Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Divna vec

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Senyor
Návštěvník
Návštěvník
Příspěvky: 92
Registrován: 13 led 2010 18:27

Divna vec

#1 Příspěvek od Senyor »

Bol som na jednej stranke z IE, a zrazu mi ho vyplo a vypisalo ci nechcem nainstaloval AVG7 antimalware dal som cancel a vyhodila sa mi tabulka z otvorenim TENTO POCITAC a zacalo to scannovat naslo to nejakych 90trojanov no ja som to vypal, PC vypada byt v pohode ale docela sa bojim ci sa nieco nestalo, takze sa plz nato nekdo pozrite

Logfile of random's system information tool 1.06 (written by random/random)
Run by Rasto at 2010-03-30 12:32:09
WIN_XP Service Pack 2
System drive C: has 8 GB (13%) free of 57 GB
Total RAM: 767 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:32:13, on 30.3.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21183)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\windows\system32\WgaTray.exe
C:\windows\Explorer.EXE
C:\windows\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\windows\System32\svchost.exe
C:\windows\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\windows\System32\svchost.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\windows\system32\svchost.exe
C:\windows\SOUNDMAN.EXE
C:\windows\system32\RUNDLL32.EXE
C:\windows\system32\rundll32.exe
C:\PROGRA~1\2hotspot\2hotspot.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\windows\system32\wscntfy.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Rasto\Desktop\Programy\RSIT.exe
C:\Program Files\trend micro\Rasto.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60016
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60016
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Podpora odkazu pre aplikáciu Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [2hotspot] C:\PROGRA~1\2hotspot\2hotspot.exe
O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-484763869-839522115-2053108931-1003\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User '?')
O4 - HKUS\S-1-5-21-484763869-839522115-2053108931-1003\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (User '?')
O4 - HKUS\S-1-5-21-484763869-839522115-2053108931-1003\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\RunOnce: [IE7-11] rundll32 advpack.dll,LaunchINFSection NR_IE7en.inf,AfterUserStart (User '?')
O4 - HKUS\.DEFAULT\..\RunOnce: [IE7-11] rundll32 advpack.dll,LaunchINFSection NR_IE7en.inf,AfterUserStart (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXcontext.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\PROGRA~1\NEOTRA~1\NTXtoolbar.htm (HKCU)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: 2hotspot (2hotspotsvc) - 2hotspot.com - C:\PROGRA~1\2hotspot\Program\pacsvc.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 9377 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2007-11-06 322880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pre aplikáciu Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2008-07-07 1562448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-12-15 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\windows\SOUNDMAN.EXE [2007-04-16 577536]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-06-01 7618560]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-06-01 86016]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"2hotspot"=C:\PROGRA~1\2hotspot\2hotspot.exe [2006-02-06 245760]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2008-04-04 88584]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2007-03-21 1694208]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
"ctfmon.exe"=C:\windows\system32\ctfmon.exe [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2008-08-19 4608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2007-12-29 486856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-06-11 1838592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ6.5\ICQ.exe [2009-11-16 172792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-03-14 54832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-01-26 495616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-07-07 2156368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [2008-02-22 144784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2009-07-01 37888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"Nero BackItUp Scheduler 3"=2

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\windows\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2007-03-21 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\2hotspot\Program\pacsvc.exe"="C:\Program Files\2hotspot\Program\pacsvc.exe:*:Enabled:2hotspot controller"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Disabled:Java(TM) Platform SE binary"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Disabled:Java(TM) Platform SE binary"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-03-25 21:55:05 ----D---- C:\Program Files\Lightscreen
2010-03-24 17:58:44 ----D---- C:\Documents and Settings\Rasto\Application Data\TS3Client
2010-03-24 17:57:26 ----D---- C:\Program Files\TeamSpeak 3 Client

======List of files/folders modified in the last 1 months======

2010-03-30 12:32:09 ----D---- C:\Program Files\trend micro
2010-03-30 12:26:34 ----D---- C:\windows\Prefetch
2010-03-30 12:25:39 ----D---- C:\Documents and Settings\Rasto\Application Data\Skype
2010-03-30 12:25:14 ----D---- C:\windows\Temp
2010-03-30 12:23:55 ----D---- C:\Documents and Settings\Rasto\Application Data\skypePM
2010-03-29 22:10:51 ----A---- C:\windows\SchedLgU.Txt
2010-03-29 22:01:20 ----D---- C:\Program Files\SwiftKit
2010-03-28 12:56:35 ----D---- C:\windows\system32
2010-03-25 21:55:05 ----D---- C:\Program Files
2010-03-25 15:47:06 ----D---- C:\Documents and Settings\Rasto\Application Data\HPAppData
2010-03-23 22:36:22 ----D---- C:\Program Files\Mozilla Firefox
2010-03-17 21:19:24 ----HD---- C:\windows\inf
2010-03-17 21:19:21 ----D---- C:\windows\system32\CatRoot2
2010-03-11 15:35:37 ----A---- C:\windows\win.ini
2010-03-08 08:27:38 ----SHD---- C:\windows\CSC
2010-03-07 18:20:33 ----A---- C:\windows\NeroDigital.ini
2010-03-07 13:59:08 ----D---- C:\Documents and Settings\Rasto\Application Data\ICQ

