Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
preventivka, děkuji
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Unlimited_Killer
- Přítel fóra
- Příspěvky: 1969
- Registrován: 24 srp 2009 16:18
Re: preventivka, děkuji
MBR v Safe Mode:
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys ntkrnlpa.exe
kernel: MBR read successfully
user & kernel MBR OK
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys ntkrnlpa.exe
kernel: MBR read successfully
user & kernel MBR OK
Re: preventivka, děkuji
Gmer nejde ani v nouzovém režimu, vždy to asi po 2 minutách vyhodí modrou obrazovku s různými soubory s koncovkou .sys a závažnou chybou, například nedostatek paměti.
-
Unlimited_Killer
- Přítel fóra
- Příspěvky: 1969
- Registrován: 24 srp 2009 16:18
Re: preventivka, děkuji
ComboFix 10-03-07.05 - Jirka 09.03.2010 18:56:19.3.2 - x86
Microsoft® Windows Vista™ Business 6.0.6002.2.1250.420.1029.18.1943.924 [GMT 1:00]
Spuštěný z: c:\users\Jirka\Desktop\ComboFix.exe
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-09 do 2010-03-09 )))))))))))))))))))))))))))))))
.
2010-03-08 16:20 . 2010-03-08 16:20 -------- d-----w- C:\_OTM
2010-03-08 09:03 . 2010-03-08 09:03 -------- d-----w- c:\programdata\Conexant
2010-03-08 09:03 . 2010-03-08 09:03 -------- d-----w- c:\users\Jirka\AppData\Local\Conexant
2010-03-05 22:54 . 2010-03-05 22:54 -------- d-----w- c:\users\Jirka\AppData\Local\STARGAZE_IMAGE_CACHE
2010-03-05 22:54 . 2010-03-05 22:54 -------- d-----w- c:\programdata\Alawar Stargaze
2010-03-01 15:47 . 2009-07-14 17:45 445008 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2010-03-01 15:47 . 2009-07-14 17:45 38480 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2010-03-01 15:45 . 2009-08-07 08:49 1461992 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2010-03-01 15:38 . 2010-03-01 15:40 -------- d-----w- c:\program files\Digital Line Detect
2010-03-01 15:38 . 2010-03-01 15:38 -------- d-----w- c:\users\Jirka\AppData\Local\BVRP Software
2010-03-01 15:37 . 2010-03-01 15:38 -------- d-----w- c:\program files\NetWaiting
2010-03-01 15:35 . 2009-08-17 11:17 262144 ----a-w- c:\windows\system32\UCI32M42.dll
2010-03-01 15:35 . 2009-06-30 11:40 981504 ----a-w- c:\windows\system32\drivers\HSX_DPV.sys
2010-03-01 15:35 . 2009-06-30 11:38 207360 ----a-w- c:\windows\system32\drivers\HSXHWAZL.sys
2010-03-01 15:35 . 2009-06-30 11:37 661504 ----a-w- c:\windows\system32\drivers\HSX_CNXT.sys
2010-03-01 15:35 . 2009-04-29 10:21 410624 ----a-w- c:\windows\system32\XAudio32.dll
2010-03-01 15:35 . 2009-04-29 10:20 8704 ----a-w- c:\windows\system32\drivers\XAudio32.sys
2010-03-01 07:39 . 2010-03-01 07:39 -------- d-----w- c:\program files\Common Files\Skype
2010-02-24 10:07 . 2010-01-23 09:26 2048 ----a-w- c:\windows\system32\tzres.dll
2010-02-24 10:06 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2010-02-24 10:06 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc.dll
2010-02-24 10:06 . 2010-01-25 08:21 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-02-24 10:06 . 2010-01-25 08:21 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-02-24 10:06 . 2010-01-25 12:00 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-02-24 10:06 . 2010-01-25 12:00 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-02-24 10:06 . 2010-01-25 11:58 332288 ----a-w- c:\windows\system32\msdrm.dll
2010-02-24 10:06 . 2010-01-25 08:21 518144 ----a-w- c:\windows\system32\RMActivate.exe
2010-02-24 10:06 . 2010-01-25 08:21 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-02-24 10:06 . 2010-01-06 15:39 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-02-24 10:06 . 2010-01-06 15:38 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-02-24 10:06 . 2010-01-06 13:30 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-02-10 12:06 . 2009-12-11 11:43 302080 ----a-w- c:\windows\system32\drivers\srv.sys
2010-02-10 12:06 . 2009-12-11 11:43 98816 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-02-09 16:27 . 2010-02-09 16:27 -------- d-----w- c:\program files\Common Files\Java
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-09 17:17 . 2009-04-27 15:34 -------- d-----w- c:\users\Jirka\AppData\Roaming\ICQ
2010-03-09 15:40 . 2009-01-12 15:10 12 ----a-w- c:\windows\bthservsdp.dat
2010-03-09 14:31 . 2010-03-09 14:31 -------- d-----w- c:\program files\Recuva
2010-03-09 14:04 . 2009-01-12 14:42 602086 ----a-w- c:\windows\system32\perfh005.dat
2010-03-09 14:04 . 2009-01-12 14:42 116182 ----a-w- c:\windows\system32\perfc005.dat
2010-03-08 08:56 . 2009-09-10 13:17 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-03-08 08:55 . 2009-09-10 13:18 117760 ----a-w- c:\users\Jirka\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-03-08 08:41 . 2009-04-23 21:09 -------- d-----w- c:\program files\CCleaner
2010-03-08 08:37 . 2009-06-13 09:24 -------- d-----w- c:\program files\trend micro
2010-03-07 15:11 . 2009-05-07 11:03 -------- d-----w- c:\users\Jirka\AppData\Roaming\uTorrent
2010-03-01 15:48 . 2010-03-01 15:48 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01009.Wdf
2010-03-01 15:48 . 2010-03-01 15:48 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-03-01 07:42 . 2009-05-19 08:29 -------- d-----w- c:\users\Jirka\AppData\Roaming\Skype
2010-03-01 07:40 . 2009-05-19 08:31 -------- d-----w- c:\users\Jirka\AppData\Roaming\skypePM
2010-02-24 10:56 . 2009-04-24 02:28 110880 ----a-w- c:\users\Jirka\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-24 08:16 . 2009-10-03 08:58 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-21 14:55 . 2010-01-18 22:18 -------- d-----w- c:\program files\ICQ7.0
2010-02-13 13:16 . 2009-04-24 15:30 1 ----a-w- c:\users\Jirka\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-02-12 10:32 . 2010-03-09 08:19 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-02-10 16:51 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-02-10 11:31 . 2009-07-02 08:20 -------- d-----w- c:\program files\IObit
2010-02-09 16:26 . 2009-05-14 10:02 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-02-09 16:26 . 2009-01-12 15:30 -------- d-----w- c:\program files\Java
2010-02-09 16:24 . 2009-04-24 05:02 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-02-09 16:23 . 2009-04-24 05:08 -------- d-----w- c:\programdata\DAEMON Tools Lite
2010-02-01 21:37 . 2009-11-21 09:03 -------- d-----w- c:\users\Jirka\AppData\Roaming\vlc
2010-02-01 20:08 . 2009-04-24 02:34 171552 ----a-w- c:\windows\system32\guard32.dll
2010-02-01 20:08 . 2009-04-24 02:34 130960 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2010-02-01 20:03 . 2009-11-22 19:49 -------- d-----w- c:\users\Jirka\AppData\Roaming\dvdcss
2010-01-29 18:50 . 2009-04-24 02:34 74328 ----a-w- c:\windows\system32\drivers\inspect.sys
2010-01-29 18:50 . 2009-04-24 02:34 29520 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2010-01-25 15:24 . 2010-01-25 15:20 -------- d-----w- c:\program files\Common Files\Macromedia
2010-01-25 15:22 . 2010-01-25 15:20 -------- d-----w- c:\program files\Macromedia
2010-01-23 14:31 . 2010-01-29 18:38 2797468 ----a-w- c:\users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\2nipau4u.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\components\nstidy.dll
2010-01-21 10:26 . 2009-04-24 14:38 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-18 22:18 . 2009-01-12 15:18 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-07 15:07 . 2009-12-13 15:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2009-12-13 15:42 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-06 15:38 . 2010-02-24 10:06 173056 ----a-w- c:\windows\AppPatch\AcXtrnal.dll
2010-01-06 15:38 . 2010-02-24 10:06 542720 ----a-w- c:\windows\AppPatch\AcLayers.dll
2010-01-06 15:38 . 2010-02-24 10:06 458752 ----a-w- c:\windows\AppPatch\AcSpecfc.dll
2010-01-06 15:38 . 2010-02-24 10:06 2159616 ----a-w- c:\windows\AppPatch\AcGenral.dll
2010-01-02 06:38 . 2010-01-22 16:06 916480 ----a-w- c:\windows\system32\wininet.dll
2010-01-02 06:32 . 2010-01-22 16:06 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-01-02 06:32 . 2010-01-22 16:06 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-01-02 04:57 . 2010-01-22 16:06 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-01-01 13:33 . 2010-01-01 13:33 5061520 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-01 13:32 . 2009-12-20 13:14 52224 ----a-w- c:\users\Jirka\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2009-12-28 18:10 . 2009-11-01 14:29 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2009-12-28 18:10 . 2009-11-01 14:29 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2009-12-23 18:40 . 2009-12-23 18:40 26624 ----a-r- c:\users\Jirka\AppData\Roaming\Microsoft\Installer\{6910C412-A523-493C-BC22-0213CD7F4F3A}\Icon6910C412.exe
2009-12-20 12:15 . 2009-12-20 12:15 25512 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2009-12-20 12:15 . 2009-12-20 12:15 13224 ----a-w- c:\windows\system32\drivers\ggflt.sys
2009-12-18 22:31 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-12-17 13:37 . 2010-01-14 10:00 14912 ----a-w- c:\programdata\Lenovo\MessageCenterPlus\LocalRepository\Messages\MCPToLTT_ROW\LTTCheck.exe
2009-12-17 07:44 . 2010-01-14 10:00 560624 ----a-w- c:\programdata\Lenovo\MessageCenterPlus\LocalRepository\Messages\MCPToLTT_ROW\appupdater.exe
2009-12-12 22:28 . 2009-12-12 22:28 1582157 ----a-w- c:\windows\WANEUninstaller.exe
2009-12-11 11:19 . 2009-12-11 11:19 337256 ----a-w- c:\windows\system32\TpShocks.exe
2009-12-11 11:19 . 2009-12-11 11:19 279912 ----a-w- c:\windows\system32\TpShEvUI.exe
2009-12-11 11:18 . 2009-12-11 11:18 492904 ----a-w- c:\windows\system32\TpShCPL.dll
2009-12-11 02:11 . 2010-02-02 14:32 24304 ------w- c:\windows\system32\drivers\DOZEHDD.SYS
2009-12-11 02:11 . 2009-01-12 15:30 374120 ------w- c:\windows\PWMBTHLV.EXE
2009-12-11 02:11 . 2009-01-12 15:30 11552 ------w- c:\windows\system32\drivers\TPPWR32V.SYS
2009-10-05 16:34 . 2009-10-07 16:41 118000 ----a-w- c:\program files\mozilla firefox\components\qippipe.dll
2006-05-03 09:06 . 2009-04-24 16:33 163328 --sh--r- c:\windows\System32\flvDX.dll
2007-02-21 10:47 . 2009-04-24 16:33 31232 --sh--r- c:\windows\System32\msfDX.dll
2008-03-16 12:30 . 2009-04-24 16:33 216064 --sh--r- c:\windows\System32\nbDX.dll
2009-01-12 14:48 . 2009-01-12 14:46 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
2009-05-06 18:51 . 2006-11-02 06:25 10 --sha-r- c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\config.sys
2009-05-06 18:51 . 2006-11-02 06:25 10 --sha-r- c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\config.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
2009-11-03 20:12 556432 ----a-w- c:\progra~1\MICROS~1\Office14\URLREDIR.DLL
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2009-11-03 649072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FingerPrintSoftware"="c:\program files\Lenovo Fingerprint Software\fpapp.exe \s" [X]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-12-03 1594664]
"TpShocks"="TpShocks.exe" [2009-12-11 337256]
"TPHOTKEY"="c:\program files\Lenovo\HOTKEY\TPOSDSVC.exe" [2009-03-13 68976]
