Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosim o preventivku

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
maroskobj1
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 19 lis 2009 21:19

Prosim o preventivku

#1 Příspěvek od maroskobj1 »

zda sa mi ze notebook je pomaly

Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrator at 2010-03-25 14:18:28
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 13 GB (19%) free of 69 GB
Total RAM: 1015 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:18:34, on 25.3.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\IFXTCS.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
C:\WINDOWS\SYSTEM32\WISPTIS.EXE
C:\Program Files\HPQ\IAM\bin\asghost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\tabbtnu.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\IFXSPMGT.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
C:\Program Files\ProtectTools\Embedded Security Software\PSDrt.exe
C:\Program Files\ProtectTools\Embedded Security Software\SpTna.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\SMINST\Scheduler.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\HPQ\HP ProtectTools Security Manager\PTServs.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
C:\Program Files\Opera\opera.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
c:\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_1.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_1.dll
O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe
O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\WINDOWS\system32\AccelerometerSt.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe
O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{A929C1B8-C37E-4875-8544-93F1E2B8E875}: NameServer = 192.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: OneCard - C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\IFXSPMGT.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\IFXTCS.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE

--
End of file - 11049 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2006-06-13 110652]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2010-01-17 1191424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-17 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
HP Credential Manager for ProtectTools - C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll [2005-03-03 50688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-17 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
BS Player Toolbar - C:\Program Files\BS_Player\tbBS_1.dll [2010-03-06 2349080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2010-01-17 1191424]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-11-24 953800]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - BS Player Toolbar - C:\Program Files\BS_Player\tbBS_1.dll [2010-03-06 2349080]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TabletWizard"=C:\WINDOWS\help\SplshWrp.exe [2008-04-14 16384]
"TabletTip"=C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe [2008-04-14 271872]
"MsmqIntCert"=regsvr32 /s mqrt.dll []
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2006-01-30 88203]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2005-05-20 925696]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2005-05-06 716800]
"AccelerometerSysTrayApplet"=C:\WINDOWS\system32\AccelerometerSt.exe [2006-01-17 53248]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2010-01-17 149280]
"PTHOSTTR"=C:\Program Files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE [2006-02-14 122880]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2005-02-17 49152]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-03-03 761948]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2006-03-23 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2006-03-23 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2006-03-23 118784]
"hpWirelessAssistant"=C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [2006-02-14 454656]
"CognizanceTS"=C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll [2003-12-22 17920]
"QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2006-03-07 131072]
"Cpqset"=C:\Program Files\HPQ\Default Settings\cpqset.exe [2006-02-22 40960]
"Recguard"=C:\WINDOWS\Sminst\Recguard.exe [2005-12-20 1187840]
"Reminder"=C:\WINDOWS\Creator\Remind_XP.exe [2006-03-10 806912]
"Scheduler"=C:\WINDOWS\SMINST\Scheduler.exe [2006-02-15 892928]
"WatchDog"=C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [2005-11-08 184320]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-11-16 2054360]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"IntelliPoint"=c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2009-06-01 1468296]
"DLA"=C:\WINDOWS\System32\DLA\DLACTRLW.EXE [2006-06-13 127036]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-12-23 143360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IfxWlxEN]
C:\WINDOWS\system32\IfxWlxEN.dll [2005-08-19 389120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-03-23 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\loginkey]
C:\Program Files\Common Files\Microsoft Shared\Ink\loginkey.dll [2008-04-14 47104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\OneCard]
C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll [2005-07-25 40960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\TabBtnWL]
C:\WINDOWS\system32\TabBtnWL.dll [2002-08-29 11776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tpgwlnotify]
C:\WINDOWS\system32\tpgwlnot.dll [2008-04-14 32256]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
AsWlnPkg