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AFS2K;AFS2k; C:\windows\system32\drivers\AFS2K.sys [2004-10-08 35840]
R1 intelppm;Intel Processor Driver; C:\windows\system32\DRIVERS\intelppm.sys [2007-03-21 36096]
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl []
R2 rspndr;Link-Layer Topology Discovery Responder; C:\windows\system32\DRIVERS\rspndr.sys [2007-03-21 62336]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\windows\system32\drivers\ALCXWDM.SYS [2007-04-25 4030144]
R3 hidusb;Microsoft HID Class Driver; C:\windows\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 mouhid;Mouse HID Driver; C:\windows\system32\DRIVERS\mouhid.sys [2007-03-21 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\windows\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 nv;nv; C:\windows\system32\DRIVERS\nv4_mini.sys [2006-06-01 3925920]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\windows\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\windows\system32\DRIVERS\usbehci.sys [2007-03-21 30208]
R3 usbhub;USB2 Enabled Hub; C:\windows\system32\DRIVERS\usbhub.sys [2006-10-23 59264]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\windows\system32\DRIVERS\usbuhci.sys [2006-10-23 20608]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\windows\system32\drivers\WmBEnum.sys [2008-01-25 19336]
R3 WmXlCore;Logitech Translation Layer Driver; C:\windows\system32\drivers\WmXlCore.sys [2008-01-25 48904]
S1 kbdhid;Keyboard HID Driver; C:\windows\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
S3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\DRIVERS\BthEnum.sys [2004-08-03 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2008-06-13 272128]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\windows\system32\DRIVERS\HPZid412.sys [2007-11-01 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\windows\system32\DRIVERS\HPZipr12.sys [2007-11-01 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\windows\system32\DRIVERS\HPZius12.sys [2007-11-01 21568]
S3 Cheetah1;Cheetah1; \??\C:\Documents and Settings\Rasto\Desktop\Cheetah Engine 2.0\cheetahrules.sys []
S3 nmwcd;Nokia USB Phone Parent; C:\windows\system32\drivers\ccdcmb.sys [2008-05-02 17536]
S3 nmwcdc;Nokia USB Generic; C:\windows\system32\drivers\ccdcmbo.sys [2008-05-02 20864]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2004-08-03 59648]
S3 SE2Ebus;Sony Ericsson Device 046 Driver driver (WDM); C:\windows\system32\DRIVERS\SE2Ebus.sys [2006-11-10 61600]
S3 SE2Emdfl;Sony Ericsson Device 046 USB WMC Modem Filter; C:\windows\system32\DRIVERS\SE2Emdfl.sys [2006-11-10 9360]
S3 SE2Emdm;Sony Ericsson Device 046 USB WMC Modem Driver; C:\windows\system32\DRIVERS\SE2Emdm.sys [2006-11-10 97184]
S3 SE2Emgmt;Sony Ericsson Device 046 USB WMC Device Management Drivers (WDM); C:\windows\system32\DRIVERS\SE2Emgmt.sys [2006-11-10 88688]
S3 se2End5;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (NDIS); C:\windows\system32\DRIVERS\se2End5.sys [2006-11-10 18704]
S3 SE2Eobex;Sony Ericsson Device 046 USB WMC OBEX Interface; C:\windows\system32\DRIVERS\SE2Eobex.sys [2006-11-10 86560]
S3 se2Eunic;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (WDM); C:\windows\system32\DRIVERS\se2Eunic.sys [2006-11-10 90800]
S3 sea1bus;Sony Ericsson Device 0A1 driver (WDM); C:\windows\system32\DRIVERS\sea1bus.sys [2007-02-08 61536]
S3 sea1mdfl;Sony Ericsson Device 0A1 USB WMC Modem Filter; C:\windows\system32\DRIVERS\sea1mdfl.sys [2007-02-08 9360]
S3 sea1mdm;Sony Ericsson Device 0A1 USB WMC Modem Driver; C:\windows\system32\DRIVERS\sea1mdm.sys [2007-02-08 97088]
S3 sea1mgmt;Sony Ericsson Device 0A1 USB WMC Device Management Drivers (WDM); C:\windows\system32\DRIVERS\sea1mgmt.sys [2007-02-08 88624]
S3 sea1nd5;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (NDIS); C:\windows\system32\DRIVERS\sea1nd5.sys [2007-02-08 18704]
S3 sea1obex;Sony Ericsson Device 0A1 USB WMC OBEX Interface; C:\windows\system32\DRIVERS\sea1obex.sys [2007-02-08 86432]
S3 sea1unic;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (WDM); C:\windows\system32\DRIVERS\sea1unic.sys [2007-02-08 90800]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\windows\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\windows\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\windows\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 Wdf01000;Wdf01000; C:\windows\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\windows\system32\drivers\WmFilter.sys [2008-01-25 28168]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\windows\system32\drivers\WmHidLo.sys [2008-01-25 29192]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\windows\system32\drivers\WmVirHid.sys [2008-01-25 14728]
S3 WpdUsb;WpdUsb; C:\windows\system32\DRIVERS\wpdusb.sys [2007-03-21 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2007-03-21 82944]
S4 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2008-08-18 716272]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BthServ;Bluetooth Support Service; C:\windows\system32\svchost.exe [2004-08-04 14336]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\windows\system32\svchost.exe [2004-08-04 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2004-08-04 14336]
R2 NVSvc;NVIDIA Display Driver Service; C:\windows\system32\nvsvc32.exe [2006-06-01 155715]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2004-08-04 14336]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2007-05-14 272024]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2004-08-04 14336]
R3 hpqcxs08;hpqcxs08; C:\windows\system32\svchost.exe [2004-08-04 14336]
S2 2hotspotsvc;2hotspot; C:\PROGRA~1\2hotspot\Program\pacsvc.exe [2006-02-06 110592]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-08-31 72704]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 GoogleDesktopManager;GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-06-11 1838592]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Divna vec

