Prosím pěkně o kontrolu, občas se mi zastaví štíty avastu. Děkuji
Logfile of random's system information tool 1.06 (written by random/random)
Run by Ondra at 2010-03-02 14:52:45
Microsoft Windows 7 Professional Service Pack 3
System drive C: has 32 GB (64%) free of 50 GB
Total RAM: 2039 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:52:55, on 2.3.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\CounterPath\X-Lite\x-lite.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Users\Ondra\Desktop\RSIT.exe
C:\Program Files\trend micro\Ondra.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [Google Update] "C:\Users\Ondra\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [eyeBeam SIP Client] "C:\Program Files\CounterPath\X-Lite\x-lite.exe"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BCF9D10D-D15E-4A82-8EA7-B9DA8302E6EB}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{C817176A-42EE-47C2-BFF8-9E6D71FFC742}: NameServer = 8.8.8.8,8.8.4.4
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
--
End of file - 5393 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3702307991-477689461-1202135443-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3702307991-477689461-1202135443-1000UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-23 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"=C:\Program Files\ATKOSD2\ATKOSD2.exe [2007-10-17 7737344]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-10-31 4702208]
"Skytel"=C:\Windows\Skytel.exe [2007-10-11 1826816]
"SMSERIAL"=C:\Windows\sm56hlpr.exe [2005-05-26 544768]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-03-01 857648]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-12-23 149280]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-11 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-11 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-11 150552]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-02-11 2756488]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Ondra\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-23 135664]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]
"eyeBeam SIP Client"=C:\Program Files\CounterPath\X-Lite\x-lite.exe [2006-05-31 18550784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileConnect]
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2009-09-18 2412032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-11 218112]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2010-03-02 14:52:46 ----D---- C:\Program Files\trend micro
2010-03-02 14:52:45 ----D---- C:\rsit
2010-03-02 11:14:52 ----D---- C:\Users\Ondra\AppData\Roaming\Opera
2010-02-28 23:05:36 ----A---- C:\Windows\system32\aswBoot.exe
2010-02-28 22:42:42 ----SHD---- C:\$RECYCLE.BIN
2010-02-28 22:42:36 ----A---- C:\ComboFix.txt
2010-02-28 22:40:16 ----D---- C:\Windows\temp
2010-02-28 22:32:23 ----A---- C:\Windows\zip.exe
2010-02-28 22:32:23 ----A---- C:\Windows\SWSC.exe
2010-02-28 22:32:23 ----A---- C:\Windows\SWREG.exe
2010-02-28 22:32:23 ----A---- C:\Windows\sed.exe
2010-02-28 22:32:23 ----A---- C:\Windows\PEV.exe
2010-02-28 22:32:23 ----A---- C:\Windows\NIRCMD.exe
2010-02-28 22:32:23 ----A---- C:\Windows\MBR.exe
2010-02-28 22:32:23 ----A---- C:\Windows\grep.exe
2010-02-28 22:32:15 ----D---- C:\Windows\ERDNT
2010-02-28 22:32:14 ----D---- C:\ComboFix
2010-02-28 22:31:27 ----D---- C:\Qoobox
2010-02-28 22:31:12 ----A---- C:\Windows\SWXCACLS.exe
2010-02-28 22:31:08 ----D---- C:\32788R22FWJFW
2010-02-26 20:54:15 ----D---- C:\Program Files\AVG
2010-02-24 20:52:20 ----A---- C:\Windows\system32\CPFilters.dll
2010-02-24 20:52:19 ----A---- C:\Windows\system32\psisdecd.dll
2010-02-24 20:52:19 ----A---- C:\Windows\system32\msdri.dll
2010-02-24 20:52:19 ----A---- C:\Windows\system32\jscript.dll
2010-02-24 20:52:18 ----A---- C:\Windows\system32\tzres.dll
2010-02-19 19:33:53 ----D---- C:\ProgramData\Alwil Software
2010-02-10 18:23:51 ----A---- C:\Windows\system32\kernel32.dll
2010-02-10 18:23:50 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-02-10 18:23:50 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-02-10 18:23:50 ----A---- C:\Windows\system32\apphelp.dll
2010-02-10 18:23:49 ----A---- C:\Windows\system32\tsbyuv.dll
2010-02-10 18:23:49 ----A---- C:\Windows\system32\quartz.dll
2010-02-10 18:23:49 ----A---- C:\Windows\system32\msyuv.dll
2010-02-10 18:23:49 ----A---- C:\Windows\system32\msvidc32.dll
2010-02-10 18:23:49 ----A---- C:\Windows\system32\msrle32.dll
2010-02-10 18:23:49 ----A---- C:\Windows\system32\mciavi32.dll
2010-02-10 18:23:49 ----A---- C:\Windows\system32\iyuv_32.dll
2010-02-10 18:23:49 ----A---- C:\Windows\system32\avifil32.dll
2010-02-10 18:23:48 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-02-10 18:23:48 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-02-10 18:23:48 ----A---- C:\Windows\system32\secproc_isv.dll
2010-02-10 18:23:48 ----A---- C:\Windows\system32\secproc.dll
2010-02-10 18:23:48 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-02-10 18:23:48 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-02-10 18:23:48 ----A---- C:\Windows\system32\RMActivate.exe
2010-02-10 18:23:47 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-02-08 10:02:39 ----D---- C:\Program Files\Common Files\Intel
2010-02-08 10:02:37 ----D---- C:\Program Files\CounterPath
2010-02-04 19:10:14 ----A---- C:\Windows\ATKPF.ini
======List of files/folders modified in the last 1 months======
2010-03-02 14:52:55 ----D---- C:\Windows\Prefetch
2010-03-02 14:52:46 ----RD---- C:\Program Files
2010-03-02 14:32:37 ----A---- C:\Windows\system32\acovcnt.exe
2010-03-02 11:47:55 ----D---- C:\Windows\system32\config
2010-03-02 11:14:46 ----SHD---- C:\Windows\Installer
2010-03-02 11:14:40 ----D---- C:\Program Files\Opera
2010-03-02 11:14:37 ----SHD---- C:\System Volume Information
2010-02-28 23:12:34 ----D---- C:\Program Files\QIP Infium
2010-02-28 23:05:51 ----D---- C:\Windows\system32\drivers
2010-02-28 23:05:36 ----D---- C:\Windows\System32
2010-02-28 23:02:02 ----D---- C:\Program Files\NSS
2010-02-28 23:01:39 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-28 23:01:16 ----RSD---- C:\Windows\assembly
2010-02-28 23:01:16 ----D---- C:\Program Files\KeePass Password Safe 2
2010-02-28 22:40:27 ----D---- C:\Windows
2010-02-28 22:40:27 ----A---- C:\Windows\system.ini
2010-02-28 22:39:42 ----D---- C:\ProgramData
2010-02-28 22:37:02 ----D---- C:\Windows\AppPatch
2010-02-28 22:37:01 ----D---- C:\Program Files\Common Files
2010-02-28 18:06:22 ----AD---- C:\ProgramData\TEMP
2010-02-28 17:34:23 ----SD---- C:\Users\Ondra\AppData\Roaming\Microsoft
2010-02-26 17:13:14 ----D---- C:\Windows\debug
2010-02-26 17:04:07 ----D---- C:\Windows\winsxs
2010-02-25 22:42:24 ----D---- C:\Windows\Microsoft.NET
2010-02-25 07:28:23 ----D---- C:\Windows\system32\cs-CZ
2010-02-25 07:28:23 ----D---- C:\Windows\ehome
2010-02-25 07:18:05 ----D---- C:\Windows\system32\catroot
2010-02-25 07:17:44 ----D---- C:\Windows\system32\en-US
2010-02-24 20:52:11 ----D---- C:\Windows\system32\catroot2
2010-02-24 09:16:06 ----N---- C:\Windows\system32\MpSigStub.exe
2010-02-23 16:47:44 ----D---- C:\Windows\inf
2010-02-23 16:47:44 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-02-22 20:22:43 ----D---- C:\Windows\system32\NDF
2010-02-19 19:49:11 ----D---- C:\Program Files\Alwil Software
2010-02-18 21:58:27 ----D---- C:\Users\Ondra\AppData\Roaming\FileZilla
2010-02-14 20:02:43 ----D---- C:\Windows\ModemLogs
2010-02-08 07:11:13 ----D---- C:\Windows\system32\wdi
2010-02-04 19:06:32 ----D---- C:\Windows\Logs
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-02-11 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-02-11 162512]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-02-11 46672]
R1 blbdrive;blbdrive; C:\Windows\system32\DRIVERS\blbdrive.sys [2009-07-14 35328]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 DfsC;@%systemroot%\system32\drivers\dfsc.sys,-101; C:\Windows\System32\Drivers\dfsc.sys [2009-07-14 78336]
R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys [2009-07-14 32256]
R1 nsiproxy;@%SystemRoot%\system32\drivers\nsiproxy.sys,-2; C:\Windows\system32\drivers\nsiproxy.sys [2009-07-14 16896]
R1 RDPENCDD;@%systemroot%\system32\drivers\RDPENCDD.sys,-101; C:\Windows\system32\drivers\rdpencdd.sys [2009-07-14 6656]
R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\Windows\system32\drivers\rdprefmp.sys [2009-07-14 7168]
R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\Windows\system32\DRIVERS\tdx.sys [2009-07-14 74240]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R1 Wanarpv6;@%systemroot%\system32\rascfg.dll,-32012; C:\Windows\system32\DRIVERS\wanarp.sys [2009-07-14 63488]
R1 WfpLwf;WFP Lightweight Filter; C:\Windows\system32\DRIVERS\wfplwf.sys [2009-07-14 9728]
R1 ws2ifsl;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\Windows\system32\drivers\ws2ifsl.sys [2009-07-14 16384]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-02-11 19024]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-02-11 51792]
R2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver; C:\Windows\system32\DRIVERS\lltdio.sys [2009-07-14 48128]
R2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; C:\Windows\system32\drivers\luafv.sys [2009-07-14 86528]
R2 PARLDR2K;ParLdr2k; \??\C:\Windows\system32\drivers\parldr2k.sys [2010-01-07 10454]
R2 PEAUTH;PEAUTH; C:\Windows\system32\drivers\peauth.sys [2009-07-14 586752]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-08-08 45568]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rspndr;Link-Layer Topology Discovery Responder; C:\Windows\system32\DRIVERS\rspndr.sys [2009-07-14 60928]
