect 2
2010-02-13 20:29 . 2009-07-16 16:02 -------- d-----w- e:\program files\mIRC
2010-02-08 22:52 . 2009-11-16 11:46 -------- d-----w- e:\program files\Steam
2010-01-22 07:43 . 2009-11-01 15:49 -------- d-----w- e:\program files\Microsoft Silverlight
2010-01-17 16:40 . 2009-05-04 18:04 -------- d-----r- e:\program files\Programy atd
2010-01-12 17:51 . 2010-01-12 17:51 -------- d-----w- e:\program files\Ventrilo
2010-01-12 17:51 . 2009-07-17 20:59 -------- d-----w- e:\program files\Common Files\Wise Installation Wizard
2010-01-09 21:26 . 2010-01-09 21:26 -------- d-----w- e:\program files\Automatické vypnutí počítače
2010-01-01 20:42 . 2009-07-09 10:53 -------- d--h--w- e:\program files\InstallShield Installation Information
2009-12-31 16:50 . 2009-07-09 09:52 353792 ----a-w- e:\windows\system32\drivers\srv.sys
2009-12-27 18:32 . 2009-12-27 18:32 413696 ----a-w- e:\windows\system32\wrap_oal.dll
2009-12-27 18:32 . 2009-12-27 18:32 110592 ----a-w- e:\windows\system32\OpenAL32.dll
2009-12-27 18:32 . 2009-12-27 18:32 -------- d-----w- e:\program files\OpenAL
2009-12-22 13:15 . 2009-07-09 10:01 82634 ----a-w- e:\windows\system32\perfc005.dat
2009-12-22 13:15 . 2009-07-09 10:01 440604 ----a-w- e:\windows\system32\perfh005.dat
2009-12-21 19:08 . 2009-07-09 10:00 916480 ----a-w- e:\windows\system32\wininet.dll
2009-12-17 07:42 . 2009-07-09 10:32 343552 ----a-w- e:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2009-07-09 09:41 33280 ----a-w- e:\windows\system32\csrsrv.dll
2009-12-09 10:11 . 2009-07-09 09:50 2147328 ----a-w- e:\windows\system32\ntoskrnl.exe
2009-12-09 10:11 . 2008-04-14 08:06 2025984 ----a-w- e:\windows\system32\ntkrnlpa.exe
2009-12-04 18:22 . 2009-07-09 09:43 455424 ----a-w- e:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:14 . 2009-07-09 09:51 1294336 ----a-w- e:\windows\system32\quartz.dll
2009-11-27 17:14 . 2008-04-14 08:51 17920 ----a-w- e:\windows\system32\msyuv.dll
2009-11-27 16:09 . 2009-07-09 09:44 28672 ----a-w- e:\windows\system32\msvidc32.dll
2009-11-27 16:09 . 2001-10-24 12:25 8704 ----a-w- e:\windows\system32\tsbyuv.dll
2009-11-27 16:09 . 2009-07-09 09:43 11264 ----a-w- e:\windows\system32\msrle32.dll
2009-11-27 16:09 . 2009-07-09 09:41 84992 ----a-w- e:\windows\system32\avifil32.dll
2009-11-27 16:09 . 2008-04-14 08:51 48128 ----a-w- e:\windows\system32\iyuv_32.dll
2009-11-24 23:54 . 2009-11-18 18:25 1280480 ----a-w- e:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-11-18 18:26 93424 ----a-w- e:\windows\system32\drivers\aswmon.sys
2009-11-24 23:50 . 2009-11-18 18:26 94160 ----a-w- e:\windows\system32\drivers\aswmon2.sys
2009-11-24 23:50 . 2009-11-18 18:26 114768 ----a-w- e:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2009-11-18 18:26 20560 ----a-w- e:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2009-11-18 18:26 48560 ----a-w- e:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-11-18 18:26 23120 ----a-w- e:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-11-18 18:26 27408 ----a-w- e:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-11-18 18:26 97480 ----a-w- e:\windows\system32\AvastSS.scr
2009-11-22 10:22 . 2009-11-22 10:22 3400 ----a-w- e:\windows\system32\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.dat
2009-11-22 10:22 . 2009-11-22 10:22 10890928 ----a-w- e:\windows\system32\SpoonUninstall.exe
2009-11-21 16:03 . 2009-07-09 09:40 471552 ----a-w- e:\windows\AppPatch\aclayers.dll
2009-07-15 21:31 . 2009-07-15 21:31 1243716 ----a-w- e:\program files\Apr2006_d3dx9_30_x64.cab
2009-03-16 12:36 . 2009-03-16 12:36 1078954 ----a-w- e:\program files\Apr2005_d3dx9_25_x86.cab
2009-03-16 12:36 . 2009-03-16 12:36 1347346 ----a-w- e:\program files\Apr2005_d3dx9_25_x64.cab
2009-04-07 18:52 . 2009-04-07 18:52 28672 ----a-w- e:\program files\mozilla firefox\components\GooglePlusVideosXPCOM.dll
2008-10-19 09:58 . 2008-10-19 09:58 49152 ----a-w- e:\program files\mozilla firefox\components\SiteVacuumXPCOM.dll
2009-08-09 21:14 . 2009-08-09 21:14 49152 ----a-w- e:\program files\mozilla firefox\components\SuperSearchXPCOM.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CHotkey"="mHotkey.exe" [2004-12-08 550912]
"RTHDCPL"="RTHDCPL.EXE" [2009-09-11 18717696]
"StartCCC"="e:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-25 98304]
"avast!"="e:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="e:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
e:\documents and settings\hip-hop forever\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - e:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]
e:\documents and settings\Machr\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Stardock ObjectDock.lnk - e:\program files\Stardock\ObjectDock\ObjectDock.exe [2009-7-21 3581680]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\E:^Documents and Settings^Machr^Nabídka Start^Programy^Po spuštění^Automatické vypnutí počítače.lnk]
path=e:\documents and settings\Machr\Nabídka Start\Programy\Po spuštění\Automatické vypnutí počítače.lnk
backup=e:\windows\pss\Automatické vypnutí počítače.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
e:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-09-04 11:08 935288 ----a-r- e:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
2009-11-02 14:27 611712 ----a-w- e:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comodo EasyVPN]
2009-09-28 16:36 3563768 ----a-w- e:\program files\COMODO\EasyVPN\EasyVPN.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-04-23 13:51 691656 ----a-w- e:\program files\DAEMON Tools Lite\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 10:44 31072 ----a-w- e:\program files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
2009-07-02 07:28 2327840 ----a-w- e:\program files\Nokia\Nokia Music\NokiaMusic.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-06-25 14:12 1414144 ----a-w- e:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2009-07-16 11:20 25604904 ----a-r- e:\program files\Skype\Phone\Skype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2009-11-25 16:02 1217808 ----a-w- e:\program files\Steam\steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"g:\\Games\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"g:\\Games\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"g:\\Games\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"e:\\WINDOWS\\system32\\PnkBstrA.exe"=
"e:\\WINDOWS\\system32\\PnkBstrB.exe"=
"g:\\Games\\PES 09\\CSP2009.exe"=
"e:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"e:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"e:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"g:\\Hry - INSTALACE\\Warhammer Dawn of War 2\\Warhammer_Dawn_of_War_2-WiCKED\\DOW2.exe"=
"g:\\Games\\The Battle for Middle-earth (tm) II\\game.dat"=
"e:\\Program Files\\mIRC\\mirc.exe"=
"g:\\Games\\The Lord of The Rings The Battle For Middle Earth 2 The Rise Of The Witch King\\game.dat"=
"g:\\Games\\UT 3 CZ\\Binaries\\UT3.exe"=
"g:\\Games\\Left4Dead\\hl2.exe"=
"e:\\Program Files\\uTorrent\\utorrent.exe"=
"g:\\Games\\Counter Strike\\hl2.exe"=
"g:\\Games\\Call of Duty 5\\CoDWaW.exe"=
"g:\\Games\\Call of Duty 5\\CoDWaWmp.exe"=
"g:\\Games\\Call of Duty 5\\CoDWaW-lanfix 1.5.exe"=
"g:\\Games\\Call of Duty 5\\CoDWaW_LANFixed.exe"=
"e:\\DC ++\\StrongDC.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\Launcher.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.0.9.9551-to-3.1.0.9767-enGB-downloader.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\BackgroundDownloader.exe"=
"g:\\Games\\Burnout Paradise\\BurnoutLauncher.exe"=
"g:\\Games\\Burnout Paradise\\BurnoutConfigTool.exe"=
"g:\\Games\\Burnout Paradise\\BurnoutParadise.exe"=
"e:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"=
"e:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"g:\\Games\\Left4Dead\\left4dead.exe"=
"g:\\Games\\Call of Duty\\CoDMP.exe"=
"e:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"e:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"e:\\Program Files\\K-Lite Codec Pack\\Media Player Classic\\mplayerc.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"=
"g:\\Games\\Call of Duty 5\\server.exe"=
"c:\\QIP Infium JadrisPack\\infium.exe"=
"e:\\Program Files\\HLSW\\hlsw.exe"=
"e:\\Program Files\\Opera\\opera.exe"=
"e:\\Program Files\\QIP8092\\qip.exe"=
"e:\\Hry\\NHL 09-EVROPA\\nhl2009.exe"=
"g:\\Games\\NHL 2004\\nhl2004.exe"=
"e:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"=
"g:\\Games\\Call of Duty 4\\iw3mp.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.2.0-enGB-downloader.exe"=
"e:\\Documents and Settings\\Machr\\Data aplikací\\Macromedia\\Flash Player\\www.macromedia.com\\bin\\octoshape\\octoshape.exe"=
"g:\\Games\\Batman Arkham Asylum\\Binaries\\ShippingPC-BmGame.exe"=
"g:\\Games\\Warcraft III\\Warcraft III.exe"=
"g:\\Games\\Warcraft III\\war3.exe"=
"g:\\Games\\Pro Evolution Soccer 2010\\pes2010.exe"=
"g:\\Games\\TmNationsForever\\TmForever.exe"=
"e:\\Program Files\\SopCast\\SopCast.exe"=
"e:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"g:\\Games\\Modern Warfare 2\\iw4sp.exe"=
"e:\\Program Files\\Steam\\Steam.exe"=
"g:\\Games\\Modern Warfare 2\\iw4mp.exe"=
"g:\\Games\\FM2010\\fm.exe"=
"e:\\Program Files\\Skype\\Phone\\Skype.exe"=
"e:\\Program Files\\COMODO\\EasyVPN\\EasyVPN.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.2.2.10505-to-3.3.0.10958-enGB-downloader.exe"=
"e:\\Program Files\\Steam\\steamapps\\common\\zero gear\\Server\\ZeroGearServer.exe"=
"e:\\Program Files\\Steam\\steamapps\\common\\zero gear\\Server\\iw4mp.exe"=
"g:\\Games\\Ubisoft\\Demo\\James Cameron's AVATAR - THE GAME (Demo)\\bin\\AvatarDemo.exe"=
"g:\\Games\\WoW 3.1.3\\Launcher.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.3.0.11159-to-3.3.2.11403-enGB-downloader.exe"=
"e:\\Program Files\\Steam\\steamapps\\common\\zero gear\\ZeroGear.bat"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"5353:TCP"= 5353:TCP:Adobe CSI CS4
R0 sptd;sptd;e:\windows\system32\drivers\sptd.sys [15.7.2009 23:18 721904]
R1 aswSP;avast! Self Protection;e:\windows\system32\drivers\aswSP.sys [18.11.2009 19:26 114768]
R2 aswFsBlk;aswFsBlk;e:\windows\system32\drivers\aswFsBlk.sys [18.11.2009 19:26 20560]
R2 CrdphService;COMODO EasyVPN VNC Service;e:\program files\COMODO\EasyVPN\crdphService.exe [11.8.2009 18:47 491768]
R2 EasyVpnAdpt;COMODO EasyVPN Service;e:\program files\COMODO\EasyVPN\Vpnservice.exe [11.8.2009 18:46 45304]
R3 ATP;Comodo EasyVPN Miniport Driver;e:\windows\system32\drivers\cmdatp.sys [8.12.2009 20:49 17424]
S2 Findbasic Service;Findbasic Service;e:\documents and settings\All Users\Data aplikací\Findbasic\findbasic115.exe [7.8.2009 5:10 54776]
S2 gupdate1ca300ec6a5bc4a;Služba Google Update (gupdate1ca300ec6a5bc4a);"e:\program files\Google\Update\GoogleUpdate.exe" /svc --> e:\program files\Google\Update\GoogleUpdate.exe [?]
S3 Ambfilt;Ambfilt;e:\windows\system32\drivers\Ambfilt.sys [15.7.2009 11:10 1684736]
S3 GarenaPEngine;GarenaPEngine;\??\e:\docume~1\Machr\LOCALS~1\Temp\LQF1F.tmp --> e:\docume~1\Machr\LOCALS~1\Temp\LQF1F.tmp [?]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;e:\windows\system32\drivers\nmwcdnsu.sys [20.7.2009 15:40 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;e:\windows\system32\drivers\nmwcdnsuc.sys [20.7.2009 15:40 8320]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
mStart Page = hxxp://www.europowersearch.com/Search.html?Sel ... rchLang=CZ
IE: &Download All by FlashGet - e:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
IE: &Download by FlashGet - e:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
IE: &Search the web - http://toolbar.recfree.com/rcfr/ctxmnu.html
IE: E&xportovat do aplikace Microsoft Excel - e:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - e:\documents and settings\Machr\Data aplikací\Mozilla\Firefox\Profiles\bjpf8uuf.default\
FF - prefs.js: browser.search.selectedEngine - Seznam
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - component: e:\documents and settings\Machr\Data aplikací\Mozilla\Firefox\Profiles\bjpf8uuf.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - component: e:\program files\Mozilla Firefox\components\GooglePlusVideosXPCOM.dll
FF - component: e:\program files\Mozilla Firefox\components\SiteVacuumXPCOM.dll
FF - component: e:\program files\Mozilla Firefox\components\SuperSearchXPCOM.dll
FF - plugin: e:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: e:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: e:\program files\mozilla firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - e:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
e:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
WebBrowser-{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - (no file)
AddRemove-3FA1705966809259F916AF817C59B4F389F4572C - e:\progra~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe
AddRemove-504244733D18C8F63FF584AEB290E3904E791693 - e:\progra~1\DIFX\B4723E9A0713E5B1\dpinst.exe
AddRemove-BS_Player Toolbar - e:\progra~1\BS_PLA~1\UNWISE.EXE
AddRemove-Cheat Engine 5.5_is1 - e:\program files\Cheat Engine\unins000.exe
AddRemove-DAEMON Tools Toolbar - e:\program files\DAEMON Tools Toolbar\uninst.exe
AddRemove-E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84 - e:\progra~1\DIFX\270581355A767BF1\dpinst.exe
AddRemove-F.E.A.R.2 Reborn_is1 - g:\games\Fear 2 Project Origin\unins000.exe
AddRemove-F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7 - e:\progra~1\DIFX\270581355A767BF1\dpinst.exe
AddRemove-FlashGet 2.0 - e:\program files\FlashGet Network\FlashGet universal\uninst.exe
AddRemove-Football Manager 2009 - e:\hry\Football Manager 09\Uninstall_Football Manager 2009\Uninstall Football Manager 2009.exe
AddRemove-Game Cam - e:\program files\Game Cam V2\uninst.exe
AddRemove-GameParkClient_is1 - e:\program files\GamePark\unins000.exe
AddRemove-GamersInternetTunnel_is1 - e:\program files\GIT\unins000.exe
AddRemove-Garena - e:\program files\Garena\uninst.exe
AddRemove-Icy Tower v1.4_is1 - g:\games\icytower1.4\unins000.exe
AddRemove-n2n Gui_is1 - e:\program files\n2n Gui\unins000.exe
AddRemove-RecFreeToolbar - e:\program files\RecFree.com\RecFreeToolbar\1.3.13.0\uninstall.exe
AddRemove-Recuva - e:\program files\Recuva\uninst.exe
AddRemove-SiteVacuum - e:\program files\EasySearch\uninst.exe
AddRemove-SmartPCRecorder - e:\program files\freebird\SmartRecorder\Uninstall.exe
AddRemove-StreamTorrent 1.0 - e:\program files\StreamTorrent 1.0\uninstall.exe
AddRemove-WinPcapInst - e:\program files\WinPcap\Uninstall.exe
AddRemove-{d08d9f98-1c78-4704-87e6-368b0023d831} - e:\program files\RelevantKnowledge\rlvknlg.exe
AddRemove-Herniserver.cz Game Client - e:\program files\Herniserver.cz Game Client\Uninstal.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-14 15:05
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spdl.sys >>UNKNOWN [0x89BC0938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf765bf28
\Driver\ACPI -> ACPI.sys @ 0xf7495cb8
\Driver\atapi -> atapi.sys @ 0xf7978b40
IoDeviceObjectType ->\Device\Harddisk0\DR0 ->NDIS: Realtek RTL8168C(P)/8111C(P) PCI-E Gigabit Ethernet NIC -> SendCompleteHandler -> NDIS.sys @ 0xba65fbb0
PacketIndicateHandler -> NDIS.sys @ 0xba66ca21
SendHandler -> NDIS.sys @ 0xba64a87b
user & kernel MBR OK
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\e:\docume~1\Machr\LOCALS~1\Temp\LQF1F.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-448539723-179605362-1417001333-1003\Software\SecuROM\License information*]
"datasecu"=hex:1c,22,0c,e2,e7,86,d2,2d,b4,2f,bb,83,c6,b6,a4,b7,5a,3c,94,a9,6c,
dc,e9,98,67,05,c7,25,06,21,41,47,1d,b6,07,0c,5b,f7,ac,e5,74,ac,33,67,df,a4,\
"rkeysecu"=hex:76,89,a9,6c,2b,86,9d,0c,17,a5,e0,ae,33,85,dc,21
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1172)
e:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(3512)
e:\program files\Stardock\ObjectDock\DockShellHook.dll
e:\program files\Windows Media Player\wmpband.dll
e:\windows\system32\webcheck.dll
e:\windows\system32\WPDShServiceObj.dll
e:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
e:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
e:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
e:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
e:\windows\system32\PortableDeviceTypes.dll
e:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
e:\windows\system32\Ati2evxx.exe
e:\program files\Alwil Software\Avast4\aswUpdSv.exe
e:\program files\Alwil Software\Avast4\ashServ.exe
e:\windows\system32\Ati2evxx.exe
e:\windows\system32\PnkBstrA.exe
e:\windows\system32\PnkBstrB.exe
e:\program files\Alwil Software\Avast4\ashMaiSv.exe
e:\program files\Alwil Software\Avast4\ashWebSv.exe
e:\windows\mHotkey.exe
e:\windows\RTHDCPL.EXE
e:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
e:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Celkový čas: 2010-02-14 15:10:28 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-02-14 14:10
Před spuštěním: Volných bajtů: 24 772 497 408
Po spuštění: Volných bajtů: 26 103 791 616
- - End Of File - - 1CD025BA54243767087E6F3811B596C6
-
Unlimited_Killer
- Přítel fóra
- Příspěvky: 1969
- Registrován: 24 srp 2009 16:18
Re: Prosim o radu a zkontrolovani PC :)
Jedeme dál.
1) Skript do ComboFix-u
1) Skript do ComboFix-u
- Otevřete si Poznámkový blok [Start → Spustit → notepad → Enter].
- Do něj vkopírujte následující text:
Kód: Vybrat vše
KillAll:: Folder:: c:\program files\Garena Collect:: e:\docume~1\Machr\LOCALS~1\Temp\LQF1F.tmp Driver:: GarenaPEngine Registry:: [-HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine] Extra:: DDS:: mStart Page = hxxp://www.europowersearch.com/Search.h ... rchLang=CZ IE: &Search the web - http://toolbar.recfree.com/rcfr/ctxmnu.html FireFox:: FF - ProfilePath - e:\documents and settings\Machr\Data aplikací\Mozilla\Firefox\Profiles\bjpf8uuf.default\ FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... id=afex&q= FF - component: e:\documents and settings\Machr\Data aplikací\Mozilla\Firefox\Profiles\bjpf8uuf.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll Reboot:: - Uložte tento soubor na Plochu pod jménem CFScript (koncovka .txt).
- Přetáhněte tento soubor nad ComboFix a pusťte ho.
- I tento soubor, i ComboFix musí být na Ploše!
- ComboFix se spustí a vykoná příkazy ze skriptu.
- Počítač bude pravděpodobně restartován.
- Po restartu na Vás vyskočí okno s logem, který mi vkopírujete sem ve formě textu.
- Stáhněte MbAM a postupujte podle popisu.
- Zatím nic nemažte, MbAM má občas falešné detekce.
- Poté mi sem vložte log ve formě textu.
inactive
Re: Prosim o radu a zkontrolovani PC :)
1)
omboFix 10-02-12.01 - Machr 14.02.2010 18:57:50.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1575 [GMT 1:00]
Spuštěný z: e:\documents and settings\Machr\Plocha\ComboFix.exe
Použité ovládací přepínače :: e:\documents and settings\Machr\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 100214-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
e:\documents and settings\Machr\Data aplikací\Mozilla\Firefox\Profiles\bjpf8uuf.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_GARENAPENGINE
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-14 do 2010-02-14 )))))))))))))))))))))))))))))))
.