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1
"DisableChangePassword"=1
"DisableLockWorkstation"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoLogoff"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\mqsvc.exe"="C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing"
"C:\WINDOWS\SMINST\Scheduler.exe"="C:\WINDOWS\SMINST\Scheduler.exe:*:Enabled:Scheduler "
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat"="C:\Program Files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat:*:Enabled:The Battle for Middle-earth(tm) II"
"C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\mqsvc.exe"="C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-03-24 22:10:58 ----A---- C:\taskmgr.exe
2010-03-24 21:56:29 ----HD---- C:\WINDOWS\system32\GroupPolicy
2010-03-24 21:13:41 ----D---- C:\Program Files\trend micro
2010-03-24 21:13:36 ----D---- C:\rsit
2010-03-24 21:13:28 ----A---- C:\RSIT.exe
2010-03-22 14:57:16 ----D---- C:\Documents and Settings\All Users\Application Data\TmForever
2010-03-22 14:56:50 ----A---- C:\tmunitedforever_fromtmu_setup.exe
2010-03-22 14:53:39 ----D---- C:\Program Files\TmNationsForever
2010-03-22 13:58:41 ----A---- C:\tmnationsforever_setup.exe
2010-03-15 16:46:05 ----D---- C:\WINDOWS\Minidump
2010-03-15 16:24:58 ----D---- C:\Program Files\Cenega Czech
2010-03-11 10:39:43 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-03-08 09:46:39 ----RD---- C:\BRIA-DOGS
2010-03-08 06:09:44 ----SHD---- C:\Config.Msi
2010-03-08 06:07:37 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-03-07 20:03:15 ----D---- C:\WINDOWS\system32\XPSViewer
2010-03-07 20:03:12 ----D---- C:\Program Files\MSBuild
2010-03-07 20:03:05 ----D---- C:\Program Files\Reference Assemblies
2010-03-07 20:02:45 ----N---- C:\WINDOWS\system32\prntvpt.dll
2010-03-07 20:02:44 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2010-03-07 20:02:43 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2010-03-07 20:02:43 ----D---- C:\1d12b3a09e13b82bd10c26217401
2010-03-07 15:51:26 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-03-07 12:50:31 ----D---- C:\Program Files\Common Files\Pinnacle
2010-03-07 12:50:12 ----D---- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio Ultimate
2010-03-07 12:42:47 ----D---- C:\Program Files\Common Files\Yahoo!
2010-03-07 12:42:46 ----D---- C:\Program Files\Pinnacle
2010-03-07 12:42:46 ----D---- C:\Documents and Settings\All Users\Application Data\Studio 12
2010-03-07 12:42:46 ----D---- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio Plus
2010-03-07 12:39:59 ----D---- C:\Documents and Settings\All Users\Application Data\Pinnacle
2010-03-07 12:12:42 ----D---- C:\Documents and Settings\Administrator\Application Data\Sony Corporation
2010-03-07 12:06:46 ----A---- C:\WINDOWS\system32\DLAAPI_W.DLL
2010-03-07 12:06:46 ----A---- C:\WINDOWS\DLA.EXE
2010-03-07 12:03:14 ----A---- C:\WINDOWS\system32\PxInsI64.exe
2010-03-07 12:03:14 ----A---- C:\WINDOWS\system32\PxInsA64.exe
2010-03-07 12:03:14 ----A---- C:\WINDOWS\system32\pxhpinst.exe
2010-03-07 12:03:14 ----A---- C:\WINDOWS\system32\PxCpyI64.exe
2010-03-07 12:03:14 ----A---- C:\WINDOWS\system32\PxCpyA64.exe
2010-03-07 12:02:57 ----D---- C:\Program Files\Sony
2010-03-07 12:01:58 ----D---- C:\Documents and Settings\Administrator\Application Data\InstallShield
2010-03-07 11:55:23 ----D---- C:\Documents and Settings\All Users\Application Data\Sony Corporation
2010-03-05 21:45:38 ----D---- C:\Program Files\CCleaner
2010-03-02 19:16:39 ----D---- C:\Documents and Settings\Administrator\Application Data\My Battle for Middle-earth(tm) II Files
2010-03-02 18:23:27 ----D---- C:\Program Files\Electronic Arts
2010-02-28 07:35:32 ----D---- C:\Program Files\Conduit
2010-02-28 07:35:31 ----D---- C:\Program Files\BS_Player
2010-02-28 07:35:26 ----D---- C:\Documents and Settings\Administrator\Application Data\BSplayer Pro
2010-02-28 07:35:26 ----D---- C:\Documents and Settings\Administrator\Application Data\BSplayer
2010-02-28 07:35:18 ----D---- C:\Program Files\Webteh