R2 tcpipreg;TCP/IP Registry Compatibility; C:\Windows\System32\drivers\tcpipreg.sys [2009-07-14 34816]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-10-05 1221632]
R3 bowser;@%systemroot%\system32\browser.dll,-102; C:\Windows\system32\DRIVERS\bowser.sys [2009-07-14 69632]
R3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
R3 BTHMODEM;Ovladač pro komunikaci pomocí modemu Bluetooth; C:\Windows\system32\DRIVERS\bthmodem.sys [2009-07-14 56320]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2009-07-14 14080]
R3 CompositeBus;Composite Bus Enumerator Driver; C:\Windows\system32\DRIVERS\CompositeBus.sys [2009-07-14 31232]
R3 DXGKrnl;LDDM Graphics Subsystem; C:\Windows\System32\drivers\dxgkrnl.sys [2009-10-02 728648]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\Windows\system32\DRIVERS\HDAudBus.sys [2009-07-14 108544]
R3 HidUsb;Ovladač třídy standardu HID Microsoft; C:\Windows\system32\DRIVERS\hidusb.sys [2009-07-14 24064]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-11 4805120]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-11-01 2011224]
R3 intelppm;Intel Processor Driver; C:\Windows\system32\DRIVERS\intelppm.sys [2009-07-14 53760]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2007-01-24 5632]
R3 monitor;Microsoft Monitor Class Function Driver Service; C:\Windows\system32\DRIVERS\monitor.sys [2009-07-14 23552]
R3 mouhid;Ovladač myši standardu HID; C:\Windows\system32\DRIVERS\mouhid.sys [2009-07-14 26112]
R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\Windows\System32\drivers\mpsdrv.sys [2009-07-14 60416]
R3 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; C:\Windows\system32\DRIVERS\mrxsmb10.sys [2010-01-08 221184]
R3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; C:\Windows\system32\DRIVERS\mrxsmb20.sys [2009-07-14 95744]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 NativeWifiP;NativeWiFi Filter; C:\Windows\system32\DRIVERS\nwifi.sys [2009-07-14 267264]
R3 RasAgileVpn;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys [2009-07-14 49152]
R3 RasSstp;@%systemroot%\system32\sstpsvc.dll,-202; C:\Windows\system32\DRIVERS\rassstp.sys [2009-07-14 75264]
R3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\Windows\system32\DRIVERS\rdpbus.sys [2009-07-14 18944]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2007-07-13 50688]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 84992]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2005-05-26 839724]
R3 srv2;@%systemroot%\system32\srvsvc.dll,-104; C:\Windows\System32\DRIVERS\srv2.sys [2009-07-14 306688]
R3 srvnet;srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [2009-12-08 113664]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-03-01 182456]
R3 tunnel;Microsoft Tunnel Miniport Adapter Driver; C:\Windows\system32\DRIVERS\tunnel.sys [2009-07-14 108544]
R3 umbus;Ovladač sběrnice UMBus Enumerator; C:\Windows\system32\DRIVERS\umbus.sys [2009-07-14 39936]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\Windows\system32\DRIVERS\usbehci.sys [2009-07-14 41472]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\Windows\system32\DRIVERS\usbhub.sys [2009-07-14 258560]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\Windows\system32\DRIVERS\usbuhci.sys [2009-07-14 24064]
R3 vwifibus;Ovladač sběrnice Virtual WiFi; C:\Windows\system32\DRIVERS\vwifibus.sys [2009-07-14 19968]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
S1 tcpipBM;Bytemobile Kernel Network Provider; C:\Windows\system32\drivers\tcpipBM.sys [2008-10-09 18816]
S3 1394ohci;1394 OHCI Compliant Host Controller; C:\Windows\system32\DRIVERS\1394ohci.sys [2009-07-14 163328]
S3 AcpiPmi;ACPI Power Meter Driver; C:\Windows\system32\DRIVERS\acpipmi.sys [2009-07-14 9728]
S3 adp94xx;adp94xx; C:\Windows\system32\DRIVERS\adp94xx.sys [2009-07-14 422976]
S3 adpahci;adpahci; C:\Windows\system32\DRIVERS\adpahci.sys [2009-07-14 297552]
S3 adpu320;adpu320; C:\Windows\system32\DRIVERS\adpu320.sys [2009-07-14 146512]
S3 AF15BDA;AF9015 BDA Device; C:\Windows\system32\DRIVERS\AF15BDA.sys [2009-06-03 483200]
S3 agp440;Intel AGP Bus Filter; C:\Windows\system32\DRIVERS\agp440.sys [2009-07-14 53312]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 amdide;amdide; C:\Windows\system32\DRIVERS\amdide.sys [2009-07-14 14912]
S3 AmdK8;AMD K8 Processor Driver; C:\Windows\system32\DRIVERS\amdk8.sys [2009-07-14 55296]
S3 AmdPPM;AMD Processor Driver; C:\Windows\system32\DRIVERS\amdppm.sys [2009-07-14 52736]
S3 amdsata;amdsata; C:\Windows\system32\DRIVERS\amdsata.sys [2009-07-14 79952]
S3 amdsbs;amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [2009-07-14 159312]
S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys [2009-07-14 50176]
S3 arc;arc; C:\Windows\system32\DRIVERS\arc.sys [2009-07-14 76368]
S3 arcsas;arcsas; C:\Windows\system32\DRIVERS\arcsas.sys [2009-07-14 86608]
S3 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\DRIVERS\bxvbdx.sys [2009-07-13 430080]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver; C:\Windows\system32\DRIVERS\BrFiltLo.sys [2009-07-13 13568]
S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver; C:\Windows\system32\DRIVERS\BrFiltUp.sys [2009-07-13 5248]
S3 Brserid;Brother MFC Serial Port Interface Driver (WDM); C:\Windows\System32\Drivers\Brserid.sys [2009-07-14 272128]
S3 BrSerWdm;Brother WDM Serial driver; C:\Windows\System32\Drivers\BrSerWdm.sys [2009-07-13 62336]
S3 BrUsbMdm;Brother MFC USB Fax Only Modem; C:\Windows\System32\Drivers\BrUsbMdm.sys [2009-07-13 12160]
S3 BrUsbSer;Brother MFC USB Serial WDM Driver; C:\Windows\System32\Drivers\BrUsbSer.sys [2009-07-13 11904]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 catchme;catchme; \??\C:\Users\Ondra\AppData\Local\Temp\catchme.sys []
S3 circlass;Consumer IR Devices; C:\Windows\system32\DRIVERS\circlass.sys [2009-07-14 37888]
S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\system32\DRIVERS\evbdx.sys [2009-07-13 3100160]
S3 elxstor;elxstor; C:\Windows\system32\DRIVERS\elxstor.sys [2009-07-14 453712]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\DRIVERS\errdev.sys [2009-07-14 7168]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [2009-07-23 112128]
S3 exfat;exFAT File System Driver; C:\Windows\system32\drivers\exfat.sys [2009-07-14 142336]
S3 Filetrace;@%SystemRoot%\system32\drivers\filetrace.sys,-10001; C:\Windows\system32\drivers\filetrace.sys [2009-07-14 28160]
S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys [2009-07-14 46160]
S3 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\Windows\system32\DRIVERS\gagp30kx.sys [2009-07-14 57936]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2009-12-29 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2009-12-29 25512]
S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\Windows\system32\drivers\hcw85cir.sys [2009-07-13 26624]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-07-14 304128]
S3 HidBatt;HID UPS Battery Driver; C:\Windows\system32\DRIVERS\HidBatt.sys [2009-07-14 21504]
S3 HidBth;Miniport Microsoft Bluetooth HID; C:\Windows\system32\DRIVERS\hidbth.sys [2009-07-14 91136]
S3 HidIr;Microsoft Infrared HID Driver; C:\Windows\system32\DRIVERS\hidir.sys [2009-07-14 37888]
S3 HpSAMD;HpSAMD; C:\Windows\system32\DRIVERS\HpSAMD.sys [2009-07-14 67152]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-07-23 102912]
S3 hwusbfake;Huawei DataCard USB Fake; C:\Windows\system32\DRIVERS\ewusbfake.sys [2009-07-23 100736]
S3 iaStorV;iaStorV; C:\Windows\system32\DRIVERS\iaStorV.sys [2009-07-14 332352]
S3 iirsp;iirsp; C:\Windows\system32\DRIVERS\iirsp.sys [2009-07-14 41040]
S3 IPMIDRV;IPMIDRV; C:\Windows\system32\DRIVERS\IPMIDrv.sys [2009-07-14 65536]
S3 isapnp;isapnp; C:\Windows\system32\DRIVERS\isapnp.sys [2009-07-14 46656]
S3 iScsiPrt;iScsiPort Driver; C:\Windows\system32\DRIVERS\msiscsi.sys [2009-07-14 186960]
S3 kbdhid;Ovladač klávesnice standardu HID; C:\Windows\system32\DRIVERS\kbdhid.sys [2009-07-14 28160]
S3 LSI_FC;LSI_FC; C:\Windows\system32\DRIVERS\lsi_fc.sys [2009-07-14 95824]
S3 LSI_SAS;LSI_SAS; C:\Windows\system32\DRIVERS\lsi_sas.sys [2009-07-14 89168]
S3 LSI_SAS2;LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [2009-07-14 54864]
S3 LSI_SCSI;LSI_SCSI; C:\Windows\system32\DRIVERS\lsi_scsi.sys [2009-07-14 96848]
S3 megasas;megasas; C:\Windows\system32\DRIVERS\megasas.sys [2009-07-14 30800]
S3 MegaSR;MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [2009-07-14 235584]
S3 mpio;mpio; C:\Windows\system32\DRIVERS\mpio.sys [2009-07-14 130624]
S3 msdsm;msdsm; C:\Windows\system32\DRIVERS\msdsm.sys [2009-07-14 115792]
S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys [2009-07-14 4096]
S3 MsRPC;MsRPC; C:\Windows\system32\drivers\MsRPC.sys [2009-07-14 162896]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2009-07-14 6144]
S3 MTConfig;Microsoft Input Configuration Driver; C:\Windows\system32\DRIVERS\MTConfig.sys [2009-07-14 12288]
S3 NdisCap;NDIS Capture LightWeight Filter; C:\Windows\system32\DRIVERS\ndiscap.sys [2009-07-14 27136]
S3 nfrd960;nfrd960; C:\Windows\system32\DRIVERS\nfrd960.sys [2009-07-14 44624]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2009-10-06 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2009-10-06 8320]
S3 nv_agp;NVIDIA nForce AGP Bus Filter; C:\Windows\system32\DRIVERS\nv_agp.sys [2009-07-14 105024]
S3 nvraid;nvraid; C:\Windows\system32\DRIVERS\nvraid.sys [2009-07-14 117312]