"EZEJMNAP"="c:\progra~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe" [2008-10-08 256576]
"TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2008-05-25 487424]
"LPManager"="c:\progra~1\THINKV~1\PrdCtr\LPMGR.exe" [2009-07-23 185688]
"LPMailChecker"="c:\progra~1\THINKV~1\PrdCtr\LPMLCHK.exe" [2009-07-23 124248]
"PWMTRV"="c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL" [2009-12-11 865640]
"BLOG"="c:\progra~1\ThinkPad\UTILIT~1\BTVLogEx.DLL" [2009-12-11 214576]
"ACTray"="c:\program files\ThinkPad\ConnectUtilities\ACTray.exe" [2009-12-10 435560]
"cssauth"="c:\program files\Lenovo\Client Security Solution\cssauth.exe" [2008-06-25 3077432]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-02-11 186904]
"Message Center Plus"="c:\program files\LENOVO\Message Center Plus\MCPLaunch.exe" [2009-05-27 49976]
"ACWlIcon"="c:\program files\ThinkPad\ConnectUtilities\ACWlIcon.exe" [2009-12-10 181608]
"LENOVO.TPFNF6R"="c:\program files\Lenovo\HOTKEY\TPFNF6R.exe" [2009-08-20 62752]
"TPKMAPHELPER"="c:\program files\ThinkPad\Utilities\TpKmapAp.exe" [2007-02-26 992816]
"TPFNF7"="c:\progra~1\Lenovo\NPDIRECT\TPFNF7SP.exe" [2009-08-04 62240]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-10-29 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-10-29 175128]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-10-29 166936]
"AMSG"="c:\progra~1\THINKV~1\AMSG\Amsg.exe" [2009-09-03 436800]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-01-29 1800464]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2010-3-1 50688]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPFNF7]
2009-08-04 02:32 62240 ------w- c:\program files\Lenovo\NPDIRECT\tpfnf7sp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):86,db,f1,2a,7e,fa,c9,01
R1 tvtumon;tvtumon;c:\windows\system32\DRIVERS\tvtumon.sys [2008-07-11 48192]
R2 dtsvc;Data Transfer Service;c:\windows\system32\DTS.exe [2009-03-19 98304]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2009-07-03 45424]
R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 TVT_UpdateMonitor;TVT Windows Update Monitor;c:\program files\Lenovo\Rescue and Recovery\UpdateMonitor.exe [2008-10-09 360448]
R3 ADMonitor;AD Monitor;c:\windows\system32\ADMonitor.exe [2009-03-19 106496]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2008-01-29 29736]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2009-12-20 13224]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2009-10-29 30603640]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-09-26 4639136]
R3 PCDSRVC{3037D694-FD904ACA-06000000}_0;PCDSRVC{3037D694-FD904ACA-06000000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor\pcdsrvc.pkms [2009-11-20 20848]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2010-03-08 12872]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-02-09 691696]
S0 DozeHDD;DozeHDD;c:\windows\System32\DRIVERS\DozeHDD.sys [2009-12-11 24304]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM86.sys [2009-10-09 20520]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2010-02-01 130960]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2010-01-29 29520]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-03-08 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2010-03-08 66632]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
S2 ATService;AuthenTec Fingerprint Service;c:\windows\system32\AtService.exe [2009-03-19 1680632]
S2 DozeSvc;Lenovo Doze Mode Service;c:\program files\ThinkPad\Utilities\DOZESVC.EXE [2009-12-11 132456]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2008-01-21 21504]
S2 Power Manager DBC Service;Power Manager DBC Service;c:\program files\ThinkPad\Utilities\PWMDBSVC.EXE [2009-12-11 75112]
S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2009-07-15 62320]
S2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\Lenovo\Rescue and Recovery\rrpservice.exe [2008-05-25 520192]
S3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2009-03-19 482176]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y6032.sys [2009-08-14 220152]
S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2009-03-04 4232704]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
S3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\DRIVERS\Tvti2c.sys [2008-02-22 37312]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HsfXAudioService REG_MULTI_SZ HsfXAudioService
.
Obsah adresáře 'Naplánované úlohy'
2010-01-10 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PC-Doctor\pcdlauncher.exe [2009-11-20 10:12]
2010-03-09 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\PC-Doctor\pcdr5cuiw32.exe [2009-11-22 09:14]
2010-03-09 c:\windows\Tasks\User_Feed_Synchronization-{293D2DB0-8F41-41B6-BA38-F7EB5C9F5288}.job
- c:\windows\system32\msfeedssync.exe [2010-01-22 04:56]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} - c:\program files\ICQ7.0\ICQ.exe
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\2nipau4u.default\
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - component: c:\users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\2nipau4u.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\components\nstidy.dll
FF - plugin: c:\progra~1\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: c:\program files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-09 19:06
Windows 6.0.6002 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCDSRVC{3037D694-FD904ACA-06000000}_0]
"ImagePath"="\??\c:\program files\pc-doctor\pcdsrvc.pkms"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,46,46,f9,e9,7e,55,5a,4a,93,ad,fb,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,46,46,f9,e9,7e,55,5a,4a,93,ad,fb,\
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'Explorer.exe'(4636)
c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL
c:\progra~1\ThinkPad\UTILIT~1\US\PWMRT32V.DLL
c:\progra~1\ThinkPad\UTILIT~1\PWMIF32V.DLL
.
Celkový čas: 2010-03-09 19:10:45
ComboFix-quarantined-files.txt 2010-03-09 18:10
ComboFix2.txt 2010-03-09 08:56
ComboFix3.txt 2010-03-08 17:07
Před spuštěním: Volných bajtů: 35 198 750 720
Po spuštění: Volných bajtů: 35 191 820 288
- - End Of File - - 7E5FF62EC38E5747F6A51BCC1CD1C098
Microsoft® Windows Vista™ Business 6.0.6002.2.1250.420.1029.18.1943.924 [GMT 1:00]
Spuštěný z: c:\users\Jirka\Desktop\ComboFix.exe
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-09 do 2010-03-09 )))))))))))))))))))))))))))))))
.
2010-03-08 16:20 . 2010-03-08 16:20 -------- d-----w- C:\_OTM
2010-03-08 09:03 . 2010-03-08 09:03 -------- d-----w- c:\programdata\Conexant
2010-03-08 09:03 . 2010-03-08 09:03 -------- d-----w- c:\users\Jirka\AppData\Local\Conexant
2010-03-05 22:54 . 2010-03-05 22:54 -------- d-----w- c:\users\Jirka\AppData\Local\STARGAZE_IMAGE_CACHE
2010-03-05 22:54 . 2010-03-05 22:54 -------- d-----w- c:\programdata\Alawar Stargaze
2010-03-01 15:47 . 2009-07-14 17:45 445008 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2010-03-01 15:47 . 2009-07-14 17:45 38480 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2010-03-01 15:45 . 2009-08-07 08:49 1461992 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2010-03-01 15:38 . 2010-03-01 15:40 -------- d-----w- c:\program files\Digital Line Detect
2010-03-01 15:38 . 2010-03-01 15:38 -------- d-----w- c:\users\Jirka\AppData\Local\BVRP Software
2010-03-01 15:37 . 2010-03-01 15:38 -------- d-----w- c:\program files\NetWaiting
2010-03-01 15:35 . 2009-08-17 11:17 262144 ----a-w- c:\windows\system32\UCI32M42.dll
2010-03-01 15:35 . 2009-06-30 11:40 981504 ----a-w- c:\windows\system32\drivers\HSX_DPV.sys
2010-03-01 15:35 . 2009-06-30 11:38 207360 ----a-w- c:\windows\system32\drivers\HSXHWAZL.sys
2010-03-01 15:35 . 2009-06-30 11:37 661504 ----a-w- c:\windows\system32\drivers\HSX_CNXT.sys
2010-03-01 15:35 . 2009-04-29 10:21 410624 ----a-w- c:\windows\system32\XAudio32.dll
2010-03-01 15:35 . 2009-04-29 10:20 8704 ----a-w- c:\windows\system32\drivers\XAudio32.sys
2010-03-01 07:39 . 2010-03-01 07:39 -------- d-----w- c:\program files\Common Files\Skype
2010-02-24 10:07 . 2010-01-23 09:26 2048 ----a-w- c:\windows\system32\tzres.dll
2010-02-24 10:06 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2010-02-24 10:06 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc.dll
2010-02-24 10:06 . 2010-01-25 08:21 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-02-24 10:06 . 2010-01-25 08:21 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-02-24 10:06 . 2010-01-25 12:00 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-02-24 10:06 . 2010-01-25 12:00 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-02-24 10:06 . 2010-01-25 11:58 332288 ----a-w- c:\windows\system32\msdrm.dll
2010-02-24 10:06 . 2010-01-25 08:21 518144 ----a-w- c:\windows\system32\RMActivate.exe
2010-02-24 10:06 . 2010-01-25 08:21 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-02-24 10:06 . 2010-01-06 15:39 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-02-24 10:06 . 2010-01-06 15:38 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-02-24 10:06 . 2010-01-06 13:30 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-02-10 12:06 . 2009-12-11 11:43 302080 ----a-w- c:\windows\system32\drivers\srv.sys
2010-02-10 12:06 . 2009-12-11 11:43 98816 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-02-09 16:27 . 2010-02-09 16:27 -------- d-----w- c:\program files\Common Files\Java
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-09 17:17 . 2009-04-27 15:34 -------- d-----w- c:\users\Jirka\AppData\Roaming\ICQ
2010-03-09 15:40 . 2009-01-12 15:10 12 ----a-w- c:\windows\bthservsdp.dat
2010-03-09 14:31 . 2010-03-09 14:31 -------- d-----w- c:\program files\Recuva
2010-03-09 14:04 . 2009-01-12 14:42 602086 ----a-w- c:\windows\system32\perfh005.dat
2010-03-09 14:04 . 2009-01-12 14:42 116182 ----a-w- c:\windows\system32\perfc005.dat
2010-03-08 08:56 . 2009-09-10 13:17 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-03-08 08:55 . 2009-09-10 13:18 117760 ----a-w- c:\users\Jirka\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-03-08 08:41 . 2009-04-23 21:09 -------- d-----w- c:\program files\CCleaner
2010-03-08 08:37 . 2009-06-13 09:24 -------- d-----w- c:\program files\trend micro
2010-03-07 15:11 . 2009-05-07 11:03 -------- d-----w- c:\users\Jirka\AppData\Roaming\uTorrent
2010-03-01 15:48 . 2010-03-01 15:48 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01009.Wdf
2010-03-01 15:48 . 2010-03-01 15:48 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-03-01 07:42 . 2009-05-19 08:29 -------- d-----w- c:\users\Jirka\AppData\Roaming\Skype
2010-03-01 07:40 . 2009-05-19 08:31 -------- d-----w- c:\users\Jirka\AppData\Roaming\skypePM
2010-02-24 10:56 . 2009-04-24 02:28 110880 ----a-w- c:\users\Jirka\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-24 08:16 . 2009-10-03 08:58 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-21 14:55 . 2010-01-18 22:18 -------- d-----w- c:\program files\ICQ7.0
2010-02-13 13:16 . 2009-04-24 15:30 1 ----a-w- c:\users\Jirka\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-02-12 10:32 . 2010-03-09 08:19 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-02-10 16:51 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-02-10 11:31 . 2009-07-02 08:20 -------- d-----w- c:\program files\IObit
