zdravím a prosím o pomoc. Stažením a instalací hry Zuma mi začalo peklo. Od té doby mi residentní a webový štít neustále hlásí nalezení infekce (Trojský kun Downloader.Generic9.ASLD - proces svchost.exe a dale pak nejaky dalsi nerad v procesu bll.exe).
Logfile of random's system information tool 1.06 (written by random/random)
Run by Karel at 2010-02-19 14:26:11
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 134 GB (48%) free of 281 GB
Total RAM: 3068 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:26:55, on 19.2.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\spool\drivers\w32x86\3\fppdis2a.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\Program Files\Desktop Sidebar\dsidebar.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Cyber-D's AntiScreensaver\antiscreensaver.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\SwSetup\snimac obrazovky\HoverSnap.exe
C:\Program Files\TotalComm\totalcmd\TOTALCMD.EXE
C:\Program Files\IObit\Advanced SystemCare 3\Awc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10d.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\TotalComm\totalcmd\TOTALCMD.EXE
C:\Users\Karel\Downloads\RSIT.exe
C:\Program Files\trend micro\Karel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: QvodExtend - {53AC8551-0DE0-4606-8A1E-A51AF20ADD60} - C:\Program Files\Common Files\System\Extend.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v2] C:\Windows\system32\spool\DRIVERS\W32X86\3\fppdis2a.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ISUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Google Update] "C:\Users\Karel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Desktop Sidebar\dsidebar.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [LosAlamos] rundll32.exe C:\Windows\system32\sshnas21.dll,AttachConsoleA (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [LosAlamos] rundll32.exe C:\Windows\system32\sshnas21.dll,AttachConsoleA (User 'Default user')
O4 - Startup: Cyber-D's AntiScreensaver.lnk = C:\Program Files\Cyber-D's AntiScreensaver\antiscreensaver.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocach ... .0.1.1.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\aestsrv.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: Hummingbird Exceed Display Management (HumDisplayServer) - Hummingbird Ltd. - C:\Program Files\Hummingbird\Connectivity\9.00\Exceed\HumDisplayServer.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Sentinel Keys Server (SentinelKeysServer) - SafeNet, Inc. - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\STacSV.exe
O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe
--
End of file - 14821 bytes
======Scheduled tasks folder======
C:\Windows\tasks\AWC Startup.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-583618298-3051373647-855376248-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-583618298-3051373647-855376248-1000UA.job
C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\Windows\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-04-21 1082880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
DigitalPersona Personal Extension - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll [2009-09-29 1256512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-12-12 1111320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45AD732C-2CE2-4666-B366-B2214AD57A49}]
Idea2 SidebarBrowserMonitor Class - C:\Program Files\Desktop Sidebar\sbhelp.dll [2006-07-09 278528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53AC8551-0DE0-4606-8A1E-A51AF20ADD60}]
QvodExtend - C:\Program Files\Common Files\System\Extend.dll [2009-12-03 152968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-09-02 1107200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-04-23 937416]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-09-02 1107200]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-06-20 1316136]
"DVDAgent"=C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe [2008-09-26 1148200]
"TSMAgent"=C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [2008-09-25 1152296]
"CLMLServer for HP TouchSmart"=C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2008-09-25 189736]
"UCam_Menu"=C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"SmartMenu"=C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2008-09-23 912688]
"UpdateLBPShortCut"=C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"UpdatePSTShortCut"=C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [2008-09-26 210216]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-08-01 202032]
"UpdateP2GoShortCut"=C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"UpdatePDIRShortCut"=C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-16 75008]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-12-12 2043160]
"TVAgent"=C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe [2009-02-09 206120]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2008-09-11 446556]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-09-13 13584928]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-09-13 92704]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
"DpAgent"=C:\Program Files\DigitalPersona\Bin\dpagent.exe [2009-09-29 842816]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"pdfFactory Pro Dispatcher v2"=C:\Windows\system32\spool\DRIVERS\W32X86\3\fppdis2a.exe [2004-03-06 393216]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-06-09 2363392]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
"ISUSPM"=C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [2007-07-12 226904]
"Google Update"=C:\Users\Karel\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-09 135664]
"Sidebar"=C:\Program Files\Desktop Sidebar\dsidebar.exe [2006-07-09 1777664]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Cyber-D's AntiScreensaver.lnk - C:\Program Files\Cyber-D's AntiScreensaver\antiscreensaver.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
DPPWDFLT
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableTaskMgr"=0
"DisableChangePassword"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"HideFastUserSwitching"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoLogoff"=0
"NoClose"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{216eda01-3a2f-11de-acd5-00247e1bb85a}]
shell\AutoRun\command - F:\autorun.exe
shell\directx\command - F:\DirectX9\dxsetup.exe
shell\setup\command - F:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{216eda0d-3a2f-11de-acd5-00247e1bb85a}]
shell\AutoRun\command - G:\CDCheck.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{67617260-e330-11de-aa56-00238b689dda}]
shell\AutoRun\command - I:\i9bwjpqc.exe
shell\open\command - I:\i9bwjpqc.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{813cfb7c-a452-11de-b37f-00247e1bb85a}]
shell\AutoRun\command - H:\WDSetup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8c47517c-e99b-11de-a1d9-00238b689dda}]
shell\AutoRun\command - J:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c911aade-0507-11df-9a3a-00238b689dda}]
shell\AutoRun\command - Temp002\key.exe
shell\OpEn\command - Temp002\key.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fd714ab5-d05f-11de-b76a-00238b689dda}]
shell\AutoRun\command - H:\CDCheck.exe
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-02-19 14:26:13 ----D---- C:\Program Files\trend micro
2010-02-19 14:26:11 ----D---- C:\rsit
2010-02-19 14:02:15 ----A---- C:\Windows\system32\sshnas21.dll
2010-02-18 19:14:28 ----D---- C:\Program Files\Zuma Deluxe
2010-02-18 19:14:15 ----D---- C:\Program Files\ReflexiveArcade
2010-02-15 20:14:27 ----D---- C:\PFiles
2010-02-10 10:17:39 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-02-10 10:17:39 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-02-10 10:17:29 ----A---- C:\Windows\system32\tsbyuv.dll
2010-02-10 10:17:29 ----A---- C:\Windows\system32\quartz.dll
2010-02-10 10:17:29 ----A---- C:\Windows\system32\msyuv.dll
2010-02-10 10:17:29 ----A---- C:\Windows\system32\msvidc32.dll
2010-02-10 10:17:29 ----A---- C:\Windows\system32\msrle32.dll
2010-02-10 10:17:29 ----A---- C:\Windows\system32\mciavi32.dll
2010-02-10 10:17:29 ----A---- C:\Windows\system32\iyuv_32.dll
2010-02-10 10:17:28 ----A---- C:\Windows\system32\msvfw32.dll
2010-02-10 10:17:28 ----A---- C:\Windows\system32\avifil32.dll
2010-02-09 21:50:45 ----D---- C:\Program Files\ANSYS Inc
2010-02-07 00:42:10 ----D---- C:\Users\Karel\AppData\Roaming\Cyber-D's AntiScreensaver
2010-02-07 00:42:06 ----D---- C:\Program Files\Cyber-D's AntiScreensaver
2010-02-04 12:33:09 ----A---- C:\Windows\system32\msonpmon.dll
2010-02-04 12:28:27 ----D---- C:\Program Files\Microsoft Visual Studio
2010-02-04 12:28:26 ----D---- C:\Program Files\Common Files\DESIGNER
2010-02-04 12:27:49 ----D---- C:\Windows\PCHEALTH
2010-02-04 12:27:49 ----D---- C:\Program Files\Microsoft.NET
2010-02-04 12:25:44 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-02-04 12:22:08 ----RHD---- C:\MSOCache
2010-02-02 14:54:50 ----D---- C:\Program Files\Microsoft Silverlight
2010-01-31 19:33:44 ----D---- C:\Users\Karel\AppData\Roaming\vlc
2010-01-28 08:21:50 ----D---- C:\ProgramData\Office Genuine Advantage
2010-01-22 10:04:45 ----A---- C:\Windows\system32\mshtml.dll
2010-01-22 10:04:44 ----A---- C:\Windows\system32\ieframe.dll
2010-01-22 10:04:43 ----A---- C:\Windows\system32\urlmon.dll
2010-01-22 10:04:43 ----A---- C:\Windows\system32\iertutil.dll
2010-01-22 10:04:42 ----A---- C:\Windows\system32\wininet.dll
2010-01-22 10:04:42 ----A---- C:\Windows\system32\msfeeds.dll
2010-01-22 10:04:41 ----A---- C:\Windows\system32\occache.dll
2010-01-22 10:04:41 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-01-22 10:04:41 ----A---- C:\Windows\system32\jsproxy.dll
2010-01-22 10:04:41 ----A---- C:\Windows\system32\ieUnatt.exe
2010-01-22 10:04:41 ----A---- C:\Windows\system32\ieui.dll
2010-01-22 10:04:41 ----A---- C:\Windows\system32\iesysprep.dll
2010-01-22 10:04:41 ----A---- C:\Windows\system32\iepeers.dll
2010-01-22 10:04:41 ----A---- C:\Windows\system32\iedkcs32.dll
2010-01-22 10:04:41 ----A---- C:\Windows\system32\ie4uinit.exe
2010-01-22 10:04:40 ----A---- C:\Windows\system32\msfeedssync.exe
2010-01-22 10:04:40 ----A---- C:\Windows\system32\iesetup.dll
2010-01-22 10:04:40 ----A---- C:\Windows\system32\iernonce.dll
======List of files/folders modified in the last 1 months======
2010-02-19 14:26:46 ----D---- C:\Windows\Temp
2010-02-19 14:26:13 ----RD---- C:\Program Files
2010-02-19 14:18:02 ----D---- C:\Windows\Tasks
2010-02-19 14:18:02 ----D---- C:\Windows\system32\Tasks
2010-02-19 14:13:46 ----HD---- C:\$AVG8.VAULT$
2010-02-19 14:11:10 ----D---- C:\Users\Karel\AppData\Roaming\Skype
2010-02-19 14:02:15 ----D---- C:\Windows\System32
2010-02-19 13:50:50 ----D---- C:\Upload
2010-02-19 10:03:06 ----D---- C:\Windows\inf
2010-02-19 10:03:06 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-02-19 09:53:35 ----D---- C:\Users\Karel\AppData\Roaming\Desktop Sidebar
2010-02-19 09:47:18 ----D---- C:\Windows\system32\Msdtc
2010-02-19 09:47:16 ----D---- C:\Windows\system32\wbem
2010-02-19 09:47:16 ----D---- C:\Windows
2010-02-19 09:46:19 ----D---- C:\Windows\system32\config
2010-02-19 09:46:04 ----D---- C:\Windows\system32\spool
2010-02-19 09:46:04 ----D---- C:\Program Files\Internet Explorer
2010-02-19 09:46:03 ----SHD---- C:\Windows\Installer
2010-02-19 09:46:03 ----D---- C:\Windows\system32\drivers
2010-02-19 09:46:03 ----D---- C:\Windows\system32\CodeIntegrity
2010-02-19 09:46:03 ----D---- C:\Windows\system32\catroot2
2010-02-19 09:46:02 ----D---- C:\Users\Karel\AppData\Roaming\Winamp
2010-02-19 09:46:02 ----D---- C:\Users\Karel\AppData\Roaming\Launcher
2010-02-19 09:46:02 ----D---- C:\Users\Karel\AppData\Roaming\GHISLER
2010-02-19 09:45:58 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-19 09:45:58 ----D---- C:\Program Files\Microsoft Games
2010-02-19 09:45:58 ----D---- C:\Program Files\Common Files\System
2010-02-19 09:45:57 ----D---- C:\Windows\registration
2010-02-19 09:43:11 ----SHD---- C:\System Volume Information
2010-02-19 09:29:36 ----D---- C:\Users\Karel\AppData\Roaming\skypePM
2010-02-18 23:00:37 ----D---- C:\Windows\Prefetch
2010-02-18 19:19:47 ----D---- C:\Windows\Minidump
2010-02-18 18:17:31 ----D---- C:\Windows\winsxs
2010-02-14 19:03:31 ----HD---- C:\ProgramData
2010-02-14 19:01:34 ----SD---- C:\Windows\Downloaded Program Files
2010-02-13 01:35:39 ----D---- C:\Windows\Debug
2010-02-10 10:44:20 ----D---- C:\Windows\system32\catroot
2010-02-10 10:41:34 ----D---- C:\Program Files\Windows Mail
2010-02-10 10:23:01 ----D---- C:\ProgramData\Microsoft Help
2010-02-09 21:49:01 ----D---- C:\Program Files\Fluent.Inc
2010-02-04 14:56:49 ----RSD---- C:\Windows\assembly
2010-02-04 14:53:52 ----D---- C:\Program Files\Common Files\microsoft shared
2010-02-04 14:53:41 ----D---- C:\Program Files\Microsoft Works
2010-02-04 14:51:26 ----A---- C:\Windows\win.ini
2010-02-04 14:40:59 ----SD---- C:\Users\Karel\AppData\Roaming\Microsoft
2010-02-04 12:29:01 ----D---- C:\Program Files\MSBuild
2010-02-04 12:28:45 ----D---- C:\Program Files\Microsoft Office
2010-02-04 12:28:26 ----D---- C:\Program Files\Common Files
2010-02-04 12:28:23 ----D---- C:\Windows\ShellNew
2010-02-04 12:27:57 ----RSD---- C:\Windows\Fonts
2010-02-04 12:27:49 ----SD---- C:\ProgramData\Microsoft
2010-02-01 20:26:20 ----A---- C:\Windows\system32\mrt.exe
2010-01-31 19:31:18 ----D---- C:\SwSetup
2010-01-27 18:07:42 ----D---- C:\Windows\system32\zh-TW
2010-01-27 18:07:42 ----D---- C:\Windows\system32\zh-HK