S3 nvstor;nvstor; C:\Windows\system32\DRIVERS\nvstor.sys [2009-07-14 142416]
S3 ohci1394;1394 OHCI Compliant Host Controller (Legacy); C:\Windows\system32\DRIVERS\ohci1394.sys [2009-07-14 62464]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 ql2300;ql2300; C:\Windows\system32\DRIVERS\ql2300.sys [2009-07-14 1383488]
S3 ql40xx;ql40xx; C:\Windows\system32\DRIVERS\ql40xx.sys [2009-07-14 106064]
S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\Windows\system32\drivers\qwavedrv.sys [2009-07-14 31744]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\Windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\Windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\Windows\system32\DRIVERS\s1018bus.sys [2009-03-25 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1018obex.sys [2009-03-25 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1018unic.sys [2009-03-25 109864]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sbp2port;sbp2port; C:\Windows\system32\DRIVERS\sbp2port.sys [2009-07-14 85568]
S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys [2009-07-14 26624]
S3 sermouse;Serial Mouse Driver; C:\Windows\system32\DRIVERS\sermouse.sys [2009-07-14 19968]
S3 sffdisk;SFF Storage Class Driver; C:\Windows\system32\DRIVERS\sffdisk.sys [2009-07-14 11264]
S3 sffp_mmc;SFF Storage Protocol Driver for MMC; C:\Windows\system32\DRIVERS\sffp_mmc.sys [2009-07-14 12288]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\Windows\system32\DRIVERS\sffp_sd.sys [2009-07-14 12800]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 SiSRaid2;SiSRaid2; C:\Windows\system32\DRIVERS\SiSRaid2.sys [2009-07-14 40016]
S3 SiSRaid4;SiSRaid4; C:\Windows\system32\DRIVERS\sisraid4.sys [2009-07-14 77888]
S3 Smb;@%SystemRoot%\system32\tcpipcfg.dll,-50005; C:\Windows\system32\DRIVERS\smb.sys [2009-07-14 71168]
S3 stexstor;stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [2009-07-14 21072]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 TCPIP6;Microsoft IPv6 Protocol Driver; C:\Windows\system32\DRIVERS\tcpip.sys [2009-07-14 1285712]
S3 tssecsrv;@%SystemRoot%\System32\DRIVERS\tssecsrv.sys,-101; C:\Windows\System32\DRIVERS\tssecsrv.sys [2009-07-14 30208]
S3 uagp35;Microsoft AGPv3.5 Filter; C:\Windows\system32\DRIVERS\uagp35.sys [2009-07-14 55888]
S3 uliagpkx;Uli AGP Bus Filter; C:\Windows\system32\DRIVERS\uliagpkx.sys [2009-07-14 57424]
S3 UmPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys [2009-07-14 8192]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\Windows\system32\DRIVERS\usbccgp.sys [2009-07-14 75264]
S3 usbcir;eHome Infrared Receiver (USBCIR); C:\Windows\system32\DRIVERS\usbcir.sys [2009-07-14 86016]
S3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\Windows\system32\DRIVERS\usbohci.sys [2009-07-14 20480]
S3 usbprint;Třída USB Printer; C:\Windows\system32\DRIVERS\usbprint.sys [2009-07-14 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\Windows\system32\DRIVERS\USBSTOR.SYS [2009-07-14 74752]
S3 vga;vga; C:\Windows\system32\DRIVERS\vgapnp.sys [2009-07-14 26112]
S3 vhdmp;vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys [2009-07-14 159824]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 vsmraid;vsmraid; C:\Windows\system32\DRIVERS\vsmraid.sys [2009-07-14 141904]
S3 WacomPen;Wacom Serial Pen HID Driver; C:\Windows\system32\DRIVERS\wacompen.sys [2009-07-14 21632]
S3 Wd;Wd; C:\Windows\system32\DRIVERS\wd.sys [2009-07-14 19024]
S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2009-07-14 19008]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
S3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2009-07-14 11264]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]
S4 crcdisk;Crcdisk Filter Driver; C:\Windows\system32\DRIVERS\crcdisk.sys [2009-07-14 22096]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-10-02 94208]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 AudioEndpointBuilder;@%SystemRoot%\system32\audiosrv.dll,-204; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-02-11 40384]
R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 gpsvc;@gpapi.dll,-112; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 UxSms;@%SystemRoot%\system32\dwm.exe,-2000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 VMCService;Vodafone Mobile Connect Service; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-09-18 9216]
R2 WinDefend;@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Wlansvc;@%SystemRoot%\System32\wlansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 WMPNetworkSvc;@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101; C:\Program Files\Windows Media Player\wmpnetwk.exe [2009-07-14 1121280]
R2 WSearch;@%systemroot%\system32\SearchIndexer.exe,-103; C:\Windows\system32\SearchIndexer.exe [2009-07-14 428032]
R2 wudfsvc;@%SystemRoot%\system32\wudfsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-02-11 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-02-11 40384]
R3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 KeyIso;@keyiso.dll,-100; C:\Windows\system32\lsass.exe [2009-07-14 22528]
R3 netprofm;@%SystemRoot%\system32\netprofm.dll,-202; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
R3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 WdiServiceHost;@%systemroot%\system32\wdi.dll,-502; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 WdiSystemHost;@%systemroot%\system32\wdi.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 WinHttpAutoProxySvc;@%SystemRoot%\system32\winhttp.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [2009-07-14 3179520]
S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 clr_optimization_v2.0.50727_32;Microsoft .NET Framework NGEN v2.0.50727_X86; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2009-06-10 66384]
S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe [2009-07-14 22528]
S3 ehRecvr;@%SystemRoot%\ehome\ehrecvr.exe,-101; C:\Windows\ehome\ehRecvr.exe [2009-07-14 557056]
S3 ehSched;@%SystemRoot%\ehome\ehsched.exe,-101; C:\Windows\ehome\ehsched.exe [2009-07-14 94720]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2009-07-14 522752]
S3 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2009-06-10 42856]
S3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 idsvc;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2009-06-10 878416]
S3 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 IPBusEnum;@%systemroot%\system32\IPBusEnum.dll,-102; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 KtmRm;@comres.dll,-2946; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 p2pimsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8004; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 pla;@%systemroot%\system32\pla.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 PNRPAutoReg;@%SystemRoot%\system32\pnrpauto.dll,-8002; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 PNRPsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SDRSVC;@%SystemRoot%\system32\sdrsvc.dll,-107; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; C:\Windows\System32\snmptrap.exe [2009-07-14 12800]
S3 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 TabletInputService;@%SystemRoot%\system32\TabSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 TBS;@%SystemRoot%\system32\tbssvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\Windows\servicing\TrustedInstaller.exe [2009-07-14 204800]
S3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; C:\Windows\system32\UI0Detect.exe [2009-07-14 35840]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [2009-07-14 22528]
S3 vds;@%SystemRoot%\system32\vds.exe,-100; C:\Windows\System32\vds.exe [2009-07-14 452608]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-07-14 1202688]
S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 wcncsvc;@%SystemRoot%\system32\wcncsvc.dll,-3; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WcsPlugInService;@%SystemRoot%\system32\WcsPlugInService.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Wecsvc;@%SystemRoot%\system32\wecsvc.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 wercplsupport;@%SystemRoot%\System32\wercplsupport.dll,-101; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WerSvc;@%SystemRoot%\System32\wersvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WinRM;@%Systemroot%\system32\wsmsvc.dll,-101; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WPCSvc;@%SystemRoot%\system32\wpcsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 WPDBusEnum;@%SystemRoot%\system32\wpdbusenum.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 Mcx2Svc;@%SystemRoot%\ehome\ehres.dll,-15501; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 NetTcpPortSharing;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8201; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 128848]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Možnost viru - avast se vypíná jednou za čas
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119402
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Možnost viru - avast se vypíná jednou za čas
V neděli jste provedl sken ComboFix. Dejte z něj log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Možnost viru - avast se vypíná jednou za čas
ComboFix 10-02-27.04 - Ondra 28.02.2010 22:33:13.1.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.2039.1257 [GMT 1:00]
Spuštěný z: c:\users\Ondra\Desktop\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\programdata\hpe44AE.dll
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-28 do 2010-02-28 )))))))))))))))))))))))))))))))
.