2010-02-09 16:26 . 2009-05-14 10:02 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-02-09 16:26 . 2009-01-12 15:30 -------- d-----w- c:\program files\Java
2010-02-09 16:24 . 2009-04-24 05:02 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-02-09 16:23 . 2009-04-24 05:08 -------- d-----w- c:\programdata\DAEMON Tools Lite
2010-02-01 21:37 . 2009-11-21 09:03 -------- d-----w- c:\users\Jirka\AppData\Roaming\vlc
2010-02-01 20:08 . 2009-04-24 02:34 171552 ----a-w- c:\windows\system32\guard32.dll
2010-02-01 20:08 . 2009-04-24 02:34 130960 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2010-02-01 20:03 . 2009-11-22 19:49 -------- d-----w- c:\users\Jirka\AppData\Roaming\dvdcss
2010-01-29 18:50 . 2009-04-24 02:34 74328 ----a-w- c:\windows\system32\drivers\inspect.sys
2010-01-29 18:50 . 2009-04-24 02:34 29520 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2010-01-25 15:24 . 2010-01-25 15:20 -------- d-----w- c:\program files\Common Files\Macromedia
2010-01-25 15:22 . 2010-01-25 15:20 -------- d-----w- c:\program files\Macromedia
2010-01-23 14:31 . 2010-01-29 18:38 2797468 ----a-w- c:\users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\2nipau4u.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\components\nstidy.dll
2010-01-21 10:26 . 2009-04-24 14:38 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-18 22:18 . 2009-01-12 15:18 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-07 15:07 . 2009-12-13 15:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2009-12-13 15:42 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-06 15:38 . 2010-02-24 10:06 173056 ----a-w- c:\windows\AppPatch\AcXtrnal.dll
2010-01-06 15:38 . 2010-02-24 10:06 542720 ----a-w- c:\windows\AppPatch\AcLayers.dll
2010-01-06 15:38 . 2010-02-24 10:06 458752 ----a-w- c:\windows\AppPatch\AcSpecfc.dll
2010-01-06 15:38 . 2010-02-24 10:06 2159616 ----a-w- c:\windows\AppPatch\AcGenral.dll
2010-01-02 06:38 . 2010-01-22 16:06 916480 ----a-w- c:\windows\system32\wininet.dll
2010-01-02 06:32 . 2010-01-22 16:06 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-01-02 06:32 . 2010-01-22 16:06 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-01-02 04:57 . 2010-01-22 16:06 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-01-01 13:33 . 2010-01-01 13:33 5061520 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-01 13:32 . 2009-12-20 13:14 52224 ----a-w- c:\users\Jirka\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2009-12-28 18:10 . 2009-11-01 14:29 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2009-12-28 18:10 . 2009-11-01 14:29 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2009-12-23 18:40 . 2009-12-23 18:40 26624 ----a-r- c:\users\Jirka\AppData\Roaming\Microsoft\Installer\{6910C412-A523-493C-BC22-0213CD7F4F3A}\Icon6910C412.exe
2009-12-20 12:15 . 2009-12-20 12:15 25512 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2009-12-20 12:15 . 2009-12-20 12:15 13224 ----a-w- c:\windows\system32\drivers\ggflt.sys
2009-12-18 22:31 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-12-17 13:37 . 2010-01-14 10:00 14912 ----a-w- c:\programdata\Lenovo\MessageCenterPlus\LocalRepository\Messages\MCPToLTT_ROW\LTTCheck.exe
2009-12-17 07:44 . 2010-01-14 10:00 560624 ----a-w- c:\programdata\Lenovo\MessageCenterPlus\LocalRepository\Messages\MCPToLTT_ROW\appupdater.exe
2009-12-12 22:28 . 2009-12-12 22:28 1582157 ----a-w- c:\windows\WANEUninstaller.exe
2009-12-11 11:19 . 2009-12-11 11:19 337256 ----a-w- c:\windows\system32\TpShocks.exe
2009-12-11 11:19 . 2009-12-11 11:19 279912 ----a-w- c:\windows\system32\TpShEvUI.exe
2009-12-11 11:18 . 2009-12-11 11:18 492904 ----a-w- c:\windows\system32\TpShCPL.dll
2009-12-11 02:11 . 2010-02-02 14:32 24304 ------w- c:\windows\system32\drivers\DOZEHDD.SYS
2009-12-11 02:11 . 2009-01-12 15:30 374120 ------w- c:\windows\PWMBTHLV.EXE
2009-12-11 02:11 . 2009-01-12 15:30 11552 ------w- c:\windows\system32\drivers\TPPWR32V.SYS
2009-10-05 16:34 . 2009-10-07 16:41 118000 ----a-w- c:\program files\mozilla firefox\components\qippipe.dll
2006-05-03 09:06 . 2009-04-24 16:33 163328 --sh--r- c:\windows\System32\flvDX.dll
2007-02-21 10:47 . 2009-04-24 16:33 31232 --sh--r- c:\windows\System32\msfDX.dll
2008-03-16 12:30 . 2009-04-24 16:33 216064 --sh--r- c:\windows\System32\nbDX.dll
2009-01-12 14:48 . 2009-01-12 14:46 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
2009-05-06 18:51 . 2006-11-02 06:25 10 --sha-r- c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\config.sys
2009-05-06 18:51 . 2006-11-02 06:25 10 --sha-r- c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\config.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
2009-11-03 20:12 556432 ----a-w- c:\progra~1\MICROS~1\Office14\URLREDIR.DLL
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2009-11-03 649072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FingerPrintSoftware"="c:\program files\Lenovo Fingerprint Software\fpapp.exe \s" [X]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-12-03 1594664]
"TpShocks"="TpShocks.exe" [2009-12-11 337256]
"TPHOTKEY"="c:\program files\Lenovo\HOTKEY\TPOSDSVC.exe" [2009-03-13 68976]
"EZEJMNAP"="c:\progra~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe" [2008-10-08 256576]
"TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2008-05-25 487424]
"LPManager"="c:\progra~1\THINKV~1\PrdCtr\LPMGR.exe" [2009-07-23 185688]
"LPMailChecker"="c:\progra~1\THINKV~1\PrdCtr\LPMLCHK.exe" [2009-07-23 124248]
"PWMTRV"="c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL" [2009-12-11 865640]
"BLOG"="c:\progra~1\ThinkPad\UTILIT~1\BTVLogEx.DLL" [2009-12-11 214576]
"ACTray"="c:\program files\ThinkPad\ConnectUtilities\ACTray.exe" [2009-12-10 435560]
"cssauth"="c:\program files\Lenovo\Client Security Solution\cssauth.exe" [2008-06-25 3077432]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-02-11 186904]
"Message Center Plus"="c:\program files\LENOVO\Message Center Plus\MCPLaunch.exe" [2009-05-27 49976]
"ACWlIcon"="c:\program files\ThinkPad\ConnectUtilities\ACWlIcon.exe" [2009-12-10 181608]
"LENOVO.TPFNF6R"="c:\program files\Lenovo\HOTKEY\TPFNF6R.exe" [2009-08-20 62752]
"TPKMAPHELPER"="c:\program files\ThinkPad\Utilities\TpKmapAp.exe" [2007-02-26 992816]
"TPFNF7"="c:\progra~1\Lenovo\NPDIRECT\TPFNF7SP.exe" [2009-08-04 62240]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-10-29 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-10-29 175128]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-10-29 166936]
"AMSG"="c:\progra~1\THINKV~1\AMSG\Amsg.exe" [2009-09-03 436800]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-01-29 1800464]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2010-3-1 50688]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPFNF7]
2009-08-04 02:32 62240 ------w- c:\program files\Lenovo\NPDIRECT\tpfnf7sp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):86,db,f1,2a,7e,fa,c9,01
R1 tvtumon;tvtumon;c:\windows\system32\DRIVERS\tvtumon.sys [2008-07-11 48192]
R2 dtsvc;Data Transfer Service;c:\windows\system32\DTS.exe [2009-03-19 98304]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2009-07-03 45424]
R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 TVT_UpdateMonitor;TVT Windows Update Monitor;c:\program files\Lenovo\Rescue and Recovery\UpdateMonitor.exe [2008-10-09 360448]
R3 ADMonitor;AD Monitor;c:\windows\system32\ADMonitor.exe [2009-03-19 106496]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2008-01-29 29736]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2009-12-20 13224]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2009-10-29 30603640]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-09-26 4639136]
R3 PCDSRVC{3037D694-FD904ACA-06000000}_0;PCDSRVC{3037D694-FD904ACA-06000000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor\pcdsrvc.pkms [2009-11-20 20848]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2010-03-08 12872]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-02-09 691696]
S0 DozeHDD;DozeHDD;c:\windows\System32\DRIVERS\DozeHDD.sys [2009-12-11 24304]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM86.sys [2009-10-09 20520]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2010-02-01 130960]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2010-01-29 29520]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-03-08 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2010-03-08 66632]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
S2 ATService;AuthenTec Fingerprint Service;c:\windows\system32\AtService.exe [2009-03-19 1680632]
S2 DozeSvc;Lenovo Doze Mode Service;c:\program files\ThinkPad\Utilities\DOZESVC.EXE [2009-12-11 132456]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2008-01-21 21504]
S2 Power Manager DBC Service;Power Manager DBC Service;c:\program files\ThinkPad\Utilities\PWMDBSVC.EXE [2009-12-11 75112]
S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2009-07-15 62320]
S2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\Lenovo\Rescue and Recovery\rrpservice.exe [2008-05-25 520192]
S3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2009-03-19 482176]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y6032.sys [2009-08-14 220152]
S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2009-03-04 4232704]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
S3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\DRIVERS\Tvti2c.sys [2008-02-22 37312]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HsfXAudioService REG_MULTI_SZ HsfXAudioService
.
Obsah adresáře 'Naplánované úlohy'
2010-01-10 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PC-Doctor\pcdlauncher.exe [2009-11-20 10:12]
2010-03-09 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\PC-Doctor\pcdr5cuiw32.exe [2009-11-22 09:14]
2010-03-09 c:\windows\Tasks\User_Feed_Synchronization-{293D2DB0-8F41-41B6-BA38-F7EB5C9F5288}.job
- c:\windows\system32\msfeedssync.exe [2010-01-22 04:56]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} - c:\program files\ICQ7.0\ICQ.exe
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\2nipau4u.default\
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - component: c:\users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\2nipau4u.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\components\nstidy.dll
FF - plugin: c:\progra~1\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: c:\program files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-09 19:06
Windows 6.0.6002 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCDSRVC{3037D694-FD904ACA-06000000}_0]
"ImagePath"="\??\c:\program files\pc-doctor\pcdsrvc.pkms"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,46,46,f9,e9,7e,55,5a,4a,93,ad,fb,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,46,46,f9,e9,7e,55,5a,4a,93,ad,fb,\
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'Explorer.exe'(4636)
c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL
c:\progra~1\ThinkPad\UTILIT~1\US\PWMRT32V.DLL
c:\progra~1\ThinkPad\UTILIT~1\PWMIF32V.DLL
.