======List of files/folders modified in the last 1 months======

2010-03-25 14:17:45 ----D---- C:\WINDOWS\Temp
2010-03-25 08:04:44 ----D---- C:\projekt
2010-03-25 07:35:11 ----D---- C:\WINDOWS\SMINST
2010-03-25 07:35:09 ----D---- C:\WINDOWS
2010-03-25 07:35:02 ----D---- C:\WINDOWS\system32
2010-03-24 22:40:29 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-24 22:11:03 ----D---- C:\WINDOWS\Prefetch
2010-03-24 21:13:50 ----D---- C:\Documents and Settings\Administrator\Application Data\Skype
2010-03-24 21:13:41 ----RD---- C:\Program Files
2010-03-24 18:37:58 ----D---- C:\Documents and Settings\Administrator\Application Data\skypePM
2010-03-22 14:57:04 ----D---- C:\WINDOWS\system32\DirectX
2010-03-22 14:57:02 ----RSD---- C:\WINDOWS\assembly
2010-03-22 14:56:39 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-15 15:19:46 ----D---- C:\WINDOWS\Debug
2010-03-12 16:17:30 ----D---- C:\DURO
2010-03-11 20:58:46 ----D---- C:\Program Files\JDownloader
2010-03-11 15:24:55 ----HD---- C:\WINDOWS\inf
2010-03-11 10:39:50 ----RSHD---- C:\WINDOWS\system32\dllcache
2010-03-11 10:39:48 ----D---- C:\Program Files\Movie Maker
2010-03-11 10:39:35 ----HD---- C:\WINDOWS\$hf_mig$
2010-03-10 15:42:06 ----D---- C:\MRPPRN
2010-03-08 06:47:27 ----D---- C:\WINDOWS\Microsoft.Net
2010-03-08 06:11:46 ----SHD---- C:\WINDOWS\Installer
2010-03-08 06:11:37 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-08 06:11:13 ----D---- C:\WINDOWS\WinSxS
2010-03-08 06:08:29 ----D---- C:\WINDOWS\system32\CatRoot
2010-03-07 20:03:11 ----D---- C:\WINDOWS\system32\en-US
2010-03-07 20:03:10 ----RSD---- C:\WINDOWS\Fonts
2010-03-07 20:02:55 ----D---- C:\WINDOWS\system32\spool
2010-03-07 12:50:46 ----D---- C:\WINDOWS\system32\drivers
2010-03-07 12:50:42 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-03-07 12:50:31 ----D---- C:\Program Files\Common Files
2010-03-07 12:09:25 ----HD---- C:\Program Files\InstallShield Installation Information
2010-03-07 12:07:23 ----A---- C:\WINDOWS\wininit.ini
2010-03-07 12:06:47 ----D---- C:\WINDOWS\system32\DLA
2010-03-07 12:06:39 ----D---- C:\Program Files\Sonic
2010-03-05 21:58:01 ----SHD---- C:\System Volume Information
2010-03-05 21:58:01 ----D---- C:\WINDOWS\system32\Restore
2010-03-02 19:21:30 ----A---- C:\WINDOWS\Spidey.ini
2010-03-02 06:30:12 ----A---- C:\WINDOWS\system32\MRT.exe
2010-02-28 20:23:51 ----A---- C:\WINDOWS\NeroDigital.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2006-03-17 5660]
R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2006-03-17 22684]
R1 eabfiltr;eabfiltr; C:\WINDOWS\system32\DRIVERS\eabfiltr.sys [2005-09-19 7808]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2009-11-16 55768]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\WINDOWS\System32\drivers\psd.sys [2005-10-25 35488]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-06-13 25724]
R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2006-06-13 2496]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-06-13 86844]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-06-13 14716]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-06-13 6364]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-06-13 88476]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-06-13 94460]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2006-03-17 40544]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-11-16 116520]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2009-11-16 135048]
R2 irda;IrDA Protocol; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R3 Accelerometer;Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2006-01-10 22016]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-02-28 176128]
R3 AEAudioService;AEAudio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2005-06-07 152960]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2006-01-30 1120352]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (AES2500); C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys [2006-03-11 130048]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2006-01-12 142720]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-02-27 1342602]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2009-06-19 33096]
R3 GTIPCI21;GTIPCI21; C:\WINDOWS\system32\DRIVERS\gtipci21.sys [2006-02-28 87808]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2005-09-19 9344]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-03-23 1166972]
R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2005-06-10 35968]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 MQAC;Message Queuing access control; \??\C:\WINDOWS\system32\drivers\mqac.sys []
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2009-06-01 27792]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RMCAST;Reliable Multicast Protocol driver; \??\C:\WINDOWS\system32\drivers\RMCast.sys []
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SMCIRDA;SMC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2001-08-17 35913]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-03 192736]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-11-30 162560]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2006-01-19 1428096]
R3 WacomISDPen;Wacom Penabled HID MiniDriver; C:\WINDOWS\system32\DRIVERS\wacomisdpen.sys [2005-07-14 23936]
S3 ahqe1mra;ahqe1mra; C:\WINDOWS\system32\drivers\ahqe1mra.sys []
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2006-02-27 401664]
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-02-27 30363]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-02-27 148168]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-02-27 57096]
S3 eabusb;eabusb; C:\WINDOWS\system32\DRIVERS\eabusb.sys [2005-09-19 5760]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WacomPen;Wacom Serial Pen HID Driver; C:\WINDOWS\system32\DRIVERS\wacompen.sys [2008-04-13 14208]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASChannel;Local Communication Channel; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-02-27 258103]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-11-16 735960]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-03-15 135168]
R2 IFXSpMgtSrv;Security Platform Management Service; C:\WINDOWS\system32\IFXSPMGT.exe [2006-01-10 458752]
R2 IFXTCS;Trusted Platform Core Service; C:\WINDOWS\system32\IFXTCS.exe [2005-09-02 647168]
R2 Irmon;Infrared Monitor; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-01-17 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-02-17 73728]
R2 MSMQ;Message Queuing; C:\WINDOWS\system32\mqsvc.exe [2009-06-22 4608]
R2 MSMQTriggers;Message Queuing Triggers; C:\WINDOWS\system32\mqtgsvc.exe [2009-06-22 117248]
R2 PersonalSecureDriveService;Personal Secure Drive Service; C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE [2005-08-19 173600]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]
S2 PCA;PC Angel; C:\WINDOWS\SMINST\PCAngel.exe [2006-01-12 294912]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-11-16 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-05 774144]
S3 WmcCds;Windows Media Connect (WMC); c:\program files\windows media connect\mswmccds.exe [2004-08-11 483328]
S3 WmcCdsLs;Windows Media Connect (WMC) Helper; C:\Program Files\Windows Media Connect\mswmcls.exe [2004-08-11 28160]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Prosim o preventivku

#2 Příspěvek od Caroprd111 »

Zdravím :)

Na logu se pracuje, prosím o strpení.
Obrázek
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Prosim o preventivku

#3 Příspěvek od Caroprd111 »

Obrázek Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy.