2010-02-14 13:34 . 2010-02-14 13:34 -------- d-----w- E:\_OTM
2010-02-14 10:25 . 2010-02-14 10:25 -------- d-----w- E:\rsit
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-14 13:50 . 2009-07-16 19:35 664 ----a-w- e:\windows\system32\d3d9caps.dat
2010-02-13 22:57 . 2009-07-15 18:43 -------- d-----w- e:\program files\Windows Media Connect 2
2010-02-13 20:29 . 2009-07-16 16:02 -------- d-----w- e:\program files\mIRC
2010-02-08 22:52 . 2009-11-16 11:46 -------- d-----w- e:\program files\Steam
2010-01-22 07:43 . 2009-11-01 15:49 -------- d-----w- e:\program files\Microsoft Silverlight
2010-01-17 16:40 . 2009-05-04 18:04 -------- d-----r- e:\program files\Programy atd
2010-01-12 17:51 . 2010-01-12 17:51 -------- d-----w- e:\program files\Ventrilo
2010-01-12 17:51 . 2009-07-17 20:59 -------- d-----w- e:\program files\Common Files\Wise Installation Wizard
2010-01-09 21:26 . 2010-01-09 21:26 -------- d-----w- e:\program files\Automatické vypnutí počítače
2010-01-01 20:42 . 2009-07-09 10:53 -------- d--h--w- e:\program files\InstallShield Installation Information
2009-12-31 16:50 . 2009-07-09 09:52 353792 ----a-w- e:\windows\system32\drivers\srv.sys
2009-12-27 18:32 . 2009-12-27 18:32 413696 ----a-w- e:\windows\system32\wrap_oal.dll
2009-12-27 18:32 . 2009-12-27 18:32 110592 ----a-w- e:\windows\system32\OpenAL32.dll
2009-12-27 18:32 . 2009-12-27 18:32 -------- d-----w- e:\program files\OpenAL
2009-12-22 13:15 . 2009-07-09 10:01 82634 ----a-w- e:\windows\system32\perfc005.dat
2009-12-22 13:15 . 2009-07-09 10:01 440604 ----a-w- e:\windows\system32\perfh005.dat
2009-12-21 19:08 . 2009-07-09 10:00 916480 ------w- e:\windows\system32\wininet.dll
2009-12-17 07:42 . 2009-07-09 10:32 343552 ----a-w- e:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2009-07-09 09:41 33280 ----a-w- e:\windows\system32\csrsrv.dll
2009-12-09 10:11 . 2009-07-09 09:50 2147328 ------w- e:\windows\system32\ntoskrnl.exe
2009-12-09 10:11 . 2008-04-14 08:06 2025984 ------w- e:\windows\system32\ntkrnlpa.exe
2009-12-04 18:22 . 2009-07-09 09:43 455424 ----a-w- e:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:14 . 2009-07-09 09:51 1294336 ----a-w- e:\windows\system32\quartz.dll
2009-11-27 17:14 . 2008-04-14 08:51 17920 ----a-w- e:\windows\system32\msyuv.dll
2009-11-27 16:09 . 2009-07-09 09:44 28672 ----a-w- e:\windows\system32\msvidc32.dll
2009-11-27 16:09 . 2001-10-24 12:25 8704 ----a-w- e:\windows\system32\tsbyuv.dll
2009-11-27 16:09 . 2009-07-09 09:43 11264 ----a-w- e:\windows\system32\msrle32.dll
2009-11-27 16:09 . 2009-07-09 09:41 84992 ----a-w- e:\windows\system32\avifil32.dll
2009-11-27 16:09 . 2008-04-14 08:51 48128 ----a-w- e:\windows\system32\iyuv_32.dll
2009-11-24 23:54 . 2009-11-18 18:25 1280480 ----a-w- e:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-11-18 18:26 93424 ----a-w- e:\windows\system32\drivers\aswmon.sys
2009-11-24 23:50 . 2009-11-18 18:26 94160 ----a-w- e:\windows\system32\drivers\aswmon2.sys
2009-11-24 23:50 . 2009-11-18 18:26 114768 ----a-w- e:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2009-11-18 18:26 20560 ----a-w- e:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2009-11-18 18:26 48560 ----a-w- e:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-11-18 18:26 23120 ----a-w- e:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-11-18 18:26 27408 ----a-w- e:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-11-18 18:26 97480 ----a-w- e:\windows\system32\AvastSS.scr
2009-11-22 10:22 . 2009-11-22 10:22 3400 ----a-w- e:\windows\system32\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.dat
2009-11-22 10:22 . 2009-11-22 10:22 10890928 ----a-w- e:\windows\system32\SpoonUninstall.exe
2009-11-21 16:03 . 2009-07-09 09:40 471552 ----a-w- e:\windows\AppPatch\aclayers.dll
2009-07-15 21:31 . 2009-07-15 21:31 1243716 ----a-w- e:\program files\Apr2006_d3dx9_30_x64.cab
2009-03-16 12:36 . 2009-03-16 12:36 1078954 ----a-w- e:\program files\Apr2005_d3dx9_25_x86.cab
2009-03-16 12:36 . 2009-03-16 12:36 1347346 ----a-w- e:\program files\Apr2005_d3dx9_25_x64.cab
2009-04-07 18:52 . 2009-04-07 18:52 28672 ----a-w- e:\program files\mozilla firefox\components\GooglePlusVideosXPCOM.dll
2008-10-19 09:58 . 2008-10-19 09:58 49152 ----a-w- e:\program files\mozilla firefox\components\SiteVacuumXPCOM.dll
2009-08-09 21:14 . 2009-08-09 21:14 49152 ----a-w- e:\program files\mozilla firefox\components\SuperSearchXPCOM.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-02-14_14.05.02 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-02-14 17:56 . 2010-02-14 17:56 16384 e:\windows\Temp\Perflib_Perfdata_2b0.dat
+ 2010-02-14 18:05 . 2010-02-14 18:05 16384 e:\windows\Temp\Perflib_Perfdata_298.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CHotkey"="mHotkey.exe" [2004-12-08 550912]
"RTHDCPL"="RTHDCPL.EXE" [2009-09-11 18717696]
"StartCCC"="e:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-25 98304]
"avast!"="e:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="e:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
e:\documents and settings\hip-hop forever\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - e:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]
e:\documents and settings\Machr\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Stardock ObjectDock.lnk - e:\program files\Stardock\ObjectDock\ObjectDock.exe [2009-7-21 3581680]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\E:^Documents and Settings^Machr^Nabídka Start^Programy^Po spuštění^Automatické vypnutí počítače.lnk]
path=e:\documents and settings\Machr\Nabídka Start\Programy\Po spuštění\Automatické vypnutí počítače.lnk
backup=e:\windows\pss\Automatické vypnutí počítače.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
e:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-09-04 11:08 935288 ----a-r- e:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
2009-11-02 14:27 611712 ----a-w- e:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comodo EasyVPN]
2009-09-28 16:36 3563768 ----a-w- e:\program files\COMODO\EasyVPN\EasyVPN.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-04-23 13:51 691656 ----a-w- e:\program files\DAEMON Tools Lite\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 10:44 31072 ----a-w- e:\program files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
2009-07-02 07:28 2327840 ----a-w- e:\program files\Nokia\Nokia Music\NokiaMusic.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-06-25 14:12 1414144 ----a-w- e:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2009-07-16 11:20 25604904 ----a-r- e:\program files\Skype\Phone\Skype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2009-11-25 16:02 1217808 ----a-w- e:\program files\Steam\steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"g:\\Games\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"g:\\Games\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"g:\\Games\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"e:\\WINDOWS\\system32\\PnkBstrA.exe"=
"e:\\WINDOWS\\system32\\PnkBstrB.exe"=
"g:\\Games\\PES 09\\CSP2009.exe"=
"e:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"e:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"e:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"g:\\Hry - INSTALACE\\Warhammer Dawn of War 2\\Warhammer_Dawn_of_War_2-WiCKED\\DOW2.exe"=
"g:\\Games\\The Battle for Middle-earth (tm) II\\game.dat"=
"e:\\Program Files\\mIRC\\mirc.exe"=
"g:\\Games\\The Lord of The Rings The Battle For Middle Earth 2 The Rise Of The Witch King\\game.dat"=
"g:\\Games\\UT 3 CZ\\Binaries\\UT3.exe"=
"g:\\Games\\Left4Dead\\hl2.exe"=
"e:\\Program Files\\uTorrent\\utorrent.exe"=
"g:\\Games\\Counter Strike\\hl2.exe"=
"g:\\Games\\Call of Duty 5\\CoDWaW.exe"=
"g:\\Games\\Call of Duty 5\\CoDWaWmp.exe"=
"g:\\Games\\Call of Duty 5\\CoDWaW-lanfix 1.5.exe"=
"g:\\Games\\Call of Duty 5\\CoDWaW_LANFixed.exe"=
"e:\\DC ++\\StrongDC.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\Launcher.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.0.9.9551-to-3.1.0.9767-enGB-downloader.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\BackgroundDownloader.exe"=
"g:\\Games\\Burnout Paradise\\BurnoutLauncher.exe"=
"g:\\Games\\Burnout Paradise\\BurnoutConfigTool.exe"=
"g:\\Games\\Burnout Paradise\\BurnoutParadise.exe"=
"e:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"=
"e:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"g:\\Games\\Left4Dead\\left4dead.exe"=
"g:\\Games\\Call of Duty\\CoDMP.exe"=
"e:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"e:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"e:\\Program Files\\K-Lite Codec Pack\\Media Player Classic\\mplayerc.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"=
"g:\\Games\\Call of Duty 5\\server.exe"=
"c:\\QIP Infium JadrisPack\\infium.exe"=
"e:\\Program Files\\HLSW\\hlsw.exe"=
"e:\\Program Files\\Opera\\opera.exe"=
"e:\\Program Files\\QIP8092\\qip.exe"=
"e:\\Hry\\NHL 09-EVROPA\\nhl2009.exe"=
"g:\\Games\\NHL 2004\\nhl2004.exe"=
"e:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"=
"g:\\Games\\Call of Duty 4\\iw3mp.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.2.0-enGB-downloader.exe"=
"e:\\Documents and Settings\\Machr\\Data aplikací\\Macromedia\\Flash Player\\www.macromedia.com\\bin\\octoshape\\octoshape.exe"=
"g:\\Games\\Batman Arkham Asylum\\Binaries\\ShippingPC-BmGame.exe"=
"g:\\Games\\Warcraft III\\Warcraft III.exe"=
"g:\\Games\\Warcraft III\\war3.exe"=
"g:\\Games\\Pro Evolution Soccer 2010\\pes2010.exe"=
"g:\\Games\\TmNationsForever\\TmForever.exe"=
"e:\\Program Files\\SopCast\\SopCast.exe"=
"e:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"g:\\Games\\Modern Warfare 2\\iw4sp.exe"=
"e:\\Program Files\\Steam\\Steam.exe"=
"g:\\Games\\Modern Warfare 2\\iw4mp.exe"=
"g:\\Games\\FM2010\\fm.exe"=
"e:\\Program Files\\Skype\\Phone\\Skype.exe"=
"e:\\Program Files\\COMODO\\EasyVPN\\EasyVPN.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.2.2.10505-to-3.3.0.10958-enGB-downloader.exe"=
"e:\\Program Files\\Steam\\steamapps\\common\\zero gear\\Server\\ZeroGearServer.exe"=
"e:\\Program Files\\Steam\\steamapps\\common\\zero gear\\Server\\iw4mp.exe"=
"g:\\Games\\Ubisoft\\Demo\\James Cameron's AVATAR - THE GAME (Demo)\\bin\\AvatarDemo.exe"=
"g:\\Games\\WoW 3.1.3\\Launcher.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.3.0.11159-to-3.3.2.11403-enGB-downloader.exe"=
"e:\\Program Files\\Steam\\steamapps\\common\\zero gear\\ZeroGear.bat"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"5353:TCP"= 5353:TCP:Adobe CSI CS4
R0 sptd;sptd;e:\windows\system32\drivers\sptd.sys [15.7.2009 23:18 721904]
R1 aswSP;avast! Self Protection;e:\windows\system32\drivers\aswSP.sys [18.11.2009 19:26 114768]
R2 aswFsBlk;aswFsBlk;e:\windows\system32\drivers\aswFsBlk.sys [18.11.2009 19:26 20560]
R2 CrdphService;COMODO EasyVPN VNC Service;e:\program files\COMODO\EasyVPN\crdphService.exe [11.8.2009 18:47 491768]
R2 EasyVpnAdpt;COMODO EasyVPN Service;e:\program files\COMODO\EasyVPN\Vpnservice.exe [11.8.2009 18:46 45304]
R3 ATP;Comodo EasyVPN Miniport Driver;e:\windows\system32\drivers\cmdatp.sys [8.12.2009 20:49 17424]
S2 Findbasic Service;Findbasic Service;e:\documents and settings\All Users\Data aplikací\Findbasic\findbasic115.exe [7.8.2009 5:10 54776]
S2 gupdate1ca300ec6a5bc4a;Služba Google Update (gupdate1ca300ec6a5bc4a);"e:\program files\Google\Update\GoogleUpdate.exe" /svc --> e:\program files\Google\Update\GoogleUpdate.exe [?]
S3 Ambfilt;Ambfilt;e:\windows\system32\drivers\Ambfilt.sys [15.7.2009 11:10 1684736]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;e:\windows\system32\drivers\nmwcdnsu.sys [20.7.2009 15:40 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;e:\windows\system32\drivers\nmwcdnsuc.sys [20.7.2009 15:40 8320]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
IE: &Download All by FlashGet - e:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
IE: &Download by FlashGet - e:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
IE: E&xportovat do aplikace Microsoft Excel - e:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - e:\documents and settings\Machr\Data aplikací\Mozilla\Firefox\Profiles\bjpf8uuf.default\
FF - prefs.js: browser.search.selectedEngine - Seznam
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - component: e:\program files\Mozilla Firefox\components\GooglePlusVideosXPCOM.dll
FF - component: e:\program files\Mozilla Firefox\components\SiteVacuumXPCOM.dll
FF - component: e:\program files\Mozilla Firefox\components\SuperSearchXPCOM.dll
FF - plugin: e:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: e:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: e:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - e:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
e:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-14 19:05
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spqs.sys >>UNKNOWN [0x89BC0938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf765bf28
\Driver\ACPI -> ACPI.sys @ 0xf7495cb8
\Driver\atapi -> atapi.sys @ 0xf7978b40
IoDeviceObjectType ->\Device\Harddisk0\DR0 ->NDIS: Realtek RTL8168C(P)/8111C(P) PCI-E Gigabit Ethernet NIC -> SendCompleteHandler -> NDIS.sys @ 0xba65fbb0
PacketIndicateHandler -> NDIS.sys @ 0xba66ca21
SendHandler -> NDIS.sys @ 0xba64a87b
user & kernel MBR OK
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-448539723-179605362-1417001333-1003\Software\SecuROM\License information*]
"datasecu"=hex:1c,22,0c,e2,e7,86,d2,2d,b4,2f,bb,83,c6,b6,a4,b7,5a,3c,94,a9,6c,
dc,e9,98,67,05,c7,25,06,21,41,47,1d,b6,07,0c,5b,f7,ac,e5,74,ac,33,67,df,a4,\
"rkeysecu"=hex:76,89,a9,6c,2b,86,9d,0c,17,a5,e0,ae,33,85,dc,21
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1172)
e:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(3592)
e:\program files\Stardock\ObjectDock\DockShellHook.dll
e:\program files\Windows Media Player\wmpband.dll
e:\windows\system32\webcheck.dll
e:\windows\system32\WPDShServiceObj.dll
e:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
e:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
e:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
e:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
e:\windows\system32\PortableDeviceTypes.dll
e:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
e:\windows\system32\Ati2evxx.exe
e:\program files\Alwil Software\Avast4\aswUpdSv.exe
e:\program files\Alwil Software\Avast4\ashServ.exe
e:\windows\system32\Ati2evxx.exe
e:\windows\system32\PnkBstrA.exe
e:\windows\system32\PnkBstrB.exe
e:\windows\mHotkey.exe
e:\windows\RTHDCPL.EXE
e:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
e:\program files\Alwil Software\Avast4\ashMaiSv.exe
e:\program files\Alwil Software\Avast4\ashWebSv.exe
e:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Celkový čas: 2010-02-14 19:10:21 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-02-14 18:10
ComboFix2.txt 2010-02-14 14:10
Před spuštěním: Volných bajtů: 26 070 138 880
Po spuštění: Volných bajtů: 26 014 932 992
- - End Of File - - 06DCE2DF4CDC831CAECC7520BF983FBD
2)
Malwarebytes' Anti-Malware 1.44
Verze databáze: 3739
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
14.2.2010 19:19:26
mbam-log-2010-02-14 (19-19-22).txt
Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 124982
Uplynulý čas: 5 minute(s), 17 second(s)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 6
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 2
Infikované soubory: 5
Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované klíče registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{78ff2f80-613a-47d7-8871-912b1236f704} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c8cd2017-f1e5-4f1a-b58a-ee0b1af0d0d8} (Hijack.SearchPage) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{78ff2f80-613a-47d7-8871-912b1236f704} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{c8cd2017-f1e5-4f1a-b58a-ee0b1af0d0d8} (Hijack.SearchPage) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Findbasic Service (Adware.FindBasic) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Findbasic (Adware.FindBasic) -> No action taken.
Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované adresáře:
E:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge (Spyware.MarketScore) -> No action taken.
E:\Documents and Settings\All Users\Data aplikací\Findbasic (Adware.FindBasic) -> No action taken.
Infikované soubory:
E:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge\About RelevantKnowledge.lnk (Spyware.MarketScore) -> No action taken.
E:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge\Privacy Policy and User License Agreement.lnk (Spyware.MarketScore) -> No action taken.
E:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge\Support.lnk (Spyware.MarketScore) -> No action taken.
E:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge\Uninstall Instructions.lnk (Spyware.MarketScore) -> No action taken.
E:\Documents and Settings\All Users\Data aplikací\Findbasic\findbasic115.exe (Adware.FindBasic) -> No action taken.