Celkový čas: 2010-03-09 19:10:45
ComboFix-quarantined-files.txt 2010-03-09 18:10
ComboFix2.txt 2010-03-09 08:56
ComboFix3.txt 2010-03-08 17:07
Před spuštěním: Volných bajtů: 35 198 750 720
Po spuštění: Volných bajtů: 35 191 820 288
- - End Of File - - 7E5FF62EC38E5747F6A51BCC1CD1C098
-
Unlimited_Killer
- Přítel fóra
- Příspěvky: 1969
- Registrován: 24 srp 2009 16:18
Re: preventivka, děkuji
Logfile of random's system information tool 1.06 (written by random/random)
Run by Jirka at 2010-03-10 18:39:00
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 42 GB (20%) free of 217 GB
Total RAM: 1943 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:40:04, on 10.3.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\TpShocks.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE
C:\Program Files\ThinkVantage\PrdCtr\LPMLCHK.EXE
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe
C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\Digital Line Detect\DLG.exe
C:\Windows\system32\igfxext.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\PWMUIAux.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\programy\ochrana\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\Jirka.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Lenovo ThinkVantage Toolbox - {86B9B5DD-FB75-4035-BD52-3C94F7849CAF} - C:\Program Files\PC-Doctor\ATLPcdToolbar544928.dll
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [FingerPrintSoftware] "C:\Program Files\Lenovo Fingerprint Software\fpapp.exe" \s
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [LPMailChecker] C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BTVLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [Message Center Plus] C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe /start
O4 - HKLM\..\Run: [ACWlIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWlIcon.exe
O4 - HKLM\..\Run: [LENOVO.TPFNF6R] C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TPFNF7] C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe /r
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AMSG] C:\PROGRA~1\THINKV~1\AMSG\Amsg.exe /startup
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
O4 - HKCU\..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
O4 - HKCU\..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - (no file)
O9 - Extra 'Tools' menuitem: Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - (no file)
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\programy\QIP Infium\infium.exe (HKCU)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\System32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: AD Monitor (ADMonitor) - Unknown owner - C:\Windows\system32\ADMonitor.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Windows\system32\AtService.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\Windows\System32\bgsvcgen.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Lenovo Doze Mode Service (DozeSvc) - Lenovo. - C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE
O23 - Service: Data Transfer Service (dtsvc) - Unknown owner - C:\Windows\system32\DTS.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo. - C:\Windows\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - C:\Program Files\Lenovo\System Update\SUService.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\Windows\System32\TPHDEXLG.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TSS Core Service (TSSCoreService) - Lenovo - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
O23 - Service: TVT Backup Protection Service - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: TVT Windows Update Monitor (TVT_UpdateMonitor) - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe
--
End of file - 12739 bytes
======Scheduled tasks folder======
C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
C:\Windows\tasks\SystemToolsDailyTest.job
C:\Windows\tasks\User_Feed_Synchronization-{293D2DB0-8F41-41B6-BA38-F7EB5C9F5288}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00011268-E188-40DF-A514-835FCD78B1BF}]
IE7Pro BHO - C:\Program Files\IEPro\iepro.dll [2009-02-04 752744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2009-10-29 4150160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2009-11-03 556432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{86B9B5DD-FB75-4035-BD52-3C94F7849CAF} - Lenovo ThinkVantage Toolbox - C:\Program Files\PC-Doctor\ATLPcdToolbar544928.dll [2009-11-22 137712]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-12-03 1594664]
"TpShocks"=C:\Windows\system32\TpShocks.exe [2009-12-11 337256]
"TPHOTKEY"=C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [2009-03-13 68976]
"EZEJMNAP"=C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [2008-10-08 256576]
"FingerPrintSoftware"=C:\Program Files\Lenovo Fingerprint Software\fpapp.exe [2009-03-19 1527808]
"TVT Scheduler Proxy"=C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [2008-05-25 487424]
"LPManager"=C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe [2009-07-23 185688]
"LPMailChecker"=C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe [2009-07-23 124248]
"PWMTRV"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor []
"BLOG"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BTVLogEx.DLL,StartBattLog []
"ACTray"=C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe [2009-12-10 435560]
"cssauth"=C:\Program Files\Lenovo\Client Security Solution\cssauth.exe [2008-06-25 3077432]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-02-11 186904]
"Message Center Plus"=C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-27 49976]
"ACWlIcon"=C:\Program Files\ThinkPad\ConnectUtilities\ACWlIcon.exe [2009-12-10 181608]
"LENOVO.TPFNF6R"=C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe [2009-08-20 62752]
"TPKMAPHELPER"=C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe [2007-02-26 992816]
"TPFNF7"=C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe [2009-08-04 62240]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-10-29 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-10-29 175128]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-10-29 166936]
"AMSG"=C:\PROGRA~1\THINKV~1\AMSG\Amsg.exe [2009-09-03 436800]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2010-01-29 1800464]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
"OfficeSyncProcess"=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2009-11-03 649072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPFNF7]
C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe [2009-08-04 62240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\ThinkPad\BLUETO~1\BTTray.exe [2008-03-17 752168]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\Windows\System32\guard32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-10-08 226304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2009-10-29 4150160]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"DisableCAD"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\IEPro\MiniDM.exe"="C:\Program Files\IEPro\MiniDM.exe:*:Enabled:MiniDM"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"
======List of files/folders created in the last 1 months======
2010-03-09 19:10:48 ----D---- C:\Windows\temp
2010-03-09 19:10:46 ----A---- C:\ComboFix.txt
2010-03-09 19:09:59 ----SHD---- C:\$RECYCLE.BIN
2010-03-09 18:55:16 ----D---- C:\ComboFix
2010-03-09 18:54:57 ----A---- C:\Windows\SWXCACLS.exe
2010-03-09 16:41:12 ----A---- C:\Windows\ntbtlog.txt
2010-03-09 16:10:17 ----A---- C:\Windows\system32\SynCtrl.dll
2010-03-09 15:31:42 ----D---- C:\Program Files\Recuva
2010-03-09 09:26:53 ----A---- C:\Windows\NIRCMD.exe
2010-03-09 09:19:43 ----A---- C:\Windows\system32\browserchoice.exe
2010-03-08 17:37:03 ----A---- C:\Windows\PEV.exe
2010-03-08 17:37:03 ----A---- C:\Windows\MBR.exe
2010-03-08 17:34:06 ----D---- C:\Qoobox
2010-03-08 17:20:40 ----D---- C:\_OTM
2010-03-08 10:03:13 ----D---- C:\ProgramData\Conexant
2010-03-05 23:54:04 ----D---- C:\ProgramData\Alawar Stargaze
2010-03-01 16:51:26 ----D---- C:\Config.Msi
2010-03-01 16:45:22 ----A---- C:\Windows\system32\WdfCoInstaller01009.dll
2010-03-01 16:38:49 ----D---- C:\Program Files\Digital Line Detect
2010-03-01 16:37:13 ----D---- C:\Program Files\NetWaiting
2010-03-01 16:35:46 ----A---- C:\Windows\system32\XAudio32.dll
2010-03-01 16:35:46 ----A---- C:\Windows\system32\UCI32M42.dll
2010-03-01 08:39:55 ----D---- C:\Program Files\Common Files\Skype
2010-02-24 11:07:21 ----A---- C:\Windows\system32\jscript.dll
2010-02-24 11:07:09 ----A---- C:\Windows\system32\tzres.dll
2010-02-24 11:06:31 ----A---- C:\Windows\system32\secproc_isv.dll
2010-02-24 11:06:31 ----A---- C:\Windows\system32\secproc.dll
2010-02-24 11:06:30 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-02-24 11:06:30 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-02-24 11:06:29 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-02-24 11:06:29 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-02-24 11:06:29 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-02-24 11:06:29 ----A---- C:\Windows\system32\RMActivate.exe
2010-02-24 11:06:29 ----A---- C:\Windows\system32\msdrm.dll
2010-02-24 11:06:26 ----A---- C:\Windows\system32\gameux.dll
2010-02-24 11:06:25 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-02-24 11:06:24 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
======List of files/folders modified in the last 1 months======
2010-03-10 18:39:02 ----D---- C:\Program Files\trend micro
2010-03-10 18:27:30 ----SHD---- C:\System Volume Information
2010-03-10 18:25:45 ----A---- C:\sysiclog.txt
2010-03-09 19:10:48 ----D---- C:\Windows
2010-03-09 19:06:56 ----A---- C:\Windows\system.ini
2010-03-09 19:01:34 ----D---- C:\Windows\system32\drivers
2010-03-09 19:01:34 ----D---- C:\Windows\System32
2010-03-09 19:01:34 ----D---- C:\Windows\AppPatch
2010-03-09 19:01:32 ----D---- C:\Program Files\Common Files
2010-03-09 18:17:27 ----D---- C:\Users\Jirka\AppData\Roaming\ICQ
2010-03-09 16:12:09 ----D---- C:\Windows\system32\catroot2
2010-03-09 16:12:09 ----D---- C:\Windows\system32\catroot
2010-03-09 16:11:16 ----D---- C:\Windows\inf
2010-03-09 15:31:42 ----RD---- C:\Program Files
2010-03-09 15:04:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-03-09 09:20:23 ----D---- C:\Windows\winsxs
2010-03-08 18:06:24 ----D---- C:\Windows\ERDNT
2010-03-08 17:54:48 ----D---- C:\Windows\system32\config
2010-03-08 10:06:38 ----D---- C:\Windows\Tasks
2010-03-08 10:05:18 ----D---- C:\Windows\system32\Tasks
2010-03-08 10:03:13 ----D---- C:\ProgramData
2010-03-08 09:56:07 ----D---- C:\Program Files\SUPERAntiSpyware
2010-03-08 09:43:24 ----D---- C:\Windows\Debug
2010-03-08 09:41:59 ----D---- C:\Program Files\CCleaner
2010-03-07 16:11:15 ----D---- C:\Users\Jirka\AppData\Roaming\uTorrent
2010-03-06 16:15:32 ----RD---- C:\filmy
2010-03-05 23:53:13 ----D---- C:\hry
2010-03-01 17:23:16 ----D---- C:\Windows\rescache
2010-03-01 16:55:15 ----D---- C:\Windows\system32\wbem
2010-03-01 16:54:23 ----SHD---- C:\Windows\Installer
2010-03-01 16:50:16 ----D---- C:\Windows\Downloaded Installations
2010-03-01 08:42:48 ----D---- C:\Users\Jirka\AppData\Roaming\Skype
2010-03-01 08:40:32 ----D---- C:\Users\Jirka\AppData\Roaming\skypePM
2010-02-24 11:18:30 ----D---- C:\Windows\system32\cs-CZ
2010-02-24 11:18:29 ----RSD---- C:\Windows\Fonts
2010-02-24 09:16:06 ----N---- C:\Windows\system32\MpSigStub.exe
2010-02-21 15:55:04 ----D---- C:\Program Files\ICQ7.0
2010-02-15 07:42:32 ----D---- C:\vše
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 cdrbsdrv;cdrbsdrv; C:\Windows\system32\drivers\cdrbsdrv.sys [2006-02-20 33408]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2010-02-01 130960]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2010-01-29 29520]
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2009-04-11 351744]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2010-01-29 74328]
R1 lenovo.smi;Lenovo System Interface Driver; C:\Windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2010-03-08 12872]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [2010-03-08 66632]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr32v.sys [2009-12-11 11552]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-12-09 56816]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2008-04-09 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-15 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R2 tvtfilter;tvtfilter; C:\Windows\system32\DRIVERS\tvtfilter.sys [2009-01-12 33536]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\XAudio32.sys [2009-04-29 8704]
R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver; C:\Windows\System32\Drivers\ATSwpWDF.sys [2009-03-19 482176]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2009-10-27 460800]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y6032.sys [2009-08-14 220152]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2008-03-26 40832]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2009-06-30 981504]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2009-06-30 207360]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2009-11-18 26608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-10-08 6212096]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2009-03-04 4232704]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2008-09-25 31680]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-12-03 230832]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2008-01-21 45624]
R3 TVTI2C;Lenovo SM bus driver; C:\Windows\system32\DRIVERS\Tvti2c.sys [2008-02-23 37312]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2009-06-30 661504]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S1 tvtumon;tvtumon; C:\Windows\system32\DRIVERS\tvtumon.sys [2008-07-11 48192]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-03-17 81960]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2008-03-17 100392]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2008-01-29 29736]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-03-17 17320]
S3 catchme;catchme; \??\C:\Users\Jirka\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-21 220672]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2009-12-20 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2009-12-20 25512]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-07-08 25280]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 PcdrNdisuio;PCDRNDISUIO Usermode I/O Protocol; C:\Windows\system32\DRIVERS\pcdrndisuio.sys []
S3 PCDSRVC{3037D694-FD904ACA-06000000}_0;PCDSRVC{3037D694-FD904ACA-06000000}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\program files\pc-doctor\pcdsrvc.pkms [2009-11-20 20848]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\Windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\Windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2010-03-08 12872]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-04-19 128104]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-02-09 691696]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcPrfMgrSvc;Ac Profile Manager Service; C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe [2009-12-10 124264]
R2 AcSvc;Access Connections Main Service; C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe [2009-12-10 251240]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 ATService;AuthenTec Fingerprint Service; C:\Windows\system32\AtService.exe [2009-03-19 1680632]
R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\Windows\System32\bgsvcgen.exe [2006-12-28 122512]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe [2008-03-17 518696]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2010-01-29 723632]
R2 DozeSvc;Lenovo Doze Mode Service; C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE [2009-12-11 132456]
R2 dtsvc;Data Transfer Service; C:\Windows\system32\DTS.exe [2009-03-19 98304]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2009-02-27 870672]
R2 HsfXAudioService;HsfXAudioService; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-02-11 354840]
R2 IBMPMSVC;ThinkPad PM Service; C:\Windows\system32\ibmpmsvc.exe [2009-11-18 38248]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 Power Manager DBC Service;Power Manager DBC Service; C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE [2009-12-11 75112]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2009-02-27 473360]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 SUService;System Update; C:\Program Files\Lenovo\System Update\SUService.exe [2009-06-12 28672]
R2 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2008-06-14 746808]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2009-07-15 62320]
R2 TSSCoreService;TSS Core Service; C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe [2008-06-14 779576]
R2 TVT Backup Protection Service;TVT Backup Protection Service; C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe [2008-05-25 520192]
R2 TVT Backup Service;TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [2008-05-25 950272]
R2 TVT Scheduler;TVT Scheduler; c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [2008-05-25 1155072]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-09-26 4639136]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2009-07-03 45424]
S2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
S2 TVT_UpdateMonitor;TVT Windows Update Monitor; C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe [2008-10-09 360448]
S3 ADMonitor;AD Monitor; C:\Windows\system32\ADMonitor.exe [2009-03-19 106496]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2008-01-21 523776]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2009-10-29 30603640]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2009-09-26 149336]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG.exe [2009-10-09 39976]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-04-11 918528]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S4 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-21 21504]