Obrázek Stáhněte a uložte, nejlépe na plochu http://download.bleepingcomputer.com/sUBs/ComboFix.exe
  • Vypněte všechny rezidentní bezpečnostní programy - firewally, antiviry, antispywary
  • Spusťte aplikaci pod účtem s oprávněním Administrátora (Správce), ihned po startu se zobrazí stránka s licenčními podmínkami, pokračujte stisknutím tlačítka "Ano"
  • Dále postupujte dle pokynů, během scanu nespouštějte jiné aplikace a neklikejte do zobrazujícího se okna :!:
  • Scan by měl trvat okolo 5 - 10 minut, po dokončení Combofix zobrazí log C:\ComboFix.txt , který sem vložte.
  • Během skenování může být počítač restartován.
Obrázek
Nahoru
maroskobj1
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 19 lis 2009 21:19

Re: Prosim o preventivku

#4 Příspěvek od maroskobj1 »

ComboFix 10-03-24.03 - Administrator 25.03.2010 14:58:00.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.1015.633 [GMT 1:00]
Running from: C:\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2010-02-25 to 2010-03-25 )))))))))))))))))))))))))))))))
.

2010-03-25 13:58 . 2010-03-25 13:58 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\ESET
2010-03-25 13:52 . 2010-03-25 13:52 3901617 ----a-r- C:\ComboFix.exe
2010-03-24 21:10 . 2010-03-24 21:10 135680 ----a-w- C:\taskmgr.exe
2010-03-24 20:56 . 2010-03-24 20:56 -------- d--h--w- c:\windows\system32\GroupPolicy
2010-03-24 20:13 . 2010-03-25 13:18 -------- d-----w- c:\program files\trend micro
2010-03-24 20:13 . 2010-03-24 20:14 -------- d-----w- C:\rsit
2010-03-24 20:13 . 2010-03-24 20:13 781909 ----a-w- C:\RSIT.exe
2010-03-23 19:08 . 2010-03-23 19:08 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\SoftThinks
2010-03-22 13:57 . 2010-03-22 14:28 -------- d-----w- c:\documents and settings\All Users\Application Data\TmForever
2010-03-22 13:56 . 2010-03-22 13:57 3915483 ----a-w- C:\tmunitedforever_fromtmu_setup.exe
2010-03-22 13:53 . 2010-03-22 13:56 -------- d-----w- c:\program files\TmNationsForever
2010-03-22 12:58 . 2010-03-22 13:35 529246504 ----a-w- C:\tmnationsforever_setup.exe
2010-03-15 15:24 . 2010-03-15 15:24 -------- d-----w- c:\program files\Cenega Czech
2010-03-15 14:16 . 2010-03-15 14:16 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\ESET
2010-03-10 19:45 . 2009-10-23 15:28 3558912 ------w- c:\windows\system32\dllcache\moviemk.exe
2010-03-08 08:46 . 2010-03-08 08:46 -------- d-----r- C:\BRIA-DOGS
2010-03-07 19:03 . 2010-03-07 19:03 -------- d-----w- c:\windows\system32\XPSViewer
2010-03-07 19:03 . 2010-03-07 19:03 -------- d-----w- c:\program files\MSBuild
2010-03-07 19:03 . 2010-03-07 19:03 -------- d-----w- c:\program files\Reference Assemblies
2010-03-07 19:02 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-03-07 19:02 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-03-07 19:02 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2010-03-07 19:02 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-03-07 19:02 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-03-07 19:02 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-03-07 19:02 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-03-07 19:02 . 2010-03-07 19:02 -------- d-----w- C:\1d12b3a09e13b82bd10c26217401
2010-03-07 19:02 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-03-07 19:02 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
2010-03-07 18:25 . 2010-03-07 18:25 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Pinnacle
2010-03-07 14:51 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-03-07 11:50 . 2005-09-23 22:18 171520 ----a-w- c:\windows\system32\drivers\MarvinBus.sys
2010-03-07 11:50 . 2010-03-07 11:50 -------- d-----w- c:\program files\Common Files\Pinnacle
2010-03-07 11:50 . 2010-03-07 11:50 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Downloaded Installations
2010-03-07 11:50 . 2010-03-07 11:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Pinnacle Studio Ultimate
2010-03-07 11:42 . 2010-03-07 11:42 -------- d-----w- c:\program files\Common Files\Yahoo!
2010-03-07 11:42 . 2010-03-07 11:42 -------- d-----w- c:\program files\Pinnacle
2010-03-07 11:42 . 2010-03-07 11:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Studio 12
2010-03-07 11:42 . 2010-03-07 11:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Pinnacle Studio Plus
2010-03-07 11:39 . 2010-03-07 11:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Pinnacle
2010-03-07 11:12 . 2010-03-07 11:12 -------- d-----w- c:\documents and settings\Administrator\Application Data\Sony Corporation
2010-03-07 11:06 . 2006-06-12 02:30 89264 ----a-w- c:\windows\system32\drivers\DRVMCDB.SYS
2010-03-07 11:06 . 2006-03-17 04:20 40544 ----a-w- c:\windows\system32\drivers\DRVNDDM.SYS
2010-03-07 11:06 . 2006-06-13 04:20 94263 ----a-w- c:\windows\DLA.EXE
2010-03-07 11:06 . 2006-06-13 04:20 61500 ----a-w- c:\windows\system32\DLAAPI_W.DLL
2010-03-07 11:06 . 2006-03-17 07:35 5660 ----a-w- c:\windows\system32\drivers\DLACDBHM.SYS
2010-03-07 11:06 . 2006-03-17 07:34 22684 ----a-w- c:\windows\system32\drivers\DLARTL_N.SYS
2010-03-07 11:03 . 2006-08-28 20:48 2560 ----a-w- c:\windows\system32\drivers\cdralw2k.sys
2010-03-07 11:03 . 2006-11-02 15:57 118520 ----a-w- c:\windows\system32\PxInsI64.exe
2010-03-07 11:03 . 2006-10-18 18:43 115960 ----a-w- c:\windows\system32\PxCpyI64.exe
2010-03-07 11:03 . 2006-08-28 20:48 2432 ----a-w- c:\windows\system32\drivers\cdr4_xp.sys
2010-03-07 11:02 . 2010-03-07 11:02 -------- d-----w- c:\program files\Sony
2010-03-07 11:01 . 2010-03-07 11:01 -------- d-----w- c:\documents and settings\Administrator\Application Data\InstallShield
2010-03-07 10:55 . 2010-03-07 10:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Sony Corporation
2010-03-05 20:45 . 2010-03-05 20:45 -------- d-----w- c:\program files\CCleaner
2010-03-04 20:10 . 2010-03-04 20:10 0 ----a-w- c:\windows\nsreg.dat
2010-03-04 20:10 . 2010-03-04 20:10 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Mozilla
2010-03-02 18:16 . 2010-03-16 14:42 -------- d-----w- c:\documents and settings\Administrator\Application Data\My Battle for Middle-earth(tm) II Files
2010-03-02 17:23 . 2010-03-02 17:23 -------- d-----w- c:\program files\Electronic Arts
2010-02-28 06:35 . 2010-03-24 06:46 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\BS_Player
2010-02-28 06:35 . 2010-02-28 06:35 -------- d-----w- c:\program files\Conduit
2010-02-28 06:35 . 2010-02-28 06:35 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Conduit
2010-02-28 06:35 . 2010-03-06 12:01 -------- d-----w- c:\program files\BS_Player
2010-02-28 06:35 . 2010-02-28 19:24 -------- d-----w- c:\documents and settings\Administrator\Application Data\BSplayer
2010-02-28 06:35 . 2010-02-28 06:35 -------- d-----w- c:\documents and settings\Administrator\Application Data\BSplayer Pro
2010-02-28 06:35 . 2010-02-28 06:35 -------- d-----w- c:\program files\Webteh