3)
Logfile of random's system information tool 1.06 (written by random/random)
Run by Machr at 2010-02-14 19:21:18
Systém Microsoft Windows XP Professional Service Pack 3
System drive E: has 25 GB (19%) free of 133 GB
Total RAM: 2046 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:21:19, on 14.2.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\COMODO\EasyVPN\crdphService.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
E:\Program Files\Alwil Software\Avast4\ashServ.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\COMODO\EasyVPN\Vpnservice.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\WINDOWS\system32\PnkBstrB.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\mHotkey.exe
E:\WINDOWS\RTHDCPL.EXE
E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
E:\Program Files\Stardock\ObjectDock\ObjectDock.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
E:\WINDOWS\explorer.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Documents and Settings\Machr\Plocha\RSIT.exe
E:\Program Files\Trend Micro\HijackThis\Machr.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - E:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] E:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = E:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: &Download All by FlashGet - E:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
O8 - Extra context menu item: &Download by FlashGet - E:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\Program Files\ICQ6.5\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\Program Files\ICQ6.5\ICQ.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: COMODO EasyVPN VNC Service (CrdphService) - COMODO - E:\Program Files\COMODO\EasyVPN\crdphService.exe
O23 - Service: COMODO EasyVPN Service (EasyVpnAdpt) - Unknown owner - E:\Program Files\COMODO\EasyVPN\Vpnservice.exe
O23 - Service: Findbasic Service - Unknown owner - E:\Documents and Settings\All Users\Data aplikací\Findbasic\findbasic115.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate1ca300ec6a5bc4a) (gupdate1ca300ec6a5bc4a) - Unknown owner - E:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - E:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - E:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - E:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: ServiceLayer - Unknown owner - E:\Program Files\PC Connectivity Solution\ServiceLayer.exe (file missing)
--
End of file - 7167 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F364306-AA45-47B5-9F9D-39A8B94E7EF1}]
FG2CatchUrl - E:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - E:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-15 41368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-15 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CHotkey"=E:\WINDOWS\mHotkey.exe [2004-12-08 550912]
"RTHDCPL"=E:\WINDOWS\RTHDCPL.EXE [2009-09-11 18717696]
"StartCCC"=E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-09-25 98304]
"avast!"=E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=E:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-01-07 429392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
E:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2009-11-02 611712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comodo EasyVPN]
E:\Program Files\COMODO\EasyVPN\EasyVPN.exe [2009-09-28 3563768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
E:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
E:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
E:\Program Files\Nokia\Nokia Music\NokiaMusic.exe [2009-07-02 2327840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
E:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
E:\Program Files\Skype\Phone\Skype.exe [2009-07-16 25604904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
e:\program files\steam\steam.exe [2009-11-25 1217808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^Machr^Nabídka Start^Programy^Po spuštění^Automatické vypnutí počítače.lnk]
E:\PROGRA~1\AUTOMA~1\avp.exe [2004-12-28 443392]
E:\Documents and Settings\Machr\Nabídka Start\Programy\Po spuštění
Stardock ObjectDock.lnk - E:\Program Files\Stardock\ObjectDock\ObjectDock.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
E:\WINDOWS\system32\Ati2evxx.dll [2009-09-23 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - E:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"G:\Games\Assassin's Creed\AssassinsCreed_Dx9.exe"="G:\Games\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"G:\Games\Assassin's Creed\AssassinsCreed_Dx10.exe"="G:\Games\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"G:\Games\Assassin's Creed\AssassinsCreed_Launcher.exe"="G:\Games\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"E:\WINDOWS\system32\PnkBstrA.exe"="E:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"E:\WINDOWS\system32\PnkBstrB.exe"="E:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"G:\Games\PES 09\CSP2009.exe"="G:\Games\PES 09\CSP2009.exe:*:Enabled:Pro Evolution Soccer 2009"
"E:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="E:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"E:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="E:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"E:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="E:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"G:\Hry - INSTALACE\Warhammer Dawn of War 2\Warhammer_Dawn_of_War_2-WiCKED\DOW2.exe"="G:\Hry - INSTALACE\Warhammer Dawn of War 2\Warhammer_Dawn_of_War_2-WiCKED\DOW2.exe:*:Enabled:DOW2"
"G:\Games\The Battle for Middle-earth (tm) II\game.dat"="G:\Games\The Battle for Middle-earth (tm) II\game.dat:*:Enabled:The Battle for Middle-earth(tm) II"
"E:\Program Files\mIRC\mirc.exe"="E:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"G:\Games\The Lord of The Rings The Battle For Middle Earth 2 The Rise Of The Witch King\game.dat"="G:\Games\The Lord of The Rings The Battle For Middle Earth 2 The Rise Of The Witch King\game.dat:*:Enabled:The Lord of the Rings, The Rise of the Witch-king"
"G:\Games\UT 3 CZ\Binaries\UT3.exe"="G:\Games\UT 3 CZ\Binaries\UT3.exe:*:Enabled:UT3"
"G:\Games\Left4Dead\hl2.exe"="G:\Games\Left4Dead\hl2.exe:*:Enabled:hl2"
"E:\Program Files\uTorrent\utorrent.exe"="E:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"G:\Games\Counter Strike\hl2.exe"="G:\Games\Counter Strike\hl2.exe:*:Enabled:hl2"
"G:\Games\Call of Duty 5\CoDWaW.exe"="G:\Games\Call of Duty 5\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"G:\Games\Call of Duty 5\CoDWaWmp.exe"="G:\Games\Call of Duty 5\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"G:\Games\Call of Duty 5\CoDWaW-lanfix 1.5.exe"="G:\Games\Call of Duty 5\CoDWaW-lanfix 1.5.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop"
"G:\Games\Call of Duty 5\CoDWaW_LANFixed.exe"="G:\Games\Call of Duty 5\CoDWaW_LANFixed.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop"
"E:\DC ++\StrongDC.exe"="E:\DC ++\StrongDC.exe:*:Enabled:StrongDC++"
"G:\Games\World of Warcraft ORIGINAL\Launcher.exe"="G:\Games\World of Warcraft ORIGINAL\Launcher.exe:*:Enabled:Blizzard Launcher"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.0.9.9551-to-3.1.0.9767-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.0.9.9551-to-3.1.0.9767-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\World of Warcraft ORIGINAL\BackgroundDownloader.exe"="G:\Games\World of Warcraft ORIGINAL\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\Burnout Paradise\BurnoutLauncher.exe"="G:\Games\Burnout Paradise\BurnoutLauncher.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"G:\Games\Burnout Paradise\BurnoutConfigTool.exe"="G:\Games\Burnout Paradise\BurnoutConfigTool.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"G:\Games\Burnout Paradise\BurnoutParadise.exe"="G:\Games\Burnout Paradise\BurnoutParadise.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"E:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="E:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Program Files\Mozilla Firefox\firefox.exe"="E:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"G:\Games\Left4Dead\left4dead.exe"="G:\Games\Left4Dead\left4dead.exe:*:Enabled:left4dead"
"G:\Games\Call of Duty\CoDMP.exe"="G:\Games\Call of Duty\CoDMP.exe:*:Enabled:CoDMP"
"E:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="E:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"E:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="E:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"E:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe"="E:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe:*:Enabled:Media Player Classic - Homecinema"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\Call of Duty 5\server.exe"="G:\Games\Call of Duty 5\server.exe:*:Enabled:Call of Duty(R): World at War Multiplayer"
"C:\QIP Infium JadrisPack\infium.exe"="C:\QIP Infium JadrisPack\infium.exe:*:Enabled:QIP Infium"
"E:\Program Files\HLSW\hlsw.exe"="E:\Program Files\HLSW\hlsw.exe:*:Enabled:hlsw"
"E:\Program Files\Opera\opera.exe"="E:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"E:\Program Files\QIP8092\qip.exe"="E:\Program Files\QIP8092\qip.exe:*:Enabled:Quiet Internet Pager"
"E:\Hry\NHL 09-EVROPA\nhl2009.exe"="E:\Hry\NHL 09-EVROPA\nhl2009.exe:*:Enabled:nhl2009"
"G:\Games\NHL 2004\nhl2004.exe"="G:\Games\NHL 2004\nhl2004.exe:*:Enabled:nhl2004"
"E:\Program Files\TeamViewer\Version4\TeamViewer.exe"="E:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\Call of Duty 4\iw3mp.exe"="G:\Games\Call of Duty 4\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Documents and Settings\Machr\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe"="E:\Documents and Settings\Machr\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player"
"G:\Games\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe"="G:\Games\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe:*:Enabled:Batman: Arkham Asylum"
"G:\Games\Warcraft III\Warcraft III.exe"="G:\Games\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"G:\Games\Warcraft III\war3.exe"="G:\Games\Warcraft III\war3.exe:*:Enabled:Warcraft III"
"G:\Games\Pro Evolution Soccer 2010\pes2010.exe"="G:\Games\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"G:\Games\TmNationsForever\TmForever.exe"="G:\Games\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"E:\Program Files\SopCast\SopCast.exe"="E:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"E:\Program Files\SopCast\adv\SopAdver.exe"="E:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"G:\Games\Modern Warfare 2\iw4sp.exe"="G:\Games\Modern Warfare 2\iw4sp.exe:*:Enabled:iw4sp"
"E:\Program Files\Steam\Steam.exe"="E:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"G:\Games\Modern Warfare 2\iw4mp.exe"="G:\Games\Modern Warfare 2\iw4mp.exe:*:Enabled:iw4mp"
"G:\Games\FM2010\fm.exe"="G:\Games\FM2010\fm.exe:*:Enabled:Football Manager 2010"
"E:\Program Files\Skype\Phone\Skype.exe"="E:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"E:\Program Files\COMODO\EasyVPN\EasyVPN.exe"="E:\Program Files\COMODO\EasyVPN\EasyVPN.exe:*:Enabled:COMODO EasyVPN"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.2.10505-to-3.3.0.10958-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.2.10505-to-3.3.0.10958-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Program Files\Steam\steamapps\common\zero gear\Server\ZeroGearServer.exe"="E:\Program Files\Steam\steamapps\common\zero gear\Server\ZeroGearServer.exe:*:Enabled:ZeroGearServer"
"E:\Program Files\Steam\steamapps\common\zero gear\Server\iw4mp.exe"="E:\Program Files\Steam\steamapps\common\zero gear\Server\iw4mp.exe:*:Enabled:iw4mp"
"G:\Games\Ubisoft\Demo\James Cameron's AVATAR - THE GAME (Demo)\bin\AvatarDemo.exe"="G:\Games\Ubisoft\Demo\James Cameron's AVATAR - THE GAME (Demo)\bin\AvatarDemo.exe:*:Enabled:James Cameron's AVATAR(tm): THE GAME (Demo)"
"G:\Games\WoW 3.1.3\Launcher.exe"="G:\Games\WoW 3.1.3\Launcher.exe:*:Enabled:Blizzard Launcher"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.3.0.11159-to-3.3.2.11403-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.3.0.11159-to-3.3.2.11403-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Program Files\Steam\steamapps\common\zero gear\ZeroGear.bat"="E:\Program Files\Steam\steamapps\common\zero gear\ZeroGear.bat:*:Enabled:Zero Gear Demo"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2010-02-14 19:12:19 ----D---- E:\Program Files\Malwarebytes' Anti-Malware
2010-02-14 19:10:21 ----A---- E:\ComboFix.txt
2010-02-14 14:50:59 ----A---- E:\WINDOWS\zip.exe
2010-02-14 14:50:59 ----A---- E:\WINDOWS\SWXCACLS.exe
2010-02-14 14:50:59 ----A---- E:\WINDOWS\SWSC.exe
2010-02-14 14:50:59 ----A---- E:\WINDOWS\SWREG.exe
2010-02-14 14:50:59 ----A---- E:\WINDOWS\sed.exe
2010-02-14 14:50:59 ----A---- E:\WINDOWS\PEV.exe
2010-02-14 14:50:59 ----A---- E:\WINDOWS\NIRCMD.exe
2010-02-14 14:50:59 ----A---- E:\WINDOWS\MBR.exe
2010-02-14 14:50:59 ----A---- E:\WINDOWS\grep.exe
2010-02-14 14:50:37 ----D---- E:\WINDOWS\ERDNT
2010-02-14 14:48:36 ----AD---- E:\Qoobox
2010-02-14 14:34:45 ----D---- E:\_OTM
2010-02-14 11:25:28 ----D---- E:\rsit
2010-02-10 20:52:52 ----HDC---- E:\WINDOWS\$NtUninstallKB978262$
2010-02-10 20:52:47 ----HDC---- E:\WINDOWS\$NtUninstallKB971468$
2010-02-10 20:48:55 ----HDC---- E:\WINDOWS\$NtUninstallKB978037$
2010-02-10 20:48:51 ----HDC---- E:\WINDOWS\$NtUninstallKB975713$
2010-02-10 20:48:46 ----HDC---- E:\WINDOWS\$NtUninstallKB978251$
2010-02-10 20:48:39 ----HDC---- E:\WINDOWS\$NtUninstallKB975560$
2010-02-10 20:47:42 ----HDC---- E:\WINDOWS\$NtUninstallKB977914$
2010-02-10 20:47:29 ----HDC---- E:\WINDOWS\$NtUninstallKB978706$
2010-02-10 20:47:12 ----HDC---- E:\WINDOWS\$NtUninstallKB977165$
2010-02-08 13:31:21 ----D---- E:\Documents and Settings\Machr\Data aplikací\Facebook
======List of files/folders modified in the last 1 months======
2010-02-14 19:12:21 ----D---- E:\WINDOWS\system32\drivers
2010-02-14 19:12:19 ----RD---- E:\Program Files
2010-02-14 19:10:44 ----D---- E:\Program Files\Mozilla Firefox
2010-02-14 19:10:23 ----D---- E:\WINDOWS\Temp
2010-02-14 19:09:32 ----D---- E:\WINDOWS\system32\CatRoot2
2010-02-14 19:05:27 ----N---- E:\WINDOWS\system.ini
2010-02-14 19:05:27 ----D---- E:\WINDOWS
2010-02-14 19:03:55 ----D---- E:\WINDOWS\system32\config
2010-02-14 19:01:38 ----D---- E:\WINDOWS\system32
2010-02-14 19:01:38 ----D---- E:\WINDOWS\AppPatch
2010-02-14 19:01:34 ----D---- E:\Program Files\Common Files
2010-02-14 18:57:21 ----A---- E:\WINDOWS\SchedLgU.Txt
2010-02-14 14:48:50 ----D---- E:\WINDOWS\Prefetch
2010-02-14 14:35:31 ----SD---- E:\WINDOWS\Tasks
2010-02-14 13:28:56 ----D---- E:\Documents and Settings\Machr\Data aplikací\vlc
2010-02-13 23:57:57 ----D---- E:\Program Files\Windows Media Connect 2
2010-02-13 21:29:07 ----D---- E:\Program Files\mIRC
2010-02-13 11:09:53 ----D---- E:\Mp3
2010-02-11 11:10:12 ----RD---- E:\Filmy
2010-02-10 20:52:54 ----HD---- E:\WINDOWS\inf
2010-02-10 20:52:51 ----HD---- E:\WINDOWS\$hf_mig$
2010-02-10 20:52:49 ----RSHDC---- E:\WINDOWS\system32\dllcache
2010-02-10 20:52:49 ----A---- E:\WINDOWS\imsins.BAK
2010-02-10 20:48:35 ----SHD---- E:\WINDOWS\Installer
2010-02-10 20:48:34 ----D---- E:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-02-09 15:27:16 ----D---- E:\Documents and Settings\Machr\Data aplikací\BITS
2010-02-09 10:30:58 ----A---- E:\WINDOWS\win.ini
2010-02-08 23:56:08 ----D---- E:\WINDOWS\pss
2010-02-08 23:52:46 ----D---- E:\Program Files\Steam
2010-02-08 23:52:13 ----A---- E:\WINDOWS\avp.ini
2010-02-08 23:20:04 ----D---- E:\Documents and Settings\Machr\Data aplikací\dvdcss
2010-02-08 11:05:20 ----D---- E:\Program Files\Internet Explorer
2010-02-01 20:26:20 ----A---- E:\WINDOWS\system32\MRT.exe
2010-01-22 12:53:17 ----D---- E:\WINDOWS\ie8updates
2010-01-22 08:43:04 ----D---- E:\Program Files\Microsoft Silverlight
2010-01-17 17:40:42 ----RD---- E:\Program Files\Programy atd
2010-01-15 20:11:31 ----D---- E:\WINDOWS\Minidump
2010-01-15 19:30:48 ----D---- E:\Documents and Settings\Machr\Data aplikací\ICQ
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; E:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; E:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; E:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Řadič procesoru Intel; E:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; E:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 adfs;adfs; E:\WINDOWS\system32\drivers\adfs.sys [2009-11-02 73312]
R2 aswFsBlk;aswFsBlk; E:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; E:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R3 aswRdr;aswRdr; E:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; E:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-09-23 4481024]
R3 ATP;Comodo EasyVPN Miniport Driver; E:\WINDOWS\system32\DRIVERS\cmdatp.sys [2008-12-10 17424]
R3 catchme;catchme; \??\E:\ComboFix\catchme.sys []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; E:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; E:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); E:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-09-11 5911552]
R3 mouhid;Ovladač myši standardu HID; E:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; E:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-10-30 117888]
R3 tap0901;TAP-Win32 Adapter V9; E:\WINDOWS\system32\DRIVERS\tap0901.sys [2008-01-30 25216]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; E:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; E:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; E:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; E:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 acg36p14;acg36p14; E:\WINDOWS\system32\drivers\acg36p14.sys []
S3 Ambfilt;Ambfilt; E:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 Arp1394;Protokol 1394 ARP Client; E:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 gdrv;gdrv; \??\E:\WINDOWS\gdrv.sys []
S3 hamachi;Hamachi Network Interface; E:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 mbr;mbr; \??\E:\DOCUME~1\Machr\LOCALS~1\Temp\mbr.sys []
S3 Monfilt;Monfilt; E:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; E:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 NIC1394;1394 Net Driver; E:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 nmwcd;Nokia USB Phone Parent; E:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; E:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; E:\WINDOWS\system32\drivers\nmwcdnsu.sys [2009-03-19 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; E:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2009-03-19 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; E:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; E:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; E:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
S3 usbser;USB Modem Driver; E:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; E:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; E:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; E:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; E:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 IntelIde;IntelIde; E:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; E:\WINDOWS\system32\Ati2evxx.exe [2009-09-23 602112]
R2 avast! Antivirus;avast! Antivirus; E:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 CrdphService;COMODO EasyVPN VNC Service; E:\Program Files\COMODO\EasyVPN\crdphService.exe [2009-08-11 491768]
R2 EasyVpnAdpt;COMODO EasyVPN Service; E:\Program Files\COMODO\EasyVPN\Vpnservice.exe [2009-08-11 45304]
R2 PnkBstrA;PnkBstrA; E:\WINDOWS\system32\PnkBstrA.exe [2009-09-28 75064]
R2 PnkBstrB;PnkBstrB; E:\WINDOWS\system32\PnkBstrB.exe [2009-10-11 190144]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; E:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; E:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 ATI Smart;ATI Smart; E:\WINDOWS\system32\ati2sgag.exe [2009-09-25 593920]
S2 Findbasic Service;Findbasic Service; E:\Documents and Settings\All Users\Data aplikací\Findbasic\findbasic115.exe [2009-06-30 54776]
S2 gupdate1ca300ec6a5bc4a;Služba Google Update (gupdate1ca300ec6a5bc4a); E:\Program Files\Google\Update\GoogleUpdate.exe /svc []
S3 aspnet_state;Stavová služba ASP.NET; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-08-02 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; E:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; E:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; E:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; E:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); E:\Program Files\WinPcap\rpcapd.exe -d -f E:\Program Files\WinPcap\rpcapd.ini []
S3 ServiceLayer;ServiceLayer; E:\Program Files\PC Connectivity Solution\ServiceLayer.exe []
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; E:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
omboFix 10-02-12.01 - Machr 14.02.2010 18:57:50.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1575 [GMT 1:00]
Spuštěný z: e:\documents and settings\Machr\Plocha\ComboFix.exe
Použité ovládací přepínače :: e:\documents and settings\Machr\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 100214-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
e:\documents and settings\Machr\Data aplikací\Mozilla\Firefox\Profiles\bjpf8uuf.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_GARENAPENGINE
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-14 do 2010-02-14 )))))))))))))))))))))))))))))))
.
2010-02-14 13:34 . 2010-02-14 13:34 -------- d-----w- E:\_OTM
2010-02-14 10:25 . 2010-02-14 10:25 -------- d-----w- E:\rsit
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-14 13:50 . 2009-07-16 19:35 664 ----a-w- e:\windows\system32\d3d9caps.dat
2010-02-13 22:57 . 2009-07-15 18:43 -------- d-----w- e:\program files\Windows Media Connect 2
2010-02-13 20:29 . 2009-07-16 16:02 -------- d-----w- e:\program files\mIRC
2010-02-08 22:52 . 2009-11-16 11:46 -------- d-----w- e:\program files\Steam
2010-01-22 07:43 . 2009-11-01 15:49 -------- d-----w- e:\program files\Microsoft Silverlight
2010-01-17 16:40 . 2009-05-04 18:04 -------- d-----r- e:\program files\Programy atd
2010-01-12 17:51 . 2010-01-12 17:51 -------- d-----w- e:\program files\Ventrilo
2010-01-12 17:51 . 2009-07-17 20:59 -------- d-----w- e:\program files\Common Files\Wise Installation Wizard
2010-01-09 21:26 . 2010-01-09 21:26 -------- d-----w- e:\program files\Automatické vypnutí počítače
2010-01-01 20:42 . 2009-07-09 10:53 -------- d--h--w- e:\program files\InstallShield Installation Information
2009-12-31 16:50 . 2009-07-09 09:52 353792 ----a-w- e:\windows\system32\drivers\srv.sys
2009-12-27 18:32 . 2009-12-27 18:32 413696 ----a-w- e:\windows\system32\wrap_oal.dll
2009-12-27 18:32 . 2009-12-27 18:32 110592 ----a-w- e:\windows\system32\OpenAL32.dll
2009-12-27 18:32 . 2009-12-27 18:32 -------- d-----w- e:\program files\OpenAL
2009-12-22 13:15 . 2009-07-09 10:01 82634 ----a-w- e:\windows\system32\perfc005.dat
2009-12-22 13:15 . 2009-07-09 10:01 440604 ----a-w- e:\windows\system32\perfh005.dat
2009-12-21 19:08 . 2009-07-09 10:00 916480 ------w- e:\windows\system32\wininet.dll
2009-12-17 07:42 . 2009-07-09 10:32 343552 ----a-w- e:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2009-07-09 09:41 33280 ----a-w- e:\windows\system32\csrsrv.dll
2009-12-09 10:11 . 2009-07-09 09:50 2147328 ------w- e:\windows\system32\ntoskrnl.exe
2009-12-09 10:11 . 2008-04-14 08:06 2025984 ------w- e:\windows\system32\ntkrnlpa.exe
2009-12-04 18:22 . 2009-07-09 09:43 455424 ----a-w- e:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:14 . 2009-07-09 09:51 1294336 ----a-w- e:\windows\system32\quartz.dll
2009-11-27 17:14 . 2008-04-14 08:51 17920 ----a-w- e:\windows\system32\msyuv.dll
2009-11-27 16:09 . 2009-07-09 09:44 28672 ----a-w- e:\windows\system32\msvidc32.dll
2009-11-27 16:09 . 2001-10-24 12:25 8704 ----a-w- e:\windows\system32\tsbyuv.dll
2009-11-27 16:09 . 2009-07-09 09:43 11264 ----a-w- e:\windows\system32\msrle32.dll
2009-11-27 16:09 . 2009-07-09 09:41 84992 ----a-w- e:\windows\system32\avifil32.dll
2009-11-27 16:09 . 2008-04-14 08:51 48128 ----a-w- e:\windows\system32\iyuv_32.dll
2009-11-24 23:54 . 2009-11-18 18:25 1280480 ----a-w- e:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-11-18 18:26 93424 ----a-w- e:\windows\system32\drivers\aswmon.sys
2009-11-24 23:50 . 2009-11-18 18:26 94160 ----a-w- e:\windows\system32\drivers\aswmon2.sys
2009-11-24 23:50 . 2009-11-18 18:26 114768 ----a-w- e:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2009-11-18 18:26 20560 ----a-w- e:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2009-11-18 18:26 48560 ----a-w- e:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-11-18 18:26 23120 ----a-w- e:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-11-18 18:26 27408 ----a-w- e:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-11-18 18:26 97480 ----a-w- e:\windows\system32\AvastSS.scr
2009-11-22 10:22 . 2009-11-22 10:22 3400 ----a-w- e:\windows\system32\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.dat
2009-11-22 10:22 . 2009-11-22 10:22 10890928 ----a-w- e:\windows\system32\SpoonUninstall.exe
2009-11-21 16:03 . 2009-07-09 09:40 471552 ----a-w- e:\windows\AppPatch\aclayers.dll
2009-07-15 21:31 . 2009-07-15 21:31 1243716 ----a-w- e:\program files\Apr2006_d3dx9_30_x64.cab
2009-03-16 12:36 . 2009-03-16 12:36 1078954 ----a-w- e:\program files\Apr2005_d3dx9_25_x86.cab
2009-03-16 12:36 . 2009-03-16 12:36 1347346 ----a-w- e:\program files\Apr2005_d3dx9_25_x64.cab
2009-04-07 18:52 . 2009-04-07 18:52 28672 ----a-w- e:\program files\mozilla firefox\components\GooglePlusVideosXPCOM.dll
2008-10-19 09:58 . 2008-10-19 09:58 49152 ----a-w- e:\program files\mozilla firefox\components\SiteVacuumXPCOM.dll
2009-08-09 21:14 . 2009-08-09 21:14 49152 ----a-w- e:\program files\mozilla firefox\components\SuperSearchXPCOM.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-02-14_14.05.02 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-02-14 17:56 . 2010-02-14 17:56 16384 e:\windows\Temp\Perflib_Perfdata_2b0.dat
+ 2010-02-14 18:05 . 2010-02-14 18:05 16384 e:\windows\Temp\Perflib_Perfdata_298.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CHotkey"="mHotkey.exe" [2004-12-08 550912]
"RTHDCPL"="RTHDCPL.EXE" [2009-09-11 18717696]
"StartCCC"="e:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-25 98304]
"avast!"="e:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="e:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
e:\documents and settings\hip-hop forever\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - e:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]
e:\documents and settings\Machr\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Stardock ObjectDock.lnk - e:\program files\Stardock\ObjectDock\ObjectDock.exe [2009-7-21 3581680]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\E:^Documents and Settings^Machr^Nabídka Start^Programy^Po spuštění^Automatické vypnutí počítače.lnk]
path=e:\documents and settings\Machr\Nabídka Start\Programy\Po spuštění\Automatické vypnutí počítače.lnk
backup=e:\windows\pss\Automatické vypnutí počítače.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
e:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-09-04 11:08 935288 ----a-r- e:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
2009-11-02 14:27 611712 ----a-w- e:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comodo EasyVPN]
2009-09-28 16:36 3563768 ----a-w- e:\program files\COMODO\EasyVPN\EasyVPN.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-04-23 13:51 691656 ----a-w- e:\program files\DAEMON Tools Lite\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 10:44 31072 ----a-w- e:\program files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
2009-07-02 07:28 2327840 ----a-w- e:\program files\Nokia\Nokia Music\NokiaMusic.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-06-25 14:12 1414144 ----a-w- e:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2009-07-16 11:20 25604904 ----a-r- e:\program files\Skype\Phone\Skype.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2009-11-25 16:02 1217808 ----a-w- e:\program files\Steam\steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"g:\\Games\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"g:\\Games\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"g:\\Games\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"e:\\WINDOWS\\system32\\PnkBstrA.exe"=
"e:\\WINDOWS\\system32\\PnkBstrB.exe"=
"g:\\Games\\PES 09\\CSP2009.exe"=
"e:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"e:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"e:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"g:\\Hry - INSTALACE\\Warhammer Dawn of War 2\\Warhammer_Dawn_of_War_2-WiCKED\\DOW2.exe"=
"g:\\Games\\The Battle for Middle-earth (tm) II\\game.dat"=
"e:\\Program Files\\mIRC\\mirc.exe"=
"g:\\Games\\The Lord of The Rings The Battle For Middle Earth 2 The Rise Of The Witch King\\game.dat"=
"g:\\Games\\UT 3 CZ\\Binaries\\UT3.exe"=
"g:\\Games\\Left4Dead\\hl2.exe"=
"e:\\Program Files\\uTorrent\\utorrent.exe"=
"g:\\Games\\Counter Strike\\hl2.exe"=
"g:\\Games\\Call of Duty 5\\CoDWaW.exe"=
"g:\\Games\\Call of Duty 5\\CoDWaWmp.exe"=
"g:\\Games\\Call of Duty 5\\CoDWaW-lanfix 1.5.exe"=
"g:\\Games\\Call of Duty 5\\CoDWaW_LANFixed.exe"=
"e:\\DC ++\\StrongDC.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\Launcher.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.0.9.9551-to-3.1.0.9767-enGB-downloader.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\BackgroundDownloader.exe"=
"g:\\Games\\Burnout Paradise\\BurnoutLauncher.exe"=
"g:\\Games\\Burnout Paradise\\BurnoutConfigTool.exe"=
"g:\\Games\\Burnout Paradise\\BurnoutParadise.exe"=
"e:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"=
"e:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"g:\\Games\\Left4Dead\\left4dead.exe"=
"g:\\Games\\Call of Duty\\CoDMP.exe"=
"e:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"e:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"e:\\Program Files\\K-Lite Codec Pack\\Media Player Classic\\mplayerc.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"=
"g:\\Games\\Call of Duty 5\\server.exe"=
"c:\\QIP Infium JadrisPack\\infium.exe"=
"e:\\Program Files\\HLSW\\hlsw.exe"=
"e:\\Program Files\\Opera\\opera.exe"=
"e:\\Program Files\\QIP8092\\qip.exe"=
"e:\\Hry\\NHL 09-EVROPA\\nhl2009.exe"=
"g:\\Games\\NHL 2004\\nhl2004.exe"=
"e:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"=
"g:\\Games\\Call of Duty 4\\iw3mp.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.2.0-enGB-downloader.exe"=
"e:\\Documents and Settings\\Machr\\Data aplikací\\Macromedia\\Flash Player\\www.macromedia.com\\bin\\octoshape\\octoshape.exe"=
"g:\\Games\\Batman Arkham Asylum\\Binaries\\ShippingPC-BmGame.exe"=
"g:\\Games\\Warcraft III\\Warcraft III.exe"=
"g:\\Games\\Warcraft III\\war3.exe"=
"g:\\Games\\Pro Evolution Soccer 2010\\pes2010.exe"=
"g:\\Games\\TmNationsForever\\TmForever.exe"=
"e:\\Program Files\\SopCast\\SopCast.exe"=
"e:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"g:\\Games\\Modern Warfare 2\\iw4sp.exe"=
"e:\\Program Files\\Steam\\Steam.exe"=
"g:\\Games\\Modern Warfare 2\\iw4mp.exe"=
"g:\\Games\\FM2010\\fm.exe"=
"e:\\Program Files\\Skype\\Phone\\Skype.exe"=
"e:\\Program Files\\COMODO\\EasyVPN\\EasyVPN.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.2.2.10505-to-3.3.0.10958-enGB-downloader.exe"=
"e:\\Program Files\\Steam\\steamapps\\common\\zero gear\\Server\\ZeroGearServer.exe"=
"e:\\Program Files\\Steam\\steamapps\\common\\zero gear\\Server\\iw4mp.exe"=
"g:\\Games\\Ubisoft\\Demo\\James Cameron's AVATAR - THE GAME (Demo)\\bin\\AvatarDemo.exe"=
"g:\\Games\\WoW 3.1.3\\Launcher.exe"=
"g:\\Games\\World of Warcraft ORIGINAL\\WoW-3.3.0.11159-to-3.3.2.11403-enGB-downloader.exe"=
"e:\\Program Files\\Steam\\steamapps\\common\\zero gear\\ZeroGear.bat"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"5353:TCP"= 5353:TCP:Adobe CSI CS4
R0 sptd;sptd;e:\windows\system32\drivers\sptd.sys [15.7.2009 23:18 721904]
R1 aswSP;avast! Self Protection;e:\windows\system32\drivers\aswSP.sys [18.11.2009 19:26 114768]
R2 aswFsBlk;aswFsBlk;e:\windows\system32\drivers\aswFsBlk.sys [18.11.2009 19:26 20560]
R2 CrdphService;COMODO EasyVPN VNC Service;e:\program files\COMODO\EasyVPN\crdphService.exe [11.8.2009 18:47 491768]
R2 EasyVpnAdpt;COMODO EasyVPN Service;e:\program files\COMODO\EasyVPN\Vpnservice.exe [11.8.2009 18:46 45304]
R3 ATP;Comodo EasyVPN Miniport Driver;e:\windows\system32\drivers\cmdatp.sys [8.12.2009 20:49 17424]
S2 Findbasic Service;Findbasic Service;e:\documents and settings\All Users\Data aplikací\Findbasic\findbasic115.exe [7.8.2009 5:10 54776]
S2 gupdate1ca300ec6a5bc4a;Služba Google Update (gupdate1ca300ec6a5bc4a);"e:\program files\Google\Update\GoogleUpdate.exe" /svc --> e:\program files\Google\Update\GoogleUpdate.exe [?]
