OTL logfile created on: 1.5.2010 13:01:23 - Run 5
OTL by OldTimer - Version 3.2.3.0 Folder = C:\Users\Zuzana\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 49,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 68,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 222,88 Gb Total Space | 164,39 Gb Free Space | 73,76% Space Free | Partition Type: NTFS
Drive D: | 9,00 Gb Total Space | 2,01 Gb Free Space | 22,28% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 1021,00 Mb Total Space | 1018,75 Mb Free Space | 99,78% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ZUZANA-PC
Current User Name: Zuzana
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.04.26 18:28:41 | 000,563,712 | ---- | M] (OldTimer Tools) -- C:\Users\Zuzana\Desktop\OTL.exe
PRC - [2010.04.19 18:22:12 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.04.07 21:07:24 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2010.04.07 21:07:04 | 002,145,000 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2009.09.06 13:01:57 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.10.19 14:30:02 | 000,222,456 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2008.06.02 19:57:40 | 000,238,984 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
PRC - [2008.06.02 19:32:16 | 000,018,944 | ---- | M] (Hewlett-Packard Development Company, L.P) -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
PRC - [2008.05.30 18:36:20 | 000,256,512 | ---- | M] (SafeBoot International) -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
PRC - [2008.05.21 02:47:18 | 000,065,296 | ---- | M] (Bioscrypt Inc.) -- c:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe
PRC - [2008.05.14 19:55:14 | 000,077,824 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
PRC - [2008.05.14 19:54:36 | 010,244,096 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
PRC - [2008.05.13 11:47:28 | 001,624,616 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2008.05.13 11:47:28 | 000,727,592 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008.05.12 15:28:12 | 000,576,024 | ---- | M] (PDF Complete Inc) -- C:\Program Files\PDF Complete\pdfsvc.exe
PRC - [2008.04.04 17:10:24 | 001,314,816 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
PRC - [2008.03.31 23:41:22 | 000,091,440 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
PRC - [2008.01.21 04:33:00 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007.12.11 14:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2007.10.19 09:28:24 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE
PRC - [2007.05.16 01:08:40 | 000,182,576 | ---- | M] (ActivIdentity) -- c:\Program Files\ActivIdentity\ActivClient\accoca.exe
PRC - [2007.05.16 01:08:38 | 000,095,024 | ---- | M] (ActivIdentity) -- c:\Program Files\ActivIdentity\ActivClient\acevents.exe
PRC - [2007.05.16 01:08:08 | 000,293,168 | ---- | M] (ActivIdentity) -- C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
PRC - [2007.03.06 19:20:00 | 000,536,576 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
PRC - [2007.01.29 21:12:14 | 000,030,248 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
PRC - [2007.01.05 04:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
========== Modules (SafeList) ==========
MOD - [2010.04.26 18:28:41 | 000,563,712 | ---- | M] (OldTimer Tools) -- C:\Users\Zuzana\Desktop\OTL.exe
MOD - [2009.04.11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008.05.21 02:42:48 | 000,080,656 | ---- | M] (Bioscrypt Inc.) -- c:\Program Files\Hewlett-Packard\IAM\Bin\ItClient.dll
MOD - [2008.05.13 11:46:58 | 000,208,896 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\BtMmHook.dll
MOD - [2008.03.25 14:17:04 | 000,076,048 | ---- | M] (Bioscrypt Inc.) -- C:\Windows\System32\APSHook.dll
MOD - [2008.01.21 04:33:43 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
========== Win32 Services (SafeList) ==========
SRV - [2010.04.07 21:10:38 | 000,033,560 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010.04.07 21:07:24 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2009.09.25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.05.10 15:14:48 | 000,306,432 | ---- | M] (TuneUp Software GmbH) [On_Demand | Stopped] -- C:\Windows\System32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2009.02.18 20:38:43 | 000,129,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.10.19 14:30:02 | 000,222,456 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2008.06.02 19:32:16 | 000,018,944 | ---- | M] (Hewlett-Packard Development Company, L.P) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2008.05.30 18:36:20 | 000,256,512 | ---- | M] (SafeBoot International) [Auto | Running] -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService)
SRV - [2008.05.21 02:42:40 | 000,111,888 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll -- (ASBroker)
SRV - [2008.05.21 02:42:34 | 000,137,488 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\IAM\Bin\ASChnl.dll -- (ASChannel)
SRV - [2008.05.14 19:55:14 | 000,077,824 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