2010-01-27 18:07:42 ----D---- C:\Windows\system32\tr-TR
2010-01-27 18:07:42 ----D---- C:\Windows\system32\sv-SE
2010-01-27 18:07:42 ----D---- C:\Windows\system32\pt-BR
2010-01-27 18:07:42 ----D---- C:\Windows\system32\nl-NL
2010-01-27 18:07:42 ----D---- C:\Windows\system32\nb-NO
2010-01-27 18:07:42 ----D---- C:\Windows\system32\ko-KR
2010-01-27 18:07:42 ----D---- C:\Windows\system32\it-IT
2010-01-27 18:07:42 ----D---- C:\Windows\system32\he-IL
2010-01-27 18:07:42 ----D---- C:\Windows\system32\fr-FR
2010-01-27 18:07:42 ----D---- C:\Windows\system32\fi-FI
2010-01-27 18:07:42 ----D---- C:\Windows\system32\es-ES
2010-01-27 18:07:42 ----D---- C:\Windows\system32\en-US
2010-01-27 18:07:42 ----D---- C:\Windows\system32\el-GR
2010-01-27 18:07:42 ----D---- C:\Windows\system32\de-DE
2010-01-27 18:07:42 ----D---- C:\Windows\system32\da-DK
2010-01-27 18:07:42 ----D---- C:\Windows\system32\ar-SA
2010-01-22 10:50:50 ----D---- C:\Windows\system32\migration
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2009-08-14 335240]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2009-08-14 27784]
R1 AvgTdiX;AVG8 Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2009-05-15 108552]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};{55662437-DA8C-40c0-AADA-2C816A897A49}; \??\C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl [2008-09-26 59376]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2006-11-22 693760]
R2 Haspnt;Haspnt; \??\C:\Windows\system32\drivers\Haspnt.sys [2009-05-29 47616]
R2 Sentinel;Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS [2007-04-27 90688]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2008-03-27 34664]
R3 AVerAF15;HP DVB-T TV Tuner; C:\Windows\System32\Drivers\AVerAF15.sys [2008-06-10 280320]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-09-04 54784]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-08-07 97536]
R3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-08-29 3664384]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-09-13 7391392]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-08-06 124928]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2008-09-11 389120]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-06-20 200112]
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 vfs101x;vfs101x; C:\Windows\system32\drivers\vfs101x.sys [2008-09-16 40752]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 a7mpoltl;a7mpoltl; C:\Windows\system32\drivers\a7mpoltl.sys []
S3 akshasp;Aladdin HASP Key; C:\Windows\system32\DRIVERS\akshasp.sys [2009-02-02 238208]
S3 aksusb;Aladdin USB Key; C:\Windows\system32\DRIVERS\aksusb.sys [2009-01-28 20480]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-06-23 80424]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2008-06-23 81960]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-06-23 16168]
S3 dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2009-05-14 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2009-05-14 24616]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664]
S3 NPF;Netgroup Packet Filter; C:\Windows\system32\drivers\npf.sys []
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys []
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 s116bus;Sony Ericsson Device 116 driver (WDM); C:\Windows\system32\DRIVERS\s116bus.sys [2007-04-03 83336]
S3 s116mdfl;Sony Ericsson Device 116 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s116mdfl.sys [2007-04-03 15112]
S3 s116mdm;Sony Ericsson Device 116 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s116mdm.sys [2007-04-03 108680]
S3 s116mgmt;Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s116mgmt.sys [2007-04-03 100488]
S3 s116nd5;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS); C:\Windows\system32\DRIVERS\s116nd5.sys [2007-04-03 23176]
S3 s116obex;Sony Ericsson Device 116 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s116obex.sys [2007-04-03 98696]
S3 s116unic;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM); C:\Windows\system32\DRIVERS\s116unic.sys [2007-04-03 99080]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 vncmirror;vncmirror; C:\Windows\system32\DRIVERS\vncmirror.sys [2009-07-25 4608]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S3 zebrbus;Sony Ericsson Composite Device driver; C:\Windows\system32\DRIVERS\zebrbus.sys [2009-05-14 83200]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\aestsrv.exe [2008-06-27 77824]
R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-08-14 908056]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-08-14 297752]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 DpHost;@C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [2009-09-29 322624]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-06-16 94208]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2008-03-18 19456]
R2 HumDisplayServer;Hummingbird Exceed Display Management; C:\Program Files\Hummingbird\Connectivity\9.00\Exceed\HumDisplayServer.exe [2009-09-02 53248]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-09-13 196608]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 Recovery Service for Windows;Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [2008-10-06 365952]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2008-06-30 241734]
R2 SentinelKeysServer;Sentinel Keys Server; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [2007-04-27 316992]
R2 SentinelProtectionServer;Sentinel Protection Server; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [2007-04-27 206400]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\STacSV.exe [2008-09-11 237650]
R2 TVCapSvc;TV Background Capture Service (TVBCS); C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [2009-02-09 296320]
R2 TVSched;TV Task Scheduler (TVTS); C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [2009-02-09 116096]
R2 vfsFPService;Validity Fingerprint Service; C:\Windows\system32\vfsFPService.exe [2008-09-16 599344]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-05-01 165192]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Hlášení residentního štítu AVG Trojský kun Downloader.Generi
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Hlášení residentního štítu AVG Trojský kun Downloader.Generi
Hezký podvečer 
Hru jste smazal?
Co je jednotka I?
Zapojte do pc všechny usb klíče, flashky...co používáte
Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- ComboFix je třeba spustit pod účtem s právy administrátora
- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary
- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano
- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna
- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem
Hru jste smazal? Co je jednotka I? Zapojte do pc všechny usb klíče, flashky...co používáte Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe - ComboFix je třeba spustit pod účtem s právy administrátora
- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary
- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano
- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna
- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Hlášení residentního štítu AVG Trojský kun Downloader.Generi
Diky, hra samozrejme davno odinstalovana, disk I: je momentalne flashka, ve chvili kdy jsem delal prvni log, nevim co to mohlo byt. Vystup ComboFix je zde:
ComboFix 10-02-18.09 - Karel 19.02.2010 18:48:11.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1033.18.3068.2151 [GMT 1:00]
Spuštěný z: C:\Users\Karel\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\$RECYCLE.BIN\S-1-5-21-2663948229-1259299601-2092945216-500
C:\$RECYCLE.BIN\S-1-5-21-583618298-3051373647-855376248-500
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
C:\Windows\system32\sshnas21.dll
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
Nakažená kopie C:\Windows\system32\drivers\atapi.sys byla nalezena a vyléčena.
Obnovena kopie z - Kitty ate it :p
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NPF
-------\Service_NPF
ComboFix 10-02-18.09 - Karel 19.02.2010 18:48:11.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1033.18.3068.2151 [GMT 1:00]
Spuštěný z: C:\Users\Karel\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\$RECYCLE.BIN\S-1-5-21-2663948229-1259299601-2092945216-500
C:\$RECYCLE.BIN\S-1-5-21-583618298-3051373647-855376248-500
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
C:\Windows\system32\sshnas21.dll
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
Nakažená kopie C:\Windows\system32\drivers\atapi.sys byla nalezena a vyléčena.
Obnovena kopie z - Kitty ate it :p
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NPF
-------\Service_NPF
Re: Hlášení residentního štítu AVG Trojský kun Downloader.Generi
Ten log není celý 
, to je všechno?
Pokud ano, spustte ho znovu a vložte sem pak log.
odinstalujte všechny virtuální jednotky (Daemon nebo alcohol)
Stáhněte SPTD http://www.duplexsecure.com/en/downloads
-vyberte verzi podle svého operačního systému. SPTD for Windows (32 bit) nebo (64b)
-uložte na plochu a spusťte
- zvolte možnost Uninstall
- restart PC
- spusťte gmer
Stáhněte Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878
- rozbalte a spusťte
-proběhne sken, po skončení se otevře okno s výsledky, kliknete na Save a tím si uložíte log,který sem vložíte
-Podle návodu v odkazu proveďte druhý sken a log sem také vložte.
stáhněte MBR
http://www2.gmer.net/mbr/mbr.exe
-uložte ho na plochu
start-spustit
do okénka zkopírujte
ok
vytvoří se log s názvem mbr.log, vložte ho zde [/quote]
, to je všechno?Pokud ano, spustte ho znovu a vložte sem pak log.
odinstalujte všechny virtuální jednotky (Daemon nebo alcohol) Stáhněte SPTD http://www.duplexsecure.com/en/downloads-vyberte verzi podle svého operačního systému. SPTD for Windows (32 bit) nebo (64b)
-uložte na plochu a spusťte
- zvolte možnost Uninstall
- restart PC
- spusťte gmer
Stáhněte Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878- rozbalte a spusťte
-proběhne sken, po skončení se otevře okno s výsledky, kliknete na Save a tím si uložíte log,který sem vložíte
-Podle návodu v odkazu proveďte druhý sken a log sem také vložte.
stáhněte MBR http://www2.gmer.net/mbr/mbr.exe
-uložte ho na plochu
start-spustit do okénka zkopírujte
Kód: Vybrat vše
"%userprofile%\plocha\mbr" -tNepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Hlášení residentního štítu AVG Trojský kun Downloader.Generi
Tak po mírných problémech se mi podařilo odinstalovat Daemon Tool.
Neřešitelným problémem je pro mě ale scan gmer. První automatický je vkopírován níže. Ten druhý komplexnější ale nedoběhne (gmer.exe has stopped working). poslední věcí kterou zkoumal je \device\HarddiskVolumeShadowCopy1. Pak to spadlo. Při opakování celého postupu už to při druhém scanu nezaznamenalo tolik věcí, ale spadlo to stejně.
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-02-19 22:49:59
Windows 6.0.6002 Service Pack 2
Running: gmer.exe; Driver: C:\Users\Karel\AppData\Local\Temp\uflirpod.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----
Neřešitelným problémem je pro mě ale scan gmer. První automatický je vkopírován níže. Ten druhý komplexnější ale nedoběhne (gmer.exe has stopped working). poslední věcí kterou zkoumal je \device\HarddiskVolumeShadowCopy1. Pak to spadlo. Při opakování celého postupu už to při druhém scanu nezaznamenalo tolik věcí, ale spadlo to stejně.
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-02-19 22:49:59
Windows 6.0.6002 Service Pack 2
Running: gmer.exe; Driver: C:\Users\Karel\AppData\Local\Temp\uflirpod.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----
Re: Hlášení residentního štítu AVG Trojský kun Downloader.Generi
Můžete prosím zopakovat ten combofix? Spusťte ho v nouzovém režimu. Stáhněte http://rootrepeal.googlepages.com/RootRepeal.zip
-Stáhněte,rozbalte a spusťte
-vyberte záložku drivers, pakFiles, klikněte na Scan,
-proběhne sken, po něm klikněte na Save Report , tím se uloží log, který zkopírujete sem
antivir stále něco hlásí?Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Hlášení residentního štítu AVG Trojský kun Downloader.Generi
Zdravim, po prodbele noci a propasnutem hokeji preposilam zpravu, kterou jsem jiz posilal nekteremu z Vasich kolegu. V podstate jde o to, ze jsem jelito, a vetsina dat je ta tam. Pocitac je preinstalovany a DOUFAM ze problem s virem je vyresen. Ja si ted vezmu provaz a jdu se zastrelit do rybnika! 
Dobry den, zavirovany byl patrne crack, nevim jiz ze ktere stranky jsem ho nakonec zkopiroval, vygooglil jsem jich nekolik (jako Zuma keygen) - dobre mi tak. Po predchozich zkusenostech jiz nechci stranku hledat.
Kazdopadne situace dospela az to te faze, ze diky me nesikovnosti zapracoval muj HP recovery manager a cely system se preinstaloval, coz tedy doufam vyresilo problem s virem, ale vetsina dat nebyla zalohovana a je v ... atd. Takze muj vikend je a bude super!
Diky za vas zajem a pomoc a preju prijemnejsi starosti.
Dobry den, zavirovany byl patrne crack, nevim jiz ze ktere stranky jsem ho nakonec zkopiroval, vygooglil jsem jich nekolik (jako Zuma keygen) - dobre mi tak. Po predchozich zkusenostech jiz nechci stranku hledat.
Kazdopadne situace dospela az to te faze, ze diky me nesikovnosti zapracoval muj HP recovery manager a cely system se preinstaloval, coz tedy doufam vyresilo problem s virem, ale vetsina dat nebyla zalohovana a je v ... atd. Takze muj vikend je a bude super!
Diky za vas zajem a pomoc a preju prijemnejsi starosti.