#2 Příspěvek od Caroprd111 »

Zdravím :)


Obrázek Odinstalujte Spybot - Search & Destroy.


Obrázek Doporučuji odinstalovat:
C:\Program Files\LimeWire\LimeWire.exe

P2P sítě a jejich klienti jsou potenciálním bezpečnostním rizikem, prakticky neustále jsou zdrojem virů, zbytečně se vystavujete riziku.



Obrázek Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
  • Spusťte program, poté klikněte na Run Scan
  • Po dokončení, sem vložte logy OTL.Txt a Extras.txt
Obrázek
Nahoru
Senyor
Návštěvník
Návštěvník
Příspěvky: 92
Registrován: 13 led 2010 18:27

Re: Divna vec

#3 Příspěvek od Senyor »

ten extras nemam..neviem preco


OTL logfile created on: 31.3.2010 13:12:56 - Run 2
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Documents and Settings\Rasto\My Documents\Preberanie
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

767,00 Mb Total Physical Memory | 359,00 Mb Available Physical Memory | 47,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 55,89 Gb Total Space | 7,55 Gb Free Space | 13,50% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PENTIUM4
Current User Name: Rasto
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.03.31 13:12:50 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rasto\My Documents\Preberanie\OTL.exe
PRC - [2010.03.23 22:35:58 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009.03.10 22:18:14 | 000,934,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WgaTray.exe
PRC - [2008.04.04 20:37:59 | 000,088,584 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Gaming Software\LWEMon.exe
PRC - [2007.06.13 13:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2007.04.16 15:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2006.02.06 15:48:20 | 000,245,760 | ---- | M] (2hotspot.com) -- C:\Program Files\2hotspot\2hotspot.exe


========== Modules (SafeList) ==========

MOD - [2010.03.31 13:12:50 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rasto\My Documents\Preberanie\OTL.exe
MOD - [2007.03.21 12:10:43 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.06.11 14:21:09 | 001,838,592 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager)
SRV - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2006.02.06 15:48:10 | 000,110,592 | ---- | M] (2hotspot.com) [Auto | Stopped] -- C:\Program Files\2hotspot\Program\pacsvc.exe -- (2hotspotsvc)