SRV - [2008.05.12 15:28:12 | 000,576,024 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2008.01.21 04:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.12.20 10:41:56 | 000,029,440 | ---- | M] (TuneUp Software GmbH) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2007.12.11 14:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007.10.19 09:28:24 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
SRV - [2007.05.16 01:08:40 | 000,182,576 | ---- | M] (ActivIdentity) [Auto | Running] -- c:\Program Files\ActivIdentity\ActivClient\accoca.exe -- (accoca)
SRV - [2007.01.19 12:54:14 | 000,097,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc)
SRV - [2007.01.05 04:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
========== Driver Services (SafeList) ==========
DRV - [2010.04.07 21:08:12 | 000,041,312 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2010.04.07 21:08:06 | 000,032,584 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2010.04.07 21:08:04 | 000,134,488 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2010.04.07 21:07:08 | 000,114,984 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010.04.07 21:03:46 | 000,133,512 | ---- | M] (ESET) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2009.03.27 06:48:22 | 001,810,992 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2008.11.21 21:53:40 | 001,204,128 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008.05.30 18:37:06 | 000,051,376 | ---- | M] (SafeBoot N.V.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SbAlg.sys -- (SbAlg)
DRV - [2008.05.30 18:37:02 | 000,012,928 | ---- | M] (SafeBoot International) [File_System | Boot | Running] -- C:\Windows\System32\drivers\SbFsLock.sys -- (SbFsLock)
DRV - [2008.05.30 18:37:00 | 000,012,496 | ---- | M] (SafeBoot International) [Kernel | System | Running] -- C:\Windows\System32\drivers\rsvlock.sys -- (RsvLock)
DRV - [2008.05.30 18:36:58 | 000,108,752 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SafeBoot.sys -- (SafeBoot)
DRV - [2008.05.28 14:27:42 | 000,016,168 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2008.05.28 14:27:40 | 000,081,960 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2008.05.28 14:27:40 | 000,080,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2008.05.21 12:35:06 | 003,552,768 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.04.28 11:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2008.04.14 23:39:06 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2008.04.11 16:38:44 | 000,382,464 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2008.04.07 20:13:46 | 000,025,448 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV - [2008.04.07 20:13:42 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2008.04.03 23:57:00 | 000,310,272 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2008.03.27 21:06:00 | 000,199,472 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2008.03.21 20:35:24 | 001,207,288 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2008.01.21 04:32:53 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008.01.21 04:32:53 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008.01.21 04:32:52 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008.01.21 04:32:52 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008.01.21 04:32:52 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot | Running] -- C:\windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008.01.21 04:32:52 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2008.01.21 04:32:52 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008.01.21 04:32:51 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008.01.21 04:32:51 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008.01.21 04:32:50 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008.01.21 04:32:50 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008.01.21 04:32:50 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008.01.21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008.01.21 04:32:49 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Running] -- C:\windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008.01.21 04:32:49 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008.01.21 04:32:49 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008.01.21 04:32:49 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\arc.sys -- (arc)
DRV - [2008.01.21 04:32:48 | 000,342,584 | ---- | M] (Emulex) [Kernel | Boot | Running] -- C:\windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008.01.21 04:32:48 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008.01.21 04:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008.01.21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008.01.21 04:32:46 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008.01.21 04:32:45 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008.01.21 04:32:44 | 000,179,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2008.01.21 04:32:21 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008.01.21 04:32:21 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008.01.21 04:32:21 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007.06.19 02:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2006.12.20 05:58:26 | 000,097,920 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\adusbser.sys -- (adusbser)
DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Boot | Running] -- C:\windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Boot | Running] -- C:\windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Boot | Running] -- C:\windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4068558042-2140266930-2156247005-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
IE - HKU\S-1-5-21-4068558042-2140266930-2156247005-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-4068558042-2140266930-2156247005-1004\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-4068558042-2140266930-2156247005-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.4.1
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... id=afex&q="
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.19 18:22:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.25 19:54:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010.04.27 21:28:54 | 000,000,000 | ---D | M]
[2009.05.10 15:26:06 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Mozilla\Extensions
[2010.04.29 21:41:56 | 000,000,000 | ---D | M] -- C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\yj5lnyok.default\extensions
[2009.09.03 13:37:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\yj5lnyok.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.01.11 15:10:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\yj5lnyok.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.04.26 16:26:52 | 000,000,950 | ---- | M] () -- C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\yj5lnyok.default\searchplugins\icqplugin-1.xml
[2010.03.26 13:34:42 | 000,000,950 | ---- | M] () -- C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\yj5lnyok.default\searchplugins\icqplugin-10.xml
[2010.04.19 18:22:28 | 000,000,950 | ---- | M] () -- C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\yj5lnyok.default\searchplugins\icqplugin-11.xml
[2009.07.30 07:55:45 | 000,000,950 | ---- | M] () -- C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\yj5lnyok.default\searchplugins\icqplugin-2.xml
[2009.08.05 15:22:07 | 000,000,950 | ---- | M] () -- C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\yj5lnyok.default\searchplugins\icqplugin-3.xml
[2009.09.23 14:08:47 | 000,000,950 | ---- | M] () -- C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\yj5lnyok.default\searchplugins\icqplugin-4.xml
[2009.11.06 13:39:04 | 000,000,950 | ---- | M] () -- C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\yj5lnyok.default\searchplugins\icqplugin-5.xml
[2009.12.18 14:46:01 | 000,000,950 | ---- | M] () -- C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\yj5lnyok.default\searchplugins\icqplugin-6.xml
[2010.01.11 15:10:18 | 000,000,961 | ---- | M] () -- C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\yj5lnyok.default\searchplugins\icqplugin-7.xml
[2010.02.23 13:37:08 | 000,000,961 | ---- | M] () -- C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\yj5lnyok.default\searchplugins\icqplugin-8.xml
[2010.03.12 13:59:54 | 000,000,950 | ---- | M] () -- C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\yj5lnyok.default\searchplugins\icqplugin-9.xml
[2008.03.31 10:52:00 | 000,000,168 | ---- | M] () -- C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\yj5lnyok.default\searchplugins\icqplugin.gif
[2008.03.31 10:52:00 | 000,000,618 | ---- | M] () -- C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\yj5lnyok.default\searchplugins\icqplugin.src
[2009.06.09 13:38:18 | 000,000,944 | ---- | M] () -- C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\yj5lnyok.default\searchplugins\icqplugin.xml
[2010.04.29 21:41:56 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.05.10 21:17:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.04.26 16:55:20 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.03.12 13:59:44 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.03.12 13:59:44 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.03.12 13:59:44 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.03.12 13:59:44 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.03.12 13:59:44 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (BHO_Startup Class) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKU\S-1-5-21-4068558042-2140266930-2156247005-1004\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [accrdsub] c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [CognizanceTS] c:\Program Files\Hewlett-Packard\IAM\Bin\ASTSVCC.dll (Bioscrypt Inc.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [PPort11reminder] C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PTHOSTTR] c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Zuzana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Hledání panelu &AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\cs-CZ\local\search.html ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\System32\APSHook.dll) - C:\Windows\System32\APSHook.dll (Bioscrypt Inc.)
O20 - AppInit_DLLs: (C:\Windows\System32\APSHook.dll) - C:\Windows\System32\APSHook.dll (Bioscrypt Inc.)
O20 - AppInit_DLLs: (C:\Windows\System32\APSHook.dll) - C:\Windows\System32\APSHook.dll (Bioscrypt Inc.)