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-24 20:13 . 2010-01-19 18:59 -------- d-----w- c:\documents and settings\Administrator\Application Data\Skype
2010-03-24 17:37 . 2010-01-19 19:01 -------- d-----w- c:\documents and settings\Administrator\Application Data\skypePM
2010-03-11 19:58 . 2010-01-16 08:36 -------- d-----w- c:\program files\JDownloader
2010-03-07 19:09 . 2010-01-17 11:30 69200 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-03-07 11:50 . 2010-03-07 11:50 29926 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{5EB90C06-964F-4195-B83E-BD7E55C88415}\ARPPRODUCTICON.exe
2010-03-07 11:09 . 2006-06-29 04:39 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-07 11:06 . 2006-06-29 04:57 -------- d-----w- c:\program files\Sonic
2010-02-21 22:21 . 2010-02-21 22:21 -------- d-----w- c:\documents and settings\Administrator\Application Data\InterVideo
2010-02-21 09:55 . 2010-02-20 13:07 -------- d-----w- c:\documents and settings\Administrator\Application Data\Ice Age 2
2010-02-19 15:53 . 2010-02-19 15:53 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-02-16 12:23 . 2010-02-16 12:23 -------- d-----w- c:\program files\Autodesk
2010-02-16 11:09 . 2010-02-16 11:04 -------- d-----w- c:\program files\DosPrint
2010-02-14 20:31 . 2010-01-16 20:50 -------- d-----w- c:\documents and settings\Administrator\Application Data\Ahead
2010-02-14 09:30 . 2010-02-14 09:30 -------- d-----w- c:\program files\Creative
2010-02-13 18:42 . 2010-02-13 18:42 -------- d-----w- c:\program files\ChessBase
2010-02-10 21:26 . 2010-02-10 21:26 137 ----a-w- c:\documents and settings\NetworkService\Local Settings\Application Data\fusioncache.dat
2010-02-04 16:47 . 2010-02-04 16:47 -------- d-----w- c:\program files\EA GAMES
2010-02-04 16:40 . 2010-02-04 16:36 -------- d-----w- c:\documents and settings\Administrator\Application Data\DAEMON Tools Lite
2010-02-04 16:38 . 2010-02-04 16:36 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-02-04 16:37 . 2010-02-04 16:37 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2010-02-04 16:37 . 2010-02-04 16:17 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-02-04 16:36 . 2010-02-04 16:36 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2010-02-04 16:21 . 2010-02-04 16:21 -------- d-----w- c:\documents and settings\Administrator\Application Data\DAEMON Tools Pro
2010-01-30 13:55 . 2010-01-30 13:55 -------- d-----w- c:\documents and settings\Administrator\Application Data\AdobeUM
2010-01-19 19:01 . 2010-01-19 19:01 48 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-01-17 18:52 . 2010-01-17 18:52 60 ----a-w- c:\windows\system32\SYSDRV.DAT
2010-01-17 11:31 . 2010-01-17 11:31 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-01-17 11:31 . 2010-01-17 11:31 152576 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2010-01-17 11:30 . 2010-01-17 11:30 79488 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-01-17 11:23 . 2010-01-17 11:24 737280 ----a-w- c:\windows\iun6002.exe
2010-01-16 20:56 . 2004-08-07 13:25 22960 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-01-16 20:56 . 2004-08-07 13:25 193695 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-05 10:00 . 2004-08-04 08:00 832512 ----a-w- c:\windows\system32\wininet.dll
2010-01-05 10:00 . 2004-08-04 08:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-05 10:00 . 2004-08-04 08:00 17408 ------w- c:\windows\system32\corpol.dll
2009-12-31 16:50 . 2004-08-04 08:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\tbBS_1.dll" [2010-03-06 2349080]