S3 Ambfilt;Ambfilt;e:\windows\system32\drivers\Ambfilt.sys [15.7.2009 11:10 1684736]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;e:\windows\system32\drivers\nmwcdnsu.sys [20.7.2009 15:40 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;e:\windows\system32\drivers\nmwcdnsuc.sys [20.7.2009 15:40 8320]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
IE: &Download All by FlashGet - e:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
IE: &Download by FlashGet - e:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
IE: E&xportovat do aplikace Microsoft Excel - e:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - e:\documents and settings\Machr\Data aplikací\Mozilla\Firefox\Profiles\bjpf8uuf.default\
FF - prefs.js: browser.search.selectedEngine - Seznam
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - component: e:\program files\Mozilla Firefox\components\GooglePlusVideosXPCOM.dll
FF - component: e:\program files\Mozilla Firefox\components\SiteVacuumXPCOM.dll
FF - component: e:\program files\Mozilla Firefox\components\SuperSearchXPCOM.dll
FF - plugin: e:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: e:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: e:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - e:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
e:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-14 19:05
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spqs.sys >>UNKNOWN [0x89BC0938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf765bf28
\Driver\ACPI -> ACPI.sys @ 0xf7495cb8
\Driver\atapi -> atapi.sys @ 0xf7978b40
IoDeviceObjectType ->\Device\Harddisk0\DR0 ->NDIS: Realtek RTL8168C(P)/8111C(P) PCI-E Gigabit Ethernet NIC -> SendCompleteHandler -> NDIS.sys @ 0xba65fbb0
PacketIndicateHandler -> NDIS.sys @ 0xba66ca21
SendHandler -> NDIS.sys @ 0xba64a87b
user & kernel MBR OK
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-448539723-179605362-1417001333-1003\Software\SecuROM\License information*]
"datasecu"=hex:1c,22,0c,e2,e7,86,d2,2d,b4,2f,bb,83,c6,b6,a4,b7,5a,3c,94,a9,6c,
dc,e9,98,67,05,c7,25,06,21,41,47,1d,b6,07,0c,5b,f7,ac,e5,74,ac,33,67,df,a4,\
"rkeysecu"=hex:76,89,a9,6c,2b,86,9d,0c,17,a5,e0,ae,33,85,dc,21
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1172)
e:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(3592)
e:\program files\Stardock\ObjectDock\DockShellHook.dll
e:\program files\Windows Media Player\wmpband.dll
e:\windows\system32\webcheck.dll
e:\windows\system32\WPDShServiceObj.dll
e:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
e:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
e:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
e:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
e:\windows\system32\PortableDeviceTypes.dll
e:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
e:\windows\system32\Ati2evxx.exe
e:\program files\Alwil Software\Avast4\aswUpdSv.exe
e:\program files\Alwil Software\Avast4\ashServ.exe
e:\windows\system32\Ati2evxx.exe
e:\windows\system32\PnkBstrA.exe
e:\windows\system32\PnkBstrB.exe
e:\windows\mHotkey.exe
e:\windows\RTHDCPL.EXE
e:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
e:\program files\Alwil Software\Avast4\ashMaiSv.exe
e:\program files\Alwil Software\Avast4\ashWebSv.exe
e:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Celkový čas: 2010-02-14 19:10:21 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-02-14 18:10
ComboFix2.txt 2010-02-14 14:10
Před spuštěním: Volných bajtů: 26 070 138 880
Po spuštění: Volných bajtů: 26 014 932 992
- - End Of File - - 06DCE2DF4CDC831CAECC7520BF983FBD
2)
Malwarebytes' Anti-Malware 1.44
Verze databáze: 3739
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
14.2.2010 19:19:26
mbam-log-2010-02-14 (19-19-22).txt
Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 124982
Uplynulý čas: 5 minute(s), 17 second(s)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 6
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 2
Infikované soubory: 5
Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované klíče registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{78ff2f80-613a-47d7-8871-912b1236f704} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c8cd2017-f1e5-4f1a-b58a-ee0b1af0d0d8} (Hijack.SearchPage) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{78ff2f80-613a-47d7-8871-912b1236f704} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{c8cd2017-f1e5-4f1a-b58a-ee0b1af0d0d8} (Hijack.SearchPage) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Findbasic Service (Adware.FindBasic) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Findbasic (Adware.FindBasic) -> No action taken.
Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované adresáře:
E:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge (Spyware.MarketScore) -> No action taken.
E:\Documents and Settings\All Users\Data aplikací\Findbasic (Adware.FindBasic) -> No action taken.
Infikované soubory:
E:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge\About RelevantKnowledge.lnk (Spyware.MarketScore) -> No action taken.
E:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge\Privacy Policy and User License Agreement.lnk (Spyware.MarketScore) -> No action taken.
E:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge\Support.lnk (Spyware.MarketScore) -> No action taken.
E:\Documents and Settings\All Users\Nabídka Start\Programy\RelevantKnowledge\Uninstall Instructions.lnk (Spyware.MarketScore) -> No action taken.
E:\Documents and Settings\All Users\Data aplikací\Findbasic\findbasic115.exe (Adware.FindBasic) -> No action taken.
3)
Logfile of random's system information tool 1.06 (written by random/random)
Run by Machr at 2010-02-14 19:21:18
Systém Microsoft Windows XP Professional Service Pack 3
System drive E: has 25 GB (19%) free of 133 GB
Total RAM: 2046 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:21:19, on 14.2.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\COMODO\EasyVPN\crdphService.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
E:\Program Files\Alwil Software\Avast4\ashServ.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\COMODO\EasyVPN\Vpnservice.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\WINDOWS\system32\PnkBstrB.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\mHotkey.exe
E:\WINDOWS\RTHDCPL.EXE
E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
E:\Program Files\Stardock\ObjectDock\ObjectDock.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
E:\WINDOWS\explorer.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Documents and Settings\Machr\Plocha\RSIT.exe
E:\Program Files\Trend Micro\HijackThis\Machr.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - E:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] E:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = E:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: &Download All by FlashGet - E:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
O8 - Extra context menu item: &Download by FlashGet - E:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\Program Files\ICQ6.5\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\Program Files\ICQ6.5\ICQ.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: COMODO EasyVPN VNC Service (CrdphService) - COMODO - E:\Program Files\COMODO\EasyVPN\crdphService.exe
O23 - Service: COMODO EasyVPN Service (EasyVpnAdpt) - Unknown owner - E:\Program Files\COMODO\EasyVPN\Vpnservice.exe
O23 - Service: Findbasic Service - Unknown owner - E:\Documents and Settings\All Users\Data aplikací\Findbasic\findbasic115.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate1ca300ec6a5bc4a) (gupdate1ca300ec6a5bc4a) - Unknown owner - E:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - E:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - E:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - E:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: ServiceLayer - Unknown owner - E:\Program Files\PC Connectivity Solution\ServiceLayer.exe (file missing)
--
End of file - 7167 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F364306-AA45-47B5-9F9D-39A8B94E7EF1}]
FG2CatchUrl - E:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - E:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-15 41368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-15 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CHotkey"=E:\WINDOWS\mHotkey.exe [2004-12-08 550912]
"RTHDCPL"=E:\WINDOWS\RTHDCPL.EXE [2009-09-11 18717696]
"StartCCC"=E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-09-25 98304]
"avast!"=E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=E:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-01-07 429392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
E:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2009-11-02 611712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comodo EasyVPN]
E:\Program Files\COMODO\EasyVPN\EasyVPN.exe [2009-09-28 3563768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
E:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
E:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
E:\Program Files\Nokia\Nokia Music\NokiaMusic.exe [2009-07-02 2327840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
E:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
E:\Program Files\Skype\Phone\Skype.exe [2009-07-16 25604904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
e:\program files\steam\steam.exe [2009-11-25 1217808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^Machr^Nabídka Start^Programy^Po spuštění^Automatické vypnutí počítače.lnk]
E:\PROGRA~1\AUTOMA~1\avp.exe [2004-12-28 443392]
E:\Documents and Settings\Machr\Nabídka Start\Programy\Po spuštění
Stardock ObjectDock.lnk - E:\Program Files\Stardock\ObjectDock\ObjectDock.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
E:\WINDOWS\system32\Ati2evxx.dll [2009-09-23 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - E:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"G:\Games\Assassin's Creed\AssassinsCreed_Dx9.exe"="G:\Games\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"G:\Games\Assassin's Creed\AssassinsCreed_Dx10.exe"="G:\Games\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"G:\Games\Assassin's Creed\AssassinsCreed_Launcher.exe"="G:\Games\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"E:\WINDOWS\system32\PnkBstrA.exe"="E:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"E:\WINDOWS\system32\PnkBstrB.exe"="E:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"G:\Games\PES 09\CSP2009.exe"="G:\Games\PES 09\CSP2009.exe:*:Enabled:Pro Evolution Soccer 2009"
"E:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="E:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"E:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="E:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"E:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="E:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"G:\Hry - INSTALACE\Warhammer Dawn of War 2\Warhammer_Dawn_of_War_2-WiCKED\DOW2.exe"="G:\Hry - INSTALACE\Warhammer Dawn of War 2\Warhammer_Dawn_of_War_2-WiCKED\DOW2.exe:*:Enabled:DOW2"
"G:\Games\The Battle for Middle-earth (tm) II\game.dat"="G:\Games\The Battle for Middle-earth (tm) II\game.dat:*:Enabled:The Battle for Middle-earth(tm) II"
"E:\Program Files\mIRC\mirc.exe"="E:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"G:\Games\The Lord of The Rings The Battle For Middle Earth 2 The Rise Of The Witch King\game.dat"="G:\Games\The Lord of The Rings The Battle For Middle Earth 2 The Rise Of The Witch King\game.dat:*:Enabled:The Lord of the Rings, The Rise of the Witch-king"
"G:\Games\UT 3 CZ\Binaries\UT3.exe"="G:\Games\UT 3 CZ\Binaries\UT3.exe:*:Enabled:UT3"
"G:\Games\Left4Dead\hl2.exe"="G:\Games\Left4Dead\hl2.exe:*:Enabled:hl2"
"E:\Program Files\uTorrent\utorrent.exe"="E:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"G:\Games\Counter Strike\hl2.exe"="G:\Games\Counter Strike\hl2.exe:*:Enabled:hl2"
"G:\Games\Call of Duty 5\CoDWaW.exe"="G:\Games\Call of Duty 5\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"G:\Games\Call of Duty 5\CoDWaWmp.exe"="G:\Games\Call of Duty 5\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"G:\Games\Call of Duty 5\CoDWaW-lanfix 1.5.exe"="G:\Games\Call of Duty 5\CoDWaW-lanfix 1.5.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop"
"G:\Games\Call of Duty 5\CoDWaW_LANFixed.exe"="G:\Games\Call of Duty 5\CoDWaW_LANFixed.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop"
"E:\DC ++\StrongDC.exe"="E:\DC ++\StrongDC.exe:*:Enabled:StrongDC++"
"G:\Games\World of Warcraft ORIGINAL\Launcher.exe"="G:\Games\World of Warcraft ORIGINAL\Launcher.exe:*:Enabled:Blizzard Launcher"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.0.9.9551-to-3.1.0.9767-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.0.9.9551-to-3.1.0.9767-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\World of Warcraft ORIGINAL\BackgroundDownloader.exe"="G:\Games\World of Warcraft ORIGINAL\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\Burnout Paradise\BurnoutLauncher.exe"="G:\Games\Burnout Paradise\BurnoutLauncher.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"G:\Games\Burnout Paradise\BurnoutConfigTool.exe"="G:\Games\Burnout Paradise\BurnoutConfigTool.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"G:\Games\Burnout Paradise\BurnoutParadise.exe"="G:\Games\Burnout Paradise\BurnoutParadise.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"E:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="E:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Program Files\Mozilla Firefox\firefox.exe"="E:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"G:\Games\Left4Dead\left4dead.exe"="G:\Games\Left4Dead\left4dead.exe:*:Enabled:left4dead"
"G:\Games\Call of Duty\CoDMP.exe"="G:\Games\Call of Duty\CoDMP.exe:*:Enabled:CoDMP"
"E:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="E:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"E:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="E:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"E:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe"="E:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe:*:Enabled:Media Player Classic - Homecinema"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\Call of Duty 5\server.exe"="G:\Games\Call of Duty 5\server.exe:*:Enabled:Call of Duty(R): World at War Multiplayer"
"C:\QIP Infium JadrisPack\infium.exe"="C:\QIP Infium JadrisPack\infium.exe:*:Enabled:QIP Infium"
"E:\Program Files\HLSW\hlsw.exe"="E:\Program Files\HLSW\hlsw.exe:*:Enabled:hlsw"
"E:\Program Files\Opera\opera.exe"="E:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"E:\Program Files\QIP8092\qip.exe"="E:\Program Files\QIP8092\qip.exe:*:Enabled:Quiet Internet Pager"
"E:\Hry\NHL 09-EVROPA\nhl2009.exe"="E:\Hry\NHL 09-EVROPA\nhl2009.exe:*:Enabled:nhl2009"
"G:\Games\NHL 2004\nhl2004.exe"="G:\Games\NHL 2004\nhl2004.exe:*:Enabled:nhl2004"
"E:\Program Files\TeamViewer\Version4\TeamViewer.exe"="E:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\Call of Duty 4\iw3mp.exe"="G:\Games\Call of Duty 4\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Documents and Settings\Machr\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe"="E:\Documents and Settings\Machr\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player"
"G:\Games\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe"="G:\Games\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe:*:Enabled:Batman: Arkham Asylum"
"G:\Games\Warcraft III\Warcraft III.exe"="G:\Games\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"G:\Games\Warcraft III\war3.exe"="G:\Games\Warcraft III\war3.exe:*:Enabled:Warcraft III"
"G:\Games\Pro Evolution Soccer 2010\pes2010.exe"="G:\Games\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"G:\Games\TmNationsForever\TmForever.exe"="G:\Games\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"E:\Program Files\SopCast\SopCast.exe"="E:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"E:\Program Files\SopCast\adv\SopAdver.exe"="E:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"G:\Games\Modern Warfare 2\iw4sp.exe"="G:\Games\Modern Warfare 2\iw4sp.exe:*:Enabled:iw4sp"
"E:\Program Files\Steam\Steam.exe"="E:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"G:\Games\Modern Warfare 2\iw4mp.exe"="G:\Games\Modern Warfare 2\iw4mp.exe:*:Enabled:iw4mp"
"G:\Games\FM2010\fm.exe"="G:\Games\FM2010\fm.exe:*:Enabled:Football Manager 2010"
"E:\Program Files\Skype\Phone\Skype.exe"="E:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"E:\Program Files\COMODO\EasyVPN\EasyVPN.exe"="E:\Program Files\COMODO\EasyVPN\EasyVPN.exe:*:Enabled:COMODO EasyVPN"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.2.10505-to-3.3.0.10958-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.2.10505-to-3.3.0.10958-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Program Files\Steam\steamapps\common\zero gear\Server\ZeroGearServer.exe"="E:\Program Files\Steam\steamapps\common\zero gear\Server\ZeroGearServer.exe:*:Enabled:ZeroGearServer"
"E:\Program Files\Steam\steamapps\common\zero gear\Server\iw4mp.exe"="E:\Program Files\Steam\steamapps\common\zero gear\Server\iw4mp.exe:*:Enabled:iw4mp"
"G:\Games\Ubisoft\Demo\James Cameron's AVATAR - THE GAME (Demo)\bin\AvatarDemo.exe"="G:\Games\Ubisoft\Demo\James Cameron's AVATAR - THE GAME (Demo)\bin\AvatarDemo.exe:*:Enabled:James Cameron's AVATAR(tm): THE GAME (Demo)"
"G:\Games\WoW 3.1.3\Launcher.exe"="G:\Games\WoW 3.1.3\Launcher.exe:*:Enabled:Blizzard Launcher"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.3.0.11159-to-3.3.2.11403-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.3.0.11159-to-3.3.2.11403-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Program Files\Steam\steamapps\common\zero gear\ZeroGear.bat"="E:\Program Files\Steam\steamapps\common\zero gear\ZeroGear.bat:*:Enabled:Zero Gear Demo"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2010-02-14 19:12:19 ----D---- E:\Program Files\Malwarebytes' Anti-Malware
2010-02-14 19:10:21 ----A---- E:\ComboFix.txt
2010-02-14 14:50:59 ----A---- E:\WINDOWS\zip.exe
2010-02-14 14:50:59 ----A---- E:\WINDOWS\SWXCACLS.exe
2010-02-14 14:50:59 ----A---- E:\WINDOWS\SWSC.exe
2010-02-14 14:50:59 ----A---- E:\WINDOWS\SWREG.exe
2010-02-14 14:50:59 ----A---- E:\WINDOWS\sed.exe
2010-02-14 14:50:59 ----A---- E:\WINDOWS\PEV.exe
2010-02-14 14:50:59 ----A---- E:\WINDOWS\NIRCMD.exe
2010-02-14 14:50:59 ----A---- E:\WINDOWS\MBR.exe
2010-02-14 14:50:59 ----A---- E:\WINDOWS\grep.exe
2010-02-14 14:50:37 ----D---- E:\WINDOWS\ERDNT
2010-02-14 14:48:36 ----AD---- E:\Qoobox
2010-02-14 14:34:45 ----D---- E:\_OTM
2010-02-14 11:25:28 ----D---- E:\rsit
2010-02-10 20:52:52 ----HDC---- E:\WINDOWS\$NtUninstallKB978262$
2010-02-10 20:52:47 ----HDC---- E:\WINDOWS\$NtUninstallKB971468$
2010-02-10 20:48:55 ----HDC---- E:\WINDOWS\$NtUninstallKB978037$
2010-02-10 20:48:51 ----HDC---- E:\WINDOWS\$NtUninstallKB975713$
2010-02-10 20:48:46 ----HDC---- E:\WINDOWS\$NtUninstallKB978251$
2010-02-10 20:48:39 ----HDC---- E:\WINDOWS\$NtUninstallKB975560$
2010-02-10 20:47:42 ----HDC---- E:\WINDOWS\$NtUninstallKB977914$
2010-02-10 20:47:29 ----HDC---- E:\WINDOWS\$NtUninstallKB978706$
2010-02-10 20:47:12 ----HDC---- E:\WINDOWS\$NtUninstallKB977165$
2010-02-08 13:31:21 ----D---- E:\Documents and Settings\Machr\Data aplikací\Facebook
======List of files/folders modified in the last 1 months======
2010-02-14 19:12:21 ----D---- E:\WINDOWS\system32\drivers
2010-02-14 19:12:19 ----RD---- E:\Program Files
2010-02-14 19:10:44 ----D---- E:\Program Files\Mozilla Firefox
2010-02-14 19:10:23 ----D---- E:\WINDOWS\Temp
2010-02-14 19:09:32 ----D---- E:\WINDOWS\system32\CatRoot2
2010-02-14 19:05:27 ----N---- E:\WINDOWS\system.ini
2010-02-14 19:05:27 ----D---- E:\WINDOWS
2010-02-14 19:03:55 ----D---- E:\WINDOWS\system32\config
2010-02-14 19:01:38 ----D---- E:\WINDOWS\system32
2010-02-14 19:01:38 ----D---- E:\WINDOWS\AppPatch
2010-02-14 19:01:34 ----D---- E:\Program Files\Common Files
2010-02-14 18:57:21 ----A---- E:\WINDOWS\SchedLgU.Txt
2010-02-14 14:48:50 ----D---- E:\WINDOWS\Prefetch
2010-02-14 14:35:31 ----SD---- E:\WINDOWS\Tasks
2010-02-14 13:28:56 ----D---- E:\Documents and Settings\Machr\Data aplikací\vlc
2010-02-13 23:57:57 ----D---- E:\Program Files\Windows Media Connect 2
2010-02-13 21:29:07 ----D---- E:\Program Files\mIRC
2010-02-13 11:09:53 ----D---- E:\Mp3
2010-02-11 11:10:12 ----RD---- E:\Filmy
2010-02-10 20:52:54 ----HD---- E:\WINDOWS\inf
2010-02-10 20:52:51 ----HD---- E:\WINDOWS\$hf_mig$
2010-02-10 20:52:49 ----RSHDC---- E:\WINDOWS\system32\dllcache
2010-02-10 20:52:49 ----A---- E:\WINDOWS\imsins.BAK
2010-02-10 20:48:35 ----SHD---- E:\WINDOWS\Installer
2010-02-10 20:48:34 ----D---- E:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-02-09 15:27:16 ----D---- E:\Documents and Settings\Machr\Data aplikací\BITS
2010-02-09 10:30:58 ----A---- E:\WINDOWS\win.ini
2010-02-08 23:56:08 ----D---- E:\WINDOWS\pss
2010-02-08 23:52:46 ----D---- E:\Program Files\Steam
2010-02-08 23:52:13 ----A---- E:\WINDOWS\avp.ini
2010-02-08 23:20:04 ----D---- E:\Documents and Settings\Machr\Data aplikací\dvdcss
2010-02-08 11:05:20 ----D---- E:\Program Files\Internet Explorer
2010-02-01 20:26:20 ----A---- E:\WINDOWS\system32\MRT.exe
2010-01-22 12:53:17 ----D---- E:\WINDOWS\ie8updates
2010-01-22 08:43:04 ----D---- E:\Program Files\Microsoft Silverlight
2010-01-17 17:40:42 ----RD---- E:\Program Files\Programy atd
2010-01-15 20:11:31 ----D---- E:\WINDOWS\Minidump
2010-01-15 19:30:48 ----D---- E:\Documents and Settings\Machr\Data aplikací\ICQ
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; E:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; E:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; E:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Řadič procesoru Intel; E:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; E:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 adfs;adfs; E:\WINDOWS\system32\drivers\adfs.sys [2009-11-02 73312]
R2 aswFsBlk;aswFsBlk; E:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; E:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R3 aswRdr;aswRdr; E:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; E:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-09-23 4481024]
R3 ATP;Comodo EasyVPN Miniport Driver; E:\WINDOWS\system32\DRIVERS\cmdatp.sys [2008-12-10 17424]
R3 catchme;catchme; \??\E:\ComboFix\catchme.sys []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; E:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; E:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); E:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-09-11 5911552]
R3 mouhid;Ovladač myši standardu HID; E:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; E:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-10-30 117888]
R3 tap0901;TAP-Win32 Adapter V9; E:\WINDOWS\system32\DRIVERS\tap0901.sys [2008-01-30 25216]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; E:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; E:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; E:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; E:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 acg36p14;acg36p14; E:\WINDOWS\system32\drivers\acg36p14.sys []
S3 Ambfilt;Ambfilt; E:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 Arp1394;Protokol 1394 ARP Client; E:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 gdrv;gdrv; \??\E:\WINDOWS\gdrv.sys []
S3 hamachi;Hamachi Network Interface; E:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 mbr;mbr; \??\E:\DOCUME~1\Machr\LOCALS~1\Temp\mbr.sys []
S3 Monfilt;Monfilt; E:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; E:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 NIC1394;1394 Net Driver; E:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 nmwcd;Nokia USB Phone Parent; E:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; E:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; E:\WINDOWS\system32\drivers\nmwcdnsu.sys [2009-03-19 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; E:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2009-03-19 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; E:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; E:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; E:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
S3 usbser;USB Modem Driver; E:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; E:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; E:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; E:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; E:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 IntelIde;IntelIde; E:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; E:\WINDOWS\system32\Ati2evxx.exe [2009-09-23 602112]
R2 avast! Antivirus;avast! Antivirus; E:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 CrdphService;COMODO EasyVPN VNC Service; E:\Program Files\COMODO\EasyVPN\crdphService.exe [2009-08-11 491768]
R2 EasyVpnAdpt;COMODO EasyVPN Service; E:\Program Files\COMODO\EasyVPN\Vpnservice.exe [2009-08-11 45304]
R2 PnkBstrA;PnkBstrA; E:\WINDOWS\system32\PnkBstrA.exe [2009-09-28 75064]
R2 PnkBstrB;PnkBstrB; E:\WINDOWS\system32\PnkBstrB.exe [2009-10-11 190144]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; E:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; E:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 ATI Smart;ATI Smart; E:\WINDOWS\system32\ati2sgag.exe [2009-09-25 593920]
S2 Findbasic Service;Findbasic Service; E:\Documents and Settings\All Users\Data aplikací\Findbasic\findbasic115.exe [2009-06-30 54776]
S2 gupdate1ca300ec6a5bc4a;Služba Google Update (gupdate1ca300ec6a5bc4a); E:\Program Files\Google\Update\GoogleUpdate.exe /svc []
S3 aspnet_state;Stavová služba ASP.NET; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-08-02 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; E:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; E:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; E:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; E:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); E:\Program Files\WinPcap\rpcapd.exe -d -f E:\Program Files\WinPcap\rpcapd.ini []
S3 ServiceLayer;ServiceLayer; E:\Program Files\PC Connectivity Solution\ServiceLayer.exe []
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; E:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
-
Unlimited_Killer
- Přítel fóra
- Příspěvky: 1969
- Registrován: 24 srp 2009 16:18
Re: Prosim o radu a zkontrolovani PC :)
Pokračujeme.