Re: Hlášení residentního štítu AVG Trojský kun Downloader.Generi
data se dají vytáhnout i jinak, třeba přes bootovací cd s linuxem, jen by jste ho musel někde stahnout a vypálit na cd.To je mi líto, pro příště víte, že nemáte stahovat cracky
.A tu sz jste posílal mně
Hezký víkend
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Hlášení residentního štítu AVG Trojský kun Downloader.Generi
No nyní už se stalo. Mám nyní ale z počítače stále divný pocit. Zhruba na 50% mi vytáčí CPU proces explorer.exe (v popisu "Průzkumník Windows). Celý počítač je tedy výrazně zpomalený. Je možné, že to svinstvo přeinstalování nějak přežilo?
Logfile of random's system information tool 1.06 (written by random/random)
Run by Karel at 2010-02-20 23:29:33
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 150 GB (76%) free of 197 GB
Total RAM: 3068 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:30:20, on 20.2.2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Desktop Sidebar\dsidebar.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
B:\Install\Odvirovani\RSIT.exe
C:\Program Files\trend micro\Karel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [SIDEBAR] "C:\Program Files\Desktop Sidebar\dsidebar.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\aestsrv.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\STacSV.exe
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe
--
End of file - 10493 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45AD732C-2CE2-4666-B366-B2214AD57A49}]
Idea2 SidebarBrowserMonitor Class - C:\Program Files\Desktop Sidebar\sbhelp.dll [2006-07-09 278528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll [2010-01-20 378736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\IPSBHO.DLL [2010-01-20 107896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll [2010-01-20 378736]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-09-13 13584928]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-09-13 92704]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-06-20 1316136]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2008-09-11 446556]
"DVDAgent"=C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe [2008-09-26 1148200]
"TSMAgent"=C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [2008-09-25 1152296]
"CLMLServer for HP TouchSmart"=C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2008-09-25 189736]
"UCam_Menu"=C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"SmartMenu"=C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2008-09-23 912688]
"UpdateLBPShortCut"=C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"UpdatePSTShortCut"=C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [2008-09-26 210216]
"DpAgent"=C:\Program Files\DigitalPersona\Bin\dpagent.exe [2008-07-14 814144]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-08-01 202032]
"UpdateP2GoShortCut"=C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"UpdatePDIRShortCut"=C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-16 75008]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-06-13 528384]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-06-09 2363392]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"SIDEBAR"=C:\Program Files\Desktop Sidebar\dsidebar.exe [2006-07-09 1777664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
DPPWDFLT
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e51ed4cd-1e17-11df-8af3-00238b689dda}]
shell\AutoRun\command - G:\autorun.exe
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-02-20 23:29:37 ----D---- C:\Program Files\trend micro
2010-02-20 23:29:33 ----D---- C:\rsit
2010-02-20 21:22:04 ----D---- C:\Program Files\PhotoFiltre
2010-02-20 20:02:36 ----A---- C:\Windows\WTRDCTM.INI
2010-02-20 20:01:52 ----A---- C:\Program Files\UNICOWS.DLL
2010-02-20 20:01:52 ----A---- C:\Program Files\cnxfdg1en.dll
2010-02-20 20:01:51 ----A---- C:\Windows\TRNCOM.INI
2010-02-20 20:01:50 ----A---- C:\Program Files\POLSPELL.DLL
2010-02-20 20:01:50 ----A---- C:\Program Files\AutoCorrectDLL.DLL
2010-02-20 20:01:49 ----A---- C:\Program Files\REG.EXE
2010-02-20 20:01:48 ----A---- C:\Program Files\C4COM.DLL
2010-02-20 20:01:48 ----A---- C:\Program Files\ATL.DLL
2010-02-20 20:01:47 ----A---- C:\Program Files\CLIPDLL.DLL
2010-02-20 20:01:46 ----A---- C:\Program Files\TRNIKONY.EXE
2010-02-20 20:01:46 ----A---- C:\Program Files\SETUPWEB.EXE
2010-02-20 20:01:45 ----A---- C:\Program Files\C4DLL32.DLL
2010-02-20 20:01:44 ----A---- C:\Program Files\ZLIB.DLL
2010-02-20 20:01:41 ----A---- C:\Windows\WEBTRAN4.INI
2010-02-20 20:01:40 ----A---- C:\Program Files\WEBTRAN4.EXE
2010-02-20 20:01:38 ----A---- C:\Program Files\RICHED32.DLL
2010-02-20 20:01:38 ----A---- C:\Program Files\CAGENT.DLL
2010-02-20 20:01:37 ----A---- C:\Program Files\CDV32.DLL
2010-02-20 20:01:37 ----A---- C:\Program Files\C4DLL320.DLL
2010-02-20 20:01:36 ----A---- C:\Windows\WTRAN32.INI
2010-02-20 20:01:36 ----A---- C:\Windows\WDICT32.INI
2010-02-20 20:01:35 ----A---- C:\Program Files\WDICT32.EXE
2010-02-20 20:01:34 ----A---- C:\Program Files\WTRDCTM.EXE
2010-02-20 20:01:33 ----A---- C:\Program Files\WTRAN32.EXE
2010-02-20 20:01:29 ----A---- C:\Program Files\STXZIP32.DLL
2010-02-20 19:46:09 ----D---- C:\Program Files\CCleaner
2010-02-20 19:06:22 ----D---- C:\ProgramData\WindowsSearch
2010-02-20 17:56:12 ----D---- C:\Users\Karel\AppData\Roaming\Winamp
2010-02-20 17:56:12 ----D---- C:\Program Files\Winamp
2010-02-20 16:51:56 ----D---- C:\Users\Karel\AppData\Roaming\Teleca
2010-02-20 15:10:42 ----D---- C:\Users\Karel\AppData\Roaming\Sony Ericsson
2010-02-20 15:09:57 ----D---- C:\Program Files\Common Files\Sony Ericsson Shared
2010-02-20 15:09:55 ----D---- C:\Program Files\Common Files\Teleca Shared
2010-02-20 15:09:45 ----D---- C:\Program Files\Sony Ericsson
2010-02-20 15:06:08 ----D---- C:\ProgramData\Teleca
2010-02-20 15:06:08 ----D---- C:\ProgramData\Sony Ericsson
2010-02-20 14:33:55 ----D---- C:\Cambridge
2010-02-20 14:31:23 ----D---- C:\Program Files\Help
2010-02-20 14:29:55 ----D---- C:\Program Files\source
2010-02-20 14:29:55 ----D---- C:\Program Files\courses
2010-02-20 14:29:55 ----A---- C:\Program Files\licence.ini
2010-02-20 14:29:03 ----A---- C:\Windows\system32\ROBOEX32.DLL
2010-02-20 14:29:03 ----A---- C:\Windows\system32\Inetwh32.dll
2010-02-20 14:29:02 ----A---- C:\Windows\system32\vbar332.dll
2010-02-20 14:28:08 ----D---- C:\Users\Karel\AppData\Roaming\CyberLink
2010-02-20 14:23:18 ----D---- C:\ProgramData\Office Genuine Advantage
2010-02-20 13:51:39 ----A---- C:\Windows\system32\occache.dll
2010-02-20 13:51:38 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-02-20 13:51:38 ----A---- C:\Windows\system32\msfeeds.dll
2010-02-20 13:51:38 ----A---- C:\Windows\system32\jsproxy.dll
2010-02-20 13:51:38 ----A---- C:\Windows\system32\ieui.dll
2010-02-20 13:51:38 ----A---- C:\Windows\system32\iepeers.dll
2010-02-20 13:51:37 ----A---- C:\Windows\system32\wininet.dll
2010-02-20 13:51:37 ----A---- C:\Windows\system32\msfeedssync.exe
2010-02-20 13:51:37 ----A---- C:\Windows\system32\iesetup.dll
2010-02-20 13:51:37 ----A---- C:\Windows\system32\iernonce.dll
2010-02-20 13:51:37 ----A---- C:\Windows\system32\ie4uinit.exe
2010-02-20 13:51:36 ----A---- C:\Windows\system32\urlmon.dll
2010-02-20 13:51:36 ----A---- C:\Windows\system32\ieUnatt.exe
2010-02-20 13:51:36 ----A---- C:\Windows\system32\iesysprep.dll
2010-02-20 13:51:36 ----A---- C:\Windows\system32\iertutil.dll
2010-02-20 13:51:36 ----A---- C:\Windows\system32\iedkcs32.dll
2010-02-20 13:51:34 ----A---- C:\Windows\system32\mshtml.dll
2010-02-20 13:51:34 ----A---- C:\Windows\system32\ieframe.dll
2010-02-20 13:49:53 ----A---- C:\Windows\system32\mshtmler.dll
2010-02-20 13:49:53 ----A---- C:\Windows\system32\mshtmled.dll
2010-02-20 13:49:53 ----A---- C:\Windows\system32\icardie.dll
2010-02-20 13:49:53 ----A---- C:\Windows\system32\admparse.dll
2010-02-20 13:49:52 ----A---- C:\Windows\system32\msls31.dll
2010-02-20 13:49:52 ----A---- C:\Windows\system32\imgutil.dll
2010-02-20 13:49:52 ----A---- C:\Windows\system32\ieakeng.dll
2010-02-20 13:49:52 ----A---- C:\Windows\system32\dxtmsft.dll
2010-02-20 13:49:52 ----A---- C:\Windows\system32\corpol.dll
2010-02-20 13:49:51 ----A---- C:\Windows\system32\dxtrans.dll
2010-02-20 13:49:50 ----A---- C:\Windows\system32\webcheck.dll
2010-02-20 13:49:50 ----A---- C:\Windows\system32\msrating.dll
2010-02-20 13:49:50 ----A---- C:\Windows\system32\licmgr10.dll
2010-02-20 13:49:50 ----A---- C:\Windows\system32\inseng.dll
2010-02-20 13:49:50 ----A---- C:\Windows\system32\ieaksie.dll
2010-02-20 13:49:49 ----A---- C:\Windows\system32\WinFXDocObj.exe
2010-02-20 13:49:49 ----A---- C:\Windows\system32\wextract.exe
2010-02-20 13:49:49 ----A---- C:\Windows\system32\mstime.dll
2010-02-20 13:49:49 ----A---- C:\Windows\system32\ieakui.dll
2010-02-20 13:49:48 ----A---- C:\Windows\system32\pngfilt.dll
2010-02-20 13:49:48 ----A---- C:\Windows\system32\advpack.dll
2010-02-20 13:49:47 ----A---- C:\Windows\system32\ieapfltr.dll
2010-02-20 13:49:44 ----A---- C:\Windows\system32\vbscript.dll
2010-02-20 13:49:43 ----A---- C:\Windows\system32\jscript.dll
2010-02-20 13:49:42 ----A---- C:\Windows\system32\url.dll
2010-02-20 13:49:40 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2010-02-20 13:49:40 ----A---- C:\Windows\system32\SetDepNx.exe
2010-02-20 13:49:40 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2010-02-20 13:49:40 ----A---- C:\Windows\system32\PDMSetup.exe
2010-02-20 13:49:40 ----A---- C:\Windows\system32\mshta.exe
2010-02-20 13:49:40 ----A---- C:\Windows\system32\iexpress.exe
2010-02-20 13:35:02 ----D---- C:\Program Files\UberIcon
2010-02-20 13:21:00 ----D---- C:\Users\Karel\AppData\Roaming\Desktop Sidebar
2010-02-20 13:18:54 ----D---- C:\Program Files\Desktop Sidebar
2010-02-20 12:50:04 ----D---- C:\Users\Karel\AppData\Roaming\Launcher
2010-02-20 12:44:23 ----D---- C:\Program Files\ANSYS Inc
2010-02-20 12:38:35 ----D---- C:\Program Files\QIP
2010-02-20 12:08:34 ----D---- C:\Program Files\DAEMON Tools Lite
2010-02-20 12:08:10 ----D---- C:\Users\Karel\AppData\Roaming\DAEMON Tools Lite
2010-02-20 12:08:07 ----D---- C:\ProgramData\DAEMON Tools Lite
2010-02-20 10:20:38 ----SHD---- C:\System Volume Information
2010-02-20 04:20:44 ----A---- C:\Windows\system32\tzres.dll
2010-02-20 04:12:30 ----A---- C:\Windows\system32\nshhttp.dll
2010-02-20 04:12:28 ----A---- C:\Windows\system32\httpapi.dll
2010-02-20 04:03:24 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2010-02-20 04:03:24 ----A---- C:\Windows\system32\infocardapi.dll
2010-02-20 04:03:23 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-02-20 04:03:23 ----A---- C:\Windows\system32\icardres.dll
2010-02-20 04:03:23 ----A---- C:\Windows\system32\icardagt.exe
2010-02-20 04:03:21 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2010-02-20 04:03:20 ----A---- C:\Windows\system32\PresentationHost.exe
2010-02-20 03:58:20 ----A---- C:\Windows\system32\dfshim.dll
2010-02-20 03:58:17 ----A---- C:\Windows\system32\netfxperf.dll
2010-02-20 03:58:17 ----A---- C:\Windows\system32\mscoree.dll
2010-02-20 03:58:10 ----A---- C:\Windows\system32\mscorier.dll
2010-02-20 03:58:07 ----A---- C:\Windows\system32\mscories.dll