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
2010-03-06 12:01 2349080 ----a-w- c:\program files\BS_Player\tbBS_1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\tbBS_1.dll" [2010-03-06 2349080]

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}"= "c:\program files\BS_Player\tbBS_1.dll" [2010-03-06 2349080]

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 143360]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TabletWizard"="c:\windows\help\SplshWrp.exe" [2008-04-14 16384]
"TabletTip"="c:\program files\Common Files\microsoft shared\ink\tabtip.exe" [2008-04-14 271872]
"MsmqIntCert"="mqrt.dll" [2009-06-25 177152]
"AGRSMMSG"="AGRSMMSG.exe" [2006-01-30 88203]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696]
"AccelerometerSysTrayApplet"="c:\windows\system32\AccelerometerSt.exe" [2006-01-17 53248]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-17 149280]
"PTHOSTTR"="c:\program files\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2006-02-14 122880]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-17 49152]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 761948]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-03-23 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-23 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-23 118784]
"hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-02-14 454656]
"CognizanceTS"="c:\progra~1\HPQ\IAM\Bin\AsTsVcc.dll" [2003-12-22 17920]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-03-07 131072]
"Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2006-02-22 40960]
"Recguard"="c:\windows\Sminst\Recguard.exe" [2005-12-20 1187840]
"Reminder"="c:\windows\Creator\Remind_XP.exe" [2006-03-09 806912]
"Scheduler"="c:\windows\SMINST\Scheduler.exe" [2006-02-15 892928]
"WatchDog"="c:\program files\InterVideo\DVD Check\DVDCheck.exe" [2005-11-08 184320]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-11-16 2054360]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-06-01 1468296]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2006-06-13 127036]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696]
DVD Check.lnk - c:\program files\InterVideo\DVD Check\DVDCheck.exe [2010-1-17 184320]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IfxWlxEN]
2005-08-19 13:52 389120 ----a-w- c:\windows\system32\IfxWlxEN.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\loginkey]
2008-04-14 00:11 47104 ----a-w- c:\program files\Common Files\Microsoft Shared\Ink\loginkey.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]
2005-07-25 18:41 40960 ----a-w- c:\program files\HPQ\IAM\Bin\AsWlnPkg.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\TabBtnWL]
2002-08-29 05:41 11776 ----a-w- c:\windows\system32\tabbtnwl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpgwlnotify]
2008-04-14 00:12 32256 ----a-w- c:\windows\system32\tpgwlnot.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\mqsvc.exe"=
"c:\\WINDOWS\\SMINST\\Scheduler.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Electronic Arts\\The Battle for Middle-earth (tm) II\\game.dat"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [4.2.2010 17:17 691696]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [16.11.2009 9:03 108792]
R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [25.10.2005 19:10 35488]
R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [4.8.2004 9:00 14336]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [16.11.2009 9:04 735960]
R3 GTIPCI21;GTIPCI21;c:\windows\system32\drivers\gtipci21.sys [28.2.2006 18:05 87808]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [10.6.2005 14:26 35968]
R3 WacomISDPen;Wacom Penabled HID MiniDriver;c:\windows\system32\drivers\wacomisdpen.sys [14.7.2005 14:19 23936]
S3 WacomPen;Wacom Serial Pen HID Driver;c:\windows\system32\drivers\wacompen.sys [29.6.2006 5:34 14208]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Cognizance REG_MULTI_SZ ASChannel
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1750559
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
IE: &Google Search - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
IE: &Translate English Word - c:\program files\Google\GoogleToolbar1.dll/cmwordtrans.html
IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Similar Pages - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\Google\GoogleToolbar1.dll/cmtrans.html
TCP: {A929C1B8-C37E-4875-8544-93F1E2B8E875} = 192.168.1.1
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-25 15:05
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe?????? ???@???????????????@? ????R??????(?@???????@