-----------------EOF-----------------
Run by Jirka at 2010-03-10 18:39:00
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 42 GB (20%) free of 217 GB
Total RAM: 1943 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:40:04, on 10.3.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\TpShocks.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE
C:\Program Files\ThinkVantage\PrdCtr\LPMLCHK.EXE
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe
C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\Digital Line Detect\DLG.exe
C:\Windows\system32\igfxext.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\PWMUIAux.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\programy\ochrana\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\Jirka.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Lenovo ThinkVantage Toolbox - {86B9B5DD-FB75-4035-BD52-3C94F7849CAF} - C:\Program Files\PC-Doctor\ATLPcdToolbar544928.dll
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [FingerPrintSoftware] "C:\Program Files\Lenovo Fingerprint Software\fpapp.exe" \s
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [LPMailChecker] C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BTVLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [Message Center Plus] C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe /start
O4 - HKLM\..\Run: [ACWlIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWlIcon.exe
O4 - HKLM\..\Run: [LENOVO.TPFNF6R] C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TPFNF7] C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe /r
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AMSG] C:\PROGRA~1\THINKV~1\AMSG\Amsg.exe /startup
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
O4 - HKCU\..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
O4 - HKCU\..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - (no file)
O9 - Extra 'Tools' menuitem: Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - (no file)
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\programy\QIP Infium\infium.exe (HKCU)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\System32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: AD Monitor (ADMonitor) - Unknown owner - C:\Windows\system32\ADMonitor.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Windows\system32\AtService.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\Windows\System32\bgsvcgen.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Lenovo Doze Mode Service (DozeSvc) - Lenovo. - C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE
O23 - Service: Data Transfer Service (dtsvc) - Unknown owner - C:\Windows\system32\DTS.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo. - C:\Windows\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - C:\Program Files\Lenovo\System Update\SUService.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\Windows\System32\TPHDEXLG.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TSS Core Service (TSSCoreService) - Lenovo - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
O23 - Service: TVT Backup Protection Service - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: TVT Windows Update Monitor (TVT_UpdateMonitor) - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe
--
End of file - 12739 bytes
======Scheduled tasks folder======
C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
C:\Windows\tasks\SystemToolsDailyTest.job
C:\Windows\tasks\User_Feed_Synchronization-{293D2DB0-8F41-41B6-BA38-F7EB5C9F5288}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00011268-E188-40DF-A514-835FCD78B1BF}]
IE7Pro BHO - C:\Program Files\IEPro\iepro.dll [2009-02-04 752744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2009-10-29 4150160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2009-11-03 556432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{86B9B5DD-FB75-4035-BD52-3C94F7849CAF} - Lenovo ThinkVantage Toolbox - C:\Program Files\PC-Doctor\ATLPcdToolbar544928.dll [2009-11-22 137712]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-12-03 1594664]
"TpShocks"=C:\Windows\system32\TpShocks.exe [2009-12-11 337256]
"TPHOTKEY"=C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [2009-03-13 68976]
"EZEJMNAP"=C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [2008-10-08 256576]
"FingerPrintSoftware"=C:\Program Files\Lenovo Fingerprint Software\fpapp.exe [2009-03-19 1527808]
"TVT Scheduler Proxy"=C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [2008-05-25 487424]
"LPManager"=C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe [2009-07-23 185688]
"LPMailChecker"=C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe [2009-07-23 124248]
"PWMTRV"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor []
"BLOG"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BTVLogEx.DLL,StartBattLog []
"ACTray"=C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe [2009-12-10 435560]
"cssauth"=C:\Program Files\Lenovo\Client Security Solution\cssauth.exe [2008-06-25 3077432]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-02-11 186904]
"Message Center Plus"=C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-27 49976]
"ACWlIcon"=C:\Program Files\ThinkPad\ConnectUtilities\ACWlIcon.exe [2009-12-10 181608]
"LENOVO.TPFNF6R"=C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe [2009-08-20 62752]
"TPKMAPHELPER"=C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe [2007-02-26 992816]
"TPFNF7"=C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe [2009-08-04 62240]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-10-29 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-10-29 175128]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-10-29 166936]
"AMSG"=C:\PROGRA~1\THINKV~1\AMSG\Amsg.exe [2009-09-03 436800]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2010-01-29 1800464]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
"OfficeSyncProcess"=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2009-11-03 649072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPFNF7]
C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe [2009-08-04 62240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\ThinkPad\BLUETO~1\BTTray.exe [2008-03-17 752168]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\Windows\System32\guard32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-10-08 226304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2009-10-29 4150160]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"DisableCAD"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\IEPro\MiniDM.exe"="C:\Program Files\IEPro\MiniDM.exe:*:Enabled:MiniDM"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"
======List of files/folders created in the last 1 months======
2010-03-09 19:10:48 ----D---- C:\Windows\temp
2010-03-09 19:10:46 ----A---- C:\ComboFix.txt
2010-03-09 19:09:59 ----SHD---- C:\$RECYCLE.BIN
2010-03-09 18:55:16 ----D---- C:\ComboFix
2010-03-09 18:54:57 ----A---- C:\Windows\SWXCACLS.exe
2010-03-09 16:41:12 ----A---- C:\Windows\ntbtlog.txt
2010-03-09 16:10:17 ----A---- C:\Windows\system32\SynCtrl.dll
2010-03-09 15:31:42 ----D---- C:\Program Files\Recuva
2010-03-09 09:26:53 ----A---- C:\Windows\NIRCMD.exe
2010-03-09 09:19:43 ----A---- C:\Windows\system32\browserchoice.exe
2010-03-08 17:37:03 ----A---- C:\Windows\PEV.exe
2010-03-08 17:37:03 ----A---- C:\Windows\MBR.exe
2010-03-08 17:34:06 ----D---- C:\Qoobox
2010-03-08 17:20:40 ----D---- C:\_OTM
2010-03-08 10:03:13 ----D---- C:\ProgramData\Conexant
2010-03-05 23:54:04 ----D---- C:\ProgramData\Alawar Stargaze
2010-03-01 16:51:26 ----D---- C:\Config.Msi
2010-03-01 16:45:22 ----A---- C:\Windows\system32\WdfCoInstaller01009.dll
2010-03-01 16:38:49 ----D---- C:\Program Files\Digital Line Detect
2010-03-01 16:37:13 ----D---- C:\Program Files\NetWaiting
2010-03-01 16:35:46 ----A---- C:\Windows\system32\XAudio32.dll
2010-03-01 16:35:46 ----A---- C:\Windows\system32\UCI32M42.dll
2010-03-01 08:39:55 ----D---- C:\Program Files\Common Files\Skype
2010-02-24 11:07:21 ----A---- C:\Windows\system32\jscript.dll
2010-02-24 11:07:09 ----A---- C:\Windows\system32\tzres.dll
2010-02-24 11:06:31 ----A---- C:\Windows\system32\secproc_isv.dll
2010-02-24 11:06:31 ----A---- C:\Windows\system32\secproc.dll
2010-02-24 11:06:30 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-02-24 11:06:30 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-02-24 11:06:29 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-02-24 11:06:29 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-02-24 11:06:29 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-02-24 11:06:29 ----A---- C:\Windows\system32\RMActivate.exe
2010-02-24 11:06:29 ----A---- C:\Windows\system32\msdrm.dll
2010-02-24 11:06:26 ----A---- C:\Windows\system32\gameux.dll
2010-02-24 11:06:25 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-02-24 11:06:24 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
======List of files/folders modified in the last 1 months======
2010-03-10 18:39:02 ----D---- C:\Program Files\trend micro
2010-03-10 18:27:30 ----SHD---- C:\System Volume Information
2010-03-10 18:25:45 ----A---- C:\sysiclog.txt
2010-03-09 19:10:48 ----D---- C:\Windows
2010-03-09 19:06:56 ----A---- C:\Windows\system.ini
2010-03-09 19:01:34 ----D---- C:\Windows\system32\drivers
2010-03-09 19:01:34 ----D---- C:\Windows\System32
2010-03-09 19:01:34 ----D---- C:\Windows\AppPatch
2010-03-09 19:01:32 ----D---- C:\Program Files\Common Files
2010-03-09 18:17:27 ----D---- C:\Users\Jirka\AppData\Roaming\ICQ
2010-03-09 16:12:09 ----D---- C:\Windows\system32\catroot2
2010-03-09 16:12:09 ----D---- C:\Windows\system32\catroot
2010-03-09 16:11:16 ----D---- C:\Windows\inf
2010-03-09 15:31:42 ----RD---- C:\Program Files
2010-03-09 15:04:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-03-09 09:20:23 ----D---- C:\Windows\winsxs
2010-03-08 18:06:24 ----D---- C:\Windows\ERDNT
2010-03-08 17:54:48 ----D---- C:\Windows\system32\config
2010-03-08 10:06:38 ----D---- C:\Windows\Tasks
2010-03-08 10:05:18 ----D---- C:\Windows\system32\Tasks
2010-03-08 10:03:13 ----D---- C:\ProgramData
2010-03-08 09:56:07 ----D---- C:\Program Files\SUPERAntiSpyware
2010-03-08 09:43:24 ----D---- C:\Windows\Debug
2010-03-08 09:41:59 ----D---- C:\Program Files\CCleaner
2010-03-07 16:11:15 ----D---- C:\Users\Jirka\AppData\Roaming\uTorrent
2010-03-06 16:15:32 ----RD---- C:\filmy
2010-03-05 23:53:13 ----D---- C:\hry
2010-03-01 17:23:16 ----D---- C:\Windows\rescache
2010-03-01 16:55:15 ----D---- C:\Windows\system32\wbem
2010-03-01 16:54:23 ----SHD---- C:\Windows\Installer
2010-03-01 16:50:16 ----D---- C:\Windows\Downloaded Installations
2010-03-01 08:42:48 ----D---- C:\Users\Jirka\AppData\Roaming\Skype
2010-03-01 08:40:32 ----D---- C:\Users\Jirka\AppData\Roaming\skypePM
2010-02-24 11:18:30 ----D---- C:\Windows\system32\cs-CZ
2010-02-24 11:18:29 ----RSD---- C:\Windows\Fonts
2010-02-24 09:16:06 ----N---- C:\Windows\system32\MpSigStub.exe
2010-02-21 15:55:04 ----D---- C:\Program Files\ICQ7.0
2010-02-15 07:42:32 ----D---- C:\vše
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 cdrbsdrv;cdrbsdrv; C:\Windows\system32\drivers\cdrbsdrv.sys [2006-02-20 33408]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2010-02-01 130960]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2010-01-29 29520]
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2009-04-11 351744]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2010-01-29 74328]
R1 lenovo.smi;Lenovo System Interface Driver; C:\Windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2010-03-08 12872]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [2010-03-08 66632]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr32v.sys [2009-12-11 11552]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-12-09 56816]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2008-04-09 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-15 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R2 tvtfilter;tvtfilter; C:\Windows\system32\DRIVERS\tvtfilter.sys [2009-01-12 33536]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\XAudio32.sys [2009-04-29 8704]
R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver; C:\Windows\System32\Drivers\ATSwpWDF.sys [2009-03-19 482176]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2009-10-27 460800]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y6032.sys [2009-08-14 220152]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2008-03-26 40832]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2009-06-30 981504]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2009-06-30 207360]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2009-11-18 26608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-10-08 6212096]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2009-03-04 4232704]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2008-09-25 31680]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-12-03 230832]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2008-01-21 45624]
R3 TVTI2C;Lenovo SM bus driver; C:\Windows\system32\DRIVERS\Tvti2c.sys [2008-02-23 37312]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2009-06-30 661504]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S1 tvtumon;tvtumon; C:\Windows\system32\DRIVERS\tvtumon.sys [2008-07-11 48192]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-03-17 81960]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2008-03-17 100392]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2008-01-29 29736]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-03-17 17320]
S3 catchme;catchme; \??\C:\Users\Jirka\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-21 220672]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2009-12-20 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2009-12-20 25512]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-07-08 25280]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 PcdrNdisuio;PCDRNDISUIO Usermode I/O Protocol; C:\Windows\system32\DRIVERS\pcdrndisuio.sys []
S3 PCDSRVC{3037D694-FD904ACA-06000000}_0;PCDSRVC{3037D694-FD904ACA-06000000}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\program files\pc-doctor\pcdsrvc.pkms [2009-11-20 20848]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\Windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\Windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2010-03-08 12872]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-04-19 128104]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-02-09 691696]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcPrfMgrSvc;Ac Profile Manager Service; C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe [2009-12-10 124264]
R2 AcSvc;Access Connections Main Service; C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe [2009-12-10 251240]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 ATService;AuthenTec Fingerprint Service; C:\Windows\system32\AtService.exe [2009-03-19 1680632]
R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\Windows\System32\bgsvcgen.exe [2006-12-28 122512]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe [2008-03-17 518696]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2010-01-29 723632]
R2 DozeSvc;Lenovo Doze Mode Service; C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE [2009-12-11 132456]
R2 dtsvc;Data Transfer Service; C:\Windows\system32\DTS.exe [2009-03-19 98304]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2009-02-27 870672]
R2 HsfXAudioService;HsfXAudioService; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-02-11 354840]
R2 IBMPMSVC;ThinkPad PM Service; C:\Windows\system32\ibmpmsvc.exe [2009-11-18 38248]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 Power Manager DBC Service;Power Manager DBC Service; C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE [2009-12-11 75112]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2009-02-27 473360]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 SUService;System Update; C:\Program Files\Lenovo\System Update\SUService.exe [2009-06-12 28672]
R2 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2008-06-14 746808]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2009-07-15 62320]
R2 TSSCoreService;TSS Core Service; C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe [2008-06-14 779576]
R2 TVT Backup Protection Service;TVT Backup Protection Service; C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe [2008-05-25 520192]
R2 TVT Backup Service;TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [2008-05-25 950272]
R2 TVT Scheduler;TVT Scheduler; c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [2008-05-25 1155072]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-09-26 4639136]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2009-07-03 45424]
S2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
S2 TVT_UpdateMonitor;TVT Windows Update Monitor; C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe [2008-10-09 360448]
S3 ADMonitor;AD Monitor; C:\Windows\system32\ADMonitor.exe [2009-03-19 106496]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2008-01-21 523776]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2009-10-29 30603640]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2009-09-26 149336]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG.exe [2009-10-09 39976]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-04-11 918528]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S4 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-21 21504]
-----------------EOF-----------------
-
Unlimited_Killer
- Přítel fóra
- Příspěvky: 1969
- Registrován: 24 srp 2009 16:18
Re: preventivka, děkuji
Omlouvám se za zpoždění. 