========== Driver Services (SafeList) ==========

DRV - [2008.08.18 23:33:11 | 000,716,272 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2008.05.02 11:58:14 | 000,020,864 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008.05.02 11:58:12 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008.01.25 00:09:34 | 000,048,904 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2008.01.25 00:09:24 | 000,014,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2008.01.25 00:09:14 | 000,029,192 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmHidLo.sys -- (WmHidLo)
DRV - [2008.01.25 00:09:04 | 000,028,168 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2008.01.25 00:08:54 | 000,019,336 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2007.09.19 21:37:48 | 000,041,456 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD\000.fcl -- ({95808DC4-FA4A-4C74-92FE-5B863F82066B})
DRV - [2007.04.25 16:20:48 | 004,030,144 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2007.02.08 12:56:20 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sea1unic.sys -- (sea1unic) Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (WDM)
DRV - [2007.02.08 12:56:06 | 000,086,432 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sea1obex.sys -- (sea1obex)
DRV - [2007.02.08 12:56:02 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sea1nd5.sys -- (sea1nd5) Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (NDIS)
DRV - [2007.02.08 12:56:00 | 000,088,624 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sea1mgmt.sys -- (sea1mgmt) Sony Ericsson Device 0A1 USB WMC Device Management Drivers (WDM)
DRV - [2007.02.08 12:55:52 | 000,097,088 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sea1mdm.sys -- (sea1mdm)
DRV - [2007.02.08 12:55:50 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sea1mdfl.sys -- (sea1mdfl)
DRV - [2007.02.08 12:55:40 | 000,061,536 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sea1bus.sys -- (sea1bus) Sony Ericsson Device 0A1 driver (WDM)
DRV - [2006.11.10 18:24:06 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se2Eunic.sys -- (se2Eunic) Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (WDM)
DRV - [2006.11.10 18:23:58 | 000,086,560 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE2Eobex.sys -- (SE2Eobex)
DRV - [2006.11.10 18:23:56 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se2End5.sys -- (se2End5) Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (NDIS)
DRV - [2006.11.10 18:23:54 | 000,088,688 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE2Emgmt.sys -- (SE2Emgmt) Sony Ericsson Device 046 USB WMC Device Management Drivers (WDM)
DRV - [2006.11.10 18:23:50 | 000,097,184 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE2Emdm.sys -- (SE2Emdm)
DRV - [2006.11.10 18:23:48 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE2Emdfl.sys -- (SE2Emdfl)
DRV - [2006.11.10 18:23:42 | 000,061,600 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE2Ebus.sys -- (SE2Ebus) Sony Ericsson Device 046 Driver driver (WDM)
DRV - [2006.06.01 17:22:00 | 003,925,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004.10.08 03:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004.08.04 01:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004.08.03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2002.08.14 00:00:00 | 000,093,594 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\IdeChnDr.sys -- (IdeChnDr) Intel(R)
DRV - [2002.08.14 00:00:00 | 000,013,782 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\IdeBusDr.sys -- (IdeBusDr)
DRV - [2001.08.17 16:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p="
FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.sk"
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p="