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys hal.dll ACPI.sys iaStor.sys spuq.sys >>UNKNOWN [0x86F86938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf76aaf28
\Driver\ACPI -> ACPI.sys @ 0xf7412cb8
\Driver\atapi -> atapi.sys @ 0xf7389b40
\Driver\iaStor -> iaStor.sys @ 0xf72eb7b0
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
NDIS: Intel(R) PRO/Wireless 3945ABG Network Connection -> SendCompleteHandler -> NDIS.sys @ 0xf71a6bb0
PacketIndicateHandler -> NDIS.sys @ 0xf7195a0d
SendHandler -> NDIS.sys @ 0xf71a9b40
user & kernel MBR OK

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1392)
c:\program files\HPQ\IAM\Bin\AsWlnPkg.dll
c:\windows\system32\IfxWlxEN.dll

- - - - - - - > 'explorer.exe'(3924)
c:\windows\system32\WININET.dll
c:\program files\HPQ\IAM\Bin\SFSShell.dll
c:\program files\HPQ\IAM\bin\ItMsg.dll
c:\windows\system32\ieframe.dll
c:\program files\windows journal\nbmaptip.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\IFXTCS.exe
c:\program files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
c:\windows\SYSTEM32\WISPTIS.EXE
c:\windows\system32\DllHost.exe
c:\program files\HPQ\IAM\bin\asghost.exe
c:\windows\System32\tabbtnu.exe
c:\windows\System32\SCardSvr.exe
c:\program files\Common Files\Microsoft Shared\Ink\TCServer.exe
c:\windows\system32\msdtc.exe
c:\windows\AGRSMMSG.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\IFXSPMGT.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\program files\ProtectTools\Embedded Security Software\PSDsrvc.EXE
c:\windows\system32\wdfmgr.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\system32\mqsvc.exe
c:\windows\system32\mqtgsvc.exe
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
c:\program files\ProtectTools\Embedded Security Software\PSDrt.exe
c:\program files\ProtectTools\Embedded Security Software\SpTna.exe
c:\program files\HPQ\HP ProtectTools Security Manager\PTServs.exe
c:\progra~1\HPQ\Shared\HPQTOA~1.EXE
.
**************************************************************************
.
Completion time: 2010-03-25 15:08:33 - machine was rebooted
ComboFix-quarantined-files.txt 2010-03-25 14:08

Pre-Run: 13 454 315 520 bytes free
Post-Run: 18 adresárov, 13 436 895 232 voľných bajtov

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - A161B94F4A73C520D4F366B4EF19BACD
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Prosim o preventivku

#5 Příspěvek od Caroprd111 »

Obrázek Odinstalujte všechny emulátory virtuálních mechanik.

Obrázek Stáhněte SPTD http://www.duplexsecure.com/en/downloads
  • Vyberte verzi podle svého operačního systému (64 & 32b). Uložte na plochu a spusťte.
  • zvolte možnost Uninstall a restartujte PC.

Obrázek Stáhněte a spusťte http://www.jpshortstuff.247fixes.com/Defogger.exe
  • Klikněte na "Disable" a restartujte PC.

Obrázek Stáhněte MBR na plochu http://www2.gmer.net/mbr/mbr.exe

Obrázek Start > Spustit (Win + R)
  • Vyskočí okénko, zkopírujte do něj:

Kód: Vybrat vše

"%userprofile%\plocha\mbr" -t
  • Klikněte na OK
  • Vytvoří se log s názvem mbr.log, vložte ho sem.
Obrázek
Nahoru
maroskobj1
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 19 lis 2009 21:19

Re: Prosim o preventivku

#6 Příspěvek od maroskobj1 »

neda sa spustit dany retazec "%userprofile%\plocha\mbr" -t
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Prosim o preventivku

#7 Příspěvek od Caroprd111 »

Máte MBR stažený na ploše :???:
Obrázek
Nahoru
maroskobj1
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 19 lis 2009 21:19

Re: Prosim o preventivku

#8 Příspěvek od maroskobj1 »

ano urobil som vsetky kroky ako ste pisali plus na konci som na plochu stahol MBR
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Prosim o preventivku

#9 Příspěvek od Caroprd111 »

Obrázek Dejte log z Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878
Obrázek
Nahoru
maroskobj1
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 19 lis 2009 21:19

Re: Prosim o preventivku

#10 Příspěvek od maroskobj1 »

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-03-25 20:24:28
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\kfliypod.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice \FileSystem\Fastfat \Fat eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\Tcpip \Device\Ip epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\Udp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\RawIp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

---- Threads - GMER 1.0.15 ----

Thread System [4:720] 84F6A930

---- EOF - GMER 1.0.15 ----
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Prosim o preventivku