2010-02-28 21:40 . 2010-02-28 21:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-02-28 17:25 . 2010-02-28 17:25 0 ----a-w- C:\ntuser.dat
2010-02-28 17:05 . 2010-02-28 17:05 -------- d-----w- c:\users\Ondra\AppData\Local\Threat Expert
2010-02-26 19:54 . 2010-02-26 19:54 -------- d-----w- c:\program files\AVG
2010-02-24 19:52 . 2009-12-13 09:30 641536 ----a-w- c:\windows\system32\CPFilters.dll
2010-02-24 19:52 . 2009-12-13 09:30 465408 ----a-w- c:\windows\system32\psisdecd.dll
2010-02-24 19:52 . 2009-12-13 09:29 417792 ----a-w- c:\windows\system32\msdri.dll
2010-02-24 19:52 . 2010-02-02 07:45 2048 ----a-w- c:\windows\system32\tzres.dll
2010-02-21 23:24 . 2010-02-21 23:24 -------- d-----w- c:\users\Ondra\.vnc
2010-02-19 18:33 . 2010-02-19 18:33 -------- d-----w- c:\programdata\Alwil Software
2010-02-18 00:10 . 2010-02-18 00:10 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2010-02-08 09:14 . 2010-02-08 09:14 -------- d-----w- c:\users\Ondra\AppData\Local\CounterPath
2010-02-08 09:02 . 2010-02-08 09:02 -------- d-----w- c:\program files\Common Files\Intel
2010-02-08 09:02 . 2010-02-08 09:02 -------- d-----w- c:\program files\CounterPath
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-28 17:08 . 2009-12-23 19:54 45056 ----a-w- c:\windows\system32\acovcnt.exe
2010-02-24 08:16 . 2009-12-23 20:12 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-21 15:11 . 2009-12-23 21:05 -------- d-----w- c:\program files\QIP Infium
2010-02-19 18:49 . 2009-12-23 20:57 -------- d-----w- c:\program files\Alwil Software
2010-02-18 20:58 . 2009-12-23 20:38 -------- d-----w- c:\users\Ondra\AppData\Roaming\FileZilla
2010-02-18 00:10 . 2009-12-24 16:22 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2010-02-11 18:53 . 2009-12-23 20:57 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-02-11 18:53 . 2009-12-23 20:57 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-02-11 18:42 . 2009-12-23 20:57 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-02-11 18:42 . 2009-12-23 20:57 162512 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-02-11 18:39 . 2009-12-23 20:57 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-02-11 18:38 . 2009-12-23 20:57 51792 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-02-11 18:38 . 2009-12-23 20:57 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-02-01 22:07 . 2009-12-23 20:34 -------- d-----w- c:\program files\Opera
2010-01-31 11:09 . 2009-12-29 10:09 -------- d-----w- c:\users\Ondra\AppData\Roaming\MyPhoneExplorer
2010-01-26 19:53 . 2010-01-26 19:53 -------- d-----w- c:\program files\NSS
2010-01-24 15:32 . 2010-01-24 15:29 -------- d-----w- c:\users\Ondra\AppData\Roaming\KeePass
2010-01-24 15:32 . 2010-01-24 15:28 -------- d-----w- c:\program files\KeePass Password Safe 2
2010-01-24 10:10 . 2010-01-07 19:18 -------- d-----w- c:\program files\Common Files\Nokia
2010-01-24 10:10 . 2010-01-07 19:17 -------- d-----w- c:\program files\Nokia
2010-01-24 10:09 . 2010-01-24 10:09 3351812 ----a-w- c:\programdata\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\msxml6Exec.exe
2010-01-24 10:09 . 2010-01-24 10:09 36864 ----a-w- c:\programdata\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\Sleep.exe
2010-01-24 10:09 . 2010-01-24 10:09 3203453 ----a-w- c:\programdata\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\vcredistExec.exe
2010-01-24 10:08 . 2010-01-07 19:55 -------- d-----w- c:\programdata\Installations
2010-01-24 10:08 . 2010-01-24 10:10 24567912 ----a-w- c:\programdata\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\NokiaSoftwareUpdaterSetup_cs.exe
2010-01-22 20:02 . 2010-01-22 20:02 -------- d-----w- c:\program files\FileZilla FTP Client
2010-01-21 17:58 . 2010-01-07 20:45 -------- d-----w- c:\users\Ondra\AppData\Roaming\Nokia
2010-01-20 21:22 . 2009-12-23 20:46 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-20 16:35 . 2009-12-23 21:37 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-18 23:29 . 2010-02-10 17:23 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-01-18 23:29 . 2010-02-10 17:23 85504 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-01-18 23:29 . 2010-02-10 17:23 365568 ----a-w- c:\windows\system32\secproc_isv.dll
2010-01-18 23:29 . 2010-02-10 17:23 369152 ----a-w- c:\windows\system32\secproc.dll
2010-01-18 23:28 . 2010-02-10 17:23 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-01-18 23:28 . 2010-02-10 17:23 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-18 23:28 . 2010-02-10 17:23 320512 ----a-w- c:\windows\system32\RMActivate.exe
2010-01-18 23:28 . 2010-02-10 17:23 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-01-18 22:31 . 2010-01-18 22:31 -------- d-----w- c:\users\Ondra\AppData\Roaming\AnvSoft
2010-01-18 22:31 . 2010-01-18 22:31 -------- d-----w- c:\program files\AnvSoft
2010-01-17 11:26 . 2010-01-17 11:26 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2010-01-09 16:32 . 2010-01-09 16:32 -------- d-----w- c:\users\Ondra\AppData\Roaming\Ahead
2010-01-08 03:18 . 2010-02-10 17:23 221184 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-01-08 03:17 . 2010-02-10 17:23 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-01-07 20:46 . 2010-01-07 20:45 -------- d-----w- c:\users\Ondra\AppData\Roaming\PC Suite
2010-01-07 20:45 . 2010-01-07 20:45 -------- d-----w- c:\programdata\PC Suite
2010-01-07 19:57 . 2010-01-07 19:56 -------- d-----w- c:\program files\DIFX
2010-01-07 19:57 . 2010-01-07 19:57 -------- d-----w- c:\program files\Common Files\PCSuite
2010-01-07 19:56 . 2010-01-07 19:56 -------- d-----w- c:\program files\PC Connectivity Solution
2010-01-07 19:55 . 2010-01-07 19:55 95232 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\pcswpcsi.exe
2010-01-07 19:55 . 2010-01-07 19:55 8192 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstCCD.exe
2010-01-07 19:55 . 2010-01-07 19:55 61440 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-01-07 19:55 . 2010-01-07 19:55 10240 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCS.exe
2010-01-07 19:49 . 2010-01-07 19:56 34698816 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Nokia_PC_Suite_7_1_40_1_cze_web.exe
2010-01-07 19:25 . 2010-01-07 19:25 -------- d-----w- c:\programdata\Nokia
2010-01-07 19:24 . 2010-01-07 19:24 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2010-01-07 19:21 . 2009-12-23 19:21 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-07 19:18 . 2010-01-07 19:18 10454 ----a-w- c:\windows\system32\drivers\parldr2k.sys
2010-01-04 16:29 . 2010-01-04 16:27 -------- d-----w- c:\programdata\EPSON
2009-12-29 10:18 . 2009-12-29 10:18 25512 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2009-12-29 10:18 . 2009-12-29 10:18 13224 ----a-w- c:\windows\system32\drivers\ggflt.sys
2009-12-24 16:22 . 2009-12-24 16:22 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-12-23 21:40 . 2009-12-23 19:54 67856 ----a-w- c:\users\Ondra\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-23 21:01 . 2009-12-23 21:01 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-23 19:51 . 2009-12-23 19:51 8464 ----a-w- c:\windows\system32\SpOrder.dll
2009-12-23 19:23 . 2009-12-23 19:23 319456 ----a-w- c:\windows\DIFxAPI.dll
2009-12-23 19:23 . 2009-12-23 19:23 315392 ----a-w- c:\windows\HideWin.exe
2009-12-23 19:13 . 2009-12-23 19:13 36232 ----a-w- c:\windows\inf\PERFLIB\0405\perfd.dat
2009-12-23 19:13 . 2009-12-23 19:13 36232 ----a-w- c:\windows\inf\PERFLIB\0405\perfc.dat
2009-12-23 19:13 . 2009-12-23 19:13 292004 ----a-w- c:\windows\inf\PERFLIB\0405\perfi.dat
2009-12-23 19:13 . 2009-12-23 19:13 292004 ----a-w- c:\windows\inf\PERFLIB\0405\perfh.dat
2009-12-19 09:02 . 2010-01-22 06:14 977920 ----a-w- c:\windows\system32\wininet.dll
2009-12-19 09:02 . 2010-02-10 17:23 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2009-12-19 09:02 . 2010-02-10 17:23 1328640 ----a-w- c:\windows\system32\quartz.dll
2009-12-19 09:02 . 2010-02-10 17:23 22016 ----a-w- c:\windows\system32\msyuv.dll
2009-12-19 09:02 . 2010-02-10 17:23 31744 ----a-w- c:\windows\system32\msvidc32.dll
2009-12-19 09:02 . 2010-02-10 17:23 13312 ----a-w- c:\windows\system32\msrle32.dll
2009-12-19 09:02 . 2010-02-10 17:23 84480 ----a-w- c:\windows\system32\mciavi32.dll
2009-12-19 09:02 . 2010-02-10 17:23 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2009-12-19 09:02 . 2010-02-10 17:23 91648 ----a-w- c:\windows\system32\avifil32.dll
2009-12-08 11:40 . 2010-02-10 17:23 3955288 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-08 11:40 . 2010-02-10 17:23 3899464 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-08 11:32 . 2010-02-10 17:23 292864 ----a-w- c:\windows\system32\apphelp.dll
2009-12-08 08:05 . 2010-02-10 17:23 310784 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-08 08:05 . 2010-02-10 17:23 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\users\Ondra\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-12-23 135664]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]
"eyeBeam SIP Client"="c:\program files\CounterPath\X-Lite\x-lite.exe" [2006-05-31 18550784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2007-10-17 7737344]
"RtHDVCpl"="RtHDVCpl.exe" [2007-10-31 4702208]
"Skytel"="Skytel.exe" [2007-10-11 1826816]
"SMSERIAL"="sm56hlpr.exe" [2005-05-26 544768]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-01 857648]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-23 149280]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-11 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-11 150552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-02-11 2756488]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileConnect]
2009-09-18 16:48 2412032 ----a-w- c:\program files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
R1 aswSP;aswSP;c:\windows\System32\drivers\aswSP.sys [23.12.2009 21:57 162512]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\System32\drivers\vwififlt.sys [14.7.2009 0:52 48128]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [23.12.2009 21:57 19024]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [23.12.2009 21:57 51792]
R2 PARLDR2K;PARLDR2K;c:\windows\System32\drivers\parldr2k.sys [7.1.2010 20:18 10454]
R2 VMCService;Vodafone Mobile Connect Service;c:\program files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [18.9.2009 17:48 9216]
R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\System32\drivers\BthAvrcp.sys [13.8.2009 8:23 22528]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\System32\drivers\seehcri.sys [29.12.2009 11:12 27632]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [29.12.2009 11:12 90112]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\System32\drivers\ewusbnet.sys [23.12.2009 20:53 112128]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\System32\drivers\ggflt.sys [29.12.2009 11:18 13224]
S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\System32\drivers\ewusbfake.sys [23.12.2009 20:52 100736]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\System32\drivers\nmwcdnsu.sys [6.10.2009 11:56 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\System32\drivers\nmwcdnsuc.sys [6.10.2009 11:56 8320]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\System32\drivers\s0016bus.sys [29.12.2009 11:12 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\System32\drivers\s0016mdfl.sys [29.12.2009 11:12 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\System32\drivers\s0016mdm.sys [29.12.2009 11:12 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\System32\drivers\s0016mgmt.sys [29.12.2009 11:12 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\System32\drivers\s0016nd5.sys [29.12.2009 11:12 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\System32\drivers\s0016obex.sys [29.12.2009 11:12 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\System32\drivers\s0016unic.sys [29.12.2009 11:12 115752]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\System32\drivers\s1018bus.sys [29.12.2009 11:12 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\System32\drivers\s1018mdfl.sys [29.12.2009 11:12 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\System32\drivers\s1018mdm.sys [29.12.2009 11:12 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\System32\drivers\s1018mgmt.sys [29.12.2009 11:12 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\System32\drivers\s1018nd5.sys [29.12.2009 11:12 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\System32\drivers\s1018obex.sys [29.12.2009 11:12 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\System32\drivers\s1018unic.sys [29.12.2009 11:12 109864]
--- Ostatní služby/ovladače v paměti ---
*Deregistered* - BMLoad
.