1) Vše, co našel MbAM, nechte smazat
2) Fixnutí v HJT
1) Vše, co našel MbAM, nechte smazat
2) Fixnutí v HJT
- Spusťte přejmenované HijackThis - C:\Program Files\Trend Micro\HijackThis\jmeno_uzivatele.exe
- Klikněte na 'Do a system scan only'.
- U níže uvedených položek udělejte fajfku do čtverečku a poté klikněte na 'Fix Checked'.
Kód: Vybrat vše
O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - E:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll (file missing) O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Program Files\ICQLite\ICQLite.exe (file missing) O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Program Files\ICQLite\ICQLite.exe (file missing) O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\Program Files\ICQ6.5\ICQ.exe (file missing) O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\Program Files\ICQ6.5\ICQ.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe - Pokud by tam nějaká položka nebyla, vynechte ji.
- Proklikejte se přes Start do Spustit [klávesová zkratka je Win+R].
- Do textového pole napište:
Kód: Vybrat vše
ComboFix /Uninstall - Stiskněte Enter.
- Spustí se odinstalace ComboFixu, která smaže všechny jeho součásti.
- Stáhněte OTC a dvojklikem ho spusťte.
- Vyskočí okénko, kde kliknete na 'CleanUp!'.
- Potvrdíte kliknutím na 'Yes'.
- Poté se ještě zeptá, zda chcete restartovat PC - to proveďte opět kliknutím na 'Yes'.
inactive
Re: Prosim o radu a zkontrolovani PC :)
Logfile of random's system information tool 1.06 (written by random/random)
Run by Machr at 2010-02-14 22:11:51
Systém Microsoft Windows XP Professional Service Pack 3
System drive E: has 25 GB (19%) free of 133 GB
Total RAM: 2046 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:11:56, on 14.2.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\COMODO\EasyVPN\crdphService.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
E:\Program Files\Alwil Software\Avast4\ashServ.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\COMODO\EasyVPN\Vpnservice.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\mHotkey.exe
E:\WINDOWS\RTHDCPL.EXE
E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\WINDOWS\system32\PnkBstrB.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
E:\Program Files\Stardock\ObjectDock\ObjectDock.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
E:\program files\mozilla firefox\firefox.exe
E:\Documents and Settings\Machr\Plocha\RSIT.exe
E:\Program Files\Trend Micro\HijackThis\Machr.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [combofix] "E:\ComboFix\CF10129.cfxxe" /c "E:\ComboFix\C.bat"
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ICQ] "E:\Program Files\ICQ7.0\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = E:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: &Download All by FlashGet - E:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
O8 - Extra context menu item: &Download by FlashGet - E:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - E:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - E:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: COMODO EasyVPN VNC Service (CrdphService) - COMODO - E:\Program Files\COMODO\EasyVPN\crdphService.exe
O23 - Service: COMODO EasyVPN Service (EasyVpnAdpt) - Unknown owner - E:\Program Files\COMODO\EasyVPN\Vpnservice.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate1ca300ec6a5bc4a) (gupdate1ca300ec6a5bc4a) - Unknown owner - E:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - E:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - E:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - E:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: ServiceLayer - Unknown owner - E:\Program Files\PC Connectivity Solution\ServiceLayer.exe (file missing)
--
End of file - 6477 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - E:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-15 41368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-15 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CHotkey"=E:\WINDOWS\mHotkey.exe [2004-12-08 550912]
"RTHDCPL"=E:\WINDOWS\RTHDCPL.EXE [2009-09-11 18717696]
"StartCCC"=E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-09-25 98304]
"avast!"=E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"combofix"=E:\ComboFix\CF10129.cfxxe /c E:\ComboFix\C.bat []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=E:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ICQ"=E:\Program Files\ICQ7.0\ICQ.exe [2010-02-11 133368]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
E:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2009-11-02 611712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comodo EasyVPN]
E:\Program Files\COMODO\EasyVPN\EasyVPN.exe [2009-09-28 3563768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
E:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
E:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
E:\Program Files\Nokia\Nokia Music\NokiaMusic.exe [2009-07-02 2327840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
E:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
E:\Program Files\Skype\Phone\Skype.exe [2009-07-16 25604904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
e:\program files\steam\steam.exe [2009-11-25 1217808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^Machr^Nabídka Start^Programy^Po spuštění^Automatické vypnutí počítače.lnk]
E:\PROGRA~1\AUTOMA~1\avp.exe [2004-12-28 443392]
E:\Documents and Settings\Machr\Nabídka Start\Programy\Po spuštění
Stardock ObjectDock.lnk - E:\Program Files\Stardock\ObjectDock\ObjectDock.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
E:\WINDOWS\system32\Ati2evxx.dll [2009-09-23 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - E:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"G:\Games\Assassin's Creed\AssassinsCreed_Dx9.exe"="G:\Games\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"G:\Games\Assassin's Creed\AssassinsCreed_Dx10.exe"="G:\Games\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"G:\Games\Assassin's Creed\AssassinsCreed_Launcher.exe"="G:\Games\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"E:\WINDOWS\system32\PnkBstrA.exe"="E:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"E:\WINDOWS\system32\PnkBstrB.exe"="E:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"G:\Games\PES 09\CSP2009.exe"="G:\Games\PES 09\CSP2009.exe:*:Enabled:Pro Evolution Soccer 2009"
"E:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="E:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"E:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="E:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"E:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="E:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"G:\Hry - INSTALACE\Warhammer Dawn of War 2\Warhammer_Dawn_of_War_2-WiCKED\DOW2.exe"="G:\Hry - INSTALACE\Warhammer Dawn of War 2\Warhammer_Dawn_of_War_2-WiCKED\DOW2.exe:*:Enabled:DOW2"
"G:\Games\The Battle for Middle-earth (tm) II\game.dat"="G:\Games\The Battle for Middle-earth (tm) II\game.dat:*:Enabled:The Battle for Middle-earth(tm) II"
"E:\Program Files\mIRC\mirc.exe"="E:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"G:\Games\The Lord of The Rings The Battle For Middle Earth 2 The Rise Of The Witch King\game.dat"="G:\Games\The Lord of The Rings The Battle For Middle Earth 2 The Rise Of The Witch King\game.dat:*:Enabled:The Lord of the Rings, The Rise of the Witch-king"
"G:\Games\UT 3 CZ\Binaries\UT3.exe"="G:\Games\UT 3 CZ\Binaries\UT3.exe:*:Enabled:UT3"
"G:\Games\Left4Dead\hl2.exe"="G:\Games\Left4Dead\hl2.exe:*:Enabled:hl2"
"E:\Program Files\uTorrent\utorrent.exe"="E:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"G:\Games\Counter Strike\hl2.exe"="G:\Games\Counter Strike\hl2.exe:*:Enabled:hl2"
"G:\Games\Call of Duty 5\CoDWaW.exe"="G:\Games\Call of Duty 5\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"G:\Games\Call of Duty 5\CoDWaWmp.exe"="G:\Games\Call of Duty 5\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"G:\Games\Call of Duty 5\CoDWaW-lanfix 1.5.exe"="G:\Games\Call of Duty 5\CoDWaW-lanfix 1.5.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop"
"G:\Games\Call of Duty 5\CoDWaW_LANFixed.exe"="G:\Games\Call of Duty 5\CoDWaW_LANFixed.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop"
"E:\DC ++\StrongDC.exe"="E:\DC ++\StrongDC.exe:*:Enabled:StrongDC++"
"G:\Games\World of Warcraft ORIGINAL\Launcher.exe"="G:\Games\World of Warcraft ORIGINAL\Launcher.exe:*:Enabled:Blizzard Launcher"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.0.9.9551-to-3.1.0.9767-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.0.9.9551-to-3.1.0.9767-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\World of Warcraft ORIGINAL\BackgroundDownloader.exe"="G:\Games\World of Warcraft ORIGINAL\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\Burnout Paradise\BurnoutLauncher.exe"="G:\Games\Burnout Paradise\BurnoutLauncher.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"G:\Games\Burnout Paradise\BurnoutConfigTool.exe"="G:\Games\Burnout Paradise\BurnoutConfigTool.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"G:\Games\Burnout Paradise\BurnoutParadise.exe"="G:\Games\Burnout Paradise\BurnoutParadise.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"E:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="E:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Program Files\Mozilla Firefox\firefox.exe"="E:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"G:\Games\Left4Dead\left4dead.exe"="G:\Games\Left4Dead\left4dead.exe:*:Enabled:left4dead"
"G:\Games\Call of Duty\CoDMP.exe"="G:\Games\Call of Duty\CoDMP.exe:*:Enabled:CoDMP"
"E:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="E:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"E:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="E:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"E:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe"="E:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe:*:Enabled:Media Player Classic - Homecinema"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\Call of Duty 5\server.exe"="G:\Games\Call of Duty 5\server.exe:*:Enabled:Call of Duty(R): World at War Multiplayer"
"C:\QIP Infium JadrisPack\infium.exe"="C:\QIP Infium JadrisPack\infium.exe:*:Enabled:QIP Infium"
"E:\Program Files\HLSW\hlsw.exe"="E:\Program Files\HLSW\hlsw.exe:*:Enabled:hlsw"
"E:\Program Files\Opera\opera.exe"="E:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"E:\Program Files\QIP8092\qip.exe"="E:\Program Files\QIP8092\qip.exe:*:Enabled:Quiet Internet Pager"
"E:\Hry\NHL 09-EVROPA\nhl2009.exe"="E:\Hry\NHL 09-EVROPA\nhl2009.exe:*:Enabled:nhl2009"
"G:\Games\NHL 2004\nhl2004.exe"="G:\Games\NHL 2004\nhl2004.exe:*:Enabled:nhl2004"
"E:\Program Files\TeamViewer\Version4\TeamViewer.exe"="E:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\Call of Duty 4\iw3mp.exe"="G:\Games\Call of Duty 4\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Documents and Settings\Machr\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe"="E:\Documents and Settings\Machr\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player"
"G:\Games\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe"="G:\Games\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe:*:Enabled:Batman: Arkham Asylum"
"G:\Games\Warcraft III\Warcraft III.exe"="G:\Games\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"G:\Games\Warcraft III\war3.exe"="G:\Games\Warcraft III\war3.exe:*:Enabled:Warcraft III"
"G:\Games\Pro Evolution Soccer 2010\pes2010.exe"="G:\Games\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"G:\Games\TmNationsForever\TmForever.exe"="G:\Games\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"E:\Program Files\SopCast\SopCast.exe"="E:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"E:\Program Files\SopCast\adv\SopAdver.exe"="E:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"G:\Games\Modern Warfare 2\iw4sp.exe"="G:\Games\Modern Warfare 2\iw4sp.exe:*:Enabled:iw4sp"
"E:\Program Files\Steam\Steam.exe"="E:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"G:\Games\Modern Warfare 2\iw4mp.exe"="G:\Games\Modern Warfare 2\iw4mp.exe:*:Enabled:iw4mp"
"G:\Games\FM2010\fm.exe"="G:\Games\FM2010\fm.exe:*:Enabled:Football Manager 2010"
"E:\Program Files\Skype\Phone\Skype.exe"="E:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"E:\Program Files\COMODO\EasyVPN\EasyVPN.exe"="E:\Program Files\COMODO\EasyVPN\EasyVPN.exe:*:Enabled:COMODO EasyVPN"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.2.10505-to-3.3.0.10958-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.2.10505-to-3.3.0.10958-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Program Files\Steam\steamapps\common\zero gear\Server\ZeroGearServer.exe"="E:\Program Files\Steam\steamapps\common\zero gear\Server\ZeroGearServer.exe:*:Enabled:ZeroGearServer"
"E:\Program Files\Steam\steamapps\common\zero gear\Server\iw4mp.exe"="E:\Program Files\Steam\steamapps\common\zero gear\Server\iw4mp.exe:*:Enabled:iw4mp"
"G:\Games\Ubisoft\Demo\James Cameron's AVATAR - THE GAME (Demo)\bin\AvatarDemo.exe"="G:\Games\Ubisoft\Demo\James Cameron's AVATAR - THE GAME (Demo)\bin\AvatarDemo.exe:*:Enabled:James Cameron's AVATAR(tm): THE GAME (Demo)"
"G:\Games\WoW 3.1.3\Launcher.exe"="G:\Games\WoW 3.1.3\Launcher.exe:*:Enabled:Blizzard Launcher"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.3.0.11159-to-3.3.2.11403-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.3.0.11159-to-3.3.2.11403-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Program Files\Steam\steamapps\common\zero gear\ZeroGear.bat"="E:\Program Files\Steam\steamapps\common\zero gear\ZeroGear.bat:*:Enabled:Zero Gear Demo"
"E:\Program Files\ICQ7.0\ICQ.exe"="E:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"E:\Program Files\ICQ7.0\aolload.exe"="E:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Program Files\ICQ7.0\ICQ.exe"="E:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"E:\Program Files\ICQ7.0\aolload.exe"="E:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
======List of files/folders created in the last 1 months======
2010-02-14 22:11:51 ----D---- E:\rsit
2010-02-14 21:33:32 ----D---- E:\Program Files\ICQ7.0
2010-02-14 19:12:19 ----D---- E:\Program Files\Malwarebytes' Anti-Malware
2010-02-14 14:50:37 ----D---- E:\WINDOWS\ERDNT
2010-02-10 20:52:52 ----HDC---- E:\WINDOWS\$NtUninstallKB978262$
2010-02-10 20:52:47 ----HDC---- E:\WINDOWS\$NtUninstallKB971468$
2010-02-10 20:48:55 ----HDC---- E:\WINDOWS\$NtUninstallKB978037$
2010-02-10 20:48:51 ----HDC---- E:\WINDOWS\$NtUninstallKB975713$
2010-02-10 20:48:46 ----HDC---- E:\WINDOWS\$NtUninstallKB978251$
2010-02-10 20:48:39 ----HDC---- E:\WINDOWS\$NtUninstallKB975560$
2010-02-10 20:47:42 ----HDC---- E:\WINDOWS\$NtUninstallKB977914$
2010-02-10 20:47:29 ----HDC---- E:\WINDOWS\$NtUninstallKB978706$
2010-02-10 20:47:12 ----HDC---- E:\WINDOWS\$NtUninstallKB977165$
2010-02-08 13:31:21 ----D---- E:\Documents and Settings\Machr\Data aplikací\Facebook
======List of files/folders modified in the last 1 months======
2010-02-14 22:11:04 ----D---- E:\Program Files\Mozilla Firefox
2010-02-14 22:10:06 ----D---- E:\Documents and Settings\Machr\Data aplikací\ICQ
2010-02-14 22:09:40 ----D---- E:\WINDOWS\Temp
2010-02-14 22:07:14 ----A---- E:\WINDOWS\SchedLgU.Txt
2010-02-14 22:03:54 ----D---- E:\WINDOWS
2010-02-14 21:53:57 ----D---- E:\WINDOWS\system32\drivers
2010-02-14 21:53:01 ----D---- E:\WINDOWS\system32\CatRoot2
2010-02-14 21:34:05 ----HD---- E:\Program Files\InstallShield Installation Information
2010-02-14 21:33:32 ----RD---- E:\Program Files
2010-02-14 19:05:27 ----N---- E:\WINDOWS\system.ini
2010-02-14 19:03:55 ----D---- E:\WINDOWS\system32\config
2010-02-14 19:01:38 ----D---- E:\WINDOWS\system32
2010-02-14 19:01:38 ----D---- E:\WINDOWS\AppPatch
2010-02-14 19:01:34 ----D---- E:\Program Files\Common Files
2010-02-14 14:48:50 ----D---- E:\WINDOWS\Prefetch
2010-02-14 14:35:31 ----SD---- E:\WINDOWS\Tasks
2010-02-14 13:28:56 ----D---- E:\Documents and Settings\Machr\Data aplikací\vlc
2010-02-13 23:57:57 ----D---- E:\Program Files\Windows Media Connect 2
2010-02-13 21:29:07 ----D---- E:\Program Files\mIRC
2010-02-13 11:09:53 ----D---- E:\Mp3
2010-02-11 11:10:12 ----RD---- E:\Filmy
2010-02-10 20:52:54 ----HD---- E:\WINDOWS\inf
2010-02-10 20:52:51 ----HD---- E:\WINDOWS\$hf_mig$
2010-02-10 20:52:49 ----RSHDC---- E:\WINDOWS\system32\dllcache
2010-02-10 20:52:49 ----A---- E:\WINDOWS\imsins.BAK
2010-02-10 20:48:35 ----SHD---- E:\WINDOWS\Installer
2010-02-10 20:48:34 ----D---- E:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-02-09 15:27:16 ----D---- E:\Documents and Settings\Machr\Data aplikací\BITS
2010-02-09 10:30:58 ----A---- E:\WINDOWS\win.ini
2010-02-08 23:56:08 ----D---- E:\WINDOWS\pss
2010-02-08 23:52:46 ----D---- E:\Program Files\Steam
2010-02-08 23:52:13 ----A---- E:\WINDOWS\avp.ini
2010-02-08 23:20:04 ----D---- E:\Documents and Settings\Machr\Data aplikací\dvdcss
2010-02-08 11:05:20 ----D---- E:\Program Files\Internet Explorer
2010-02-01 20:26:20 ----A---- E:\WINDOWS\system32\MRT.exe
2010-01-22 12:53:17 ----D---- E:\WINDOWS\ie8updates
2010-01-22 08:43:04 ----D---- E:\Program Files\Microsoft Silverlight
2010-01-17 17:40:42 ----RD---- E:\Program Files\Programy atd
2010-01-15 20:11:31 ----D---- E:\WINDOWS\Minidump
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; E:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; E:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; E:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Řadič procesoru Intel; E:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; E:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 adfs;adfs; E:\WINDOWS\system32\drivers\adfs.sys [2009-11-02 73312]
R2 aswFsBlk;aswFsBlk; E:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; E:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R3 aswRdr;aswRdr; E:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; E:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-09-23 4481024]
R3 ATP;Comodo EasyVPN Miniport Driver; E:\WINDOWS\system32\DRIVERS\cmdatp.sys [2008-12-10 17424]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; E:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; E:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); E:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-09-11 5911552]
R3 mouhid;Ovladač myši standardu HID; E:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; E:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-10-30 117888]
R3 tap0901;TAP-Win32 Adapter V9; E:\WINDOWS\system32\DRIVERS\tap0901.sys [2008-01-30 25216]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; E:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; E:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; E:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; E:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 Ambfilt;Ambfilt; E:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 Arp1394;Protokol 1394 ARP Client; E:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 gdrv;gdrv; \??\E:\WINDOWS\gdrv.sys []
S3 hamachi;Hamachi Network Interface; E:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 Monfilt;Monfilt; E:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; E:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 NIC1394;1394 Net Driver; E:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 nmwcd;Nokia USB Phone Parent; E:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; E:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; E:\WINDOWS\system32\drivers\nmwcdnsu.sys [2009-03-19 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; E:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2009-03-19 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; E:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; E:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; E:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
S3 usbser;USB Modem Driver; E:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; E:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; E:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; E:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; E:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 IntelIde;IntelIde; E:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; E:\WINDOWS\System32\Drivers\sptd.sys [2009-07-15 721904]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; E:\WINDOWS\system32\Ati2evxx.exe [2009-09-23 602112]
R2 avast! Antivirus;avast! Antivirus; E:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 CrdphService;COMODO EasyVPN VNC Service; E:\Program Files\COMODO\EasyVPN\crdphService.exe [2009-08-11 491768]
R2 EasyVpnAdpt;COMODO EasyVPN Service; E:\Program Files\COMODO\EasyVPN\Vpnservice.exe [2009-08-11 45304]
R2 PnkBstrA;PnkBstrA; E:\WINDOWS\system32\PnkBstrA.exe [2009-09-28 75064]
R2 PnkBstrB;PnkBstrB; E:\WINDOWS\system32\PnkBstrB.exe [2009-10-11 190144]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; E:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; E:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 ATI Smart;ATI Smart; E:\WINDOWS\system32\ati2sgag.exe [2009-09-25 593920]
S2 gupdate1ca300ec6a5bc4a;Služba Google Update (gupdate1ca300ec6a5bc4a); E:\Program Files\Google\Update\GoogleUpdate.exe /svc []