2010-02-20 03:56:53 ----D---- C:\Program Files\MSXML 4.0
2010-02-20 03:23:37 ----D---- C:\Program Files\Adobe
2010-02-20 03:16:48 ----A---- C:\Windows\system32\t2embed.dll
2010-02-20 03:16:48 ----A---- C:\Windows\system32\fontsub.dll
2010-02-20 03:16:48 ----A---- C:\Windows\system32\atmfd.dll
2010-02-20 03:16:47 ----A---- C:\Windows\system32\dciman32.dll
2010-02-20 03:16:27 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2010-02-20 03:16:18 ----A---- C:\Windows\system32\netiohlp.dll
2010-02-20 03:16:17 ----A---- C:\Windows\system32\TCPSVCS.EXE
2010-02-20 03:16:17 ----A---- C:\Windows\system32\ROUTE.EXE
2010-02-20 03:16:17 ----A---- C:\Windows\system32\NETSTAT.EXE
2010-02-20 03:16:17 ----A---- C:\Windows\system32\MRINFO.EXE
2010-02-20 03:16:17 ----A---- C:\Windows\system32\HOSTNAME.EXE
2010-02-20 03:16:17 ----A---- C:\Windows\system32\finger.exe
2010-02-20 03:16:17 ----A---- C:\Windows\system32\ARP.EXE
2010-02-20 03:16:16 ----A---- C:\Windows\system32\netevent.dll
2010-02-20 03:15:50 ----A---- C:\Windows\system32\wlansvc.dll
2010-02-20 03:15:50 ----A---- C:\Windows\system32\wlansec.dll
2010-02-20 03:15:50 ----A---- C:\Windows\system32\wlanmsm.dll
2010-02-20 03:15:50 ----A---- C:\Windows\system32\L2SecHC.dll
2010-02-20 03:15:48 ----A---- C:\Windows\system32\msxml6.dll
2010-02-20 03:15:47 ----A---- C:\Windows\system32\msxml3.dll
2010-02-20 03:15:44 ----A---- C:\Windows\system32\wdigest.dll
2010-02-20 03:15:44 ----A---- C:\Windows\system32\secur32.dll
2010-02-20 03:15:44 ----A---- C:\Windows\system32\msv1_0.dll
2010-02-20 03:15:44 ----A---- C:\Windows\system32\lsass.exe
2010-02-20 03:15:44 ----A---- C:\Windows\system32\lsasrv.dll
2010-02-20 03:15:41 ----A---- C:\Windows\system32\WMVCORE.DLL
2010-02-20 03:15:40 ----A---- C:\Windows\system32\mf.dll
2010-02-20 03:15:38 ----A---- C:\Windows\system32\winhttp.dll
2010-02-20 03:15:36 ----A---- C:\Windows\system32\atl.dll
2010-02-20 03:15:34 ----A---- C:\Windows\system32\gdi32.dll
2010-02-20 03:15:30 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-02-20 03:15:30 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-02-20 03:15:23 ----A---- C:\Windows\system32\xolehlp.dll
2010-02-20 03:15:23 ----A---- C:\Windows\system32\msdtcprx.dll
2010-02-20 03:15:21 ----A---- C:\Windows\system32\wkssvc.dll
2010-02-20 03:15:19 ----A---- C:\Windows\system32\mstscax.dll
2010-02-20 03:15:07 ----A---- C:\Windows\system32\netapi32.dll
2010-02-20 03:14:55 ----A---- C:\Windows\system32\EncDec.dll
2010-02-20 03:14:53 ----A---- C:\Windows\system32\psisdecd.dll
2010-02-20 03:14:47 ----A---- C:\Windows\system32\shell32.dll
2010-02-20 03:14:40 ----A---- C:\Windows\system32\localspl.dll
2010-02-20 03:14:38 ----A---- C:\Windows\explorer.exe
2010-02-20 03:14:34 ----A---- C:\Windows\system32\rpcss.dll
2010-02-20 03:14:33 ----A---- C:\Windows\system32\sdohlp.dll
2010-02-20 03:14:33 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2010-02-20 03:14:33 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2010-02-20 03:14:33 ----A---- C:\Windows\system32\iasrecst.dll
2010-02-20 03:14:33 ----A---- C:\Windows\system32\iashost.exe
2010-02-20 03:14:33 ----A---- C:\Windows\system32\iasdatastore.dll
2010-02-20 03:14:33 ----A---- C:\Windows\system32\iasads.dll
2010-02-20 03:14:28 ----A---- C:\Windows\system32\kernel32.dll
2010-02-20 03:14:27 ----A---- C:\Windows\system32\apilogen.dll
2010-02-20 03:14:27 ----A---- C:\Windows\system32\amxread.dll
2010-02-20 03:14:23 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2010-02-20 03:14:23 ----A---- C:\Windows\system32\WindowsCodecs.dll
2010-02-20 03:14:23 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2010-02-20 03:14:22 ----A---- C:\Windows\system32\wersvc.dll
2010-02-20 03:14:22 ----A---- C:\Windows\system32\Faultrep.dll
2010-02-20 03:14:20 ----A---- C:\Windows\system32\win32spl.dll
2010-02-20 03:14:12 ----A---- C:\Windows\system32\wmpdxm.dll
2010-02-20 03:14:02 ----A---- C:\Windows\system32\schannel.dll
2010-02-20 03:13:58 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-02-20 03:13:57 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-02-20 03:13:53 ----A---- C:\Windows\system32\WMNetMgr.dll
2010-02-20 03:13:52 ----A---- C:\Windows\system32\logagent.exe
2010-02-20 03:13:50 ----A---- C:\Windows\system32\msasn1.dll
2010-02-20 03:13:49 ----A---- C:\Windows\system32\connect.dll
2010-02-20 03:13:47 ----A---- C:\Windows\system32\rpcrt4.dll
2010-02-20 03:13:44 ----A---- C:\Windows\system32\rastls.dll
2010-02-20 03:13:44 ----A---- C:\Windows\system32\raschap.dll
2010-02-20 03:13:42 ----A---- C:\Windows\system32\WSDApi.dll
2010-02-20 03:13:31 ----A---- C:\Windows\system32\wmp.dll
2010-02-20 03:13:29 ----A---- C:\Windows\system32\unregmp2.exe
2010-02-20 03:13:28 ----A---- C:\Windows\system32\spwmp.dll
2010-02-20 03:13:28 ----A---- C:\Windows\system32\dxmasf.dll
2010-02-20 03:13:27 ----A---- C:\Windows\system32\wmploc.DLL
2010-02-20 03:13:05 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2010-02-20 03:13:02 ----A---- C:\Windows\system32\tsbyuv.dll
2010-02-20 03:13:02 ----A---- C:\Windows\system32\quartz.dll
2010-02-20 03:13:02 ----A---- C:\Windows\system32\msyuv.dll
2010-02-20 03:13:02 ----A---- C:\Windows\system32\msvidc32.dll
2010-02-20 03:13:02 ----A---- C:\Windows\system32\msvfw32.dll
2010-02-20 03:13:02 ----A---- C:\Windows\system32\msrle32.dll
2010-02-20 03:13:02 ----A---- C:\Windows\system32\mciavi32.dll
2010-02-20 03:13:02 ----A---- C:\Windows\system32\iyuv_32.dll
2010-02-20 03:13:02 ----A---- C:\Windows\system32\avifil32.dll
2010-02-20 03:13:02 ----A---- C:\Windows\system32\avicap32.dll
2010-02-20 02:57:59 ----D---- C:\Program Files\RealVNC
2010-02-20 02:46:53 ----D---- C:\Program Files\Microsoft Visual Studio
2010-02-20 02:46:52 ----D---- C:\Program Files\Common Files\DESIGNER
2010-02-20 02:46:21 ----D---- C:\Program Files\Microsoft.NET
2010-02-20 02:44:06 ----D---- C:\ProgramData\Microsoft Help
2010-02-20 02:42:28 ----RHD---- C:\MSOCache
2010-02-20 02:24:46 ----D---- C:\Users\Karel\AppData\Roaming\skypePM
2010-02-20 02:23:16 ----D---- C:\Users\Karel\AppData\Roaming\Skype
2010-02-20 02:22:58 ----D---- C:\Program Files\Common Files\Skype
2010-02-20 02:22:57 ----RD---- C:\Program Files\Skype
2010-02-20 02:22:52 ----D---- C:\ProgramData\Skype
2010-02-20 02:16:49 ----D---- C:\Users\Karel\AppData\Roaming\GHISLER
2010-02-20 02:16:49 ----D---- C:\Program Files\totalcmd
2010-02-20 02:04:51 ----D---- C:\Users\Karel\AppData\Roaming\Macrovision
2010-02-20 02:04:28 ----D---- C:\Program Files\Symantec
2010-02-20 02:04:28 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-02-20 02:03:52 ----D---- C:\Users\Karel\AppData\Roaming\DigitalPersona
2010-02-20 02:03:33 ----D---- C:\ProgramData\NVIDIA
2010-02-20 02:03:20 ----D---- C:\Users\Karel\AppData\Roaming\Identities
2010-02-20 02:02:46 ----D---- C:\Users\Karel\AppData\Roaming\Macromedia
2010-02-20 02:02:34 ----D---- C:\Users\Karel\AppData\Roaming\Adobe
2010-02-20 02:02:29 ----D---- C:\Users\Karel\AppData\Roaming\Hewlett-Packard
2010-02-20 02:01:33 ----D---- C:\Program Files\Microsoft Office
2010-02-20 02:01:18 ----D---- C:\Program Files\Microsoft Works
2010-02-20 02:00:05 ----D---- C:\ProgramData\Adobe
2010-02-20 02:00:02 ----D---- C:\Program Files\Common Files\Adobe
2010-02-20 01:59:16 ----D---- C:\Windows\PCHEALTH
2010-02-20 01:57:45 ----SD---- C:\Users\Karel\AppData\Roaming\Microsoft
2010-02-20 01:57:45 ----D---- C:\Users\Karel\AppData\Roaming\Media Center Programs
2010-02-20 01:56:57 ----A---- C:\Windows\system32\wups2.dll
2010-02-20 01:56:57 ----A---- C:\Windows\system32\wuauclt.exe
2010-02-20 01:56:56 ----A---- C:\Windows\system32\wucltux.dll
2010-02-20 01:56:56 ----A---- C:\Windows\system32\wuaueng.dll
2010-02-20 01:56:32 ----A---- C:\Windows\system32\wups.dll
2010-02-20 01:56:32 ----A---- C:\Windows\system32\wudriver.dll
2010-02-20 01:56:32 ----A---- C:\Windows\system32\wuapi.dll
2010-02-20 01:56:26 ----A---- C:\Windows\system32\wuwebv.dll
2010-02-20 01:56:26 ----A---- C:\Windows\system32\wuapp.exe
2010-02-20 01:56:14 ----SHD---- C:\ProgramData\Šablony
2010-02-20 01:56:14 ----SHD---- C:\ProgramData\Plocha
2010-02-20 01:56:14 ----SHD---- C:\ProgramData\Oblíbené položky
2010-02-20 01:56:14 ----SHD---- C:\ProgramData\Nabídka Start
2010-02-20 01:56:14 ----SHD---- C:\ProgramData\Dokumenty
2010-02-20 01:56:14 ----SHD---- C:\ProgramData\Data aplikací
2010-02-20 01:52:18 ----SHD---- C:\$RECYCLE.BIN
2010-02-20 01:47:33 ----D---- C:\Windows\system32\tr
2010-02-20 01:47:33 ----D---- C:\Windows\system32\ru
2010-02-20 01:47:33 ----D---- C:\Windows\system32\ko
2010-02-20 01:47:33 ----D---- C:\Windows\system32\ja
2010-02-20 01:47:33 ----D---- C:\Windows\system32\it
2010-02-20 01:47:33 ----D---- C:\Windows\system32\fr
2010-02-20 01:47:33 ----D---- C:\Windows\system32\es
2010-02-20 01:47:32 ----D---- C:\Windows\system32\de
2010-02-20 01:47:32 ----D---- C:\Windows\DPDrv
2010-02-20 01:47:31 ----D---- C:\ProgramData\Macrovision
2010-02-20 01:47:31 ----D---- C:\Program Files\DigitalPersona
2010-02-20 01:38:36 ----D---- C:\Program Files\Common Files\LightScribe
2010-02-20 01:35:51 ----D---- C:\Windows\system32\HPMDP
2010-02-20 01:35:42 ----D---- C:\Windows\Driver Cache
2010-02-20 01:35:42 ----D---- C:\Program Files\AVerMedia
2010-02-20 01:34:19 ----D---- C:\Program Files\Intel
2010-02-20 01:34:19 ----A---- C:\Windows\system32\CSVer.dll
2010-02-20 01:33:28 ----A---- C:\Windows\system32\NETw5r32.dll
2010-02-20 01:33:27 ----A---- C:\Windows\system32\NETw5c32.dll
2010-02-20 01:32:35 ----D---- C:\Program Files\Realtek
2010-02-20 01:32:35 ----A---- C:\Windows\system32\RtNicProp32.dll
2010-02-20 01:32:17 ----A---- C:\Windows\system32\idtmini1.exe
2010-02-20 01:32:17 ----A---- C:\Windows\system32\aestecap.dll
2010-02-20 01:32:17 ----A---- C:\Windows\system32\AESTCom.dll
2010-02-20 01:32:17 ----A---- C:\Windows\system32\aestaren.dll
2010-02-20 01:32:17 ----A---- C:\Windows\system32\aestacap.dll
2010-02-20 01:32:16 ----A---- C:\Windows\system32\stlang.dll
2010-02-20 01:32:16 ----A---- C:\Windows\sttray.exe
2010-02-20 01:32:10 ----D---- C:\Windows\system32\SRSLabs
2010-02-20 01:31:43 ----A---- C:\Windows\system32\staco.dll
2010-02-20 01:31:25 ----A---- C:\Windows\system32\stcplx.dll
2010-02-20 01:31:25 ----A---- C:\Windows\system32\stapo.dll
2010-02-20 01:31:25 ----A---- C:\Windows\system32\stapi32.dll
2010-02-20 01:31:09 ----D---- C:\Program Files\IDT
2010-02-20 01:31:00 ----D---- C:\Program Files\DIFX
2010-02-20 01:30:43 ----D---- C:\Program Files\Validity Sensors, Inc
2010-02-20 01:30:34 ----A---- C:\Windows\xUninstall.bat
2010-02-20 01:30:21 ----D---- C:\Windows\JMCR_DIR
2010-02-20 01:30:21 ----A---- C:\Windows\system32\JmCrIcon.dll
2010-02-20 01:29:57 ----D---- C:\Program Files\Synaptics
2010-02-20 01:29:13 ----A---- C:\Windows\system32\nvcpluir.dll
2010-02-20 01:29:13 ----A---- C:\Windows\system32\nvcplui.exe
2010-02-20 01:28:30 ----A---- C:\Windows\system32\NVUNINST.EXE
2010-02-20 01:25:15 ----D---- C:\Windows\SoftwareDistribution
2010-02-20 01:22:16 ----D---- C:\Windows\Prefetch
======List of files/folders modified in the last 1 months======
2010-02-20 23:29:37 ----RD---- C:\Program Files