Obsah adresáře 'Naplánované úlohy'
2010-02-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3702307991-477689461-1202135443-1000Core.job
- c:\users\Ondra\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-23 20:50]
2010-02-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3702307991-477689461-1202135443-1000UA.job
- c:\users\Ondra\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-23 20:50]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: bmnet.dll
TCP: {BCF9D10D-D15E-4A82-8EA7-B9DA8302E6EB} = 8.8.8.8,8.8.4.4
TCP: 07564666D2075726C69636D213 = 8.8.8.8,8.8.4.4
TCP: {C817176A-42EE-47C2-BFF8-9E6D71FFC742} = 8.8.8.8,8.8.4.4
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0014\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0015\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0016\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0017\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'lsass.exe'(592)
c:\windows\system32\bmnet.dll
.
Celkový čas: 2010-02-28 22:42:36
ComboFix-quarantined-files.txt 2010-02-28 21:42
Před spuštěním: Volných bajtů: 33 546 313 728
Po spuštění: Volných bajtů: 33 490 341 888
- - End Of File - - 6A8F4971C35AB36A0F03DBEFB7C13A1B
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.2039.1257 [GMT 1:00]
Spuštěný z: c:\users\Ondra\Desktop\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\programdata\hpe44AE.dll
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-28 do 2010-02-28 )))))))))))))))))))))))))))))))
.
2010-02-28 21:40 . 2010-02-28 21:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-02-28 17:25 . 2010-02-28 17:25 0 ----a-w- C:\ntuser.dat
2010-02-28 17:05 . 2010-02-28 17:05 -------- d-----w- c:\users\Ondra\AppData\Local\Threat Expert
2010-02-26 19:54 . 2010-02-26 19:54 -------- d-----w- c:\program files\AVG
2010-02-24 19:52 . 2009-12-13 09:30 641536 ----a-w- c:\windows\system32\CPFilters.dll
2010-02-24 19:52 . 2009-12-13 09:30 465408 ----a-w- c:\windows\system32\psisdecd.dll
2010-02-24 19:52 . 2009-12-13 09:29 417792 ----a-w- c:\windows\system32\msdri.dll
2010-02-24 19:52 . 2010-02-02 07:45 2048 ----a-w- c:\windows\system32\tzres.dll
2010-02-21 23:24 . 2010-02-21 23:24 -------- d-----w- c:\users\Ondra\.vnc
2010-02-19 18:33 . 2010-02-19 18:33 -------- d-----w- c:\programdata\Alwil Software
2010-02-18 00:10 . 2010-02-18 00:10 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2010-02-08 09:14 . 2010-02-08 09:14 -------- d-----w- c:\users\Ondra\AppData\Local\CounterPath
2010-02-08 09:02 . 2010-02-08 09:02 -------- d-----w- c:\program files\Common Files\Intel
2010-02-08 09:02 . 2010-02-08 09:02 -------- d-----w- c:\program files\CounterPath
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-28 17:08 . 2009-12-23 19:54 45056 ----a-w- c:\windows\system32\acovcnt.exe
2010-02-24 08:16 . 2009-12-23 20:12 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-21 15:11 . 2009-12-23 21:05 -------- d-----w- c:\program files\QIP Infium
2010-02-19 18:49 . 2009-12-23 20:57 -------- d-----w- c:\program files\Alwil Software
2010-02-18 20:58 . 2009-12-23 20:38 -------- d-----w- c:\users\Ondra\AppData\Roaming\FileZilla
2010-02-18 00:10 . 2009-12-24 16:22 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2010-02-11 18:53 . 2009-12-23 20:57 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-02-11 18:53 . 2009-12-23 20:57 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-02-11 18:42 . 2009-12-23 20:57 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-02-11 18:42 . 2009-12-23 20:57 162512 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-02-11 18:39 . 2009-12-23 20:57 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-02-11 18:38 . 2009-12-23 20:57 51792 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-02-11 18:38 . 2009-12-23 20:57 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-02-01 22:07 . 2009-12-23 20:34 -------- d-----w- c:\program files\Opera
2010-01-31 11:09 . 2009-12-29 10:09 -------- d-----w- c:\users\Ondra\AppData\Roaming\MyPhoneExplorer
2010-01-26 19:53 . 2010-01-26 19:53 -------- d-----w- c:\program files\NSS
2010-01-24 15:32 . 2010-01-24 15:29 -------- d-----w- c:\users\Ondra\AppData\Roaming\KeePass
2010-01-24 15:32 . 2010-01-24 15:28 -------- d-----w- c:\program files\KeePass Password Safe 2
2010-01-24 10:10 . 2010-01-07 19:18 -------- d-----w- c:\program files\Common Files\Nokia
2010-01-24 10:10 . 2010-01-07 19:17 -------- d-----w- c:\program files\Nokia
2010-01-24 10:09 . 2010-01-24 10:09 3351812 ----a-w- c:\programdata\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\msxml6Exec.exe
2010-01-24 10:09 . 2010-01-24 10:09 36864 ----a-w- c:\programdata\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\Sleep.exe
2010-01-24 10:09 . 2010-01-24 10:09 3203453 ----a-w- c:\programdata\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\vcredistExec.exe
2010-01-24 10:08 . 2010-01-07 19:55 -------- d-----w- c:\programdata\Installations
2010-01-24 10:08 . 2010-01-24 10:10 24567912 ----a-w- c:\programdata\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\NokiaSoftwareUpdaterSetup_cs.exe
2010-01-22 20:02 . 2010-01-22 20:02 -------- d-----w- c:\program files\FileZilla FTP Client
2010-01-21 17:58 . 2010-01-07 20:45 -------- d-----w- c:\users\Ondra\AppData\Roaming\Nokia
2010-01-20 21:22 . 2009-12-23 20:46 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-20 16:35 . 2009-12-23 21:37 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-18 23:29 . 2010-02-10 17:23 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-01-18 23:29 . 2010-02-10 17:23 85504 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-01-18 23:29 . 2010-02-10 17:23 365568 ----a-w- c:\windows\system32\secproc_isv.dll
2010-01-18 23:29 . 2010-02-10 17:23 369152 ----a-w- c:\windows\system32\secproc.dll
2010-01-18 23:28 . 2010-02-10 17:23 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-01-18 23:28 . 2010-02-10 17:23 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-18 23:28 . 2010-02-10 17:23 320512 ----a-w- c:\windows\system32\RMActivate.exe
2010-01-18 23:28 . 2010-02-10 17:23 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-01-18 22:31 . 2010-01-18 22:31 -------- d-----w- c:\users\Ondra\AppData\Roaming\AnvSoft
2010-01-18 22:31 . 2010-01-18 22:31 -------- d-----w- c:\program files\AnvSoft
2010-01-17 11:26 . 2010-01-17 11:26 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2010-01-09 16:32 . 2010-01-09 16:32 -------- d-----w- c:\users\Ondra\AppData\Roaming\Ahead
2010-01-08 03:18 . 2010-02-10 17:23 221184 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-01-08 03:17 . 2010-02-10 17:23 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-01-07 20:46 . 2010-01-07 20:45 -------- d-----w- c:\users\Ondra\AppData\Roaming\PC Suite
2010-01-07 20:45 . 2010-01-07 20:45 -------- d-----w- c:\programdata\PC Suite
2010-01-07 19:57 . 2010-01-07 19:56 -------- d-----w- c:\program files\DIFX
2010-01-07 19:57 . 2010-01-07 19:57 -------- d-----w- c:\program files\Common Files\PCSuite
2010-01-07 19:56 . 2010-01-07 19:56 -------- d-----w- c:\program files\PC Connectivity Solution
2010-01-07 19:55 . 2010-01-07 19:55 95232 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\pcswpcsi.exe
2010-01-07 19:55 . 2010-01-07 19:55 8192 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstCCD.exe
2010-01-07 19:55 . 2010-01-07 19:55 61440 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-01-07 19:55 . 2010-01-07 19:55 10240 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCS.exe
2010-01-07 19:49 . 2010-01-07 19:56 34698816 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Nokia_PC_Suite_7_1_40_1_cze_web.exe
2010-01-07 19:25 . 2010-01-07 19:25 -------- d-----w- c:\programdata\Nokia
2010-01-07 19:24 . 2010-01-07 19:24 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2010-01-07 19:21 . 2009-12-23 19:21 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-07 19:18 . 2010-01-07 19:18 10454 ----a-w- c:\windows\system32\drivers\parldr2k.sys
2010-01-04 16:29 . 2010-01-04 16:27 -------- d-----w- c:\programdata\EPSON
2009-12-29 10:18 . 2009-12-29 10:18 25512 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2009-12-29 10:18 . 2009-12-29 10:18 13224 ----a-w- c:\windows\system32\drivers\ggflt.sys
2009-12-24 16:22 . 2009-12-24 16:22 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-12-23 21:40 . 2009-12-23 19:54 67856 ----a-w- c:\users\Ondra\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-23 21:01 . 2009-12-23 21:01 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-23 19:51 . 2009-12-23 19:51 8464 ----a-w- c:\windows\system32\SpOrder.dll
2009-12-23 19:23 . 2009-12-23 19:23 319456 ----a-w- c:\windows\DIFxAPI.dll
2009-12-23 19:23 . 2009-12-23 19:23 315392 ----a-w- c:\windows\HideWin.exe
2009-12-23 19:13 . 2009-12-23 19:13 36232 ----a-w- c:\windows\inf\PERFLIB\0405\perfd.dat
2009-12-23 19:13 . 2009-12-23 19:13 36232 ----a-w- c:\windows\inf\PERFLIB\0405\perfc.dat
2009-12-23 19:13 . 2009-12-23 19:13 292004 ----a-w- c:\windows\inf\PERFLIB\0405\perfi.dat
2009-12-23 19:13 . 2009-12-23 19:13 292004 ----a-w- c:\windows\inf\PERFLIB\0405\perfh.dat
2009-12-19 09:02 . 2010-01-22 06:14 977920 ----a-w- c:\windows\system32\wininet.dll
2009-12-19 09:02 . 2010-02-10 17:23 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2009-12-19 09:02 . 2010-02-10 17:23 1328640 ----a-w- c:\windows\system32\quartz.dll
2009-12-19 09:02 . 2010-02-10 17:23 22016 ----a-w- c:\windows\system32\msyuv.dll
2009-12-19 09:02 . 2010-02-10 17:23 31744 ----a-w- c:\windows\system32\msvidc32.dll
2009-12-19 09:02 . 2010-02-10 17:23 13312 ----a-w- c:\windows\system32\msrle32.dll