S3 aspnet_state;Stavová služba ASP.NET; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-08-02 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; E:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; E:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; E:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; E:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); E:\Program Files\WinPcap\rpcapd.exe -d -f E:\Program Files\WinPcap\rpcapd.ini []
S3 ServiceLayer;ServiceLayer; E:\Program Files\PC Connectivity Solution\ServiceLayer.exe []
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; E:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Run by Machr at 2010-02-14 22:11:51
Systém Microsoft Windows XP Professional Service Pack 3
System drive E: has 25 GB (19%) free of 133 GB
Total RAM: 2046 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:11:56, on 14.2.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\COMODO\EasyVPN\crdphService.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
E:\Program Files\Alwil Software\Avast4\ashServ.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\COMODO\EasyVPN\Vpnservice.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\mHotkey.exe
E:\WINDOWS\RTHDCPL.EXE
E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\WINDOWS\system32\PnkBstrB.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
E:\Program Files\Stardock\ObjectDock\ObjectDock.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
E:\program files\mozilla firefox\firefox.exe
E:\Documents and Settings\Machr\Plocha\RSIT.exe
E:\Program Files\Trend Micro\HijackThis\Machr.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [combofix] "E:\ComboFix\CF10129.cfxxe" /c "E:\ComboFix\C.bat"
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ICQ] "E:\Program Files\ICQ7.0\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = E:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: &Download All by FlashGet - E:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
O8 - Extra context menu item: &Download by FlashGet - E:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - E:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - E:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: COMODO EasyVPN VNC Service (CrdphService) - COMODO - E:\Program Files\COMODO\EasyVPN\crdphService.exe
O23 - Service: COMODO EasyVPN Service (EasyVpnAdpt) - Unknown owner - E:\Program Files\COMODO\EasyVPN\Vpnservice.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate1ca300ec6a5bc4a) (gupdate1ca300ec6a5bc4a) - Unknown owner - E:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - E:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - E:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - E:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: ServiceLayer - Unknown owner - E:\Program Files\PC Connectivity Solution\ServiceLayer.exe (file missing)
--
End of file - 6477 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - E:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-15 41368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-15 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CHotkey"=E:\WINDOWS\mHotkey.exe [2004-12-08 550912]
"RTHDCPL"=E:\WINDOWS\RTHDCPL.EXE [2009-09-11 18717696]
"StartCCC"=E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-09-25 98304]
"avast!"=E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"combofix"=E:\ComboFix\CF10129.cfxxe /c E:\ComboFix\C.bat []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=E:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ICQ"=E:\Program Files\ICQ7.0\ICQ.exe [2010-02-11 133368]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
E:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2009-11-02 611712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comodo EasyVPN]
E:\Program Files\COMODO\EasyVPN\EasyVPN.exe [2009-09-28 3563768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
E:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
E:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
E:\Program Files\Nokia\Nokia Music\NokiaMusic.exe [2009-07-02 2327840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
E:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
E:\Program Files\Skype\Phone\Skype.exe [2009-07-16 25604904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
e:\program files\steam\steam.exe [2009-11-25 1217808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^Machr^Nabídka Start^Programy^Po spuštění^Automatické vypnutí počítače.lnk]
E:\PROGRA~1\AUTOMA~1\avp.exe [2004-12-28 443392]
E:\Documents and Settings\Machr\Nabídka Start\Programy\Po spuštění
Stardock ObjectDock.lnk - E:\Program Files\Stardock\ObjectDock\ObjectDock.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
E:\WINDOWS\system32\Ati2evxx.dll [2009-09-23 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - E:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"G:\Games\Assassin's Creed\AssassinsCreed_Dx9.exe"="G:\Games\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"G:\Games\Assassin's Creed\AssassinsCreed_Dx10.exe"="G:\Games\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"G:\Games\Assassin's Creed\AssassinsCreed_Launcher.exe"="G:\Games\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"E:\WINDOWS\system32\PnkBstrA.exe"="E:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"E:\WINDOWS\system32\PnkBstrB.exe"="E:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"G:\Games\PES 09\CSP2009.exe"="G:\Games\PES 09\CSP2009.exe:*:Enabled:Pro Evolution Soccer 2009"
"E:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="E:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"E:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="E:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"E:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="E:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"G:\Hry - INSTALACE\Warhammer Dawn of War 2\Warhammer_Dawn_of_War_2-WiCKED\DOW2.exe"="G:\Hry - INSTALACE\Warhammer Dawn of War 2\Warhammer_Dawn_of_War_2-WiCKED\DOW2.exe:*:Enabled:DOW2"
"G:\Games\The Battle for Middle-earth (tm) II\game.dat"="G:\Games\The Battle for Middle-earth (tm) II\game.dat:*:Enabled:The Battle for Middle-earth(tm) II"
"E:\Program Files\mIRC\mirc.exe"="E:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"G:\Games\The Lord of The Rings The Battle For Middle Earth 2 The Rise Of The Witch King\game.dat"="G:\Games\The Lord of The Rings The Battle For Middle Earth 2 The Rise Of The Witch King\game.dat:*:Enabled:The Lord of the Rings, The Rise of the Witch-king"
"G:\Games\UT 3 CZ\Binaries\UT3.exe"="G:\Games\UT 3 CZ\Binaries\UT3.exe:*:Enabled:UT3"
"G:\Games\Left4Dead\hl2.exe"="G:\Games\Left4Dead\hl2.exe:*:Enabled:hl2"
"E:\Program Files\uTorrent\utorrent.exe"="E:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"G:\Games\Counter Strike\hl2.exe"="G:\Games\Counter Strike\hl2.exe:*:Enabled:hl2"
"G:\Games\Call of Duty 5\CoDWaW.exe"="G:\Games\Call of Duty 5\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"G:\Games\Call of Duty 5\CoDWaWmp.exe"="G:\Games\Call of Duty 5\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"G:\Games\Call of Duty 5\CoDWaW-lanfix 1.5.exe"="G:\Games\Call of Duty 5\CoDWaW-lanfix 1.5.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop"
"G:\Games\Call of Duty 5\CoDWaW_LANFixed.exe"="G:\Games\Call of Duty 5\CoDWaW_LANFixed.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop"
"E:\DC ++\StrongDC.exe"="E:\DC ++\StrongDC.exe:*:Enabled:StrongDC++"
"G:\Games\World of Warcraft ORIGINAL\Launcher.exe"="G:\Games\World of Warcraft ORIGINAL\Launcher.exe:*:Enabled:Blizzard Launcher"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.0.9.9551-to-3.1.0.9767-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.0.9.9551-to-3.1.0.9767-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\World of Warcraft ORIGINAL\BackgroundDownloader.exe"="G:\Games\World of Warcraft ORIGINAL\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\Burnout Paradise\BurnoutLauncher.exe"="G:\Games\Burnout Paradise\BurnoutLauncher.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"G:\Games\Burnout Paradise\BurnoutConfigTool.exe"="G:\Games\Burnout Paradise\BurnoutConfigTool.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"G:\Games\Burnout Paradise\BurnoutParadise.exe"="G:\Games\Burnout Paradise\BurnoutParadise.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"E:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="E:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Program Files\Mozilla Firefox\firefox.exe"="E:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"G:\Games\Left4Dead\left4dead.exe"="G:\Games\Left4Dead\left4dead.exe:*:Enabled:left4dead"
"G:\Games\Call of Duty\CoDMP.exe"="G:\Games\Call of Duty\CoDMP.exe:*:Enabled:CoDMP"
"E:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="E:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"E:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="E:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"E:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe"="E:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe:*:Enabled:Media Player Classic - Homecinema"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\Call of Duty 5\server.exe"="G:\Games\Call of Duty 5\server.exe:*:Enabled:Call of Duty(R): World at War Multiplayer"
"C:\QIP Infium JadrisPack\infium.exe"="C:\QIP Infium JadrisPack\infium.exe:*:Enabled:QIP Infium"
"E:\Program Files\HLSW\hlsw.exe"="E:\Program Files\HLSW\hlsw.exe:*:Enabled:hlsw"
"E:\Program Files\Opera\opera.exe"="E:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"E:\Program Files\QIP8092\qip.exe"="E:\Program Files\QIP8092\qip.exe:*:Enabled:Quiet Internet Pager"
"E:\Hry\NHL 09-EVROPA\nhl2009.exe"="E:\Hry\NHL 09-EVROPA\nhl2009.exe:*:Enabled:nhl2009"
"G:\Games\NHL 2004\nhl2004.exe"="G:\Games\NHL 2004\nhl2004.exe:*:Enabled:nhl2004"
"E:\Program Files\TeamViewer\Version4\TeamViewer.exe"="E:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\Call of Duty 4\iw3mp.exe"="G:\Games\Call of Duty 4\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Documents and Settings\Machr\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe"="E:\Documents and Settings\Machr\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player"
"G:\Games\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe"="G:\Games\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe:*:Enabled:Batman: Arkham Asylum"
"G:\Games\Warcraft III\Warcraft III.exe"="G:\Games\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"G:\Games\Warcraft III\war3.exe"="G:\Games\Warcraft III\war3.exe:*:Enabled:Warcraft III"
"G:\Games\Pro Evolution Soccer 2010\pes2010.exe"="G:\Games\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"G:\Games\TmNationsForever\TmForever.exe"="G:\Games\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"E:\Program Files\SopCast\SopCast.exe"="E:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"E:\Program Files\SopCast\adv\SopAdver.exe"="E:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"G:\Games\Modern Warfare 2\iw4sp.exe"="G:\Games\Modern Warfare 2\iw4sp.exe:*:Enabled:iw4sp"
"E:\Program Files\Steam\Steam.exe"="E:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"G:\Games\Modern Warfare 2\iw4mp.exe"="G:\Games\Modern Warfare 2\iw4mp.exe:*:Enabled:iw4mp"
"G:\Games\FM2010\fm.exe"="G:\Games\FM2010\fm.exe:*:Enabled:Football Manager 2010"
"E:\Program Files\Skype\Phone\Skype.exe"="E:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"E:\Program Files\COMODO\EasyVPN\EasyVPN.exe"="E:\Program Files\COMODO\EasyVPN\EasyVPN.exe:*:Enabled:COMODO EasyVPN"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.2.10505-to-3.3.0.10958-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.2.10505-to-3.3.0.10958-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Program Files\Steam\steamapps\common\zero gear\Server\ZeroGearServer.exe"="E:\Program Files\Steam\steamapps\common\zero gear\Server\ZeroGearServer.exe:*:Enabled:ZeroGearServer"
"E:\Program Files\Steam\steamapps\common\zero gear\Server\iw4mp.exe"="E:\Program Files\Steam\steamapps\common\zero gear\Server\iw4mp.exe:*:Enabled:iw4mp"
"G:\Games\Ubisoft\Demo\James Cameron's AVATAR - THE GAME (Demo)\bin\AvatarDemo.exe"="G:\Games\Ubisoft\Demo\James Cameron's AVATAR - THE GAME (Demo)\bin\AvatarDemo.exe:*:Enabled:James Cameron's AVATAR(tm): THE GAME (Demo)"
"G:\Games\WoW 3.1.3\Launcher.exe"="G:\Games\WoW 3.1.3\Launcher.exe:*:Enabled:Blizzard Launcher"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.3.0.11159-to-3.3.2.11403-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.3.0.11159-to-3.3.2.11403-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Program Files\Steam\steamapps\common\zero gear\ZeroGear.bat"="E:\Program Files\Steam\steamapps\common\zero gear\ZeroGear.bat:*:Enabled:Zero Gear Demo"
"E:\Program Files\ICQ7.0\ICQ.exe"="E:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"E:\Program Files\ICQ7.0\aolload.exe"="E:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Program Files\ICQ7.0\ICQ.exe"="E:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"E:\Program Files\ICQ7.0\aolload.exe"="E:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
======List of files/folders created in the last 1 months======
2010-02-14 22:11:51 ----D---- E:\rsit
2010-02-14 21:33:32 ----D---- E:\Program Files\ICQ7.0
2010-02-14 19:12:19 ----D---- E:\Program Files\Malwarebytes' Anti-Malware
2010-02-14 14:50:37 ----D---- E:\WINDOWS\ERDNT
2010-02-10 20:52:52 ----HDC---- E:\WINDOWS\$NtUninstallKB978262$
2010-02-10 20:52:47 ----HDC---- E:\WINDOWS\$NtUninstallKB971468$
2010-02-10 20:48:55 ----HDC---- E:\WINDOWS\$NtUninstallKB978037$
2010-02-10 20:48:51 ----HDC---- E:\WINDOWS\$NtUninstallKB975713$
2010-02-10 20:48:46 ----HDC---- E:\WINDOWS\$NtUninstallKB978251$
2010-02-10 20:48:39 ----HDC---- E:\WINDOWS\$NtUninstallKB975560$
2010-02-10 20:47:42 ----HDC---- E:\WINDOWS\$NtUninstallKB977914$
2010-02-10 20:47:29 ----HDC---- E:\WINDOWS\$NtUninstallKB978706$
2010-02-10 20:47:12 ----HDC---- E:\WINDOWS\$NtUninstallKB977165$
2010-02-08 13:31:21 ----D---- E:\Documents and Settings\Machr\Data aplikací\Facebook
======List of files/folders modified in the last 1 months======
2010-02-14 22:11:04 ----D---- E:\Program Files\Mozilla Firefox
2010-02-14 22:10:06 ----D---- E:\Documents and Settings\Machr\Data aplikací\ICQ
2010-02-14 22:09:40 ----D---- E:\WINDOWS\Temp
2010-02-14 22:07:14 ----A---- E:\WINDOWS\SchedLgU.Txt
2010-02-14 22:03:54 ----D---- E:\WINDOWS
2010-02-14 21:53:57 ----D---- E:\WINDOWS\system32\drivers
2010-02-14 21:53:01 ----D---- E:\WINDOWS\system32\CatRoot2
2010-02-14 21:34:05 ----HD---- E:\Program Files\InstallShield Installation Information
2010-02-14 21:33:32 ----RD---- E:\Program Files
2010-02-14 19:05:27 ----N---- E:\WINDOWS\system.ini
2010-02-14 19:03:55 ----D---- E:\WINDOWS\system32\config
2010-02-14 19:01:38 ----D---- E:\WINDOWS\system32
2010-02-14 19:01:38 ----D---- E:\WINDOWS\AppPatch
2010-02-14 19:01:34 ----D---- E:\Program Files\Common Files
2010-02-14 14:48:50 ----D---- E:\WINDOWS\Prefetch
2010-02-14 14:35:31 ----SD---- E:\WINDOWS\Tasks
2010-02-14 13:28:56 ----D---- E:\Documents and Settings\Machr\Data aplikací\vlc
2010-02-13 23:57:57 ----D---- E:\Program Files\Windows Media Connect 2
2010-02-13 21:29:07 ----D---- E:\Program Files\mIRC
2010-02-13 11:09:53 ----D---- E:\Mp3
2010-02-11 11:10:12 ----RD---- E:\Filmy
2010-02-10 20:52:54 ----HD---- E:\WINDOWS\inf
2010-02-10 20:52:51 ----HD---- E:\WINDOWS\$hf_mig$
2010-02-10 20:52:49 ----RSHDC---- E:\WINDOWS\system32\dllcache
2010-02-10 20:52:49 ----A---- E:\WINDOWS\imsins.BAK
2010-02-10 20:48:35 ----SHD---- E:\WINDOWS\Installer
2010-02-10 20:48:34 ----D---- E:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-02-09 15:27:16 ----D---- E:\Documents and Settings\Machr\Data aplikací\BITS
2010-02-09 10:30:58 ----A---- E:\WINDOWS\win.ini
2010-02-08 23:56:08 ----D---- E:\WINDOWS\pss
2010-02-08 23:52:46 ----D---- E:\Program Files\Steam
2010-02-08 23:52:13 ----A---- E:\WINDOWS\avp.ini
2010-02-08 23:20:04 ----D---- E:\Documents and Settings\Machr\Data aplikací\dvdcss
2010-02-08 11:05:20 ----D---- E:\Program Files\Internet Explorer
2010-02-01 20:26:20 ----A---- E:\WINDOWS\system32\MRT.exe
2010-01-22 12:53:17 ----D---- E:\WINDOWS\ie8updates
2010-01-22 08:43:04 ----D---- E:\Program Files\Microsoft Silverlight
2010-01-17 17:40:42 ----RD---- E:\Program Files\Programy atd
2010-01-15 20:11:31 ----D---- E:\WINDOWS\Minidump
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; E:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; E:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; E:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Řadič procesoru Intel; E:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; E:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 adfs;adfs; E:\WINDOWS\system32\drivers\adfs.sys [2009-11-02 73312]
R2 aswFsBlk;aswFsBlk; E:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; E:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R3 aswRdr;aswRdr; E:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; E:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-09-23 4481024]
R3 ATP;Comodo EasyVPN Miniport Driver; E:\WINDOWS\system32\DRIVERS\cmdatp.sys [2008-12-10 17424]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; E:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; E:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); E:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-09-11 5911552]
R3 mouhid;Ovladač myši standardu HID; E:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; E:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-10-30 117888]
R3 tap0901;TAP-Win32 Adapter V9; E:\WINDOWS\system32\DRIVERS\tap0901.sys [2008-01-30 25216]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; E:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; E:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; E:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; E:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 Ambfilt;Ambfilt; E:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 Arp1394;Protokol 1394 ARP Client; E:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 gdrv;gdrv; \??\E:\WINDOWS\gdrv.sys []
S3 hamachi;Hamachi Network Interface; E:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 Monfilt;Monfilt; E:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; E:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 NIC1394;1394 Net Driver; E:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 nmwcd;Nokia USB Phone Parent; E:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; E:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; E:\WINDOWS\system32\drivers\nmwcdnsu.sys [2009-03-19 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; E:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2009-03-19 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; E:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; E:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; E:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
S3 usbser;USB Modem Driver; E:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; E:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; E:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; E:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; E:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 IntelIde;IntelIde; E:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; E:\WINDOWS\System32\Drivers\sptd.sys [2009-07-15 721904]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; E:\WINDOWS\system32\Ati2evxx.exe [2009-09-23 602112]
R2 avast! Antivirus;avast! Antivirus; E:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 CrdphService;COMODO EasyVPN VNC Service; E:\Program Files\COMODO\EasyVPN\crdphService.exe [2009-08-11 491768]
R2 EasyVpnAdpt;COMODO EasyVPN Service; E:\Program Files\COMODO\EasyVPN\Vpnservice.exe [2009-08-11 45304]
R2 PnkBstrA;PnkBstrA; E:\WINDOWS\system32\PnkBstrA.exe [2009-09-28 75064]
R2 PnkBstrB;PnkBstrB; E:\WINDOWS\system32\PnkBstrB.exe [2009-10-11 190144]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; E:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; E:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 ATI Smart;ATI Smart; E:\WINDOWS\system32\ati2sgag.exe [2009-09-25 593920]
S2 gupdate1ca300ec6a5bc4a;Služba Google Update (gupdate1ca300ec6a5bc4a); E:\Program Files\Google\Update\GoogleUpdate.exe /svc []
S3 aspnet_state;Stavová služba ASP.NET; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-08-02 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; E:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; E:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; E:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; E:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); E:\Program Files\WinPcap\rpcapd.exe -d -f E:\Program Files\WinPcap\rpcapd.ini []
S3 ServiceLayer;ServiceLayer; E:\Program Files\PC Connectivity Solution\ServiceLayer.exe []
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; E:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
-
Unlimited_Killer
- Přítel fóra
- Příspěvky: 1969
- Registrován: 24 srp 2009 16:18
Re: Prosim o radu a zkontrolovani PC :)
Jdeme dál.