2010-02-20 23:29:36 ----D---- C:\Windows\Temp
2010-02-20 23:25:38 ----D---- C:\Windows
2010-02-20 23:16:52 ----D---- C:\Windows\System32
2010-02-20 23:16:52 ----D---- C:\Windows\inf
2010-02-20 23:16:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-02-20 23:11:12 ----D---- C:\Windows\system32\drivers
2010-02-20 23:11:05 ----D---- C:\Windows\system32\catroot
2010-02-20 22:47:09 ----D---- C:\Windows\Microsoft.NET
2010-02-20 22:41:37 ----RSD---- C:\Windows\assembly
2010-02-20 19:47:03 ----D---- C:\Windows\Debug
2010-02-20 19:06:22 ----HD---- C:\ProgramData
2010-02-20 18:10:09 ----SD---- C:\ProgramData\Microsoft
2010-02-20 16:11:08 ----SHD---- C:\Windows\Installer
2010-02-20 16:06:40 ----D---- C:\Windows\system32\catroot2
2010-02-20 15:11:31 ----D---- C:\Windows\winsxs
2010-02-20 15:09:57 ----D---- C:\Program Files\Common Files
2010-02-20 15:08:56 ----D---- C:\Windows\Downloaded Installations
2010-02-20 14:28:02 ----D---- C:\ProgramData\CyberLink
2010-02-20 14:19:07 ----D---- C:\Windows\system32\WDI
2010-02-20 14:17:17 ----RSD---- C:\Windows\Fonts
2010-02-20 14:17:14 ----D---- C:\Program Files\Common Files\microsoft shared
2010-02-20 14:15:11 ----A---- C:\Windows\win.ini
2010-02-20 14:15:10 ----D---- C:\Program Files\Common Files\System
2010-02-20 14:07:08 ----D---- C:\Windows\system32\zh-TW
2010-02-20 14:07:08 ----D---- C:\Windows\system32\zh-HK
2010-02-20 14:07:08 ----D---- C:\Windows\system32\tr-TR
2010-02-20 14:07:08 ----D---- C:\Windows\system32\sv-SE
2010-02-20 14:07:08 ----D---- C:\Windows\system32\pt-BR
2010-02-20 14:07:08 ----D---- C:\Windows\system32\nl-NL
2010-02-20 14:07:08 ----D---- C:\Windows\system32\nb-NO
2010-02-20 14:07:08 ----D---- C:\Windows\system32\ko-KR
2010-02-20 14:07:08 ----D---- C:\Windows\system32\it-IT
2010-02-20 14:07:08 ----D---- C:\Windows\system32\he-IL
2010-02-20 14:07:08 ----D---- C:\Windows\system32\fr-FR
2010-02-20 14:07:08 ----D---- C:\Windows\system32\fi-FI
2010-02-20 14:07:08 ----D---- C:\Windows\system32\es-ES
2010-02-20 14:07:08 ----D---- C:\Windows\system32\en-US
2010-02-20 14:07:08 ----D---- C:\Windows\system32\el-GR
2010-02-20 14:07:08 ----D---- C:\Windows\system32\de-DE
2010-02-20 14:07:08 ----D---- C:\Windows\system32\da-DK
2010-02-20 14:07:08 ----D---- C:\Windows\system32\ar-SA
2010-02-20 13:57:16 ----D---- C:\Windows\system32\migration
2010-02-20 13:57:16 ----D---- C:\Program Files\Internet Explorer
2010-02-20 13:57:12 ----D---- C:\Windows\system32\sk-SK
2010-02-20 13:57:08 ----D---- C:\Windows\system32\cs-CZ
2010-02-20 13:56:57 ----D---- C:\Windows\PolicyDefinitions
2010-02-20 10:44:38 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-20 10:33:46 ----D---- C:\Windows\ehome
2010-02-20 10:33:44 ----D---- C:\Windows\system32\wbem
2010-02-20 10:33:42 ----D---- C:\Windows\system32\manifeststore
2010-02-20 10:33:42 ----D---- C:\Windows\AppPatch
2010-02-20 10:33:40 ----D---- C:\Program Files\Windows Mail
2010-02-20 10:33:31 ----D---- C:\Windows\system32\XPSViewer
2010-02-20 10:33:07 ----D---- C:\Program Files\Windows Media Player
2010-02-20 10:21:10 ----A---- C:\Windows\CSUP.txt
2010-02-20 03:00:39 ----D---- C:\Windows\Logs
2010-02-20 02:44:39 ----D---- C:\Windows\ShellNew
2010-02-20 02:23:13 ----D---- C:\Windows\system32\Tasks
2010-02-20 02:05:33 ----D---- C:\ProgramData\Symantec
2010-02-20 02:05:06 ----D---- C:\ProgramData\Norton
2010-02-20 02:03:18 ----D---- C:\Program Files\SMINST
2010-02-20 02:03:10 ----D---- C:\Windows\system
2010-02-20 02:02:26 ----RD---- C:\Program Files\Online Services
2010-02-20 02:02:25 ----D---- C:\Program Files\Windows Sidebar
2010-02-20 02:02:08 ----HD---- C:\System.sav
2010-02-20 02:02:08 ----D---- C:\Windows\system32\restore
2010-02-20 02:02:08 ----D---- C:\SwSetup
2010-02-20 01:57:43 ----RD---- C:\Users
2010-02-20 01:57:41 ----D---- C:\Windows\rescache
2010-02-20 01:56:15 ----D---- C:\Program Files\Windows NT
2010-02-20 01:54:16 ----D---- C:\Windows\panther
2010-02-20 01:52:26 ----D---- C:\Windows\system32\sysprep
2010-02-20 01:47:55 ----D---- C:\ProgramData\Hewlett-Packard
2010-02-20 01:47:33 ----D---- C:\Windows\system32\pt-PT
2010-02-20 01:47:32 ----D---- C:\Windows\system32\zh-CN
2010-02-20 01:47:15 ----D---- C:\ProgramData\Temp
2010-02-20 01:44:58 ----D---- C:\Program Files\Hewlett-Packard
2010-02-20 01:36:01 ----HD---- C:\HP
2010-02-20 01:29:05 ----D---- C:\Windows\Help
2010-02-01 11:26:22 ----A---- C:\Windows\system32\mrt.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 BHDrvx86;Symantec Heuristics Driver; C:\Windows\System32\Drivers\NIS\1008000.029\BHDrvx86.sys [2010-01-20 259632]
R1 ccHP;Symantec Hash Provider; C:\Windows\System32\Drivers\NIS\1008000.029\ccHPx86.sys [2010-02-20 482432]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2010-02-19 371248]
R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100218.001\IDSvix86.sys [2010-02-10 343088]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\drivers\NIS\1008000.029\SRTSPX.SYS [2010-01-20 43696]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2010-01-20 25648]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\Windows\System32\Drivers\NIS\1008000.029\SYMTDI.SYS [2010-01-20 217136]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};{55662437-DA8C-40c0-AADA-2C816A897A49}; \??\C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl [2008-09-26 59376]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2008-03-27 34664]
R3 AVerAF15;HP DVB-T TV Tuner; C:\Windows\System32\Drivers\AVerAF15.sys [2008-06-10 280320]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-09-04 54784]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-02-19 102448]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-08-07 97536]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100220.006\NAVENG.SYS [2010-02-19 84912]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100220.006\NAVEX15.SYS [2010-02-19 1324720]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-08-29 3664384]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-08-06 44576]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-09-13 7391392]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-08-06 124928]
R3 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\NIS\1008000.029\SRTSP.SYS [2010-01-20 308272]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2008-09-11 389120]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2010-02-20 124976]
R3 SYMFW;Symantec Network Filter Driver; C:\Windows\System32\Drivers\NIS\1008000.029\SYMFW.SYS [2010-01-20 89904]
R3 SYMNDISV;Symantec Network Filter Driver; C:\Windows\System32\Drivers\NIS\1008000.029\SYMNDISV.SYS [2010-01-20 48688]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-06-20 200112]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 vfs101x;vfs101x; C:\Windows\system32\drivers\vfs101x.sys [2008-09-16 40752]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 a399nt6h;a399nt6h; C:\Windows\system32\drivers\a399nt6h.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664]
S3 s116bus;Sony Ericsson Device 116 driver (WDM); C:\Windows\system32\DRIVERS\s116bus.sys [2007-04-03 83336]
S3 s116mdfl;Sony Ericsson Device 116 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s116mdfl.sys [2007-04-03 15112]
S3 s116mdm;Sony Ericsson Device 116 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s116mdm.sys [2007-04-03 108680]
S3 s116mgmt;Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s116mgmt.sys [2007-04-03 100488]
S3 s116nd5;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS); C:\Windows\system32\DRIVERS\s116nd5.sys [2007-04-03 23176]
S3 s116obex;Sony Ericsson Device 116 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s116obex.sys [2007-04-03 98696]
S3 s116unic;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM); C:\Windows\system32\DRIVERS\s116unic.sys [2007-04-03 99080]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 SYMDNS;SYMDNS; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SYMDNS.SYS []
S3 SYMREDRV;SYMREDRV; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SYMREDRV.SYS []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\aestsrv.exe [2008-06-27 77824]
R2 DpHost;@C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [2008-07-14 322624]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-06-16 94208]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2008-03-18 19456]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 Norton Internet Security;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe [2010-01-20 117640]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-09-13 196608]
R2 Recovery Service for Windows;Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [2008-10-06 365952]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2008-06-30 241734]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\STacSV.exe [2008-09-11 237650]
R2 vfsFPService;Validity Fingerprint Service; C:\Windows\system32\vfsFPService.exe [2008-09-16 599344]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-05-01 165192]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by Karel at 2010-02-20 23:29:33
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 150 GB (76%) free of 197 GB
Total RAM: 3068 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:30:20, on 20.2.2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Desktop Sidebar\dsidebar.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conime.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
B:\Install\Odvirovani\RSIT.exe
C:\Program Files\trend micro\Karel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [SIDEBAR] "C:\Program Files\Desktop Sidebar\dsidebar.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\aestsrv.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\STacSV.exe
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe
--
End of file - 10493 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45AD732C-2CE2-4666-B366-B2214AD57A49}]
Idea2 SidebarBrowserMonitor Class - C:\Program Files\Desktop Sidebar\sbhelp.dll [2006-07-09 278528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll [2010-01-20 378736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\IPSBHO.DLL [2010-01-20 107896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll [2010-01-20 378736]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-09-13 13584928]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-09-13 92704]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-06-20 1316136]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2008-09-11 446556]
"DVDAgent"=C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe [2008-09-26 1148200]
"TSMAgent"=C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [2008-09-25 1152296]
"CLMLServer for HP TouchSmart"=C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2008-09-25 189736]
"UCam_Menu"=C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"SmartMenu"=C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2008-09-23 912688]
"UpdateLBPShortCut"=C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"UpdatePSTShortCut"=C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [2008-09-26 210216]
"DpAgent"=C:\Program Files\DigitalPersona\Bin\dpagent.exe [2008-07-14 814144]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-08-01 202032]