2009-12-19 09:02 . 2010-02-10 17:23 84480 ----a-w- c:\windows\system32\mciavi32.dll
2009-12-19 09:02 . 2010-02-10 17:23 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2009-12-19 09:02 . 2010-02-10 17:23 91648 ----a-w- c:\windows\system32\avifil32.dll
2009-12-08 11:40 . 2010-02-10 17:23 3955288 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-08 11:40 . 2010-02-10 17:23 3899464 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-08 11:32 . 2010-02-10 17:23 292864 ----a-w- c:\windows\system32\apphelp.dll
2009-12-08 08:05 . 2010-02-10 17:23 310784 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-08 08:05 . 2010-02-10 17:23 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\users\Ondra\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-12-23 135664]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]
"eyeBeam SIP Client"="c:\program files\CounterPath\X-Lite\x-lite.exe" [2006-05-31 18550784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2007-10-17 7737344]
"RtHDVCpl"="RtHDVCpl.exe" [2007-10-31 4702208]
"Skytel"="Skytel.exe" [2007-10-11 1826816]
"SMSERIAL"="sm56hlpr.exe" [2005-05-26 544768]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-01 857648]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-23 149280]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-11 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-11 150552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-02-11 2756488]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileConnect]
2009-09-18 16:48 2412032 ----a-w- c:\program files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
R1 aswSP;aswSP;c:\windows\System32\drivers\aswSP.sys [23.12.2009 21:57 162512]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\System32\drivers\vwififlt.sys [14.7.2009 0:52 48128]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [23.12.2009 21:57 19024]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [23.12.2009 21:57 51792]
R2 PARLDR2K;PARLDR2K;c:\windows\System32\drivers\parldr2k.sys [7.1.2010 20:18 10454]
R2 VMCService;Vodafone Mobile Connect Service;c:\program files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [18.9.2009 17:48 9216]
R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\System32\drivers\BthAvrcp.sys [13.8.2009 8:23 22528]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\System32\drivers\seehcri.sys [29.12.2009 11:12 27632]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [29.12.2009 11:12 90112]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\System32\drivers\ewusbnet.sys [23.12.2009 20:53 112128]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\System32\drivers\ggflt.sys [29.12.2009 11:18 13224]
S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\System32\drivers\ewusbfake.sys [23.12.2009 20:52 100736]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\System32\drivers\nmwcdnsu.sys [6.10.2009 11:56 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\System32\drivers\nmwcdnsuc.sys [6.10.2009 11:56 8320]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\System32\drivers\s0016bus.sys [29.12.2009 11:12 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\System32\drivers\s0016mdfl.sys [29.12.2009 11:12 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\System32\drivers\s0016mdm.sys [29.12.2009 11:12 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\System32\drivers\s0016mgmt.sys [29.12.2009 11:12 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\System32\drivers\s0016nd5.sys [29.12.2009 11:12 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\System32\drivers\s0016obex.sys [29.12.2009 11:12 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\System32\drivers\s0016unic.sys [29.12.2009 11:12 115752]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\System32\drivers\s1018bus.sys [29.12.2009 11:12 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\System32\drivers\s1018mdfl.sys [29.12.2009 11:12 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\System32\drivers\s1018mdm.sys [29.12.2009 11:12 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\System32\drivers\s1018mgmt.sys [29.12.2009 11:12 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\System32\drivers\s1018nd5.sys [29.12.2009 11:12 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\System32\drivers\s1018obex.sys [29.12.2009 11:12 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\System32\drivers\s1018unic.sys [29.12.2009 11:12 109864]
--- Ostatní služby/ovladače v paměti ---
*Deregistered* - BMLoad
.
Obsah adresáře 'Naplánované úlohy'
2010-02-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3702307991-477689461-1202135443-1000Core.job
- c:\users\Ondra\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-23 20:50]
2010-02-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3702307991-477689461-1202135443-1000UA.job
- c:\users\Ondra\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-23 20:50]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: bmnet.dll
TCP: {BCF9D10D-D15E-4A82-8EA7-B9DA8302E6EB} = 8.8.8.8,8.8.4.4
TCP: 07564666D2075726C69636D213 = 8.8.8.8,8.8.4.4
TCP: {C817176A-42EE-47C2-BFF8-9E6D71FFC742} = 8.8.8.8,8.8.4.4
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0014\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0015\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0016\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0017\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'lsass.exe'(592)
c:\windows\system32\bmnet.dll
.
Celkový čas: 2010-02-28 22:42:36
ComboFix-quarantined-files.txt 2010-02-28 21:42
Před spuštěním: Volných bajtů: 33 546 313 728
Po spuštění: Volných bajtů: 33 490 341 888
- - End Of File - - 6A8F4971C35AB36A0F03DBEFB7C13A1B
-
Rudy
- Site Admin
- Příspěvky: 119402
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Možnost viru - avast se vypíná jednou za čas
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.Collect::
c:\windows\system32\acovcnt.exe
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Možnost viru - avast se vypíná jednou za čas
Po provedení:
ComboFix 10-03-03.09 - Ondra 04.03.2010 18:18:16.2.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.2039.1118 [GMT 1:00]
Spuštěný z: c:\users\Ondra\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Ondra\Desktop\CFScript.txt
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
c:\windows\system32\acovcnt.exe
----- BITS: Možné infikované stránky -----
hxxp://armmf.adobe.com
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-04 do 2010-03-04 )))))))))))))))))))))))))))))))
.
2010-03-04 17:25 . 2010-03-04 17:25 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-03-04 17:25 . 2010-03-04 17:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-03-04 17:16 . 2010-03-04 17:16 -------- d-----w- C:\32788R22FWJFW
2010-03-03 17:07 . 2010-03-03 17:07 -------- d-----w- c:\users\Ondra\AppData\Local\Twitter
2010-03-02 13:52 . 2010-03-02 13:52 -------- d-----w- c:\program files\trend micro
2010-03-02 13:52 . 2010-03-02 13:53 -------- d-----w- C:\rsit
2010-03-02 10:14 . 2010-03-03 17:07 -------- d-----w- c:\users\Ondra\AppData\Local\Opera
2010-02-28 22:05 . 2010-02-11 18:42 162512 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-02-28 22:05 . 2010-02-11 18:38 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-02-28 22:05 . 2010-02-11 18:42 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-02-28 22:05 . 2010-02-11 18:39 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-02-28 22:05 . 2010-02-11 18:38 51792 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-02-28 22:05 . 2010-02-11 18:53 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-02-28 22:05 . 2010-02-11 18:53 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-02-28 17:25 . 2010-02-28 17:25 0 ----a-w- C:\ntuser.dat
2010-02-28 17:05 . 2010-02-28 17:05 -------- d-----w- c:\users\Ondra\AppData\Local\Threat Expert
2010-02-26 19:54 . 2010-02-26 19:54 -------- d-----w- c:\program files\AVG
2010-02-24 19:52 . 2009-12-13 09:30 641536 ----a-w- c:\windows\system32\CPFilters.dll
2010-02-24 19:52 . 2009-12-13 09:30 465408 ----a-w- c:\windows\system32\psisdecd.dll
2010-02-24 19:52 . 2009-12-13 09:29 417792 ----a-w- c:\windows\system32\msdri.dll
2010-02-24 19:52 . 2010-02-02 07:45 2048 ----a-w- c:\windows\system32\tzres.dll
2010-02-21 23:24 . 2010-02-21 23:24 -------- d-----w- c:\users\Ondra\.vnc
2010-02-19 18:33 . 2010-02-19 18:33 -------- d-----w- c:\programdata\Alwil Software
2010-02-18 00:10 . 2010-02-18 00:10 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2010-02-08 09:14 . 2010-02-08 09:14 -------- d-----w- c:\users\Ondra\AppData\Local\CounterPath
2010-02-08 09:02 . 2010-02-08 09:02 -------- d-----w- c:\program files\Common Files\Intel
2010-02-08 09:02 . 2010-02-08 09:02 -------- d-----w- c:\program files\CounterPath
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-02 10:14 . 2009-12-23 20:34 -------- d-----w- c:\program files\Opera
2010-02-28 22:12 . 2009-12-23 21:05 -------- d-----w- c:\program files\QIP Infium
2010-02-28 22:02 . 2010-01-26 19:53 -------- d-----w- c:\program files\NSS
2010-02-28 22:01 . 2009-12-23 19:21 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-28 22:01 . 2010-01-24 15:28 -------- d-----w- c:\program files\KeePass Password Safe 2
2010-02-24 08:16 . 2009-12-23 20:12 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-19 18:49 . 2009-12-23 20:57 -------- d-----w- c:\program files\Alwil Software
2010-02-18 20:58 . 2009-12-23 20:38 -------- d-----w- c:\users\Ondra\AppData\Roaming\FileZilla
2010-02-18 00:10 . 2009-12-24 16:22 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2010-01-31 11:09 . 2009-12-29 10:09 -------- d-----w- c:\users\Ondra\AppData\Roaming\MyPhoneExplorer