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.03.26 13:47:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.03.23 22:36:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2008.09.21 18:31:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rasto\Application Data\Mozilla\Extensions
[2010.03.29 21:18:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rasto\Application Data\Mozilla\Firefox\Profiles\qdx24g75.default\extensions
[2009.09.22 17:04:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Rasto\Application Data\Mozilla\Firefox\Profiles\qdx24g75.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008.04.15 14:52:20 | 000,002,921 | ---- | M] () -- C:\Documents and Settings\Rasto\Application Data\Mozilla\Firefox\Profiles\qdx24g75.default\searchplugins\daemon-search.xml
[2010.03.29 13:27:32 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Rasto\Application Data\Mozilla\Firefox\Profiles\qdx24g75.default\searchplugins\icqplugin-1.xml
[2008.09.24 21:09:05 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Rasto\Application Data\Mozilla\Firefox\Profiles\qdx24g75.default\searchplugins\icqplugin-10.xml
[2008.09.28 13:28:56 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Rasto\Application Data\Mozilla\Firefox\Profiles\qdx24g75.default\searchplugins\icqplugin-11.xml
[2008.11.13 21:18:19 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Rasto\Application Data\Mozilla\Firefox\Profiles\qdx24g75.default\searchplugins\icqplugin-12.xml
[2008.12.19 10:03:34 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Rasto\Application Data\Mozilla\Firefox\Profiles\qdx24g75.default\searchplugins\icqplugin-13.xml
[2009.02.07 14:51:59 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Rasto\Application Data\Mozilla\Firefox\Profiles\qdx24g75.default\searchplugins\icqplugin-14.xml
[2009.03.05 21:34:21 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Rasto\Application Data\Mozilla\Firefox\Profiles\qdx24g75.default\searchplugins\icqplugin-15.xml
[2009.03.29 11:30:32 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Rasto\Application Data\Mozilla\Firefox\Profiles\qdx24g75.default\searchplugins\icqplugin-16.xml
[2009.04.23 16:22:47 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Rasto\Application Data\Mozilla\Firefox\Profiles\qdx24g75.default\searchplugins\icqplugin-17.xml
[2009.04.29 13:11:33 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Rasto\Application Data\Mozilla\Firefox\Profiles\qdx24g75.default\searchplugins\icqplugin-18.xml
[2009.06.13 07:26:36 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Rasto\Application Data\Mozilla\Firefox\Profiles\qdx24g75.default\searchplugins\icqplugin-19.xml
[2008.01.29 22:22:26 | 000,000,949 | ---- | M] () -- C:\Documents and Settings\Rasto\Application Data\Mozilla\Firefox\Profiles\qdx24g75.default\searchplugins\icqplugin-2.xml
[2009.07.22 13:44:32 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Rasto\Application Data\Mozilla\Firefox\Profiles\qdx24g75.default\searchplugins\icqplugin-20.xml
[2009.08.05 21:33:36 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Rasto\Application Data\Mozilla\Firefox\Profiles\qdx24g75.default\searchplugins\icqplugin-21.xml
[2009.09.15 09:07:51 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Rasto\Application Data\Mozilla\Firefox\Profiles\qdx24g75.default\searchplugins\icqplugin-22.xml
[2009.10.29 11:17:02 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Rasto\Application Data\Mozilla\Firefox\Profiles\qdx24g75.default\searchplugins\icqplugin-23.xml
[2009.11.23 15:05:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Rasto\Application Data\Mozilla\Firefox\Profiles\qdx24g75.default\searchplugins\icqplugin-24.xml
[2010.01.07 18:24:53 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Rasto\Application Data\Mozilla\Firefox\Profiles\qdx24g75.default\searchplugins\icqplugin-25.xml
[2008.02.09 14:28:43 | 000,000,949 | ---- | M] () -- C:\Documents and Settings\Rasto\Application Data\Mozilla\Firefox\Profiles\qdx24g75.default\searchplugins\icqplugin-3.xml
[2008.03.27 22:32:16 | 000,000,949 | ---- | M] () -- C:\Documents and Settings\Rasto\Application Data\Mozilla\Firefox\Profiles\qdx24g75.default\searchplugins\icqplugin-4.xml
[2008.04.06 12:01:02 | 000,000,949 | ---- | M] () -- C:\Documents and Settings\Rasto\Application Data\Mozilla\Firefox\Profiles\qdx24g75.default\searchplugins\icqplugin-5.xml
[2008.04.17 20:58:42 | 000,000,949 | ---- | M] () -- C:\Documents and Settings\Rasto\Application Data\Mozilla\Firefox\Profiles\qdx24g75.default\searchplugins\icqplugin-6.xml
[2008.07.02 16:44:00 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\Rasto\Application Data\Mozilla\Firefox\Profiles\qdx24g75.default\searchplugins\icqplugin-7.xml
[2008.07.16 12:43:09 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\Rasto\Application Data\Mozilla\Firefox\Profiles\qdx24g75.default\searchplugins\icqplugin-8.xml
[2008.09.21 19:05:05 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Rasto\Application Data\Mozilla\Firefox\Profiles\qdx24g75.default\searchplugins\icqplugin-9.xml
[2009.07.13 17:12:02 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\Rasto\Application Data\Mozilla\Firefox\Profiles\qdx24g75.default\searchplugins\icqplugin.xml
[2009.03.03 16:45:10 | 000,002,061 | ---- | M] () -- C:\Documents and Settings\Rasto\Application Data\Mozilla\Firefox\Profiles\qdx24g75.default\searchplugins\qipsearch.xml
[2007.08.01 20:10:40 | 000,002,386 | ---- | M] () -- C:\Documents and Settings\Rasto\Application Data\Mozilla\Firefox\Profiles\qdx24g75.default\searchplugins\siteadvisor.xml