"UpdateP2GoShortCut"=C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"UpdatePDIRShortCut"=C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-16 75008]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-06-13 528384]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-06-09 2363392]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"SIDEBAR"=C:\Program Files\Desktop Sidebar\dsidebar.exe [2006-07-09 1777664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
DPPWDFLT
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e51ed4cd-1e17-11df-8af3-00238b689dda}]
shell\AutoRun\command - G:\autorun.exe
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-02-20 23:29:37 ----D---- C:\Program Files\trend micro
2010-02-20 23:29:33 ----D---- C:\rsit
2010-02-20 21:22:04 ----D---- C:\Program Files\PhotoFiltre
2010-02-20 20:02:36 ----A---- C:\Windows\WTRDCTM.INI
2010-02-20 20:01:52 ----A---- C:\Program Files\UNICOWS.DLL
2010-02-20 20:01:52 ----A---- C:\Program Files\cnxfdg1en.dll
2010-02-20 20:01:51 ----A---- C:\Windows\TRNCOM.INI
2010-02-20 20:01:50 ----A---- C:\Program Files\POLSPELL.DLL
2010-02-20 20:01:50 ----A---- C:\Program Files\AutoCorrectDLL.DLL
2010-02-20 20:01:49 ----A---- C:\Program Files\REG.EXE
2010-02-20 20:01:48 ----A---- C:\Program Files\C4COM.DLL
2010-02-20 20:01:48 ----A---- C:\Program Files\ATL.DLL
2010-02-20 20:01:47 ----A---- C:\Program Files\CLIPDLL.DLL
2010-02-20 20:01:46 ----A---- C:\Program Files\TRNIKONY.EXE
2010-02-20 20:01:46 ----A---- C:\Program Files\SETUPWEB.EXE
2010-02-20 20:01:45 ----A---- C:\Program Files\C4DLL32.DLL
2010-02-20 20:01:44 ----A---- C:\Program Files\ZLIB.DLL
2010-02-20 20:01:41 ----A---- C:\Windows\WEBTRAN4.INI
2010-02-20 20:01:40 ----A---- C:\Program Files\WEBTRAN4.EXE
2010-02-20 20:01:38 ----A---- C:\Program Files\RICHED32.DLL
2010-02-20 20:01:38 ----A---- C:\Program Files\CAGENT.DLL
2010-02-20 20:01:37 ----A---- C:\Program Files\CDV32.DLL
2010-02-20 20:01:37 ----A---- C:\Program Files\C4DLL320.DLL
2010-02-20 20:01:36 ----A---- C:\Windows\WTRAN32.INI
2010-02-20 20:01:36 ----A---- C:\Windows\WDICT32.INI
2010-02-20 20:01:35 ----A---- C:\Program Files\WDICT32.EXE
2010-02-20 20:01:34 ----A---- C:\Program Files\WTRDCTM.EXE
2010-02-20 20:01:33 ----A---- C:\Program Files\WTRAN32.EXE
2010-02-20 20:01:29 ----A---- C:\Program Files\STXZIP32.DLL
2010-02-20 19:46:09 ----D---- C:\Program Files\CCleaner
2010-02-20 19:06:22 ----D---- C:\ProgramData\WindowsSearch
2010-02-20 17:56:12 ----D---- C:\Users\Karel\AppData\Roaming\Winamp
2010-02-20 17:56:12 ----D---- C:\Program Files\Winamp
2010-02-20 16:51:56 ----D---- C:\Users\Karel\AppData\Roaming\Teleca
2010-02-20 15:10:42 ----D---- C:\Users\Karel\AppData\Roaming\Sony Ericsson
2010-02-20 15:09:57 ----D---- C:\Program Files\Common Files\Sony Ericsson Shared
2010-02-20 15:09:55 ----D---- C:\Program Files\Common Files\Teleca Shared
2010-02-20 15:09:45 ----D---- C:\Program Files\Sony Ericsson
2010-02-20 15:06:08 ----D---- C:\ProgramData\Teleca
2010-02-20 15:06:08 ----D---- C:\ProgramData\Sony Ericsson
2010-02-20 14:33:55 ----D---- C:\Cambridge
2010-02-20 14:31:23 ----D---- C:\Program Files\Help
2010-02-20 14:29:55 ----D---- C:\Program Files\source
2010-02-20 14:29:55 ----D---- C:\Program Files\courses
2010-02-20 14:29:55 ----A---- C:\Program Files\licence.ini
2010-02-20 14:29:03 ----A---- C:\Windows\system32\ROBOEX32.DLL
2010-02-20 14:29:03 ----A---- C:\Windows\system32\Inetwh32.dll
2010-02-20 14:29:02 ----A---- C:\Windows\system32\vbar332.dll
2010-02-20 14:28:08 ----D---- C:\Users\Karel\AppData\Roaming\CyberLink
2010-02-20 14:23:18 ----D---- C:\ProgramData\Office Genuine Advantage
2010-02-20 13:51:39 ----A---- C:\Windows\system32\occache.dll
2010-02-20 13:51:38 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-02-20 13:51:38 ----A---- C:\Windows\system32\msfeeds.dll
2010-02-20 13:51:38 ----A---- C:\Windows\system32\jsproxy.dll
2010-02-20 13:51:38 ----A---- C:\Windows\system32\ieui.dll
2010-02-20 13:51:38 ----A---- C:\Windows\system32\iepeers.dll
2010-02-20 13:51:37 ----A---- C:\Windows\system32\wininet.dll
2010-02-20 13:51:37 ----A---- C:\Windows\system32\msfeedssync.exe
2010-02-20 13:51:37 ----A---- C:\Windows\system32\iesetup.dll
2010-02-20 13:51:37 ----A---- C:\Windows\system32\iernonce.dll
2010-02-20 13:51:37 ----A---- C:\Windows\system32\ie4uinit.exe
2010-02-20 13:51:36 ----A---- C:\Windows\system32\urlmon.dll
2010-02-20 13:51:36 ----A---- C:\Windows\system32\ieUnatt.exe
2010-02-20 13:51:36 ----A---- C:\Windows\system32\iesysprep.dll
2010-02-20 13:51:36 ----A---- C:\Windows\system32\iertutil.dll
2010-02-20 13:51:36 ----A---- C:\Windows\system32\iedkcs32.dll
2010-02-20 13:51:34 ----A---- C:\Windows\system32\mshtml.dll
2010-02-20 13:51:34 ----A---- C:\Windows\system32\ieframe.dll
2010-02-20 13:49:53 ----A---- C:\Windows\system32\mshtmler.dll
2010-02-20 13:49:53 ----A---- C:\Windows\system32\mshtmled.dll
2010-02-20 13:49:53 ----A---- C:\Windows\system32\icardie.dll
2010-02-20 13:49:53 ----A---- C:\Windows\system32\admparse.dll
2010-02-20 13:49:52 ----A---- C:\Windows\system32\msls31.dll
2010-02-20 13:49:52 ----A---- C:\Windows\system32\imgutil.dll
2010-02-20 13:49:52 ----A---- C:\Windows\system32\ieakeng.dll
2010-02-20 13:49:52 ----A---- C:\Windows\system32\dxtmsft.dll
2010-02-20 13:49:52 ----A---- C:\Windows\system32\corpol.dll
2010-02-20 13:49:51 ----A---- C:\Windows\system32\dxtrans.dll
2010-02-20 13:49:50 ----A---- C:\Windows\system32\webcheck.dll
2010-02-20 13:49:50 ----A---- C:\Windows\system32\msrating.dll
2010-02-20 13:49:50 ----A---- C:\Windows\system32\licmgr10.dll
2010-02-20 13:49:50 ----A---- C:\Windows\system32\inseng.dll
2010-02-20 13:49:50 ----A---- C:\Windows\system32\ieaksie.dll
2010-02-20 13:49:49 ----A---- C:\Windows\system32\WinFXDocObj.exe
2010-02-20 13:49:49 ----A---- C:\Windows\system32\wextract.exe
2010-02-20 13:49:49 ----A---- C:\Windows\system32\mstime.dll
2010-02-20 13:49:49 ----A---- C:\Windows\system32\ieakui.dll
2010-02-20 13:49:48 ----A---- C:\Windows\system32\pngfilt.dll
2010-02-20 13:49:48 ----A---- C:\Windows\system32\advpack.dll
2010-02-20 13:49:47 ----A---- C:\Windows\system32\ieapfltr.dll
2010-02-20 13:49:44 ----A---- C:\Windows\system32\vbscript.dll
2010-02-20 13:49:43 ----A---- C:\Windows\system32\jscript.dll
2010-02-20 13:49:42 ----A---- C:\Windows\system32\url.dll
2010-02-20 13:49:40 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2010-02-20 13:49:40 ----A---- C:\Windows\system32\SetDepNx.exe
2010-02-20 13:49:40 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2010-02-20 13:49:40 ----A---- C:\Windows\system32\PDMSetup.exe
2010-02-20 13:49:40 ----A---- C:\Windows\system32\mshta.exe
2010-02-20 13:49:40 ----A---- C:\Windows\system32\iexpress.exe
2010-02-20 13:35:02 ----D---- C:\Program Files\UberIcon
2010-02-20 13:21:00 ----D---- C:\Users\Karel\AppData\Roaming\Desktop Sidebar
2010-02-20 13:18:54 ----D---- C:\Program Files\Desktop Sidebar
2010-02-20 12:50:04 ----D---- C:\Users\Karel\AppData\Roaming\Launcher
2010-02-20 12:44:23 ----D---- C:\Program Files\ANSYS Inc
2010-02-20 12:38:35 ----D---- C:\Program Files\QIP
2010-02-20 12:08:34 ----D---- C:\Program Files\DAEMON Tools Lite
2010-02-20 12:08:10 ----D---- C:\Users\Karel\AppData\Roaming\DAEMON Tools Lite
2010-02-20 12:08:07 ----D---- C:\ProgramData\DAEMON Tools Lite
2010-02-20 10:20:38 ----SHD---- C:\System Volume Information
2010-02-20 04:20:44 ----A---- C:\Windows\system32\tzres.dll
2010-02-20 04:12:30 ----A---- C:\Windows\system32\nshhttp.dll
2010-02-20 04:12:28 ----A---- C:\Windows\system32\httpapi.dll
2010-02-20 04:03:24 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2010-02-20 04:03:24 ----A---- C:\Windows\system32\infocardapi.dll
2010-02-20 04:03:23 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-02-20 04:03:23 ----A---- C:\Windows\system32\icardres.dll
2010-02-20 04:03:23 ----A---- C:\Windows\system32\icardagt.exe
2010-02-20 04:03:21 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2010-02-20 04:03:20 ----A---- C:\Windows\system32\PresentationHost.exe
2010-02-20 03:58:20 ----A---- C:\Windows\system32\dfshim.dll
2010-02-20 03:58:17 ----A---- C:\Windows\system32\netfxperf.dll
2010-02-20 03:58:17 ----A---- C:\Windows\system32\mscoree.dll
2010-02-20 03:58:10 ----A---- C:\Windows\system32\mscorier.dll
2010-02-20 03:58:07 ----A---- C:\Windows\system32\mscories.dll
2010-02-20 03:56:53 ----D---- C:\Program Files\MSXML 4.0
2010-02-20 03:23:37 ----D---- C:\Program Files\Adobe
2010-02-20 03:16:48 ----A---- C:\Windows\system32\t2embed.dll
2010-02-20 03:16:48 ----A---- C:\Windows\system32\fontsub.dll
2010-02-20 03:16:48 ----A---- C:\Windows\system32\atmfd.dll
2010-02-20 03:16:47 ----A---- C:\Windows\system32\dciman32.dll
2010-02-20 03:16:27 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2010-02-20 03:16:18 ----A---- C:\Windows\system32\netiohlp.dll
2010-02-20 03:16:17 ----A---- C:\Windows\system32\TCPSVCS.EXE
2010-02-20 03:16:17 ----A---- C:\Windows\system32\ROUTE.EXE
2010-02-20 03:16:17 ----A---- C:\Windows\system32\NETSTAT.EXE
2010-02-20 03:16:17 ----A---- C:\Windows\system32\MRINFO.EXE
2010-02-20 03:16:17 ----A---- C:\Windows\system32\HOSTNAME.EXE
2010-02-20 03:16:17 ----A---- C:\Windows\system32\finger.exe
2010-02-20 03:16:17 ----A---- C:\Windows\system32\ARP.EXE
2010-02-20 03:16:16 ----A---- C:\Windows\system32\netevent.dll
2010-02-20 03:15:50 ----A---- C:\Windows\system32\wlansvc.dll
2010-02-20 03:15:50 ----A---- C:\Windows\system32\wlansec.dll
2010-02-20 03:15:50 ----A---- C:\Windows\system32\wlanmsm.dll
2010-02-20 03:15:50 ----A---- C:\Windows\system32\L2SecHC.dll
2010-02-20 03:15:48 ----A---- C:\Windows\system32\msxml6.dll
2010-02-20 03:15:47 ----A---- C:\Windows\system32\msxml3.dll
2010-02-20 03:15:44 ----A---- C:\Windows\system32\wdigest.dll
2010-02-20 03:15:44 ----A---- C:\Windows\system32\secur32.dll
2010-02-20 03:15:44 ----A---- C:\Windows\system32\msv1_0.dll
2010-02-20 03:15:44 ----A---- C:\Windows\system32\lsass.exe
2010-02-20 03:15:44 ----A---- C:\Windows\system32\lsasrv.dll
2010-02-20 03:15:41 ----A---- C:\Windows\system32\WMVCORE.DLL
2010-02-20 03:15:40 ----A---- C:\Windows\system32\mf.dll
2010-02-20 03:15:38 ----A---- C:\Windows\system32\winhttp.dll
2010-02-20 03:15:36 ----A---- C:\Windows\system32\atl.dll
2010-02-20 03:15:34 ----A---- C:\Windows\system32\gdi32.dll
2010-02-20 03:15:30 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-02-20 03:15:30 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-02-20 03:15:23 ----A---- C:\Windows\system32\xolehlp.dll
2010-02-20 03:15:23 ----A---- C:\Windows\system32\msdtcprx.dll
2010-02-20 03:15:21 ----A---- C:\Windows\system32\wkssvc.dll
2010-02-20 03:15:19 ----A---- C:\Windows\system32\mstscax.dll
2010-02-20 03:15:07 ----A---- C:\Windows\system32\netapi32.dll
2010-02-20 03:14:55 ----A---- C:\Windows\system32\EncDec.dll
2010-02-20 03:14:53 ----A---- C:\Windows\system32\psisdecd.dll
2010-02-20 03:14:47 ----A---- C:\Windows\system32\shell32.dll
2010-02-20 03:14:40 ----A---- C:\Windows\system32\localspl.dll
2010-02-20 03:14:38 ----A---- C:\Windows\explorer.exe
2010-02-20 03:14:34 ----A---- C:\Windows\system32\rpcss.dll