2010-01-24 15:32 . 2010-01-24 15:29 -------- d-----w- c:\users\Ondra\AppData\Roaming\KeePass
2010-01-24 10:10 . 2010-01-07 19:18 -------- d-----w- c:\program files\Common Files\Nokia
2010-01-24 10:10 . 2010-01-07 19:17 -------- d-----w- c:\program files\Nokia
2010-01-24 10:09 . 2010-01-24 10:09 3351812 ----a-w- c:\programdata\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\msxml6Exec.exe
2010-01-24 10:09 . 2010-01-24 10:09 36864 ----a-w- c:\programdata\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\Sleep.exe
2010-01-24 10:09 . 2010-01-24 10:09 3203453 ----a-w- c:\programdata\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\vcredistExec.exe
2010-01-24 10:08 . 2010-01-07 19:55 -------- d-----w- c:\programdata\Installations
2010-01-24 10:08 . 2010-01-24 10:10 24567912 ----a-w- c:\programdata\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\NokiaSoftwareUpdaterSetup_cs.exe
2010-01-22 20:02 . 2010-01-22 20:02 -------- d-----w- c:\program files\FileZilla FTP Client
2010-01-21 17:58 . 2010-01-07 20:45 -------- d-----w- c:\users\Ondra\AppData\Roaming\Nokia
2010-01-20 21:22 . 2009-12-23 20:46 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-20 16:35 . 2009-12-23 21:37 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-18 23:29 . 2010-02-10 17:23 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-01-18 23:29 . 2010-02-10 17:23 85504 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-01-18 23:29 . 2010-02-10 17:23 365568 ----a-w- c:\windows\system32\secproc_isv.dll
2010-01-18 23:29 . 2010-02-10 17:23 369152 ----a-w- c:\windows\system32\secproc.dll
2010-01-18 23:28 . 2010-02-10 17:23 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-01-18 23:28 . 2010-02-10 17:23 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-18 23:28 . 2010-02-10 17:23 320512 ----a-w- c:\windows\system32\RMActivate.exe
2010-01-18 23:28 . 2010-02-10 17:23 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-01-18 22:31 . 2010-01-18 22:31 -------- d-----w- c:\users\Ondra\AppData\Roaming\AnvSoft
2010-01-18 22:31 . 2010-01-18 22:31 -------- d-----w- c:\program files\AnvSoft
2010-01-17 11:26 . 2010-01-17 11:26 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2010-01-09 16:32 . 2010-01-09 16:32 -------- d-----w- c:\users\Ondra\AppData\Roaming\Ahead
2010-01-08 03:18 . 2010-02-10 17:23 221184 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-01-08 03:17 . 2010-02-10 17:23 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-01-07 20:46 . 2010-01-07 20:45 -------- d-----w- c:\users\Ondra\AppData\Roaming\PC Suite
2010-01-07 20:45 . 2010-01-07 20:45 -------- d-----w- c:\programdata\PC Suite
2010-01-07 19:57 . 2010-01-07 19:56 -------- d-----w- c:\program files\DIFX
2010-01-07 19:57 . 2010-01-07 19:57 -------- d-----w- c:\program files\Common Files\PCSuite
2010-01-07 19:56 . 2010-01-07 19:56 -------- d-----w- c:\program files\PC Connectivity Solution
2010-01-07 19:55 . 2010-01-07 19:55 95232 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\pcswpcsi.exe
2010-01-07 19:55 . 2010-01-07 19:55 8192 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstCCD.exe
2010-01-07 19:55 . 2010-01-07 19:55 61440 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-01-07 19:55 . 2010-01-07 19:55 10240 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCS.exe
2010-01-07 19:49 . 2010-01-07 19:56 34698816 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Nokia_PC_Suite_7_1_40_1_cze_web.exe
2010-01-07 19:25 . 2010-01-07 19:25 -------- d-----w- c:\programdata\Nokia
2010-01-07 19:24 . 2010-01-07 19:24 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2010-01-07 19:18 . 2010-01-07 19:18 10454 ----a-w- c:\windows\system32\drivers\parldr2k.sys
2010-01-04 16:29 . 2010-01-04 16:27 -------- d-----w- c:\programdata\EPSON
2009-12-29 10:18 . 2009-12-29 10:18 25512 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2009-12-29 10:18 . 2009-12-29 10:18 13224 ----a-w- c:\windows\system32\drivers\ggflt.sys
2009-12-24 16:22 . 2009-12-24 16:22 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-12-23 21:40 . 2009-12-23 19:54 67856 ----a-w- c:\users\Ondra\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-23 21:01 . 2009-12-23 21:01 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-23 19:51 . 2009-12-23 19:51 8464 ----a-w- c:\windows\system32\SpOrder.dll
2009-12-23 19:23 . 2009-12-23 19:23 319456 ----a-w- c:\windows\DIFxAPI.dll
2009-12-23 19:23 . 2009-12-23 19:23 315392 ----a-w- c:\windows\HideWin.exe
2009-12-23 19:13 . 2009-12-23 19:13 36232 ----a-w- c:\windows\inf\PERFLIB\0405\perfd.dat
2009-12-23 19:13 . 2009-12-23 19:13 36232 ----a-w- c:\windows\inf\PERFLIB\0405\perfc.dat
2009-12-23 19:13 . 2009-12-23 19:13 292004 ----a-w- c:\windows\inf\PERFLIB\0405\perfi.dat
2009-12-23 19:13 . 2009-12-23 19:13 292004 ----a-w- c:\windows\inf\PERFLIB\0405\perfh.dat
2009-12-19 09:02 . 2010-01-22 06:14 977920 ----a-w- c:\windows\system32\wininet.dll
2009-12-19 09:02 . 2010-02-10 17:23 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2009-12-19 09:02 . 2010-02-10 17:23 1328640 ----a-w- c:\windows\system32\quartz.dll
2009-12-19 09:02 . 2010-02-10 17:23 22016 ----a-w- c:\windows\system32\msyuv.dll
2009-12-19 09:02 . 2010-02-10 17:23 31744 ----a-w- c:\windows\system32\msvidc32.dll
2009-12-19 09:02 . 2010-02-10 17:23 13312 ----a-w- c:\windows\system32\msrle32.dll
2009-12-19 09:02 . 2010-02-10 17:23 84480 ----a-w- c:\windows\system32\mciavi32.dll
2009-12-19 09:02 . 2010-02-10 17:23 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2009-12-19 09:02 . 2010-02-10 17:23 91648 ----a-w- c:\windows\system32\avifil32.dll
2009-12-08 11:40 . 2010-02-10 17:23 3955288 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-08 11:40 . 2010-02-10 17:23 3899464 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-08 11:32 . 2010-02-10 17:23 292864 ----a-w- c:\windows\system32\apphelp.dll
2009-12-08 08:05 . 2010-02-10 17:23 310784 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-08 08:05 . 2010-02-10 17:23 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\users\Ondra\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-12-23 135664]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]
"eyeBeam SIP Client"="c:\program files\CounterPath\X-Lite\x-lite.exe" [2006-05-31 18550784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2007-10-17 7737344]
"RtHDVCpl"="RtHDVCpl.exe" [2007-10-31 4702208]
"Skytel"="Skytel.exe" [2007-10-11 1826816]
"SMSERIAL"="sm56hlpr.exe" [2005-05-26 544768]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-01 857648]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-23 149280]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-11 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-11 150552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-02-11 2756488]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileConnect]
2009-09-18 16:48 2412032 ----a-w- c:\program files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2009-07-23 112128]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2009-12-29 13224]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [2009-07-23 100736]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2009-10-06 136704]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2009-10-06 8320]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [2009-03-25 86824]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [2009-03-25 104744]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [2009-03-25 109864]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-02-11 51792]
S2 PARLDR2K;PARLDR2K;c:\windows\system32\drivers\parldr2k.sys [2010-01-07 10454]
S2 VMCService;Vodafone Mobile Connect Service;c:\program files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-09-18 9216]
S3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
--- Ostatní služby/ovladače v paměti ---
*Deregistered* - BMLoad
.
Obsah adresáře 'Naplánované úlohy'
2010-03-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3702307991-477689461-1202135443-1000Core.job
- c:\users\Ondra\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-23 20:50]
2010-03-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3702307991-477689461-1202135443-1000UA.job
- c:\users\Ondra\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-23 20:50]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: bmnet.dll
TCP: {BCF9D10D-D15E-4A82-8EA7-B9DA8302E6EB} = 8.8.8.8,8.8.4.4
TCP: 07564666D2075726C69636D213 = 8.8.8.8,8.8.4.4
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0014\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0015\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0016\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0017\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'lsass.exe'(592)
c:\windows\system32\bmnet.dll
.
Celkový čas: 2010-03-04 18:28:26
ComboFix-quarantined-files.txt 2010-03-04 17:28
ComboFix2.txt 2010-02-28 21:42
Před spuštěním: Volných bajtů: 32 509 714 432
Po spuštění: Volných bajtů: 32 228 012 032
- - End Of File - - 51A1DECA1663DE772DD81C6EA7ED4B4E
ComboFix 10-03-03.09 - Ondra 04.03.2010 18:18:16.2.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.2039.1118 [GMT 1:00]
Spuštěný z: c:\users\Ondra\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Ondra\Desktop\CFScript.txt
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
c:\windows\system32\acovcnt.exe
----- BITS: Možné infikované stránky -----
hxxp://armmf.adobe.com
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-04 do 2010-03-04 )))))))))))))))))))))))))))))))
.