[2009.11.23 14:43:35 | 000,001,196 | ---- | M] () -- C:\Documents and Settings\Rasto\Application Data\Mozilla\Firefox\Profiles\qdx24g75.default\searchplugins\winamp-search.xml
[2010.03.29 21:18:39 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.01.06 22:01:35 | 000,024,576 | ---- | M] (My Search) -- C:\Program Files\Mozilla Firefox\plugins\NPMySrch.dll
[2010.03.17 15:55:22 | 000,001,583 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\atlas-sk.xml
[2010.03.17 15:55:22 | 000,001,380 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\azet-sk.xml
[2010.03.17 15:55:22 | 000,001,479 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\dunaj-sk.xml
[2010.03.17 15:55:22 | 000,001,473 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slovnik-sk.xml
[2010.03.17 15:55:22 | 000,001,104 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-sk.xml
[2010.03.17 15:55:23 | 000,000,830 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2010.02.28 23:06:28 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Podpora odkazu pre aplikáciu Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O4 - HKLM..\Run: [2hotspot] C:\Program Files\2hotspot\2hotspot.exe (2hotspot.com)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\windows\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\windows\System32\nwiz.exe ()
O4 - HKLM..\Run: [SoundMan] C:\windows\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &NeoTrace It! - C:\Program Files\NeoTracePro\NTXcontext.htm ()
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Santa Fe Stucco.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Santa Fe Stucco.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.03.29 21:57:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rasto\Desktop\účtovníctvo maturita
[2010.03.25 21:56:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rasto\Deskto588
[2010.03.25 21:55:05 | 000,000,000 | ---D | C] -- C:\Program Files\Lightscreen
[2010.03.24 17:58:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rasto\Application Data\TS3Client
[2010.03.24 17:57:26 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2010.03.17 19:31:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rasto\My Documents\Preberanie
[2010.03.17 19:27:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rasto\Desktop\Tom zlozka
[2010.01.08 13:20:15 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2008.08.18 23:56:08 | 001,776,512 | ---- | C] (Alcohol Soft Development Team) -- C:\Program Files\_Alcohol.exe
[2008.05.24 23:01:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ESET
[2008.05.07 12:34:58 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2008.04.29 00:15:52 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2008.04.29 00:15:52 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[4 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.03.31 13:11:05 | 000,063,804 | ---- | M] () -- C:\windows\System32\nvapps.xml
[2010.03.31 13:10:59 | 000,002,206 | ---- | M] () -- C:\windows\System32\wpa.dbl
[2010.03.31 13:10:50 | 001,592,288 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2010.03.31 13:10:38 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT
[2010.03.31 13:10:36 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2010.03.31 13:10:33 | 804,835,328 | -HS- | M] () -- C:\hiberfil.sys
[2010.03.30 21:35:39 | 011,010,048 | -H-- | M] () -- C:\Documents and Settings\Rasto\NTUSER.DAT
[2010.03.30 21:35:28 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Rasto\ntuser.ini
[2010.03.30 21:34:33 | 000,000,069 | ---- | M] () -- C:\Documents and Settings\Rasto\jagex_runescape_preferences.dat
[2010.03.30 21:33:48 | 000,000,069 | ---- | M] () -- C:\Documents and Settings\Rasto\jagex_runescape_preferences2.dat
[2010.03.30 20:21:37 | 001,293,174 | ---- | M] () -- C:\Documents and Settings\Rasto\Desktop\lol.bmp
[2010.03.28 21:03:58 | 000,197,664 | ---- | M] () -- C:\Documents and Settings\Rasto\My Documents\ts3_clientui-win32-10406-2010-03-28 21_03_57.312500.dmp
[2010.03.26 18:44:50 | 001,680,196 | ---- | M] () -- C:\Documents and Settings\Rasto\Desktop\tak prominte to je omyl.MP3
[2010.03.25 21:55:09 | 000,000,718 | ---- | M] () -- C:\Documents and Settings\Rasto\Desktop\Lightscreen.lnk
[2010.03.24 17:57:33 | 000,000,837 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TeamSpeak 3 Client.lnk
[2010.03.24 17:42:16 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Rasto\jagex__preferences3.dat
[2010.03.23 22:58:54 | 000,190,079 | ---- | M] () -- C:\Documents and Settings\Rasto\Desktop\arma hilt ls.png
[2010.03.15 14:39:08 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\Rasto\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.13 15:42:24 | 000,003,860 | ---- | M] () -- C:\Documents and Settings\Rasto\Desktop\skypi.jpg
[2010.03.13 15:39:54 | 000,386,412 | ---- | M] () -- C:\Documents and Settings\Rasto\Desktop\hrt53.jpg
[2010.03.11 15:35:37 | 000,000,703 | ---- | M] () -- C:\windows\win.ini
[2010.03.09 08:34:30 | 000,004,821 | ---- | M] () -- C:\Documents and Settings\Rasto\Desktop\120px-Žilina_Erb.svg.png
[2010.03.09 08:34:19 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\Rasto\Desktop\za_erb.gif
[2010.03.09 08:32:24 | 000,029,835 | ---- | M] () -- C:\Documents and Settings\Rasto\Desktop\zilina2.jpg
[2010.03.09 08:30:55 | 000,398,150 | ---- | M] () -- C:\Documents and Settings\Rasto\Desktop\fsfsgfdsgsg.bmp