1) OTMoveit3
1) OTMoveit3
- Stáhněte OTM3 na Plochu.
- Spusťte ho dvojklikem na OTM.exe, pokud to nepůjde, zkuste to s adminskými právy.
- Do levého okna 'Paste Instructions for Items to be Moved' vkopírujte následující skript:
Kód: Vybrat vše
:reg [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "combofix"=- :files E:\ComboFix :commands [emptytemp] [reboot] - Poté klikněte na červené tlačítko 'MoveIt!'.
- V zeleném okně vpravo by se měl zobrazit log, ten vkopírujete sem do fóra.
- Pokud se zobrazí hláška k restartování, klikněte na Yes.
- Po restartu se log otevře sám, nebo ho najdete v C:\_OTM\MovedFiles
inactive
Re: Prosim o radu a zkontrolovani PC :)
1)
All processes killed
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\combofix deleted successfully.
========== FILES ==========
File/Folder E:\ComboFix not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: hip-hop forever
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 65748 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Machr
->Temp folder emptied: 667644 bytes
->Temporary Internet Files folder emptied: 16798598 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 45772521 bytes
->Opera cache emptied: 0 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 49152 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 60,00 mb
OTM by OldTimer - Version 3.1.8.0 log created on 02152010_012825
Files moved on Reboot...
File E:\WINDOWS\temp\_avast4_\Webshlock.txt not found!
File E:\WINDOWS\temp\Perflib_Perfdata_2f0.dat not found!
Registry entries deleted on Reboot...
2)
Logfile of random's system information tool 1.06 (written by random/random)
Run by Machr at 2010-02-15 01:33:08
Systém Microsoft Windows XP Professional Service Pack 3
System drive E: has 24 GB (18%) free of 133 GB
Total RAM: 2046 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:33:13, on 15.2.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\COMODO\EasyVPN\crdphService.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
E:\Program Files\Alwil Software\Avast4\ashServ.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\COMODO\EasyVPN\Vpnservice.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\mHotkey.exe
E:\WINDOWS\RTHDCPL.EXE
E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
E:\Program Files\Stardock\ObjectDock\ObjectDock.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\WINDOWS\system32\PnkBstrB.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
E:\Documents and Settings\Machr\Plocha\RSIT.exe
E:\Program Files\Trend Micro\HijackThis\Machr.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ICQ] "E:\Program Files\ICQ7.0\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = E:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: &Download All by FlashGet - E:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
O8 - Extra context menu item: &Download by FlashGet - E:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - E:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - E:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: COMODO EasyVPN VNC Service (CrdphService) - COMODO - E:\Program Files\COMODO\EasyVPN\crdphService.exe
O23 - Service: COMODO EasyVPN Service (EasyVpnAdpt) - Unknown owner - E:\Program Files\COMODO\EasyVPN\Vpnservice.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate1ca300ec6a5bc4a) (gupdate1ca300ec6a5bc4a) - Unknown owner - E:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - E:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - E:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - E:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: ServiceLayer - Unknown owner - E:\Program Files\PC Connectivity Solution\ServiceLayer.exe (file missing)
--
End of file - 6395 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - E:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-15 41368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-15 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CHotkey"=E:\WINDOWS\mHotkey.exe [2004-12-08 550912]
"RTHDCPL"=E:\WINDOWS\RTHDCPL.EXE [2009-09-11 18717696]
"StartCCC"=E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-09-25 98304]
"avast!"=E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=E:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ICQ"=E:\Program Files\ICQ7.0\ICQ.exe [2010-02-11 133368]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
E:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2009-11-02 611712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comodo EasyVPN]
E:\Program Files\COMODO\EasyVPN\EasyVPN.exe [2009-09-28 3563768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
E:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
E:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
E:\Program Files\Nokia\Nokia Music\NokiaMusic.exe [2009-07-02 2327840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
E:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
E:\Program Files\Skype\Phone\Skype.exe [2009-07-16 25604904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
e:\program files\steam\steam.exe [2009-11-25 1217808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^Machr^Nabídka Start^Programy^Po spuštění^Automatické vypnutí počítače.lnk]
E:\PROGRA~1\AUTOMA~1\avp.exe [2004-12-28 443392]
E:\Documents and Settings\Machr\Nabídka Start\Programy\Po spuštění
Stardock ObjectDock.lnk - E:\Program Files\Stardock\ObjectDock\ObjectDock.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
E:\WINDOWS\system32\Ati2evxx.dll [2009-09-23 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - E:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"G:\Games\Assassin's Creed\AssassinsCreed_Dx9.exe"="G:\Games\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"G:\Games\Assassin's Creed\AssassinsCreed_Dx10.exe"="G:\Games\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"G:\Games\Assassin's Creed\AssassinsCreed_Launcher.exe"="G:\Games\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"E:\WINDOWS\system32\PnkBstrA.exe"="E:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"E:\WINDOWS\system32\PnkBstrB.exe"="E:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"G:\Games\PES 09\CSP2009.exe"="G:\Games\PES 09\CSP2009.exe:*:Enabled:Pro Evolution Soccer 2009"
"E:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="E:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"E:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="E:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"E:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="E:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"G:\Hry - INSTALACE\Warhammer Dawn of War 2\Warhammer_Dawn_of_War_2-WiCKED\DOW2.exe"="G:\Hry - INSTALACE\Warhammer Dawn of War 2\Warhammer_Dawn_of_War_2-WiCKED\DOW2.exe:*:Enabled:DOW2"
"G:\Games\The Battle for Middle-earth (tm) II\game.dat"="G:\Games\The Battle for Middle-earth (tm) II\game.dat:*:Enabled:The Battle for Middle-earth(tm) II"
"E:\Program Files\mIRC\mirc.exe"="E:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"G:\Games\The Lord of The Rings The Battle For Middle Earth 2 The Rise Of The Witch King\game.dat"="G:\Games\The Lord of The Rings The Battle For Middle Earth 2 The Rise Of The Witch King\game.dat:*:Enabled:The Lord of the Rings, The Rise of the Witch-king"
"G:\Games\UT 3 CZ\Binaries\UT3.exe"="G:\Games\UT 3 CZ\Binaries\UT3.exe:*:Enabled:UT3"
"G:\Games\Left4Dead\hl2.exe"="G:\Games\Left4Dead\hl2.exe:*:Enabled:hl2"
"E:\Program Files\uTorrent\utorrent.exe"="E:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"G:\Games\Counter Strike\hl2.exe"="G:\Games\Counter Strike\hl2.exe:*:Enabled:hl2"
"G:\Games\Call of Duty 5\CoDWaW.exe"="G:\Games\Call of Duty 5\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"G:\Games\Call of Duty 5\CoDWaWmp.exe"="G:\Games\Call of Duty 5\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"G:\Games\Call of Duty 5\CoDWaW-lanfix 1.5.exe"="G:\Games\Call of Duty 5\CoDWaW-lanfix 1.5.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop"
"G:\Games\Call of Duty 5\CoDWaW_LANFixed.exe"="G:\Games\Call of Duty 5\CoDWaW_LANFixed.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop"
"E:\DC ++\StrongDC.exe"="E:\DC ++\StrongDC.exe:*:Enabled:StrongDC++"
"G:\Games\World of Warcraft ORIGINAL\Launcher.exe"="G:\Games\World of Warcraft ORIGINAL\Launcher.exe:*:Enabled:Blizzard Launcher"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.0.9.9551-to-3.1.0.9767-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.0.9.9551-to-3.1.0.9767-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\World of Warcraft ORIGINAL\BackgroundDownloader.exe"="G:\Games\World of Warcraft ORIGINAL\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\Burnout Paradise\BurnoutLauncher.exe"="G:\Games\Burnout Paradise\BurnoutLauncher.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"G:\Games\Burnout Paradise\BurnoutConfigTool.exe"="G:\Games\Burnout Paradise\BurnoutConfigTool.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"G:\Games\Burnout Paradise\BurnoutParadise.exe"="G:\Games\Burnout Paradise\BurnoutParadise.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"E:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="E:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Program Files\Mozilla Firefox\firefox.exe"="E:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"G:\Games\Left4Dead\left4dead.exe"="G:\Games\Left4Dead\left4dead.exe:*:Enabled:left4dead"
"G:\Games\Call of Duty\CoDMP.exe"="G:\Games\Call of Duty\CoDMP.exe:*:Enabled:CoDMP"
"E:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="E:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"E:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="E:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"E:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe"="E:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe:*:Enabled:Media Player Classic - Homecinema"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\Call of Duty 5\server.exe"="G:\Games\Call of Duty 5\server.exe:*:Enabled:Call of Duty(R): World at War Multiplayer"
"C:\QIP Infium JadrisPack\infium.exe"="C:\QIP Infium JadrisPack\infium.exe:*:Enabled:QIP Infium"
"E:\Program Files\HLSW\hlsw.exe"="E:\Program Files\HLSW\hlsw.exe:*:Enabled:hlsw"
"E:\Program Files\Opera\opera.exe"="E:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"E:\Program Files\QIP8092\qip.exe"="E:\Program Files\QIP8092\qip.exe:*:Enabled:Quiet Internet Pager"
"E:\Hry\NHL 09-EVROPA\nhl2009.exe"="E:\Hry\NHL 09-EVROPA\nhl2009.exe:*:Enabled:nhl2009"
"G:\Games\NHL 2004\nhl2004.exe"="G:\Games\NHL 2004\nhl2004.exe:*:Enabled:nhl2004"
"E:\Program Files\TeamViewer\Version4\TeamViewer.exe"="E:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\Call of Duty 4\iw3mp.exe"="G:\Games\Call of Duty 4\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Documents and Settings\Machr\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe"="E:\Documents and Settings\Machr\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player"
"G:\Games\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe"="G:\Games\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe:*:Enabled:Batman: Arkham Asylum"
"G:\Games\Warcraft III\Warcraft III.exe"="G:\Games\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"G:\Games\Warcraft III\war3.exe"="G:\Games\Warcraft III\war3.exe:*:Enabled:Warcraft III"
"G:\Games\Pro Evolution Soccer 2010\pes2010.exe"="G:\Games\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"G:\Games\TmNationsForever\TmForever.exe"="G:\Games\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"E:\Program Files\SopCast\SopCast.exe"="E:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"E:\Program Files\SopCast\adv\SopAdver.exe"="E:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"G:\Games\Modern Warfare 2\iw4sp.exe"="G:\Games\Modern Warfare 2\iw4sp.exe:*:Enabled:iw4sp"
"E:\Program Files\Steam\Steam.exe"="E:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"G:\Games\Modern Warfare 2\iw4mp.exe"="G:\Games\Modern Warfare 2\iw4mp.exe:*:Enabled:iw4mp"
"G:\Games\FM2010\fm.exe"="G:\Games\FM2010\fm.exe:*:Enabled:Football Manager 2010"
"E:\Program Files\Skype\Phone\Skype.exe"="E:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"E:\Program Files\COMODO\EasyVPN\EasyVPN.exe"="E:\Program Files\COMODO\EasyVPN\EasyVPN.exe:*:Enabled:COMODO EasyVPN"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.2.10505-to-3.3.0.10958-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.2.10505-to-3.3.0.10958-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Program Files\Steam\steamapps\common\zero gear\Server\ZeroGearServer.exe"="E:\Program Files\Steam\steamapps\common\zero gear\Server\ZeroGearServer.exe:*:Enabled:ZeroGearServer"
"E:\Program Files\Steam\steamapps\common\zero gear\Server\iw4mp.exe"="E:\Program Files\Steam\steamapps\common\zero gear\Server\iw4mp.exe:*:Enabled:iw4mp"
"G:\Games\Ubisoft\Demo\James Cameron's AVATAR - THE GAME (Demo)\bin\AvatarDemo.exe"="G:\Games\Ubisoft\Demo\James Cameron's AVATAR - THE GAME (Demo)\bin\AvatarDemo.exe:*:Enabled:James Cameron's AVATAR(tm): THE GAME (Demo)"
"G:\Games\WoW 3.1.3\Launcher.exe"="G:\Games\WoW 3.1.3\Launcher.exe:*:Enabled:Blizzard Launcher"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.3.0.11159-to-3.3.2.11403-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.3.0.11159-to-3.3.2.11403-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Program Files\Steam\steamapps\common\zero gear\ZeroGear.bat"="E:\Program Files\Steam\steamapps\common\zero gear\ZeroGear.bat:*:Enabled:Zero Gear Demo"
"E:\Program Files\ICQ7.0\ICQ.exe"="E:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"E:\Program Files\ICQ7.0\aolload.exe"="E:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Program Files\ICQ7.0\ICQ.exe"="E:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"E:\Program Files\ICQ7.0\aolload.exe"="E:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
======List of files/folders created in the last 1 months======
2010-02-15 01:28:31 ----SHD---- E:\RECYCLER
2010-02-15 01:28:25 ----D---- E:\_OTM
2010-02-14 22:11:51 ----D---- E:\rsit
2010-02-14 21:33:32 ----D---- E:\Program Files\ICQ7.0
2010-02-14 19:12:19 ----D---- E:\Program Files\Malwarebytes' Anti-Malware
2010-02-14 14:50:37 ----D---- E:\WINDOWS\ERDNT
2010-02-10 20:52:52 ----HDC---- E:\WINDOWS\$NtUninstallKB978262$
2010-02-10 20:52:47 ----HDC---- E:\WINDOWS\$NtUninstallKB971468$
2010-02-10 20:48:55 ----HDC---- E:\WINDOWS\$NtUninstallKB978037$
2010-02-10 20:48:51 ----HDC---- E:\WINDOWS\$NtUninstallKB975713$
2010-02-10 20:48:46 ----HDC---- E:\WINDOWS\$NtUninstallKB978251$
2010-02-10 20:48:39 ----HDC---- E:\WINDOWS\$NtUninstallKB975560$
2010-02-10 20:47:42 ----HDC---- E:\WINDOWS\$NtUninstallKB977914$
2010-02-10 20:47:29 ----HDC---- E:\WINDOWS\$NtUninstallKB978706$
2010-02-10 20:47:12 ----HDC---- E:\WINDOWS\$NtUninstallKB977165$
2010-02-08 13:31:21 ----D---- E:\Documents and Settings\Machr\Data aplikací\Facebook
======List of files/folders modified in the last 1 months======
2010-02-15 01:31:27 ----D---- E:\WINDOWS\Temp
2010-02-15 01:31:21 ----D---- E:\Program Files\Mozilla Firefox
2010-02-15 01:28:46 ----A---- E:\WINDOWS\SchedLgU.Txt
2010-02-15 01:24:17 ----D---- E:\Documents and Settings\Machr\Data aplikací\vlc
2010-02-14 22:37:23 ----D---- E:\Documents and Settings\Machr\Data aplikací\ICQ
2010-02-14 22:03:54 ----D---- E:\WINDOWS
2010-02-14 21:53:57 ----D---- E:\WINDOWS\system32\drivers
2010-02-14 21:53:01 ----D---- E:\WINDOWS\system32\CatRoot2
2010-02-14 21:34:05 ----HD---- E:\Program Files\InstallShield Installation Information
2010-02-14 21:33:32 ----RD---- E:\Program Files
2010-02-14 19:05:27 ----N---- E:\WINDOWS\system.ini
2010-02-14 19:03:55 ----D---- E:\WINDOWS\system32\config
2010-02-14 19:01:38 ----D---- E:\WINDOWS\system32
2010-02-14 19:01:38 ----D---- E:\WINDOWS\AppPatch
2010-02-14 19:01:34 ----D---- E:\Program Files\Common Files
2010-02-14 14:48:50 ----D---- E:\WINDOWS\Prefetch
2010-02-14 14:35:31 ----SD---- E:\WINDOWS\Tasks
2010-02-13 23:57:57 ----D---- E:\Program Files\Windows Media Connect 2
2010-02-13 21:29:07 ----D---- E:\Program Files\mIRC
2010-02-13 11:09:53 ----D---- E:\Mp3
2010-02-11 11:10:12 ----RD---- E:\Filmy
2010-02-10 20:52:54 ----HD---- E:\WINDOWS\inf
2010-02-10 20:52:51 ----HD---- E:\WINDOWS\$hf_mig$
2010-02-10 20:52:49 ----RSHDC---- E:\WINDOWS\system32\dllcache
2010-02-10 20:52:49 ----A---- E:\WINDOWS\imsins.BAK
2010-02-10 20:48:35 ----SHD---- E:\WINDOWS\Installer
2010-02-10 20:48:34 ----D---- E:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-02-09 15:27:16 ----D---- E:\Documents and Settings\Machr\Data aplikací\BITS
2010-02-09 10:30:58 ----A---- E:\WINDOWS\win.ini
2010-02-08 23:56:08 ----D---- E:\WINDOWS\pss
2010-02-08 23:52:46 ----D---- E:\Program Files\Steam
2010-02-08 23:52:13 ----A---- E:\WINDOWS\avp.ini
2010-02-08 23:20:04 ----D---- E:\Documents and Settings\Machr\Data aplikací\dvdcss
2010-02-08 11:05:20 ----D---- E:\Program Files\Internet Explorer
2010-02-01 20:26:20 ----A---- E:\WINDOWS\system32\MRT.exe
2010-01-22 12:53:17 ----D---- E:\WINDOWS\ie8updates
2010-01-22 08:43:04 ----D---- E:\Program Files\Microsoft Silverlight
2010-01-17 17:40:42 ----RD---- E:\Program Files\Programy atd
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; E:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; E:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; E:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Řadič procesoru Intel; E:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; E:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 adfs;adfs; E:\WINDOWS\system32\drivers\adfs.sys [2009-11-02 73312]
R2 aswFsBlk;aswFsBlk; E:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; E:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R3 aswRdr;aswRdr; E:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; E:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-09-23 4481024]
R3 ATP;Comodo EasyVPN Miniport Driver; E:\WINDOWS\system32\DRIVERS\cmdatp.sys [2008-12-10 17424]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; E:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; E:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); E:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-09-11 5911552]
R3 mouhid;Ovladač myši standardu HID; E:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; E:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-10-30 117888]
R3 tap0901;TAP-Win32 Adapter V9; E:\WINDOWS\system32\DRIVERS\tap0901.sys [2008-01-30 25216]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; E:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; E:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; E:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; E:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 Ambfilt;Ambfilt; E:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 Arp1394;Protokol 1394 ARP Client; E:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 gdrv;gdrv; \??\E:\WINDOWS\gdrv.sys []
S3 hamachi;Hamachi Network Interface; E:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 Monfilt;Monfilt; E:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; E:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 NIC1394;1394 Net Driver; E:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 nmwcd;Nokia USB Phone Parent; E:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; E:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; E:\WINDOWS\system32\drivers\nmwcdnsu.sys [2009-03-19 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; E:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2009-03-19 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; E:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; E:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; E:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
S3 usbser;USB Modem Driver; E:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; E:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; E:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; E:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; E:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 IntelIde;IntelIde; E:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; E:\WINDOWS\System32\Drivers\sptd.sys [2009-07-15 721904]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; E:\WINDOWS\system32\Ati2evxx.exe [2009-09-23 602112]
R2 avast! Antivirus;avast! Antivirus; E:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 CrdphService;COMODO EasyVPN VNC Service; E:\Program Files\COMODO\EasyVPN\crdphService.exe [2009-08-11 491768]
R2 EasyVpnAdpt;COMODO EasyVPN Service; E:\Program Files\COMODO\EasyVPN\Vpnservice.exe [2009-08-11 45304]
R2 PnkBstrA;PnkBstrA; E:\WINDOWS\system32\PnkBstrA.exe [2009-09-28 75064]
R2 PnkBstrB;PnkBstrB; E:\WINDOWS\system32\PnkBstrB.exe [2009-10-11 190144]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; E:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; E:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 ATI Smart;ATI Smart; E:\WINDOWS\system32\ati2sgag.exe [2009-09-25 593920]
S2 gupdate1ca300ec6a5bc4a;Služba Google Update (gupdate1ca300ec6a5bc4a); E:\Program Files\Google\Update\GoogleUpdate.exe /svc []
S3 aspnet_state;Stavová služba ASP.NET; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-08-02 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; E:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; E:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; E:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; E:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); E:\Program Files\WinPcap\rpcapd.exe -d -f E:\Program Files\WinPcap\rpcapd.ini []
S3 ServiceLayer;ServiceLayer; E:\Program Files\PC Connectivity Solution\ServiceLayer.exe []
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; E:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
All processes killed
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\combofix deleted successfully.
========== FILES ==========
File/Folder E:\ComboFix not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: hip-hop forever
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 65748 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Machr
->Temp folder emptied: 667644 bytes
->Temporary Internet Files folder emptied: 16798598 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 45772521 bytes
->Opera cache emptied: 0 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 49152 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 60,00 mb
OTM by OldTimer - Version 3.1.8.0 log created on 02152010_012825
Files moved on Reboot...
File E:\WINDOWS\temp\_avast4_\Webshlock.txt not found!
File E:\WINDOWS\temp\Perflib_Perfdata_2f0.dat not found!
Registry entries deleted on Reboot...