#11 Příspěvek od Caroprd111 »

OK, ještě druhý log.
Obrázek
Nahoru
maroskobj1
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 19 lis 2009 21:19

Re: Prosim o preventivku

#12 Příspěvek od maroskobj1 »

druhy log


GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-03-25 21:23:36
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\kfliypod.sys


---- System - GMER 1.0.15 ----

SSDT 84F6C8A0 ZwAssignProcessToJobObject
SSDT 84F6BCB0 ZwOpenProcess
SSDT 84F6C0D0 ZwOpenThread
SSDT 84F6C6D0 ZwSuspendProcess
SSDT 84F6C4F0 ZwSuspendThread
SSDT 84F6BEE0 ZwTerminateProcess
SSDT 84F6C310 ZwTerminateThread

---- Kernel code sections - GMER 1.0.15 ----

init C:\WINDOWS\system32\drivers\tifm21.sys entry point in "init" section [0xF5FC2EBF]
? C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mbr.sys Systém nemôže nájsť zadaný súbor. !

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\ESET\ESET Smart Security\ekrn.exe[564] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 4 Bytes [C2, 04, 00, 00]
.text C:\WINDOWS\SMINST\Scheduler.exe[3868] USER32.dll!GetSysColor 7E418E78 5 Bytes JMP 00418ED0 C:\WINDOWS\SMINST\Scheduler.exe
.text C:\WINDOWS\SMINST\Scheduler.exe[3868] USER32.dll!GetSysColorBrush 7E418EAB 5 Bytes JMP 00418F40 C:\WINDOWS\SMINST\Scheduler.exe
.text C:\WINDOWS\SMINST\Scheduler.exe[3868] USER32.dll!SetScrollInfo 7E419056 7 Bytes JMP 00418DC0 C:\WINDOWS\SMINST\Scheduler.exe
.text C:\WINDOWS\SMINST\Scheduler.exe[3868] USER32.dll!GetScrollInfo 7E42DFE2 7 Bytes JMP 00418D10 C:\WINDOWS\SMINST\Scheduler.exe
.text C:\WINDOWS\SMINST\Scheduler.exe[3868] USER32.dll!ShowScrollBar 7E42F2F2 5 Bytes JMP 00418E90 C:\WINDOWS\SMINST\Scheduler.exe
.text C:\WINDOWS\SMINST\Scheduler.exe[3868] USER32.dll!GetScrollPos 7E42F704 5 Bytes JMP 00418D50 C:\WINDOWS\SMINST\Scheduler.exe
.text C:\WINDOWS\SMINST\Scheduler.exe[3868] USER32.dll!SetScrollPos 7E42F750 5 Bytes JMP 00418E00 C:\WINDOWS\SMINST\Scheduler.exe
.text C:\WINDOWS\SMINST\Scheduler.exe[3868] USER32.dll!GetScrollRange 7E42F787 5 Bytes JMP 00418D80 C:\WINDOWS\SMINST\Scheduler.exe
.text C:\WINDOWS\SMINST\Scheduler.exe[3868] USER32.dll!SetScrollRange 7E42F99B 5 Bytes JMP 00418E40 C:\WINDOWS\SMINST\Scheduler.exe
.text C:\WINDOWS\SMINST\Scheduler.exe[3868] USER32.dll!EnableScrollBar 7E468005 7 Bytes JMP 00418CD0 C:\WINDOWS\SMINST\Scheduler.exe

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\Tcpip \Device\Ip epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\Udp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\RawIp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \FileSystem\Fastfat \Fat eamon.sys (Amon monitor/ESET)

---- Threads - GMER 1.0.15 ----

Thread System [4:720] 84F6A930

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x66 0xCC 0x1D 0xD1 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x09 0x8F 0xFC 0x29 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x4D 0x9B 0xDF 0x99 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x66 0xCC 0x1D 0xD1 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x09 0x8F 0xFC 0x29 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x4D 0x9B 0xDF 0x99 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0xC8 0x28 0x51 0xAF ...
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x6A 0x9C 0xD6 0x61 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0x7A 0x45 0x05 0xFD ...
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x86 0x8C 0x21 0x01 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xF5 0x1D 0x4D 0x73 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0xB0 0x18 0xED 0xA7 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0xFB 0xA7 0x78 0xE6 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0x83 0x6C 0x56 0x8B ...
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0xF6 0x0F 0x4E 0x58 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0x37 0xA4 0xAA 0xC3 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0xE3 0x0E 0x66 0xD5 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0x6C 0x43 0x2D 0x1E ...

---- EOF - GMER 1.0.15 ----
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Prosim o preventivku

#13 Příspěvek od Caroprd111 »

Jak to vypadá s PC :???:
Obrázek
Nahoru
maroskobj1
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 19 lis 2009 21:19

Re: Prosim o preventivku

#14 Příspěvek od maroskobj1 »

zobrazuje mi neuplneho spravcu uloh
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Prosim o preventivku

#15 Příspěvek od Caroprd111 »

Pošlete mi screen.
Obrázek
Nahoru
Odpovědět

Zpět na „Preventivní kontroly logů“