[2010.03.09 08:30:02 | 000,033,003 | ---- | M] () -- C:\Documents and Settings\Rasto\Desktop\NitrianskyHrad_N_01.jpg
[2010.03.08 15:18:54 | 001,056,835 | ---- | M] () -- C:\Documents and Settings\Rasto\Desktop\fotkahb2.jpg
[2010.03.07 18:20:33 | 000,000,069 | ---- | M] () -- C:\windows\NeroDigital.ini
[2010.03.06 23:44:02 | 000,280,340 | ---- | M] () -- C:\Documents and Settings\Rasto\Desktop\100306155933.png
[2010.03.05 17:51:52 | 000,123,855 | ---- | M] () -- C:\Documents and Settings\Rasto\Desktop\100305164849.png
[2010.03.04 10:34:03 | 000,189,668 | ---- | M] () -- C:\Documents and Settings\Rasto\Desktop\3- 3- 2010_21-46-54.jpg
[4 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.03.30 20:21:36 | 001,293,174 | ---- | C] () -- C:\Documents and Settings\Rasto\Desktop\lol.bmp
[2010.03.28 21:03:57 | 000,197,664 | ---- | C] () -- C:\Documents and Settings\Rasto\My Documents\ts3_clientui-win32-10406-2010-03-28 21_03_57.312500.dmp
[2010.03.26 18:44:44 | 001,680,196 | ---- | C] () -- C:\Documents and Settings\Rasto\Desktop\tak prominte to je omyl.MP3
[2010.03.25 21:55:09 | 000,000,718 | ---- | C] () -- C:\Documents and Settings\Rasto\Desktop\Lightscreen.lnk
[2010.03.24 17:57:33 | 000,000,837 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TeamSpeak 3 Client.lnk
[2010.03.24 17:42:16 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Rasto\jagex__preferences3.dat
[2010.03.23 22:58:49 | 000,190,079 | ---- | C] () -- C:\Documents and Settings\Rasto\Desktop\arma hilt ls.png
[2010.03.13 15:42:22 | 000,003,860 | ---- | C] () -- C:\Documents and Settings\Rasto\Desktop\skypi.jpg
[2010.03.13 15:39:05 | 000,386,412 | ---- | C] () -- C:\Documents and Settings\Rasto\Desktop\hrt53.jpg
[2010.03.09 08:34:30 | 000,004,821 | ---- | C] () -- C:\Documents and Settings\Rasto\Desktop\120px-Žilina_Erb.svg.png
[2010.03.09 08:34:18 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\Rasto\Desktop\za_erb.gif
[2010.03.09 08:32:23 | 000,029,835 | ---- | C] () -- C:\Documents and Settings\Rasto\Desktop\zilina2.jpg
[2010.03.09 08:30:55 | 000,398,150 | ---- | C] () -- C:\Documents and Settings\Rasto\Desktop\fsfsgfdsgsg.bmp
[2010.03.09 08:30:02 | 000,033,003 | ---- | C] () -- C:\Documents and Settings\Rasto\Desktop\NitrianskyHrad_N_01.jpg
[2010.03.08 21:10:20 | 001,679,644 | ---- | C] () -- C:\Documents and Settings\Rasto\Desktop\15.tif
[2010.03.08 15:18:32 | 001,056,835 | ---- | C] () -- C:\Documents and Settings\Rasto\Desktop\fotkahb2.jpg
[2010.03.06 23:45:58 | 000,280,340 | ---- | C] () -- C:\Documents and Settings\Rasto\Desktop\100306155933.png
[2010.03.05 17:52:59 | 000,123,855 | ---- | C] () -- C:\Documents and Settings\Rasto\Desktop\100305164849.png
[2010.03.04 10:33:57 | 000,189,668 | ---- | C] () -- C:\Documents and Settings\Rasto\Desktop\3- 3- 2010_21-46-54.jpg
[2010.01.26 21:03:00 | 000,000,058 | ---- | C] () -- C:\Documents and Settings\Rasto\Local Settings\Application Data\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2009.11.26 08:29:09 | 000,581,632 | RHS- | C] () -- C:\Documents and Settings\Rasto\Application Data\plugin.dat
[2008.08.22 11:12:25 | 000,000,268 | ---- | C] () -- C:\windows\Clony2.ini
[2008.07.23 16:25:17 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Rasto\Application Data\default.pls
[2008.07.23 16:07:55 | 000,000,069 | ---- | C] () -- C:\windows\NeroDigital.ini
[2008.06.24 16:19:15 | 000,000,029 | ---- | C] () -- C:\windows\pslabeler3.ini
[2008.06.24 16:19:12 | 000,000,025 | ---- | C] () -- C:\windows\calcpslab3.ini
[2008.06.24 11:37:32 | 000,147,456 | ---- | C] () -- C:\windows\System32\RtlCPAPI.dll
[2008.05.05 19:51:23 | 000,015,948 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2008.05.02 23:33:27 | 000,007,680 | ---- | C] () -- C:\windows\System32\ff_vfw.dll
[2008.05.02 23:33:27 | 000,000,547 | ---- | C] () -- C:\windows\System32\ff_vfw.dll.manifest
[2008.05.02 23:28:35 | 000,000,376 | ---- | C] () -- C:\windows\ODBC.INI
[2008.05.02 22:05:31 | 000,022,016 | ---- | C] () -- C:\Documents and Settings\Rasto\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.05.02 22:05:31 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Rasto\Local Settings\Application Data\fusioncache.dat
[2008.05.02 22:05:31 | 000,000,118 | -H-- | C] () -- C:\Documents and Settings\Rasto\Local Settings\Application Data\ucache.dat
[2008.05.02 22:05:31 | 000,000,114 | -H-- | C] () -- C:\Documents and Settings\Rasto\Local Settings\Application Data\index.dat
[2008.05.02 22:00:09 | 000,002,284 | ---- | C] () -- C:\windows\wincmd.ini
[2006.07.18 04:00:56 | 000,594,242 | -H-- | C] () -- C:\Documents and Settings\Rasto\Application Data\cerebrus.dat
[2006.06.01 17:22:00 | 001,662,976 | ---- | C] () -- C:\windows\System32\nvwdmcpl.dll
[2006.06.01 17:22:00 | 001,466,368 | ---- | C] () -- C:\windows\System32\nview.dll
[2006.06.01 17:22:00 | 001,019,904 | ---- | C] () -- C:\windows\System32\nvwimg.dll
[2006.06.01 17:22:00 | 000,581,632 | ---- | C] () -- C:\windows\System32\nvhwvid.dll
[2006.06.01 17:22:00 | 000,466,944 | ---- | C] () -- C:\windows\System32\nvshell.dll
[2006.06.01 17:22:00 | 000,286,720 | ---- | C] () -- C:\windows\System32\nvnt4cpl.dll
[2006.06.01 17:22:00 | 000,196,608 | ---- | C] () -- C:\windows\System32\nvapi.dll
[2001.01.12 11:49:38 | 000,021,504 | ---- | C] () -- C:\windows\System32\zlib.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 523 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E8BE05FA
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86
< End of report >
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Divna vec