2010-03-04 17:25 . 2010-03-04 17:25 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-03-04 17:25 . 2010-03-04 17:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-03-04 17:16 . 2010-03-04 17:16 -------- d-----w- C:\32788R22FWJFW
2010-03-03 17:07 . 2010-03-03 17:07 -------- d-----w- c:\users\Ondra\AppData\Local\Twitter
2010-03-02 13:52 . 2010-03-02 13:52 -------- d-----w- c:\program files\trend micro
2010-03-02 13:52 . 2010-03-02 13:53 -------- d-----w- C:\rsit
2010-03-02 10:14 . 2010-03-03 17:07 -------- d-----w- c:\users\Ondra\AppData\Local\Opera
2010-02-28 22:05 . 2010-02-11 18:42 162512 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-02-28 22:05 . 2010-02-11 18:38 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-02-28 22:05 . 2010-02-11 18:42 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-02-28 22:05 . 2010-02-11 18:39 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-02-28 22:05 . 2010-02-11 18:38 51792 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-02-28 22:05 . 2010-02-11 18:53 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-02-28 22:05 . 2010-02-11 18:53 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-02-28 17:25 . 2010-02-28 17:25 0 ----a-w- C:\ntuser.dat
2010-02-28 17:05 . 2010-02-28 17:05 -------- d-----w- c:\users\Ondra\AppData\Local\Threat Expert
2010-02-26 19:54 . 2010-02-26 19:54 -------- d-----w- c:\program files\AVG
2010-02-24 19:52 . 2009-12-13 09:30 641536 ----a-w- c:\windows\system32\CPFilters.dll
2010-02-24 19:52 . 2009-12-13 09:30 465408 ----a-w- c:\windows\system32\psisdecd.dll
2010-02-24 19:52 . 2009-12-13 09:29 417792 ----a-w- c:\windows\system32\msdri.dll
2010-02-24 19:52 . 2010-02-02 07:45 2048 ----a-w- c:\windows\system32\tzres.dll
2010-02-21 23:24 . 2010-02-21 23:24 -------- d-----w- c:\users\Ondra\.vnc
2010-02-19 18:33 . 2010-02-19 18:33 -------- d-----w- c:\programdata\Alwil Software
2010-02-18 00:10 . 2010-02-18 00:10 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2010-02-08 09:14 . 2010-02-08 09:14 -------- d-----w- c:\users\Ondra\AppData\Local\CounterPath
2010-02-08 09:02 . 2010-02-08 09:02 -------- d-----w- c:\program files\Common Files\Intel
2010-02-08 09:02 . 2010-02-08 09:02 -------- d-----w- c:\program files\CounterPath
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-02 10:14 . 2009-12-23 20:34 -------- d-----w- c:\program files\Opera
2010-02-28 22:12 . 2009-12-23 21:05 -------- d-----w- c:\program files\QIP Infium
2010-02-28 22:02 . 2010-01-26 19:53 -------- d-----w- c:\program files\NSS
2010-02-28 22:01 . 2009-12-23 19:21 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-28 22:01 . 2010-01-24 15:28 -------- d-----w- c:\program files\KeePass Password Safe 2
2010-02-24 08:16 . 2009-12-23 20:12 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-19 18:49 . 2009-12-23 20:57 -------- d-----w- c:\program files\Alwil Software
2010-02-18 20:58 . 2009-12-23 20:38 -------- d-----w- c:\users\Ondra\AppData\Roaming\FileZilla
2010-02-18 00:10 . 2009-12-24 16:22 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2010-01-31 11:09 . 2009-12-29 10:09 -------- d-----w- c:\users\Ondra\AppData\Roaming\MyPhoneExplorer
2010-01-24 15:32 . 2010-01-24 15:29 -------- d-----w- c:\users\Ondra\AppData\Roaming\KeePass
2010-01-24 10:10 . 2010-01-07 19:18 -------- d-----w- c:\program files\Common Files\Nokia
2010-01-24 10:10 . 2010-01-07 19:17 -------- d-----w- c:\program files\Nokia
2010-01-24 10:09 . 2010-01-24 10:09 3351812 ----a-w- c:\programdata\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\msxml6Exec.exe
2010-01-24 10:09 . 2010-01-24 10:09 36864 ----a-w- c:\programdata\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\Sleep.exe
2010-01-24 10:09 . 2010-01-24 10:09 3203453 ----a-w- c:\programdata\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Installer\CommonCustomActions\vcredistExec.exe
2010-01-24 10:08 . 2010-01-07 19:55 -------- d-----w- c:\programdata\Installations
2010-01-24 10:08 . 2010-01-24 10:10 24567912 ----a-w- c:\programdata\Installations\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\NokiaSoftwareUpdaterSetup_cs.exe
2010-01-22 20:02 . 2010-01-22 20:02 -------- d-----w- c:\program files\FileZilla FTP Client
2010-01-21 17:58 . 2010-01-07 20:45 -------- d-----w- c:\users\Ondra\AppData\Roaming\Nokia
2010-01-20 21:22 . 2009-12-23 20:46 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-20 16:35 . 2009-12-23 21:37 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-18 23:29 . 2010-02-10 17:23 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-01-18 23:29 . 2010-02-10 17:23 85504 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-01-18 23:29 . 2010-02-10 17:23 365568 ----a-w- c:\windows\system32\secproc_isv.dll
2010-01-18 23:29 . 2010-02-10 17:23 369152 ----a-w- c:\windows\system32\secproc.dll
2010-01-18 23:28 . 2010-02-10 17:23 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-01-18 23:28 . 2010-02-10 17:23 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-18 23:28 . 2010-02-10 17:23 320512 ----a-w- c:\windows\system32\RMActivate.exe
2010-01-18 23:28 . 2010-02-10 17:23 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-01-18 22:31 . 2010-01-18 22:31 -------- d-----w- c:\users\Ondra\AppData\Roaming\AnvSoft
2010-01-18 22:31 . 2010-01-18 22:31 -------- d-----w- c:\program files\AnvSoft
2010-01-17 11:26 . 2010-01-17 11:26 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2010-01-09 16:32 . 2010-01-09 16:32 -------- d-----w- c:\users\Ondra\AppData\Roaming\Ahead
2010-01-08 03:18 . 2010-02-10 17:23 221184 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-01-08 03:17 . 2010-02-10 17:23 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-01-07 20:46 . 2010-01-07 20:45 -------- d-----w- c:\users\Ondra\AppData\Roaming\PC Suite
2010-01-07 20:45 . 2010-01-07 20:45 -------- d-----w- c:\programdata\PC Suite
2010-01-07 19:57 . 2010-01-07 19:56 -------- d-----w- c:\program files\DIFX
2010-01-07 19:57 . 2010-01-07 19:57 -------- d-----w- c:\program files\Common Files\PCSuite
2010-01-07 19:56 . 2010-01-07 19:56 -------- d-----w- c:\program files\PC Connectivity Solution
2010-01-07 19:55 . 2010-01-07 19:55 95232 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\pcswpcsi.exe
2010-01-07 19:55 . 2010-01-07 19:55 8192 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstCCD.exe
2010-01-07 19:55 . 2010-01-07 19:55 61440 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-01-07 19:55 . 2010-01-07 19:55 10240 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCS.exe
2010-01-07 19:49 . 2010-01-07 19:56 34698816 ----a-w- c:\programdata\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Nokia_PC_Suite_7_1_40_1_cze_web.exe
2010-01-07 19:25 . 2010-01-07 19:25 -------- d-----w- c:\programdata\Nokia
2010-01-07 19:24 . 2010-01-07 19:24 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2010-01-07 19:18 . 2010-01-07 19:18 10454 ----a-w- c:\windows\system32\drivers\parldr2k.sys
2010-01-04 16:29 . 2010-01-04 16:27 -------- d-----w- c:\programdata\EPSON
2009-12-29 10:18 . 2009-12-29 10:18 25512 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2009-12-29 10:18 . 2009-12-29 10:18 13224 ----a-w- c:\windows\system32\drivers\ggflt.sys
2009-12-24 16:22 . 2009-12-24 16:22 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-12-23 21:40 . 2009-12-23 19:54 67856 ----a-w- c:\users\Ondra\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-23 21:01 . 2009-12-23 21:01 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-23 19:51 . 2009-12-23 19:51 8464 ----a-w- c:\windows\system32\SpOrder.dll
2009-12-23 19:23 . 2009-12-23 19:23 319456 ----a-w- c:\windows\DIFxAPI.dll
2009-12-23 19:23 . 2009-12-23 19:23 315392 ----a-w- c:\windows\HideWin.exe
2009-12-23 19:13 . 2009-12-23 19:13 36232 ----a-w- c:\windows\inf\PERFLIB\0405\perfd.dat
2009-12-23 19:13 . 2009-12-23 19:13 36232 ----a-w- c:\windows\inf\PERFLIB\0405\perfc.dat
2009-12-23 19:13 . 2009-12-23 19:13 292004 ----a-w- c:\windows\inf\PERFLIB\0405\perfi.dat
2009-12-23 19:13 . 2009-12-23 19:13 292004 ----a-w- c:\windows\inf\PERFLIB\0405\perfh.dat
2009-12-19 09:02 . 2010-01-22 06:14 977920 ----a-w- c:\windows\system32\wininet.dll
2009-12-19 09:02 . 2010-02-10 17:23 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2009-12-19 09:02 . 2010-02-10 17:23 1328640 ----a-w- c:\windows\system32\quartz.dll
2009-12-19 09:02 . 2010-02-10 17:23 22016 ----a-w- c:\windows\system32\msyuv.dll
2009-12-19 09:02 . 2010-02-10 17:23 31744 ----a-w- c:\windows\system32\msvidc32.dll
2009-12-19 09:02 . 2010-02-10 17:23 13312 ----a-w- c:\windows\system32\msrle32.dll
2009-12-19 09:02 . 2010-02-10 17:23 84480 ----a-w- c:\windows\system32\mciavi32.dll
2009-12-19 09:02 . 2010-02-10 17:23 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2009-12-19 09:02 . 2010-02-10 17:23 91648 ----a-w- c:\windows\system32\avifil32.dll
2009-12-08 11:40 . 2010-02-10 17:23 3955288 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-08 11:40 . 2010-02-10 17:23 3899464 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-08 11:32 . 2010-02-10 17:23 292864 ----a-w- c:\windows\system32\apphelp.dll
2009-12-08 08:05 . 2010-02-10 17:23 310784 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-08 08:05 . 2010-02-10 17:23 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\users\Ondra\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-12-23 135664]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]
"eyeBeam SIP Client"="c:\program files\CounterPath\X-Lite\x-lite.exe" [2006-05-31 18550784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2007-10-17 7737344]
"RtHDVCpl"="RtHDVCpl.exe" [2007-10-31 4702208]
"Skytel"="Skytel.exe" [2007-10-11 1826816]
"SMSERIAL"="sm56hlpr.exe" [2005-05-26 544768]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-01 857648]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-23 149280]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-11 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-11 150552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-02-11 2756488]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileConnect]
2009-09-18 16:48 2412032 ----a-w- c:\program files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2009-07-23 112128]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2009-12-29 13224]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [2009-07-23 100736]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2009-10-06 136704]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2009-10-06 8320]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [2009-03-25 86824]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [2009-03-25 104744]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [2009-03-25 109864]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-02-11 51792]
S2 PARLDR2K;PARLDR2K;c:\windows\system32\drivers\parldr2k.sys [2010-01-07 10454]
S2 VMCService;Vodafone Mobile Connect Service;c:\program files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-09-18 9216]
S3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
--- Ostatní služby/ovladače v paměti ---
*Deregistered* - BMLoad
.
Obsah adresáře 'Naplánované úlohy'
2010-03-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3702307991-477689461-1202135443-1000Core.job
- c:\users\Ondra\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-23 20:50]
2010-03-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3702307991-477689461-1202135443-1000UA.job
- c:\users\Ondra\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-23 20:50]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: bmnet.dll
TCP: {BCF9D10D-D15E-4A82-8EA7-B9DA8302E6EB} = 8.8.8.8,8.8.4.4
TCP: 07564666D2075726C69636D213 = 8.8.8.8,8.8.4.4
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0014\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0015\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0016\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0017\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'lsass.exe'(592)
c:\windows\system32\bmnet.dll
.
Celkový čas: 2010-03-04 18:28:26
ComboFix-quarantined-files.txt 2010-03-04 17:28
ComboFix2.txt 2010-02-28 21:42
Před spuštěním: Volných bajtů: 32 509 714 432
Po spuštění: Volných bajtů: 32 228 012 032
- - End Of File - - 51A1DECA1663DE772DD81C6EA7ED4B4E
-
Rudy
- Site Admin
- Příspěvky: 119402
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Možnost viru - avast se vypíná jednou za čas
Log již vypadá čistý. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Možnost viru - avast se vypíná jednou za čas
No to poznám asi časem 
Zatím se mi Avast nevypnul. Děkuji za pomoc!
Zatím se mi Avast nevypnul. Děkuji za pomoc!-
Rudy
- Site Admin
- Příspěvky: 119402
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Možnost viru - avast se vypíná jednou za čas
Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?