1) Fixnutí v HJT
1) Fixnutí v HJT
- Spusťte přejmenované HijackThis - C:\Program Files\Trend Micro\HijackThis\jmeno_uzivatele.exe
- Následně klikněte na 'Do a system scan only'.
- U níže uvedených položek udělejte fajfku do čtverečku a poté klikněte na 'Fix Checked'.
Kód: Vybrat vše
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - - (no file) O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe O9 - Extra button: (no name) - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - (no file) O9 - Extra 'Tools' menuitem: Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - (no file) O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\programy\QIP Infium\infium.exe (HKCU) - Pokud by tam nějaká položka nebyla, vynechte ji.
- Spusťte Poznámkový blok [Start → Spustit → notepad → Enter].
- Do něj vkopírujte následující text:
Kód: Vybrat vše
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=- - Uložte tento soubor například na Plochu jako oprava.reg (vizte obrázek).
- Dvojklikem tento soubor spusťte.
- Restartujte PC a po restartu tento soubor smažte.
- Proklikejte se přes Start do Spustit [klávesová zkratka je Win+R].
- Do textového pole napište:
Kód: Vybrat vše
ComboFix /Uninstall - Stiskněte Enter.
- Spustí se odinstalace ComboFixu, která smaže všechny jeho součásti.
- Stáhněte OTC a dvojklikem ho spusťte.
- Vyskočí okénko, kde kliknete na 'CleanUp!'.
- Potvrdíte kliknutím na 'Yes'.
- Poté se ještě zeptá, zda chcete restartovat PC - to proveďte opět kliknutím na 'Yes'.
- Stáhněte si program jménem CCleaner.
- Normálně nainstalujte, jen dávejte pozor a odškrtněte položku 'Instalovat Yahoo! Toolbar'.
- Spusťte ho.
- Záložka Čistič → nechte zatrženo vše, jak je, a klikněte na 'Spustit CCleaner'.
- Záložka Registry → klikněte na 'Hledej problémy'. Vyhledá problémy v registru, až dokončí analyzování, klikněte na 'Opravit vybrané problémy'. Nabídne Vám vytvoření zálohy - pro jistotu ji vytvořte a uložte například na Plochu.
- CCleaner doporučuji používat pravidelně, celkem rapidně dokáže zrychlit PC.
- Defragmentujte disk.
- Lze to udělat několika způsoby ↓
- Přes defragmentaci integrovanou ve Windows [Start → Spustit → dfrg.msc → Enter]. Toto není příliš účinný způsob.
- Přes jednoduchý a přehledný program jménem Defraggler.
- Přes geniální program, který se nemusí instalovat a je hodně jednoduchý - JKDefrag.
- Abyste měl/a přehled o aktualizacích, doporučuji stáhnout program FileHippo.com UpdateChecker.
- Běžně ho nainstalujte.
- Spouštějte ho například jednou až dvakrát týdně.
- Přehledně zobrazí všechny programy, které jsou neaktualizované, nabídne stažení novější verze (což doporučuji).
- Dávejte si pozor,co dané aplikace instalují 's sebou' → například zbytečné toolbary (lišty).
- Proto se nevyplatí bezmyšlenkovitě klikat na 'Next', popřípadě 'Další'.
inactive
Re: preventivka, děkuji
Logfile of random's system information tool 1.06 (written by random/random)
Run by Jirka at 2010-03-13 17:54:18
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 73 GB (34%) free of 217 GB
Total RAM: 1943 MB (50% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:54:31, on 13.3.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\TpShocks.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE
C:\Program Files\ThinkVantage\PrdCtr\LPMLCHK.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\PWMUIAux.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
C:\Windows\system32\conime.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\programy\ochrana\RSIT.exe
C:\Program Files\trend micro\Jirka.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Lenovo ThinkVantage Toolbox - {86B9B5DD-FB75-4035-BD52-3C94F7849CAF} - C:\Program Files\PC-Doctor\ATLPcdToolbar544928.dll
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [FingerPrintSoftware] "C:\Program Files\Lenovo Fingerprint Software\fpapp.exe" \s
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [LPMailChecker] C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BTVLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [Message Center Plus] C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe /start
O4 - HKLM\..\Run: [ACWlIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWlIcon.exe
O4 - HKLM\..\Run: [LENOVO.TPFNF6R] C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TPFNF7] C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe /r
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AMSG] C:\PROGRA~1\THINKV~1\AMSG\Amsg.exe /startup
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
O4 - HKCU\..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
O4 - HKCU\..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
O4 - HKCU\..\Run: [TPKMAPMN] C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\System32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: AD Monitor (ADMonitor) - Unknown owner - C:\Windows\system32\ADMonitor.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Windows\system32\AtService.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\Windows\System32\bgsvcgen.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Lenovo Doze Mode Service (DozeSvc) - Lenovo. - C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE
O23 - Service: Data Transfer Service (dtsvc) - Unknown owner - C:\Windows\system32\DTS.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo. - C:\Windows\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - C:\Program Files\Lenovo\System Update\SUService.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\Windows\System32\TPHDEXLG.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TSS Core Service (TSSCoreService) - Lenovo - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
O23 - Service: TVT Backup Protection Service - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: TVT Windows Update Monitor (TVT_UpdateMonitor) - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe
--
End of file - 12062 bytes
======Scheduled tasks folder======
C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
C:\Windows\tasks\SystemToolsDailyTest.job
C:\Windows\tasks\User_Feed_Synchronization-{293D2DB0-8F41-41B6-BA38-F7EB5C9F5288}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00011268-E188-40DF-A514-835FCD78B1BF}]
IE7Pro BHO - C:\Program Files\IEPro\iepro.dll [2009-02-04 752744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2009-10-29 4150160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2009-11-03 556432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{86B9B5DD-FB75-4035-BD52-3C94F7849CAF} - Lenovo ThinkVantage Toolbox - C:\Program Files\PC-Doctor\ATLPcdToolbar544928.dll [2009-11-22 137712]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-12-03 1594664]
"TpShocks"=C:\Windows\system32\TpShocks.exe [2009-12-11 337256]
"TPHOTKEY"=C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [2009-03-13 68976]
"EZEJMNAP"=C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [2008-10-08 256576]
"FingerPrintSoftware"=C:\Program Files\Lenovo Fingerprint Software\fpapp.exe [2009-03-19 1527808]
"TVT Scheduler Proxy"=C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [2008-05-25 487424]
"LPManager"=C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe [2009-07-23 185688]
"LPMailChecker"=C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe [2009-07-23 124248]
"PWMTRV"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor []
"BLOG"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BTVLogEx.DLL,StartBattLog []
"ACTray"=C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe [2009-12-10 435560]
"cssauth"=C:\Program Files\Lenovo\Client Security Solution\cssauth.exe [2008-06-25 3077432]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-02-11 186904]
"Message Center Plus"=C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-27 49976]
"ACWlIcon"=C:\Program Files\ThinkPad\ConnectUtilities\ACWlIcon.exe [2009-12-10 181608]
"LENOVO.TPFNF6R"=C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe [2009-08-20 62752]
"TPKMAPHELPER"=C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe [2007-02-26 992816]
"TPFNF7"=C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe [2009-08-04 62240]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-10-29 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-10-29 175128]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-10-29 166936]
"AMSG"=C:\PROGRA~1\THINKV~1\AMSG\Amsg.exe [2009-09-03 436800]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2010-01-29 1800464]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
"OfficeSyncProcess"=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2009-11-03 649072]
"TPKMAPMN"=C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe [2007-02-26 63024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPFNF7]
C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe [2009-08-04 62240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\ThinkPad\BLUETO~1\BTTray.exe [2008-03-17 752168]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\Windows\System32\guard32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-10-08 226304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2009-10-29 4150160]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"DisableCAD"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\IEPro\MiniDM.exe"="C:\Program Files\IEPro\MiniDM.exe:*:Enabled:MiniDM"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"
======List of files/folders created in the last 1 months======
2010-03-13 17:54:18 ----D---- C:\rsit
2010-03-13 08:27:25 ----D---- C:\Program Files\Defraggler
2010-03-11 11:51:18 ----A---- C:\Windows\system32\nshhttp.dll
2010-03-11 11:51:05 ----A---- C:\Windows\system32\httpapi.dll
2010-03-09 19:10:48 ----D---- C:\Windows\temp
2010-03-09 19:09:59 ----SHD---- C:\$RECYCLE.BIN
2010-03-09 16:10:17 ----A---- C:\Windows\system32\SynCtrl.dll
2010-03-09 15:31:42 ----D---- C:\Program Files\Recuva
2010-03-09 09:19:43 ----A---- C:\Windows\system32\browserchoice.exe
2010-03-08 17:37:03 ----A---- C:\Windows\PEV.exe
2010-03-08 17:37:03 ----A---- C:\Windows\MBR.exe
2010-03-08 10:03:13 ----D---- C:\ProgramData\Conexant
2010-03-05 23:54:04 ----D---- C:\ProgramData\Alawar Stargaze
2010-03-01 16:45:22 ----A---- C:\Windows\system32\WdfCoInstaller01009.dll
2010-03-01 16:38:49 ----D---- C:\Program Files\Digital Line Detect
2010-03-01 16:37:13 ----D---- C:\Program Files\NetWaiting
2010-03-01 16:35:46 ----A---- C:\Windows\system32\XAudio32.dll
2010-03-01 16:35:46 ----A---- C:\Windows\system32\UCI32M42.dll
2010-03-01 08:39:55 ----D---- C:\Program Files\Common Files\Skype
2010-02-24 11:07:21 ----A---- C:\Windows\system32\jscript.dll
2010-02-24 11:07:09 ----A---- C:\Windows\system32\tzres.dll
2010-02-24 11:06:31 ----A---- C:\Windows\system32\secproc_isv.dll
2010-02-24 11:06:31 ----A---- C:\Windows\system32\secproc.dll
2010-02-24 11:06:30 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-02-24 11:06:30 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-02-24 11:06:29 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-02-24 11:06:29 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-02-24 11:06:29 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-02-24 11:06:29 ----A---- C:\Windows\system32\RMActivate.exe
2010-02-24 11:06:29 ----A---- C:\Windows\system32\msdrm.dll
2010-02-24 11:06:26 ----A---- C:\Windows\system32\gameux.dll
2010-02-24 11:06:25 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-02-24 11:06:24 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
======List of files/folders modified in the last 1 months======
2010-03-13 17:54:20 ----D---- C:\Program Files\trend micro
2010-03-13 12:09:51 ----SHD---- C:\System Volume Information
2010-03-13 11:00:36 ----D---- C:\Windows
2010-03-13 10:21:13 ----SD---- C:\Users\Jirka\AppData\Roaming\Microsoft
2010-03-13 10:04:29 ----D---- C:\Windows\System32
2010-03-13 10:04:29 ----D---- C:\Windows\inf
2010-03-13 10:04:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-03-13 09:48:47 ----D---- C:\Users\Jirka\AppData\Roaming\Skype
2010-03-13 09:46:38 ----D---- C:\Users\Jirka\AppData\Roaming\skypePM
2010-03-13 09:41:40 ----SHD---- C:\Windows\Installer
2010-03-13 09:41:36 ----D---- C:\Windows\system32\Tasks
2010-03-13 09:40:47 ----D---- C:\Users\Jirka\AppData\Roaming\WinRAR
2010-03-13 09:40:36 ----D---- C:\Program Files\WinRAR
2010-03-13 09:37:49 ----D---- C:\Users\Jirka\AppData\Roaming\uTorrent
2010-03-13 08:27:25 ----RD---- C:\Program Files
2010-03-13 08:25:14 ----D---- C:\Windows\Debug
2010-03-13 08:22:22 ----A---- C:\sysiclog.txt
2010-03-13 08:08:14 ----D---- C:\Program Files\ICQ7.0
2010-03-11 23:49:47 ----D---- C:\Windows\winsxs
2010-03-11 23:36:16 ----D---- C:\Windows\system32\catroot
2010-03-11 23:36:13 ----D---- C:\Windows\system32\catroot2
2010-03-11 23:33:04 ----D---- C:\Program Files\Movie Maker
2010-03-11 23:33:02 ----D---- C:\Windows\system32\drivers
2010-03-11 23:33:02 ----D---- C:\Program Files\Windows Mail
2010-03-11 12:10:19 ----D---- C:\vše
2010-03-10 19:45:34 ----D---- C:\Users\Jirka\AppData\Roaming\ICQ
2010-03-09 19:06:56 ----A---- C:\Windows\system.ini