2010-02-20 03:14:33 ----A---- C:\Windows\system32\sdohlp.dll
2010-02-20 03:14:33 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2010-02-20 03:14:33 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2010-02-20 03:14:33 ----A---- C:\Windows\system32\iasrecst.dll
2010-02-20 03:14:33 ----A---- C:\Windows\system32\iashost.exe
2010-02-20 03:14:33 ----A---- C:\Windows\system32\iasdatastore.dll
2010-02-20 03:14:33 ----A---- C:\Windows\system32\iasads.dll
2010-02-20 03:14:28 ----A---- C:\Windows\system32\kernel32.dll
2010-02-20 03:14:27 ----A---- C:\Windows\system32\apilogen.dll
2010-02-20 03:14:27 ----A---- C:\Windows\system32\amxread.dll
2010-02-20 03:14:23 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2010-02-20 03:14:23 ----A---- C:\Windows\system32\WindowsCodecs.dll
2010-02-20 03:14:23 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2010-02-20 03:14:22 ----A---- C:\Windows\system32\wersvc.dll
2010-02-20 03:14:22 ----A---- C:\Windows\system32\Faultrep.dll
2010-02-20 03:14:20 ----A---- C:\Windows\system32\win32spl.dll
2010-02-20 03:14:12 ----A---- C:\Windows\system32\wmpdxm.dll
2010-02-20 03:14:02 ----A---- C:\Windows\system32\schannel.dll
2010-02-20 03:13:58 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-02-20 03:13:57 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-02-20 03:13:53 ----A---- C:\Windows\system32\WMNetMgr.dll
2010-02-20 03:13:52 ----A---- C:\Windows\system32\logagent.exe
2010-02-20 03:13:50 ----A---- C:\Windows\system32\msasn1.dll
2010-02-20 03:13:49 ----A---- C:\Windows\system32\connect.dll
2010-02-20 03:13:47 ----A---- C:\Windows\system32\rpcrt4.dll
2010-02-20 03:13:44 ----A---- C:\Windows\system32\rastls.dll
2010-02-20 03:13:44 ----A---- C:\Windows\system32\raschap.dll
2010-02-20 03:13:42 ----A---- C:\Windows\system32\WSDApi.dll
2010-02-20 03:13:31 ----A---- C:\Windows\system32\wmp.dll
2010-02-20 03:13:29 ----A---- C:\Windows\system32\unregmp2.exe
2010-02-20 03:13:28 ----A---- C:\Windows\system32\spwmp.dll
2010-02-20 03:13:28 ----A---- C:\Windows\system32\dxmasf.dll
2010-02-20 03:13:27 ----A---- C:\Windows\system32\wmploc.DLL
2010-02-20 03:13:05 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2010-02-20 03:13:02 ----A---- C:\Windows\system32\tsbyuv.dll
2010-02-20 03:13:02 ----A---- C:\Windows\system32\quartz.dll
2010-02-20 03:13:02 ----A---- C:\Windows\system32\msyuv.dll
2010-02-20 03:13:02 ----A---- C:\Windows\system32\msvidc32.dll
2010-02-20 03:13:02 ----A---- C:\Windows\system32\msvfw32.dll
2010-02-20 03:13:02 ----A---- C:\Windows\system32\msrle32.dll
2010-02-20 03:13:02 ----A---- C:\Windows\system32\mciavi32.dll
2010-02-20 03:13:02 ----A---- C:\Windows\system32\iyuv_32.dll
2010-02-20 03:13:02 ----A---- C:\Windows\system32\avifil32.dll
2010-02-20 03:13:02 ----A---- C:\Windows\system32\avicap32.dll
2010-02-20 02:57:59 ----D---- C:\Program Files\RealVNC
2010-02-20 02:46:53 ----D---- C:\Program Files\Microsoft Visual Studio
2010-02-20 02:46:52 ----D---- C:\Program Files\Common Files\DESIGNER
2010-02-20 02:46:21 ----D---- C:\Program Files\Microsoft.NET
2010-02-20 02:44:06 ----D---- C:\ProgramData\Microsoft Help
2010-02-20 02:42:28 ----RHD---- C:\MSOCache
2010-02-20 02:24:46 ----D---- C:\Users\Karel\AppData\Roaming\skypePM
2010-02-20 02:23:16 ----D---- C:\Users\Karel\AppData\Roaming\Skype
2010-02-20 02:22:58 ----D---- C:\Program Files\Common Files\Skype
2010-02-20 02:22:57 ----RD---- C:\Program Files\Skype
2010-02-20 02:22:52 ----D---- C:\ProgramData\Skype
2010-02-20 02:16:49 ----D---- C:\Users\Karel\AppData\Roaming\GHISLER
2010-02-20 02:16:49 ----D---- C:\Program Files\totalcmd
2010-02-20 02:04:51 ----D---- C:\Users\Karel\AppData\Roaming\Macrovision
2010-02-20 02:04:28 ----D---- C:\Program Files\Symantec
2010-02-20 02:04:28 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-02-20 02:03:52 ----D---- C:\Users\Karel\AppData\Roaming\DigitalPersona
2010-02-20 02:03:33 ----D---- C:\ProgramData\NVIDIA
2010-02-20 02:03:20 ----D---- C:\Users\Karel\AppData\Roaming\Identities
2010-02-20 02:02:46 ----D---- C:\Users\Karel\AppData\Roaming\Macromedia
2010-02-20 02:02:34 ----D---- C:\Users\Karel\AppData\Roaming\Adobe
2010-02-20 02:02:29 ----D---- C:\Users\Karel\AppData\Roaming\Hewlett-Packard
2010-02-20 02:01:33 ----D---- C:\Program Files\Microsoft Office
2010-02-20 02:01:18 ----D---- C:\Program Files\Microsoft Works
2010-02-20 02:00:05 ----D---- C:\ProgramData\Adobe
2010-02-20 02:00:02 ----D---- C:\Program Files\Common Files\Adobe
2010-02-20 01:59:16 ----D---- C:\Windows\PCHEALTH
2010-02-20 01:57:45 ----SD---- C:\Users\Karel\AppData\Roaming\Microsoft
2010-02-20 01:57:45 ----D---- C:\Users\Karel\AppData\Roaming\Media Center Programs
2010-02-20 01:56:57 ----A---- C:\Windows\system32\wups2.dll
2010-02-20 01:56:57 ----A---- C:\Windows\system32\wuauclt.exe
2010-02-20 01:56:56 ----A---- C:\Windows\system32\wucltux.dll
2010-02-20 01:56:56 ----A---- C:\Windows\system32\wuaueng.dll
2010-02-20 01:56:32 ----A---- C:\Windows\system32\wups.dll
2010-02-20 01:56:32 ----A---- C:\Windows\system32\wudriver.dll
2010-02-20 01:56:32 ----A---- C:\Windows\system32\wuapi.dll
2010-02-20 01:56:26 ----A---- C:\Windows\system32\wuwebv.dll
2010-02-20 01:56:26 ----A---- C:\Windows\system32\wuapp.exe
2010-02-20 01:56:14 ----SHD---- C:\ProgramData\Šablony
2010-02-20 01:56:14 ----SHD---- C:\ProgramData\Plocha
2010-02-20 01:56:14 ----SHD---- C:\ProgramData\Oblíbené položky
2010-02-20 01:56:14 ----SHD---- C:\ProgramData\Nabídka Start
2010-02-20 01:56:14 ----SHD---- C:\ProgramData\Dokumenty
2010-02-20 01:56:14 ----SHD---- C:\ProgramData\Data aplikací
2010-02-20 01:52:18 ----SHD---- C:\$RECYCLE.BIN
2010-02-20 01:47:33 ----D---- C:\Windows\system32\tr
2010-02-20 01:47:33 ----D---- C:\Windows\system32\ru
2010-02-20 01:47:33 ----D---- C:\Windows\system32\ko
2010-02-20 01:47:33 ----D---- C:\Windows\system32\ja
2010-02-20 01:47:33 ----D---- C:\Windows\system32\it
2010-02-20 01:47:33 ----D---- C:\Windows\system32\fr
2010-02-20 01:47:33 ----D---- C:\Windows\system32\es
2010-02-20 01:47:32 ----D---- C:\Windows\system32\de
2010-02-20 01:47:32 ----D---- C:\Windows\DPDrv
2010-02-20 01:47:31 ----D---- C:\ProgramData\Macrovision
2010-02-20 01:47:31 ----D---- C:\Program Files\DigitalPersona
2010-02-20 01:38:36 ----D---- C:\Program Files\Common Files\LightScribe
2010-02-20 01:35:51 ----D---- C:\Windows\system32\HPMDP
2010-02-20 01:35:42 ----D---- C:\Windows\Driver Cache
2010-02-20 01:35:42 ----D---- C:\Program Files\AVerMedia
2010-02-20 01:34:19 ----D---- C:\Program Files\Intel
2010-02-20 01:34:19 ----A---- C:\Windows\system32\CSVer.dll
2010-02-20 01:33:28 ----A---- C:\Windows\system32\NETw5r32.dll
2010-02-20 01:33:27 ----A---- C:\Windows\system32\NETw5c32.dll
2010-02-20 01:32:35 ----D---- C:\Program Files\Realtek
2010-02-20 01:32:35 ----A---- C:\Windows\system32\RtNicProp32.dll
2010-02-20 01:32:17 ----A---- C:\Windows\system32\idtmini1.exe
2010-02-20 01:32:17 ----A---- C:\Windows\system32\aestecap.dll
2010-02-20 01:32:17 ----A---- C:\Windows\system32\AESTCom.dll
2010-02-20 01:32:17 ----A---- C:\Windows\system32\aestaren.dll
2010-02-20 01:32:17 ----A---- C:\Windows\system32\aestacap.dll
2010-02-20 01:32:16 ----A---- C:\Windows\system32\stlang.dll
2010-02-20 01:32:16 ----A---- C:\Windows\sttray.exe
2010-02-20 01:32:10 ----D---- C:\Windows\system32\SRSLabs
2010-02-20 01:31:43 ----A---- C:\Windows\system32\staco.dll
2010-02-20 01:31:25 ----A---- C:\Windows\system32\stcplx.dll
2010-02-20 01:31:25 ----A---- C:\Windows\system32\stapo.dll
2010-02-20 01:31:25 ----A---- C:\Windows\system32\stapi32.dll
2010-02-20 01:31:09 ----D---- C:\Program Files\IDT
2010-02-20 01:31:00 ----D---- C:\Program Files\DIFX
2010-02-20 01:30:43 ----D---- C:\Program Files\Validity Sensors, Inc
2010-02-20 01:30:34 ----A---- C:\Windows\xUninstall.bat
2010-02-20 01:30:21 ----D---- C:\Windows\JMCR_DIR
2010-02-20 01:30:21 ----A---- C:\Windows\system32\JmCrIcon.dll
2010-02-20 01:29:57 ----D---- C:\Program Files\Synaptics
2010-02-20 01:29:13 ----A---- C:\Windows\system32\nvcpluir.dll
2010-02-20 01:29:13 ----A---- C:\Windows\system32\nvcplui.exe
2010-02-20 01:28:30 ----A---- C:\Windows\system32\NVUNINST.EXE
2010-02-20 01:25:15 ----D---- C:\Windows\SoftwareDistribution
2010-02-20 01:22:16 ----D---- C:\Windows\Prefetch
======List of files/folders modified in the last 1 months======
2010-02-20 23:29:37 ----RD---- C:\Program Files
2010-02-20 23:29:36 ----D---- C:\Windows\Temp
2010-02-20 23:25:38 ----D---- C:\Windows
2010-02-20 23:16:52 ----D---- C:\Windows\System32
2010-02-20 23:16:52 ----D---- C:\Windows\inf
2010-02-20 23:16:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-02-20 23:11:12 ----D---- C:\Windows\system32\drivers
2010-02-20 23:11:05 ----D---- C:\Windows\system32\catroot
2010-02-20 22:47:09 ----D---- C:\Windows\Microsoft.NET
2010-02-20 22:41:37 ----RSD---- C:\Windows\assembly
2010-02-20 19:47:03 ----D---- C:\Windows\Debug
2010-02-20 19:06:22 ----HD---- C:\ProgramData
2010-02-20 18:10:09 ----SD---- C:\ProgramData\Microsoft
2010-02-20 16:11:08 ----SHD---- C:\Windows\Installer
2010-02-20 16:06:40 ----D---- C:\Windows\system32\catroot2
2010-02-20 15:11:31 ----D---- C:\Windows\winsxs
2010-02-20 15:09:57 ----D---- C:\Program Files\Common Files
2010-02-20 15:08:56 ----D---- C:\Windows\Downloaded Installations
2010-02-20 14:28:02 ----D---- C:\ProgramData\CyberLink
2010-02-20 14:19:07 ----D---- C:\Windows\system32\WDI
2010-02-20 14:17:17 ----RSD---- C:\Windows\Fonts
2010-02-20 14:17:14 ----D---- C:\Program Files\Common Files\microsoft shared
2010-02-20 14:15:11 ----A---- C:\Windows\win.ini
2010-02-20 14:15:10 ----D---- C:\Program Files\Common Files\System
2010-02-20 14:07:08 ----D---- C:\Windows\system32\zh-TW
2010-02-20 14:07:08 ----D---- C:\Windows\system32\zh-HK
2010-02-20 14:07:08 ----D---- C:\Windows\system32\tr-TR
2010-02-20 14:07:08 ----D---- C:\Windows\system32\sv-SE
2010-02-20 14:07:08 ----D---- C:\Windows\system32\pt-BR
2010-02-20 14:07:08 ----D---- C:\Windows\system32\nl-NL
2010-02-20 14:07:08 ----D---- C:\Windows\system32\nb-NO
2010-02-20 14:07:08 ----D---- C:\Windows\system32\ko-KR
2010-02-20 14:07:08 ----D---- C:\Windows\system32\it-IT
2010-02-20 14:07:08 ----D---- C:\Windows\system32\he-IL
2010-02-20 14:07:08 ----D---- C:\Windows\system32\fr-FR
2010-02-20 14:07:08 ----D---- C:\Windows\system32\fi-FI
2010-02-20 14:07:08 ----D---- C:\Windows\system32\es-ES
2010-02-20 14:07:08 ----D---- C:\Windows\system32\en-US
2010-02-20 14:07:08 ----D---- C:\Windows\system32\el-GR
2010-02-20 14:07:08 ----D---- C:\Windows\system32\de-DE
2010-02-20 14:07:08 ----D---- C:\Windows\system32\da-DK
2010-02-20 14:07:08 ----D---- C:\Windows\system32\ar-SA
2010-02-20 13:57:16 ----D---- C:\Windows\system32\migration
2010-02-20 13:57:16 ----D---- C:\Program Files\Internet Explorer
2010-02-20 13:57:12 ----D---- C:\Windows\system32\sk-SK
2010-02-20 13:57:08 ----D---- C:\Windows\system32\cs-CZ
2010-02-20 13:56:57 ----D---- C:\Windows\PolicyDefinitions
2010-02-20 10:44:38 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-20 10:33:46 ----D---- C:\Windows\ehome
2010-02-20 10:33:44 ----D---- C:\Windows\system32\wbem
2010-02-20 10:33:42 ----D---- C:\Windows\system32\manifeststore