#4 Příspěvek od Caroprd111 »

Obrázek Spusťte OTL a do spodního okna vložte následující skript.

Kód: Vybrat vše

:OTL
@Alternate Data Stream - 523 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E8BE05FA
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
[2010.01.06 22:01:35 | 000,024,576 | ---- | M] (My Search) -- C:\Program Files\Mozilla Firefox\plugins\NPMySrch.dll

:Files
C:\windows\*.tmp
C:\windows\System32\*.tmp

:Commands
[EMPTYTEMP] 
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[CREATERESTOREPOINT]
[REBOOT]
Poté klikněte na Run fix, PC se restartuje, log vložte sem.
Obrázek
Nahoru
Senyor
Návštěvník
Návštěvník
Příspěvky: 92
Registrován: 13 led 2010 18:27

Re: Divna vec

#5 Příspěvek od Senyor »

zabudol som tam zkopirovat to reboot na konci, dufam ze to nevadi

All processes killed
========== OTL ==========
ADS C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:E8BE05FA deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
C:\Program Files\Mozilla Firefox\plugins\NPMySrch.dll moved successfully.
========== FILES ==========
C:\windows\SET3.tmp moved successfully.
C:\windows\SET4.tmp moved successfully.
C:\windows\SET8.tmp moved successfully.
C:\windows\wallpaper.jpg.tmp moved successfully.
C:\windows\System32\CONFIG.TMP moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Rasto
->Temp folder emptied: 17685248 bytes
->Temporary Internet Files folder emptied: 64960693 bytes
->Java cache emptied: 33530947 bytes
->FireFox cache emptied: 99190559 bytes
->Opera cache emptied: 18358784 bytes
->Flash cache emptied: 1973765 bytes

User: Rasťo
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 312063 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 1716685647 bytes

Total Files Cleaned = 1 862,00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Rasto
->Flash cache emptied: 0 bytes

User: Rasťo

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

OTL by OldTimer - Version 3.1.37.3 log created on 04012010_234715

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Divna vec

#6 Příspěvek od Caroprd111 »

Jak to vypadá s PC :???:
Obrázek
Nahoru
Senyor
Návštěvník
Návštěvník
Příspěvky: 92
Registrován: 13 led 2010 18:27

Re: Divna vec

#7 Příspěvek od Senyor »

normalne de, on sel aj predtim v pohode, len som sa zlakol toho okna :)
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Divna vec

#8 Příspěvek od Caroprd111 »

Poprosím o nový log z RSIT.
Obrázek
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“