2010-03-09 19:01:34 ----D---- C:\Windows\AppPatch
2010-03-09 19:01:32 ----D---- C:\Program Files\Common Files
2010-03-08 18:06:24 ----D---- C:\Windows\ERDNT
2010-03-08 17:54:48 ----D---- C:\Windows\system32\config
2010-03-08 10:06:38 ----D---- C:\Windows\Tasks
2010-03-08 10:03:13 ----D---- C:\ProgramData
2010-03-08 09:56:07 ----D---- C:\Program Files\SUPERAntiSpyware
2010-03-08 09:41:59 ----D---- C:\Program Files\CCleaner
2010-03-06 16:15:32 ----RD---- C:\filmy
2010-03-05 23:53:13 ----D---- C:\hry
2010-03-02 06:30:12 ----A---- C:\Windows\system32\mrt.exe
2010-03-01 17:23:16 ----D---- C:\Windows\rescache
2010-03-01 16:55:15 ----D---- C:\Windows\system32\wbem
2010-03-01 16:50:16 ----D---- C:\Windows\Downloaded Installations
2010-02-24 11:18:30 ----D---- C:\Windows\system32\cs-CZ
2010-02-24 11:18:29 ----RSD---- C:\Windows\Fonts
2010-02-24 09:16:06 ----N---- C:\Windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 cdrbsdrv;cdrbsdrv; C:\Windows\system32\drivers\cdrbsdrv.sys [2006-02-20 33408]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2010-02-01 130960]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2010-01-29 29520]
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2009-04-11 351744]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2010-01-29 74328]
R1 lenovo.smi;Lenovo System Interface Driver; C:\Windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2010-03-08 12872]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [2010-03-08 66632]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr32v.sys [2009-12-11 11552]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-12-09 56816]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2008-04-09 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-15 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R2 tvtfilter;tvtfilter; C:\Windows\system32\DRIVERS\tvtfilter.sys [2009-01-12 33536]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\XAudio32.sys [2009-04-29 8704]
R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver; C:\Windows\System32\Drivers\ATSwpWDF.sys [2009-03-19 482176]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2009-10-27 460800]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y6032.sys [2009-08-14 220152]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2008-03-26 40832]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2009-06-30 981504]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2009-06-30 207360]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2009-11-18 26608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-10-08 6212096]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2009-03-04 4232704]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2008-09-25 31680]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-12-03 230832]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2008-01-21 45624]
R3 TVTI2C;Lenovo SM bus driver; C:\Windows\system32\DRIVERS\Tvti2c.sys [2008-02-23 37312]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2009-06-30 661504]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S1 tvtumon;tvtumon; C:\Windows\system32\DRIVERS\tvtumon.sys [2008-07-11 48192]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-03-17 81960]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2008-03-17 100392]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2008-01-29 29736]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-03-17 17320]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-21 220672]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2009-12-20 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2009-12-20 25512]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-07-08 25280]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 PcdrNdisuio;PCDRNDISUIO Usermode I/O Protocol; C:\Windows\system32\DRIVERS\pcdrndisuio.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\Windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\Windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2010-03-08 12872]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-04-19 128104]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-02-09 691696]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcPrfMgrSvc;Ac Profile Manager Service; C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe [2009-12-10 124264]
R2 AcSvc;Access Connections Main Service; C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe [2009-12-10 251240]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 ATService;AuthenTec Fingerprint Service; C:\Windows\system32\AtService.exe [2009-03-19 1680632]
R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\Windows\System32\bgsvcgen.exe [2006-12-28 122512]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe [2008-03-17 518696]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2010-01-29 723632]
R2 DozeSvc;Lenovo Doze Mode Service; C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE [2009-12-11 132456]
R2 dtsvc;Data Transfer Service; C:\Windows\system32\DTS.exe [2009-03-19 98304]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2009-02-27 870672]
R2 HsfXAudioService;HsfXAudioService; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-02-11 354840]
R2 IBMPMSVC;ThinkPad PM Service; C:\Windows\system32\ibmpmsvc.exe [2009-11-18 38248]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 Power Manager DBC Service;Power Manager DBC Service; C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE [2009-12-11 75112]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2009-02-27 473360]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 SUService;System Update; C:\Program Files\Lenovo\System Update\SUService.exe [2009-06-12 28672]
R2 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2008-06-14 746808]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2009-07-15 62320]
R2 TSSCoreService;TSS Core Service; C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe [2008-06-14 779576]
R2 TVT Backup Protection Service;TVT Backup Protection Service; C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe [2008-05-25 520192]
R2 TVT Backup Service;TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [2008-05-25 950272]
R2 TVT Scheduler;TVT Scheduler; c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [2008-05-25 1155072]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-09-26 4639136]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2009-07-03 45424]
S2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
S2 TVT_UpdateMonitor;TVT Windows Update Monitor; C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe [2008-10-09 360448]
S3 ADMonitor;AD Monitor; C:\Windows\system32\ADMonitor.exe [2009-03-19 106496]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2008-01-21 523776]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2009-10-29 30603640]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2009-09-26 149336]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG.exe [2009-10-09 39976]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-04-11 918528]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S4 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-21 21504]
-----------------EOF-----------------
Run by Jirka at 2010-03-13 17:54:18
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 73 GB (34%) free of 217 GB
Total RAM: 1943 MB (50% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:54:31, on 13.3.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\TpShocks.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE
C:\Program Files\ThinkVantage\PrdCtr\LPMLCHK.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\PWMUIAux.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
C:\Windows\system32\conime.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\programy\ochrana\RSIT.exe
C:\Program Files\trend micro\Jirka.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Lenovo ThinkVantage Toolbox - {86B9B5DD-FB75-4035-BD52-3C94F7849CAF} - C:\Program Files\PC-Doctor\ATLPcdToolbar544928.dll
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [FingerPrintSoftware] "C:\Program Files\Lenovo Fingerprint Software\fpapp.exe" \s
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [LPMailChecker] C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BTVLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [Message Center Plus] C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe /start
O4 - HKLM\..\Run: [ACWlIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWlIcon.exe
O4 - HKLM\..\Run: [LENOVO.TPFNF6R] C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TPFNF7] C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe /r
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AMSG] C:\PROGRA~1\THINKV~1\AMSG\Amsg.exe /startup
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
O4 - HKCU\..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
O4 - HKCU\..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
O4 - HKCU\..\Run: [TPKMAPMN] C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\System32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: AD Monitor (ADMonitor) - Unknown owner - C:\Windows\system32\ADMonitor.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Windows\system32\AtService.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\Windows\System32\bgsvcgen.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Lenovo Doze Mode Service (DozeSvc) - Lenovo. - C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE
O23 - Service: Data Transfer Service (dtsvc) - Unknown owner - C:\Windows\system32\DTS.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo. - C:\Windows\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - C:\Program Files\Lenovo\System Update\SUService.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\Windows\System32\TPHDEXLG.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TSS Core Service (TSSCoreService) - Lenovo - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
O23 - Service: TVT Backup Protection Service - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: TVT Windows Update Monitor (TVT_UpdateMonitor) - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe
--
End of file - 12062 bytes
======Scheduled tasks folder======
C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
C:\Windows\tasks\SystemToolsDailyTest.job
C:\Windows\tasks\User_Feed_Synchronization-{293D2DB0-8F41-41B6-BA38-F7EB5C9F5288}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00011268-E188-40DF-A514-835FCD78B1BF}]
IE7Pro BHO - C:\Program Files\IEPro\iepro.dll [2009-02-04 752744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2009-10-29 4150160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2009-11-03 556432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{86B9B5DD-FB75-4035-BD52-3C94F7849CAF} - Lenovo ThinkVantage Toolbox - C:\Program Files\PC-Doctor\ATLPcdToolbar544928.dll [2009-11-22 137712]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-12-03 1594664]
"TpShocks"=C:\Windows\system32\TpShocks.exe [2009-12-11 337256]
"TPHOTKEY"=C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [2009-03-13 68976]
"EZEJMNAP"=C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [2008-10-08 256576]
"FingerPrintSoftware"=C:\Program Files\Lenovo Fingerprint Software\fpapp.exe [2009-03-19 1527808]
"TVT Scheduler Proxy"=C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [2008-05-25 487424]
"LPManager"=C:\PROGRA~1\THINKV~1\PrdCtr\LPMGR.exe [2009-07-23 185688]
"LPMailChecker"=C:\PROGRA~1\THINKV~1\PrdCtr\LPMLCHK.exe [2009-07-23 124248]
"PWMTRV"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor []
"BLOG"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BTVLogEx.DLL,StartBattLog []
"ACTray"=C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe [2009-12-10 435560]
"cssauth"=C:\Program Files\Lenovo\Client Security Solution\cssauth.exe [2008-06-25 3077432]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-02-11 186904]
"Message Center Plus"=C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-27 49976]
"ACWlIcon"=C:\Program Files\ThinkPad\ConnectUtilities\ACWlIcon.exe [2009-12-10 181608]
"LENOVO.TPFNF6R"=C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe [2009-08-20 62752]
"TPKMAPHELPER"=C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe [2007-02-26 992816]
"TPFNF7"=C:\PROGRA~1\Lenovo\NPDIRECT\TPFNF7SP.exe [2009-08-04 62240]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-10-29 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-10-29 175128]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-10-29 166936]
"AMSG"=C:\PROGRA~1\THINKV~1\AMSG\Amsg.exe [2009-09-03 436800]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2010-01-29 1800464]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
"OfficeSyncProcess"=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2009-11-03 649072]
"TPKMAPMN"=C:\Program Files\ThinkPad\Utilities\TpKmapMn.exe [2007-02-26 63024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPFNF7]