2010-02-20 10:33:42 ----D---- C:\Windows\AppPatch
2010-02-20 10:33:40 ----D---- C:\Program Files\Windows Mail
2010-02-20 10:33:31 ----D---- C:\Windows\system32\XPSViewer
2010-02-20 10:33:07 ----D---- C:\Program Files\Windows Media Player
2010-02-20 10:21:10 ----A---- C:\Windows\CSUP.txt
2010-02-20 03:00:39 ----D---- C:\Windows\Logs
2010-02-20 02:44:39 ----D---- C:\Windows\ShellNew
2010-02-20 02:23:13 ----D---- C:\Windows\system32\Tasks
2010-02-20 02:05:33 ----D---- C:\ProgramData\Symantec
2010-02-20 02:05:06 ----D---- C:\ProgramData\Norton
2010-02-20 02:03:18 ----D---- C:\Program Files\SMINST
2010-02-20 02:03:10 ----D---- C:\Windows\system
2010-02-20 02:02:26 ----RD---- C:\Program Files\Online Services
2010-02-20 02:02:25 ----D---- C:\Program Files\Windows Sidebar
2010-02-20 02:02:08 ----HD---- C:\System.sav
2010-02-20 02:02:08 ----D---- C:\Windows\system32\restore
2010-02-20 02:02:08 ----D---- C:\SwSetup
2010-02-20 01:57:43 ----RD---- C:\Users
2010-02-20 01:57:41 ----D---- C:\Windows\rescache
2010-02-20 01:56:15 ----D---- C:\Program Files\Windows NT
2010-02-20 01:54:16 ----D---- C:\Windows\panther
2010-02-20 01:52:26 ----D---- C:\Windows\system32\sysprep
2010-02-20 01:47:55 ----D---- C:\ProgramData\Hewlett-Packard
2010-02-20 01:47:33 ----D---- C:\Windows\system32\pt-PT
2010-02-20 01:47:32 ----D---- C:\Windows\system32\zh-CN
2010-02-20 01:47:15 ----D---- C:\ProgramData\Temp
2010-02-20 01:44:58 ----D---- C:\Program Files\Hewlett-Packard
2010-02-20 01:36:01 ----HD---- C:\HP
2010-02-20 01:29:05 ----D---- C:\Windows\Help
2010-02-01 11:26:22 ----A---- C:\Windows\system32\mrt.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 BHDrvx86;Symantec Heuristics Driver; C:\Windows\System32\Drivers\NIS\1008000.029\BHDrvx86.sys [2010-01-20 259632]
R1 ccHP;Symantec Hash Provider; C:\Windows\System32\Drivers\NIS\1008000.029\ccHPx86.sys [2010-02-20 482432]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2010-02-19 371248]
R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100218.001\IDSvix86.sys [2010-02-10 343088]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\drivers\NIS\1008000.029\SRTSPX.SYS [2010-01-20 43696]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2010-01-20 25648]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\Windows\System32\Drivers\NIS\1008000.029\SYMTDI.SYS [2010-01-20 217136]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};{55662437-DA8C-40c0-AADA-2C816A897A49}; \??\C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl [2008-09-26 59376]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2008-03-27 34664]
R3 AVerAF15;HP DVB-T TV Tuner; C:\Windows\System32\Drivers\AVerAF15.sys [2008-06-10 280320]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-09-04 54784]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-02-19 102448]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-08-07 97536]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100220.006\NAVENG.SYS [2010-02-19 84912]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100220.006\NAVEX15.SYS [2010-02-19 1324720]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-08-29 3664384]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-08-06 44576]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-09-13 7391392]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-08-06 124928]
R3 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\NIS\1008000.029\SRTSP.SYS [2010-01-20 308272]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2008-09-11 389120]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2010-02-20 124976]
R3 SYMFW;Symantec Network Filter Driver; C:\Windows\System32\Drivers\NIS\1008000.029\SYMFW.SYS [2010-01-20 89904]
R3 SYMNDISV;Symantec Network Filter Driver; C:\Windows\System32\Drivers\NIS\1008000.029\SYMNDISV.SYS [2010-01-20 48688]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-06-20 200112]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 vfs101x;vfs101x; C:\Windows\system32\drivers\vfs101x.sys [2008-09-16 40752]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 a399nt6h;a399nt6h; C:\Windows\system32\drivers\a399nt6h.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664]
S3 s116bus;Sony Ericsson Device 116 driver (WDM); C:\Windows\system32\DRIVERS\s116bus.sys [2007-04-03 83336]
S3 s116mdfl;Sony Ericsson Device 116 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s116mdfl.sys [2007-04-03 15112]
S3 s116mdm;Sony Ericsson Device 116 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s116mdm.sys [2007-04-03 108680]
S3 s116mgmt;Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s116mgmt.sys [2007-04-03 100488]
S3 s116nd5;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS); C:\Windows\system32\DRIVERS\s116nd5.sys [2007-04-03 23176]
S3 s116obex;Sony Ericsson Device 116 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s116obex.sys [2007-04-03 98696]
S3 s116unic;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM); C:\Windows\system32\DRIVERS\s116unic.sys [2007-04-03 99080]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 SYMDNS;SYMDNS; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SYMDNS.SYS []
S3 SYMREDRV;SYMREDRV; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SYMREDRV.SYS []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\aestsrv.exe [2008-06-27 77824]
R2 DpHost;@C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [2008-07-14 322624]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-06-16 94208]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2008-03-18 19456]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 Norton Internet Security;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe [2010-01-20 117640]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-09-13 196608]
R2 Recovery Service for Windows;Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [2008-10-06 365952]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2008-06-30 241734]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\STacSV.exe [2008-09-11 237650]
R2 vfsFPService;Validity Fingerprint Service; C:\Windows\system32\vfsFPService.exe [2008-09-16 599344]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-05-01 165192]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
Re: Hlášení residentního štítu AVG Trojský kun Downloader.Generi
Takže reinstalace byla bez formátu? Pokud bylo něco zažrané v Mbr, tak to tam mohlo zůstat .
spusťte přejmenované HJT C:\Program Files\trend micro\Karel.exe
- Klikněte na "Do a system scan only"
- U řádku
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - *{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
- Dejte fajfku do čtverečku a zmáčkněte Fix checked
- restartujte pc
odinstalujte přes CCleaner - nástroje - Daemon tools toolbar,
- složku C:\Program Files\DAEMON Tools Toolbar smažte.
Stáhněte Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878
- rozbalte a spusťte
-proběhne sken, po skončení se otevře okno s výsledky, klikněte na Save a tím si uložíte log,který sem vložíte
-Podle návodu v odkazu provedete druhý sken a log sem také vložíte.
Dejte soubor otestovat na http://www.virustotal.com
C:\Program Files\Common Files\System\Extend.dll
-Na virustotalu dáte procházet, a do spodního okénka nakopírujete přímo cestu k souboru a dáte odeslat
-z prohlížeče zkopírujete adresu ke stránce s výsledky
. spusťte přejmenované HJT C:\Program Files\trend micro\Karel.exe- Klikněte na "Do a system scan only"
- U řádku
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - *{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
- Dejte fajfku do čtverečku a zmáčkněte Fix checked
- restartujte pc
odinstalujte přes CCleaner - nástroje - Daemon tools toolbar, - složku C:\Program Files\DAEMON Tools Toolbar smažte.
Stáhněte Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878- rozbalte a spusťte
-proběhne sken, po skončení se otevře okno s výsledky, klikněte na Save a tím si uložíte log,který sem vložíte
-Podle návodu v odkazu provedete druhý sken a log sem také vložíte.
Dejte soubor otestovat na http://www.virustotal.comC:\Program Files\Common Files\System\Extend.dll
-Na virustotalu dáte procházet, a do spodního okénka nakopírujete přímo cestu k souboru a dáte odeslat
-z prohlížeče zkopírujete adresu ke stránce s výsledky
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Hlášení residentního štítu AVG Trojský kun Downloader.Generi
tak jsem se zadrhnul už u prvního kroku
R1 tam mám 2x
R0 OK
ale R3 tam není...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:39:01, on 21.2.2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Desktop Sidebar\dsidebar.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\trend micro\Karel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [SIDEBAR] "C:\Program Files\Desktop Sidebar\dsidebar.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\aestsrv.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\STacSV.exe
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe
--
End of file - 10269 bytes
R1 tam mám 2x
R0 OK
ale R3 tam není...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:39:01, on 21.2.2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Desktop Sidebar\dsidebar.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\trend micro\Karel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [SIDEBAR] "C:\Program Files\Desktop Sidebar\dsidebar.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\aestsrv.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\STacSV.exe
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe
--
End of file - 10269 bytes
Re: Hlášení residentního štítu AVG Trojský kun Downloader.Generi
To je v pořádnu, zmizel sám, jak jste odnstaloval Daemon toolbar.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Hlášení residentního štítu AVG Trojský kun Downloader.Generi
opět jsem zkapal u GMERu
1. v běžném režimu se program zhroutil již pri prvním scanu
2. v nouzovém režimu stejně jako včera u procesu \device\HarddiskVolumeShadowCopy1
Dat v počítači mám po včerjšku poměrně málo, práce přede mnou hodně, uvažuji o zformátování...
1. v běžném režimu se program zhroutil již pri prvním scanu
2. v nouzovém režimu stejně jako včera u procesu \device\HarddiskVolumeShadowCopy1
Dat v počítači mám po včerjšku poměrně málo, práce přede mnou hodně, uvažuji o zformátování...
Re: Hlášení residentního štítu AVG Trojský kun Downloader.Generi
a ještě jsem zapomněl C:\Program Files\Common Files\System\Extend.dll jsem nenašel
Re: Hlášení residentního štítu AVG Trojský kun Downloader.Generi
Když dáte na virustotalu procházet - a do spodního okénka nakopírujete cestu k souboru, tak ho nenajde?
Stáhněte
http://rootrepeal.googlepages.com/RootRepeal.zip
-Stáhněte,rozbalte a spusťte
-vyberte záložku drivers, pak Files, klikněte na Scan,
-proběhne sken, po něm klikněte na Save Report , tím se uloží log, který zkopírujete sem
Stáhněte http://rootrepeal.googlepages.com/RootRepeal.zip
-Stáhněte,rozbalte a spusťte
-vyberte záložku drivers, pak Files, klikněte na Scan,
-proběhne sken, po něm klikněte na Save Report , tím se uloží log, který zkopírujete sem
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Přispějete na provoz fóra?