2)
Logfile of random's system information tool 1.06 (written by random/random)
Run by Machr at 2010-02-15 01:33:08
Systém Microsoft Windows XP Professional Service Pack 3
System drive E: has 24 GB (18%) free of 133 GB
Total RAM: 2046 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:33:13, on 15.2.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\COMODO\EasyVPN\crdphService.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
E:\Program Files\Alwil Software\Avast4\ashServ.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\COMODO\EasyVPN\Vpnservice.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\mHotkey.exe
E:\WINDOWS\RTHDCPL.EXE
E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
E:\Program Files\Stardock\ObjectDock\ObjectDock.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\WINDOWS\system32\PnkBstrB.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
E:\Documents and Settings\Machr\Plocha\RSIT.exe
E:\Program Files\Trend Micro\HijackThis\Machr.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ICQ] "E:\Program Files\ICQ7.0\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = E:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: &Download All by FlashGet - E:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
O8 - Extra context menu item: &Download by FlashGet - E:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - E:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - E:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: COMODO EasyVPN VNC Service (CrdphService) - COMODO - E:\Program Files\COMODO\EasyVPN\crdphService.exe
O23 - Service: COMODO EasyVPN Service (EasyVpnAdpt) - Unknown owner - E:\Program Files\COMODO\EasyVPN\Vpnservice.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate1ca300ec6a5bc4a) (gupdate1ca300ec6a5bc4a) - Unknown owner - E:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - E:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - E:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - E:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: ServiceLayer - Unknown owner - E:\Program Files\PC Connectivity Solution\ServiceLayer.exe (file missing)
--
End of file - 6395 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - E:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-15 41368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-15 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CHotkey"=E:\WINDOWS\mHotkey.exe [2004-12-08 550912]
"RTHDCPL"=E:\WINDOWS\RTHDCPL.EXE [2009-09-11 18717696]
"StartCCC"=E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-09-25 98304]
"avast!"=E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=E:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ICQ"=E:\Program Files\ICQ7.0\ICQ.exe [2010-02-11 133368]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
E:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2009-11-02 611712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comodo EasyVPN]
E:\Program Files\COMODO\EasyVPN\EasyVPN.exe [2009-09-28 3563768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
E:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
E:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart]
E:\Program Files\Nokia\Nokia Music\NokiaMusic.exe [2009-07-02 2327840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
E:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
E:\Program Files\Skype\Phone\Skype.exe [2009-07-16 25604904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
e:\program files\steam\steam.exe [2009-11-25 1217808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^Machr^Nabídka Start^Programy^Po spuštění^Automatické vypnutí počítače.lnk]
E:\PROGRA~1\AUTOMA~1\avp.exe [2004-12-28 443392]
E:\Documents and Settings\Machr\Nabídka Start\Programy\Po spuštění
Stardock ObjectDock.lnk - E:\Program Files\Stardock\ObjectDock\ObjectDock.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
E:\WINDOWS\system32\Ati2evxx.dll [2009-09-23 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - E:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"G:\Games\Assassin's Creed\AssassinsCreed_Dx9.exe"="G:\Games\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"G:\Games\Assassin's Creed\AssassinsCreed_Dx10.exe"="G:\Games\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"G:\Games\Assassin's Creed\AssassinsCreed_Launcher.exe"="G:\Games\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"E:\WINDOWS\system32\PnkBstrA.exe"="E:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"E:\WINDOWS\system32\PnkBstrB.exe"="E:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"G:\Games\PES 09\CSP2009.exe"="G:\Games\PES 09\CSP2009.exe:*:Enabled:Pro Evolution Soccer 2009"
"E:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="E:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"E:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="E:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"E:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="E:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"G:\Hry - INSTALACE\Warhammer Dawn of War 2\Warhammer_Dawn_of_War_2-WiCKED\DOW2.exe"="G:\Hry - INSTALACE\Warhammer Dawn of War 2\Warhammer_Dawn_of_War_2-WiCKED\DOW2.exe:*:Enabled:DOW2"
"G:\Games\The Battle for Middle-earth (tm) II\game.dat"="G:\Games\The Battle for Middle-earth (tm) II\game.dat:*:Enabled:The Battle for Middle-earth(tm) II"
"E:\Program Files\mIRC\mirc.exe"="E:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"G:\Games\The Lord of The Rings The Battle For Middle Earth 2 The Rise Of The Witch King\game.dat"="G:\Games\The Lord of The Rings The Battle For Middle Earth 2 The Rise Of The Witch King\game.dat:*:Enabled:The Lord of the Rings, The Rise of the Witch-king"
"G:\Games\UT 3 CZ\Binaries\UT3.exe"="G:\Games\UT 3 CZ\Binaries\UT3.exe:*:Enabled:UT3"
"G:\Games\Left4Dead\hl2.exe"="G:\Games\Left4Dead\hl2.exe:*:Enabled:hl2"
"E:\Program Files\uTorrent\utorrent.exe"="E:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"G:\Games\Counter Strike\hl2.exe"="G:\Games\Counter Strike\hl2.exe:*:Enabled:hl2"
"G:\Games\Call of Duty 5\CoDWaW.exe"="G:\Games\Call of Duty 5\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"G:\Games\Call of Duty 5\CoDWaWmp.exe"="G:\Games\Call of Duty 5\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"G:\Games\Call of Duty 5\CoDWaW-lanfix 1.5.exe"="G:\Games\Call of Duty 5\CoDWaW-lanfix 1.5.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop"
"G:\Games\Call of Duty 5\CoDWaW_LANFixed.exe"="G:\Games\Call of Duty 5\CoDWaW_LANFixed.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop"
"E:\DC ++\StrongDC.exe"="E:\DC ++\StrongDC.exe:*:Enabled:StrongDC++"
"G:\Games\World of Warcraft ORIGINAL\Launcher.exe"="G:\Games\World of Warcraft ORIGINAL\Launcher.exe:*:Enabled:Blizzard Launcher"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.0.9.9551-to-3.1.0.9767-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.0.9.9551-to-3.1.0.9767-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\World of Warcraft ORIGINAL\BackgroundDownloader.exe"="G:\Games\World of Warcraft ORIGINAL\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\Burnout Paradise\BurnoutLauncher.exe"="G:\Games\Burnout Paradise\BurnoutLauncher.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"G:\Games\Burnout Paradise\BurnoutConfigTool.exe"="G:\Games\Burnout Paradise\BurnoutConfigTool.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"G:\Games\Burnout Paradise\BurnoutParadise.exe"="G:\Games\Burnout Paradise\BurnoutParadise.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"E:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="E:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Program Files\Mozilla Firefox\firefox.exe"="E:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"G:\Games\Left4Dead\left4dead.exe"="G:\Games\Left4Dead\left4dead.exe:*:Enabled:left4dead"
"G:\Games\Call of Duty\CoDMP.exe"="G:\Games\Call of Duty\CoDMP.exe:*:Enabled:CoDMP"
"E:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="E:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"E:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="E:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"E:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe"="E:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe:*:Enabled:Media Player Classic - Homecinema"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\Call of Duty 5\server.exe"="G:\Games\Call of Duty 5\server.exe:*:Enabled:Call of Duty(R): World at War Multiplayer"
"C:\QIP Infium JadrisPack\infium.exe"="C:\QIP Infium JadrisPack\infium.exe:*:Enabled:QIP Infium"
"E:\Program Files\HLSW\hlsw.exe"="E:\Program Files\HLSW\hlsw.exe:*:Enabled:hlsw"
"E:\Program Files\Opera\opera.exe"="E:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"E:\Program Files\QIP8092\qip.exe"="E:\Program Files\QIP8092\qip.exe:*:Enabled:Quiet Internet Pager"
"E:\Hry\NHL 09-EVROPA\nhl2009.exe"="E:\Hry\NHL 09-EVROPA\nhl2009.exe:*:Enabled:nhl2009"
"G:\Games\NHL 2004\nhl2004.exe"="G:\Games\NHL 2004\nhl2004.exe:*:Enabled:nhl2004"
"E:\Program Files\TeamViewer\Version4\TeamViewer.exe"="E:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"G:\Games\Call of Duty 4\iw3mp.exe"="G:\Games\Call of Duty 4\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Documents and Settings\Machr\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe"="E:\Documents and Settings\Machr\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player"
"G:\Games\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe"="G:\Games\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe:*:Enabled:Batman: Arkham Asylum"
"G:\Games\Warcraft III\Warcraft III.exe"="G:\Games\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"G:\Games\Warcraft III\war3.exe"="G:\Games\Warcraft III\war3.exe:*:Enabled:Warcraft III"
"G:\Games\Pro Evolution Soccer 2010\pes2010.exe"="G:\Games\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"G:\Games\TmNationsForever\TmForever.exe"="G:\Games\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"E:\Program Files\SopCast\SopCast.exe"="E:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"E:\Program Files\SopCast\adv\SopAdver.exe"="E:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"G:\Games\Modern Warfare 2\iw4sp.exe"="G:\Games\Modern Warfare 2\iw4sp.exe:*:Enabled:iw4sp"
"E:\Program Files\Steam\Steam.exe"="E:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"G:\Games\Modern Warfare 2\iw4mp.exe"="G:\Games\Modern Warfare 2\iw4mp.exe:*:Enabled:iw4mp"
"G:\Games\FM2010\fm.exe"="G:\Games\FM2010\fm.exe:*:Enabled:Football Manager 2010"
"E:\Program Files\Skype\Phone\Skype.exe"="E:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"E:\Program Files\COMODO\EasyVPN\EasyVPN.exe"="E:\Program Files\COMODO\EasyVPN\EasyVPN.exe:*:Enabled:COMODO EasyVPN"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.2.2.10505-to-3.3.0.10958-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.2.2.10505-to-3.3.0.10958-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Program Files\Steam\steamapps\common\zero gear\Server\ZeroGearServer.exe"="E:\Program Files\Steam\steamapps\common\zero gear\Server\ZeroGearServer.exe:*:Enabled:ZeroGearServer"
"E:\Program Files\Steam\steamapps\common\zero gear\Server\iw4mp.exe"="E:\Program Files\Steam\steamapps\common\zero gear\Server\iw4mp.exe:*:Enabled:iw4mp"
"G:\Games\Ubisoft\Demo\James Cameron's AVATAR - THE GAME (Demo)\bin\AvatarDemo.exe"="G:\Games\Ubisoft\Demo\James Cameron's AVATAR - THE GAME (Demo)\bin\AvatarDemo.exe:*:Enabled:James Cameron's AVATAR(tm): THE GAME (Demo)"
"G:\Games\WoW 3.1.3\Launcher.exe"="G:\Games\WoW 3.1.3\Launcher.exe:*:Enabled:Blizzard Launcher"
"G:\Games\World of Warcraft ORIGINAL\WoW-3.3.0.11159-to-3.3.2.11403-enGB-downloader.exe"="G:\Games\World of Warcraft ORIGINAL\WoW-3.3.0.11159-to-3.3.2.11403-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"E:\Program Files\Steam\steamapps\common\zero gear\ZeroGear.bat"="E:\Program Files\Steam\steamapps\common\zero gear\ZeroGear.bat:*:Enabled:Zero Gear Demo"
"E:\Program Files\ICQ7.0\ICQ.exe"="E:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"E:\Program Files\ICQ7.0\aolload.exe"="E:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Program Files\ICQ7.0\ICQ.exe"="E:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"E:\Program Files\ICQ7.0\aolload.exe"="E:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
======List of files/folders created in the last 1 months======
2010-02-15 01:28:31 ----SHD---- E:\RECYCLER
2010-02-15 01:28:25 ----D---- E:\_OTM
2010-02-14 22:11:51 ----D---- E:\rsit
2010-02-14 21:33:32 ----D---- E:\Program Files\ICQ7.0
2010-02-14 19:12:19 ----D---- E:\Program Files\Malwarebytes' Anti-Malware
2010-02-14 14:50:37 ----D---- E:\WINDOWS\ERDNT
2010-02-10 20:52:52 ----HDC---- E:\WINDOWS\$NtUninstallKB978262$
2010-02-10 20:52:47 ----HDC---- E:\WINDOWS\$NtUninstallKB971468$
2010-02-10 20:48:55 ----HDC---- E:\WINDOWS\$NtUninstallKB978037$
2010-02-10 20:48:51 ----HDC---- E:\WINDOWS\$NtUninstallKB975713$
2010-02-10 20:48:46 ----HDC---- E:\WINDOWS\$NtUninstallKB978251$
2010-02-10 20:48:39 ----HDC---- E:\WINDOWS\$NtUninstallKB975560$
2010-02-10 20:47:42 ----HDC---- E:\WINDOWS\$NtUninstallKB977914$
2010-02-10 20:47:29 ----HDC---- E:\WINDOWS\$NtUninstallKB978706$
2010-02-10 20:47:12 ----HDC---- E:\WINDOWS\$NtUninstallKB977165$
2010-02-08 13:31:21 ----D---- E:\Documents and Settings\Machr\Data aplikací\Facebook
======List of files/folders modified in the last 1 months======
2010-02-15 01:31:27 ----D---- E:\WINDOWS\Temp
2010-02-15 01:31:21 ----D---- E:\Program Files\Mozilla Firefox
2010-02-15 01:28:46 ----A---- E:\WINDOWS\SchedLgU.Txt
2010-02-15 01:24:17 ----D---- E:\Documents and Settings\Machr\Data aplikací\vlc
2010-02-14 22:37:23 ----D---- E:\Documents and Settings\Machr\Data aplikací\ICQ
2010-02-14 22:03:54 ----D---- E:\WINDOWS
2010-02-14 21:53:57 ----D---- E:\WINDOWS\system32\drivers
2010-02-14 21:53:01 ----D---- E:\WINDOWS\system32\CatRoot2
2010-02-14 21:34:05 ----HD---- E:\Program Files\InstallShield Installation Information
2010-02-14 21:33:32 ----RD---- E:\Program Files
2010-02-14 19:05:27 ----N---- E:\WINDOWS\system.ini
2010-02-14 19:03:55 ----D---- E:\WINDOWS\system32\config
2010-02-14 19:01:38 ----D---- E:\WINDOWS\system32
2010-02-14 19:01:38 ----D---- E:\WINDOWS\AppPatch
2010-02-14 19:01:34 ----D---- E:\Program Files\Common Files
2010-02-14 14:48:50 ----D---- E:\WINDOWS\Prefetch
2010-02-14 14:35:31 ----SD---- E:\WINDOWS\Tasks
2010-02-13 23:57:57 ----D---- E:\Program Files\Windows Media Connect 2
2010-02-13 21:29:07 ----D---- E:\Program Files\mIRC
2010-02-13 11:09:53 ----D---- E:\Mp3
2010-02-11 11:10:12 ----RD---- E:\Filmy
2010-02-10 20:52:54 ----HD---- E:\WINDOWS\inf
2010-02-10 20:52:51 ----HD---- E:\WINDOWS\$hf_mig$
2010-02-10 20:52:49 ----RSHDC---- E:\WINDOWS\system32\dllcache
2010-02-10 20:52:49 ----A---- E:\WINDOWS\imsins.BAK
2010-02-10 20:48:35 ----SHD---- E:\WINDOWS\Installer
2010-02-10 20:48:34 ----D---- E:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-02-09 15:27:16 ----D---- E:\Documents and Settings\Machr\Data aplikací\BITS
2010-02-09 10:30:58 ----A---- E:\WINDOWS\win.ini
2010-02-08 23:56:08 ----D---- E:\WINDOWS\pss
2010-02-08 23:52:46 ----D---- E:\Program Files\Steam
2010-02-08 23:52:13 ----A---- E:\WINDOWS\avp.ini
2010-02-08 23:20:04 ----D---- E:\Documents and Settings\Machr\Data aplikací\dvdcss
2010-02-08 11:05:20 ----D---- E:\Program Files\Internet Explorer
2010-02-01 20:26:20 ----A---- E:\WINDOWS\system32\MRT.exe
2010-01-22 12:53:17 ----D---- E:\WINDOWS\ie8updates
2010-01-22 08:43:04 ----D---- E:\Program Files\Microsoft Silverlight
2010-01-17 17:40:42 ----RD---- E:\Program Files\Programy atd
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; E:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; E:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; E:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Řadič procesoru Intel; E:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; E:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 adfs;adfs; E:\WINDOWS\system32\drivers\adfs.sys [2009-11-02 73312]
R2 aswFsBlk;aswFsBlk; E:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; E:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R3 aswRdr;aswRdr; E:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; E:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-09-23 4481024]
R3 ATP;Comodo EasyVPN Miniport Driver; E:\WINDOWS\system32\DRIVERS\cmdatp.sys [2008-12-10 17424]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; E:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; E:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); E:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-09-11 5911552]
R3 mouhid;Ovladač myši standardu HID; E:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; E:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-10-30 117888]
R3 tap0901;TAP-Win32 Adapter V9; E:\WINDOWS\system32\DRIVERS\tap0901.sys [2008-01-30 25216]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; E:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; E:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; E:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; E:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 Ambfilt;Ambfilt; E:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 Arp1394;Protokol 1394 ARP Client; E:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 gdrv;gdrv; \??\E:\WINDOWS\gdrv.sys []
S3 hamachi;Hamachi Network Interface; E:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 Monfilt;Monfilt; E:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; E:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 NIC1394;1394 Net Driver; E:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 nmwcd;Nokia USB Phone Parent; E:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; E:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; E:\WINDOWS\system32\drivers\nmwcdnsu.sys [2009-03-19 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; E:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2009-03-19 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; E:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; E:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; E:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
S3 usbser;USB Modem Driver; E:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; E:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; E:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; E:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; E:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 IntelIde;IntelIde; E:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; E:\WINDOWS\System32\Drivers\sptd.sys [2009-07-15 721904]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; E:\WINDOWS\system32\Ati2evxx.exe [2009-09-23 602112]
R2 avast! Antivirus;avast! Antivirus; E:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 CrdphService;COMODO EasyVPN VNC Service; E:\Program Files\COMODO\EasyVPN\crdphService.exe [2009-08-11 491768]
R2 EasyVpnAdpt;COMODO EasyVPN Service; E:\Program Files\COMODO\EasyVPN\Vpnservice.exe [2009-08-11 45304]
R2 PnkBstrA;PnkBstrA; E:\WINDOWS\system32\PnkBstrA.exe [2009-09-28 75064]
R2 PnkBstrB;PnkBstrB; E:\WINDOWS\system32\PnkBstrB.exe [2009-10-11 190144]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; E:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; E:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 ATI Smart;ATI Smart; E:\WINDOWS\system32\ati2sgag.exe [2009-09-25 593920]
S2 gupdate1ca300ec6a5bc4a;Služba Google Update (gupdate1ca300ec6a5bc4a); E:\Program Files\Google\Update\GoogleUpdate.exe /svc []
S3 aspnet_state;Stavová služba ASP.NET; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-08-02 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; E:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; E:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; E:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; E:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); E:\Program Files\WinPcap\rpcapd.exe -d -f E:\Program Files\WinPcap\rpcapd.ini []
S3 ServiceLayer;ServiceLayer; E:\Program Files\PC Connectivity Solution\ServiceLayer.exe []
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; E:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; E:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
-
Unlimited_Killer
- Přítel fóra
- Příspěvky: 1969
- Registrován: 24 srp 2009 16:18
Re: Prosim o radu a zkontrolovani PC :)
Dokončíme.
1) OTCleaner
1) OTCleaner
- Stáhněte OTC a dvojklikem ho spusťte.
- Vyskočí okénko, kde kliknete na 'CleanUp!'.
- Potvrdíte kliknutím na 'Yes'.
- Poté se ještě zeptá, zda chcete restartovat PC - to proveďte opět kliknutím na 'Yes'.
- Stáhněte si program jménem CCleaner.
- Normálně nainstalujte, jen dávejte pozor a odškrtněte položku 'Instalovat Yahoo! Toolbar'.
- Spusťte ho.
- Záložka Čistič → nechte zatrženo vše, jak je, a klikněte na 'Spustit CCleaner'.
- Záložka Registry → klikněte na 'Hledej problémy'. Vyhledá problémy v registru, až dokončí analyzování, klikněte na 'Opravit vybrané problémy'. Nabídne Vám vytvoření zálohy - pro jistotu ji vytvořte a uložte například na Plochu.
- CCleaner doporučuji používat pravidelně, celkem rapidně dokáže zrychlit PC.
- Defragmentujte disk.
- Lze to udělat několika způsoby ↓
- Přes defragmentaci integrovanou ve Windows [Start → Spustit → dfrg.msc → Enter]. Toto není příliš účinný způsob.
- Přes jednoduchý a přehledný program jménem Defraggler.
- Přes geniální program, který se nemusí instalovat a je hodně jednoduchý - JKDefrag.
- Během procesu čištění jsem zvyklý odstraňovat zbytečné aplikace spouštěné po startu.
- Mezi ně patří například Java Update. Nesmyslně užírá RAM paměť jelikož neustále sonduje, zda není novější verze.
- Abyste měl/a přehled o aktualizacích, doporučuji stáhnout program FileHippo.com UpdateChecker.
- Běžně ho nainstalujte.
- Spouštějte ho například jednou až dvakrát týdně.
- Přehledně zobrazí všechny programy, které jsou neaktualizované, nabídne stažení novější verze (což doporučuji).
inactive
Re: Prosim o radu a zkontrolovani PC :)
Tak v prve rade moc dekuji za perfektni instrukce a trpelivost Defragmentaci jsem nikdy nedelal a ani poradne nevim co to je.. ovsem zkusim tu treti moznost a uvidim co dal.. Jinak smim li se zeptat jak moc jsem mel nakazen PC nebo proste kolik haveti jsem v nem mel? O kolik tak myslite ze ted bude PC rychlejsi? Zatim zadne potize s PC nemam a je i viditelne rychlejsi
Defragmentaci jsem nikdy nedelal a ani poradne nevim co to je.. ovsem zkusim tu treti moznost a uvidim co dal.. Jinak smim li se zeptat jak moc jsem mel nakazen PC nebo proste kolik haveti jsem v nem mel? O kolik tak myslite ze ted bude PC rychlejsi? Zatim zadne potize s PC nemam a je i viditelne rychlejsi -
Unlimited_Killer
- Přítel fóra
- Příspěvky: 1969
- Registrován: 24 srp 2009 16:18
Re: Prosim o radu a zkontrolovani PC :)
Váš PC nebyl prakticky vůbec "zahavěťován", ale měl jste tam pár zbytečných věcí, které já vždy odstraňuji. 
Až uděláte všechny úkony, budu chtít vidět ještě nový RSIT log.
Až uděláte všechny úkony, budu chtít vidět ještě nový RSIT log.
inactive
Re: Prosim o radu a zkontrolovani PC :)
Už dělám tu defragmentaci.. trvá to velmi dlouho mám dva HDD 160 a 500gb takze to trvá opravdu dlouho 
Mě PC už asi dvakrát úplně odešel kvůli virům.. naposled jsem musel nainstalovat úplně novej windows na jinej disk a od té doby PC celkem šlape až teď v poslední době jsem měl problémy právě s větším HDD když mi Windwos neustále vypisoval všeljaké hlášky a PC pak defacto ani nešel..
Počítám tak dvě hodiny a bude ta defragmentace hotová
edit: tak to urcite nebudou dve hodiny.. necham to pres noc jednou se mi udelal disk E a ted jede znova disk E nechapu jak je to mozne... kazdopadne je jenom tento disk tak na 4 hodiny
Mě PC už asi dvakrát úplně odešel kvůli virům.. naposled jsem musel nainstalovat úplně novej windows na jinej disk a od té doby PC celkem šlape až teď v poslední době jsem měl problémy právě s větším HDD když mi Windwos neustále vypisoval všeljaké hlášky a PC pak defacto ani nešel..Počítám tak dvě hodiny a bude ta defragmentace hotová
edit: tak to urcite nebudou dve hodiny.. necham to pres noc jednou se mi udelal disk E a ted jede znova disk E nechapu jak je to mozne... kazdopadne je jenom tento disk tak na 4 hodiny
Naposledy upravil(a) Blejzr dne 15 úno 2010 20:40, celkem upraveno 1 x.
Přispějete na provoz fóra?