C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe [2009-08-04 62240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\ThinkPad\BLUETO~1\BTTray.exe [2008-03-17 752168]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\Windows\System32\guard32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-10-08 226304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2009-10-29 4150160]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"DisableCAD"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\IEPro\MiniDM.exe"="C:\Program Files\IEPro\MiniDM.exe:*:Enabled:MiniDM"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"
======List of files/folders created in the last 1 months======
2010-03-13 17:54:18 ----D---- C:\rsit
2010-03-13 08:27:25 ----D---- C:\Program Files\Defraggler
2010-03-11 11:51:18 ----A---- C:\Windows\system32\nshhttp.dll
2010-03-11 11:51:05 ----A---- C:\Windows\system32\httpapi.dll
2010-03-09 19:10:48 ----D---- C:\Windows\temp
2010-03-09 19:09:59 ----SHD---- C:\$RECYCLE.BIN
2010-03-09 16:10:17 ----A---- C:\Windows\system32\SynCtrl.dll
2010-03-09 15:31:42 ----D---- C:\Program Files\Recuva
2010-03-09 09:19:43 ----A---- C:\Windows\system32\browserchoice.exe
2010-03-08 17:37:03 ----A---- C:\Windows\PEV.exe
2010-03-08 17:37:03 ----A---- C:\Windows\MBR.exe
2010-03-08 10:03:13 ----D---- C:\ProgramData\Conexant
2010-03-05 23:54:04 ----D---- C:\ProgramData\Alawar Stargaze
2010-03-01 16:45:22 ----A---- C:\Windows\system32\WdfCoInstaller01009.dll
2010-03-01 16:38:49 ----D---- C:\Program Files\Digital Line Detect
2010-03-01 16:37:13 ----D---- C:\Program Files\NetWaiting
2010-03-01 16:35:46 ----A---- C:\Windows\system32\XAudio32.dll
2010-03-01 16:35:46 ----A---- C:\Windows\system32\UCI32M42.dll
2010-03-01 08:39:55 ----D---- C:\Program Files\Common Files\Skype
2010-02-24 11:07:21 ----A---- C:\Windows\system32\jscript.dll
2010-02-24 11:07:09 ----A---- C:\Windows\system32\tzres.dll
2010-02-24 11:06:31 ----A---- C:\Windows\system32\secproc_isv.dll
2010-02-24 11:06:31 ----A---- C:\Windows\system32\secproc.dll
2010-02-24 11:06:30 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-02-24 11:06:30 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-02-24 11:06:29 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-02-24 11:06:29 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-02-24 11:06:29 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-02-24 11:06:29 ----A---- C:\Windows\system32\RMActivate.exe
2010-02-24 11:06:29 ----A---- C:\Windows\system32\msdrm.dll
2010-02-24 11:06:26 ----A---- C:\Windows\system32\gameux.dll
2010-02-24 11:06:25 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-02-24 11:06:24 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
======List of files/folders modified in the last 1 months======
2010-03-13 17:54:20 ----D---- C:\Program Files\trend micro
2010-03-13 12:09:51 ----SHD---- C:\System Volume Information
2010-03-13 11:00:36 ----D---- C:\Windows
2010-03-13 10:21:13 ----SD---- C:\Users\Jirka\AppData\Roaming\Microsoft
2010-03-13 10:04:29 ----D---- C:\Windows\System32
2010-03-13 10:04:29 ----D---- C:\Windows\inf
2010-03-13 10:04:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-03-13 09:48:47 ----D---- C:\Users\Jirka\AppData\Roaming\Skype
2010-03-13 09:46:38 ----D---- C:\Users\Jirka\AppData\Roaming\skypePM
2010-03-13 09:41:40 ----SHD---- C:\Windows\Installer
2010-03-13 09:41:36 ----D---- C:\Windows\system32\Tasks
2010-03-13 09:40:47 ----D---- C:\Users\Jirka\AppData\Roaming\WinRAR
2010-03-13 09:40:36 ----D---- C:\Program Files\WinRAR
2010-03-13 09:37:49 ----D---- C:\Users\Jirka\AppData\Roaming\uTorrent
2010-03-13 08:27:25 ----RD---- C:\Program Files
2010-03-13 08:25:14 ----D---- C:\Windows\Debug
2010-03-13 08:22:22 ----A---- C:\sysiclog.txt
2010-03-13 08:08:14 ----D---- C:\Program Files\ICQ7.0
2010-03-11 23:49:47 ----D---- C:\Windows\winsxs
2010-03-11 23:36:16 ----D---- C:\Windows\system32\catroot
2010-03-11 23:36:13 ----D---- C:\Windows\system32\catroot2
2010-03-11 23:33:04 ----D---- C:\Program Files\Movie Maker
2010-03-11 23:33:02 ----D---- C:\Windows\system32\drivers
2010-03-11 23:33:02 ----D---- C:\Program Files\Windows Mail
2010-03-11 12:10:19 ----D---- C:\vše
2010-03-10 19:45:34 ----D---- C:\Users\Jirka\AppData\Roaming\ICQ
2010-03-09 19:06:56 ----A---- C:\Windows\system.ini
2010-03-09 19:01:34 ----D---- C:\Windows\AppPatch
2010-03-09 19:01:32 ----D---- C:\Program Files\Common Files
2010-03-08 18:06:24 ----D---- C:\Windows\ERDNT
2010-03-08 17:54:48 ----D---- C:\Windows\system32\config
2010-03-08 10:06:38 ----D---- C:\Windows\Tasks
2010-03-08 10:03:13 ----D---- C:\ProgramData
2010-03-08 09:56:07 ----D---- C:\Program Files\SUPERAntiSpyware
2010-03-08 09:41:59 ----D---- C:\Program Files\CCleaner
2010-03-06 16:15:32 ----RD---- C:\filmy
2010-03-05 23:53:13 ----D---- C:\hry
2010-03-02 06:30:12 ----A---- C:\Windows\system32\mrt.exe
2010-03-01 17:23:16 ----D---- C:\Windows\rescache
2010-03-01 16:55:15 ----D---- C:\Windows\system32\wbem
2010-03-01 16:50:16 ----D---- C:\Windows\Downloaded Installations
2010-02-24 11:18:30 ----D---- C:\Windows\system32\cs-CZ
2010-02-24 11:18:29 ----RSD---- C:\Windows\Fonts
2010-02-24 09:16:06 ----N---- C:\Windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 cdrbsdrv;cdrbsdrv; C:\Windows\system32\drivers\cdrbsdrv.sys [2006-02-20 33408]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2010-02-01 130960]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2010-01-29 29520]
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2009-04-11 351744]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2010-01-29 74328]
R1 lenovo.smi;Lenovo System Interface Driver; C:\Windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2010-03-08 12872]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [2010-03-08 66632]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr32v.sys [2009-12-11 11552]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-12-09 56816]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2008-04-09 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-15 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R2 tvtfilter;tvtfilter; C:\Windows\system32\DRIVERS\tvtfilter.sys [2009-01-12 33536]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\XAudio32.sys [2009-04-29 8704]
R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver; C:\Windows\System32\Drivers\ATSwpWDF.sys [2009-03-19 482176]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2009-10-27 460800]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y6032.sys [2009-08-14 220152]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2008-03-26 40832]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2009-06-30 981504]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2009-06-30 207360]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2009-11-18 26608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-10-08 6212096]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2009-03-04 4232704]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2008-09-25 31680]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-12-03 230832]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2008-01-21 45624]
R3 TVTI2C;Lenovo SM bus driver; C:\Windows\system32\DRIVERS\Tvti2c.sys [2008-02-23 37312]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2009-06-30 661504]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S1 tvtumon;tvtumon; C:\Windows\system32\DRIVERS\tvtumon.sys [2008-07-11 48192]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-03-17 81960]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2008-03-17 100392]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2008-01-29 29736]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-03-17 17320]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-21 220672]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2009-12-20 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2009-12-20 25512]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-07-08 25280]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 PcdrNdisuio;PCDRNDISUIO Usermode I/O Protocol; C:\Windows\system32\DRIVERS\pcdrndisuio.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\Windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\Windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2010-03-08 12872]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-04-19 128104]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-02-09 691696]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcPrfMgrSvc;Ac Profile Manager Service; C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe [2009-12-10 124264]
R2 AcSvc;Access Connections Main Service; C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe [2009-12-10 251240]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 ATService;AuthenTec Fingerprint Service; C:\Windows\system32\AtService.exe [2009-03-19 1680632]
R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\Windows\System32\bgsvcgen.exe [2006-12-28 122512]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe [2008-03-17 518696]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2010-01-29 723632]
R2 DozeSvc;Lenovo Doze Mode Service; C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE [2009-12-11 132456]
R2 dtsvc;Data Transfer Service; C:\Windows\system32\DTS.exe [2009-03-19 98304]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2009-02-27 870672]
R2 HsfXAudioService;HsfXAudioService; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-02-11 354840]
R2 IBMPMSVC;ThinkPad PM Service; C:\Windows\system32\ibmpmsvc.exe [2009-11-18 38248]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 Power Manager DBC Service;Power Manager DBC Service; C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE [2009-12-11 75112]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2009-02-27 473360]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 SUService;System Update; C:\Program Files\Lenovo\System Update\SUService.exe [2009-06-12 28672]
R2 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2008-06-14 746808]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2009-07-15 62320]
R2 TSSCoreService;TSS Core Service; C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe [2008-06-14 779576]
R2 TVT Backup Protection Service;TVT Backup Protection Service; C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe [2008-05-25 520192]
R2 TVT Backup Service;TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [2008-05-25 950272]
R2 TVT Scheduler;TVT Scheduler; c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [2008-05-25 1155072]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-09-26 4639136]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2009-07-03 45424]
S2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
S2 TVT_UpdateMonitor;TVT Windows Update Monitor; C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe [2008-10-09 360448]
S3 ADMonitor;AD Monitor; C:\Windows\system32\ADMonitor.exe [2009-03-19 106496]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2008-01-21 523776]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2009-10-29 30603640]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2009-09-26 149336]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG.exe [2009-10-09 39976]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-04-11 918528]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S4 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-21 21504]
-----------------EOF-----------------
-
Unlimited_Killer
- Přítel fóra
- Příspěvky: 1969
- Registrován: 24 srp 2009 16:18
Re: preventivka, děkuji
Poslední kroky.
1) Reg soubor
1) Reg soubor
- Spusťte Poznámkový blok [Start → Spustit → notepad → Enter].
- Do něj vkopírujte následující text:
Kód: Vybrat vše
Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart] [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart] - Uložte tento soubor například na Plochu jako oprava.reg (vizte obrázek).
- Dvojklikem tento soubor spusťte.
- Restartujte PC a po restartu tento soubor smažte.
- Spusťte Poznámkový blok [Start → Spustit → notepad → Enter].
- Do něho vkopírujte následující text:
Kód: Vybrat vše
del "C:\Windows\PEV.exe" del "C:\Windows\MBR.exe" - Uložte soubor například na Plochu jako del.bat [vizte obrázek] a dvojklikem jej spusťte.
- Mělo by jen na chvíli probliknout černé okénko.
- Po použití tento soubor smažte.
inactive
Re: preventivka, děkuji
Windowsy při startu nabíhají rychleji, k tomu asi nejvíce pomohla defragmentace, protože fragmentováno bylo přes 20 procent disku. Taky jsem rád, že jste mi poradil, jak se zbavit těch vyhledávačů, které tam nacpal qip. Jinak mi to z laického pohledu přijde stejné, jako předtím.
-
Unlimited_Killer
- Přítel fóra
- Příspěvky: 1969
- Registrován: 24 srp 2009 16:18
Re: preventivka, děkuji
Ok, děkuji za pomoc, zašlu alespoň nějaký příspěvek. I když odvedené vaší práci neodpovídající. Fórum je fajn a vždy mi tu dobře poradí. 
-
Unlimited_Killer
- Přítel fóra
- Příspěvky: 1969
- Registrován: 24 srp 2009 16:18
Přispějete na provoz fóra?