O20 - AppInit_DLLs: (C:\Windows\System32\APSHook.dll) - C:\Windows\System32\APSHook.dll (Bioscrypt Inc.)
O20 - AppInit_DLLs: (APSHook.dll) - C:\windows\System32\APSHook.dll (Bioscrypt Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Zuzana\Pictures\P1000442.JPG
O24 - Desktop BackupWallPaper: C:\Users\Zuzana\Pictures\P1000442.JPG
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{419fd94f-9310-11de-8ca3-0021867955c0}\Shell\AutoRun\command - "" = G:\EmDesk.exe -- File not found
O33 - MountPoints2\{419fd94f-9310-11de-8ca3-0021867955c0}\Shell\EmDesk\command - "" = G:\EmDesk.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.05.01 12:54:59 | 000,000,000 | ---D | C] -- C:\Avenger
[2010.05.01 12:01:23 | 000,000,000 | ---D | C] -- C:\Users\Zuzana\Desktop\OTLPE
[2010.04.27 21:35:42 | 000,000,000 | ---D | C] -- C:\Users\Zuzana\AppData\Local\ESET
[2010.04.27 21:28:45 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.04.26 20:44:34 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.04.26 18:28:00 | 000,563,712 | ---- | C] (OldTimer Tools) -- C:\Users\Zuzana\Desktop\OTL.exe
[2010.04.26 18:15:41 | 000,000,000 | --SD | C] -- C:\abraka
[2010.04.26 18:15:00 | 000,212,480 | ---- | C] (SteelWerX) -- C:\windows\SWXCACLS.exe
[2010.04.26 17:03:11 | 000,031,232 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2010.04.26 17:03:07 | 000,161,792 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2010.04.26 17:03:05 | 000,136,704 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2010.04.26 17:02:15 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.04.26 16:55:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010.04.26 16:35:53 | 000,000,000 | ---D | C] -- C:\windows\ERDNT
[2010.04.26 16:34:51 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010.04.25 19:54:21 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\deploytk.dll
[2010.04.25 19:54:20 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\javaws.exe
[2010.04.25 19:54:20 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\javaw.exe
[2010.04.25 19:54:20 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\java.exe
[2010.04.25 19:15:42 | 000,000,000 | ---D | C] -- C:\Users\Zuzana\plocha
[2010.04.25 17:42:53 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.04.25 17:42:53 | 000,000,000 | ---D | C] -- C:\rsit
[2010.04.15 13:31:15 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2010.04.15 13:31:14 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll
[2010.04.15 13:31:13 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mstime.dll
[2010.04.15 13:31:10 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl
[2010.04.15 13:31:09 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2010.04.15 13:31:08 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll
[2010.04.15 13:31:06 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe
[2010.04.15 13:31:05 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll
[2010.04.15 13:31:05 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll
[2010.04.15 13:31:04 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2010.04.15 13:31:02 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe
[2010.04.15 13:31:02 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe
[2010.04.15 13:31:01 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll
[2010.04.15 13:31:00 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2010.04.15 13:31:00 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll
[2010.04.15 13:23:34 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe
[2010.04.15 13:23:33 | 003,600,776 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe
[2010.04.15 13:23:03 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\vbscript.dll
[2010.04.15 13:18:10 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\windows\System32\l3codeca.acm
[2010.04.15 13:18:08 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\windows\System32\l3codecp.acm
[2010.04.14 11:00:38 | 000,000,000 | ---D | C] -- C:\Users\Zuzana\Desktop\dovolená egypt
[2010.04.07 21:08:12 | 000,041,312 | ---- | C] (ESET) -- C:\windows\System32\drivers\epfwwfp.sys
[2010.04.07 21:08:06 | 000,032,584 | ---- | C] (ESET) -- C:\windows\System32\drivers\epfwndis.sys
[2010.04.07 21:08:04 | 000,134,488 | ---- | C] (ESET) -- C:\windows\System32\drivers\epfw.sys
[2010.04.07 21:07:08 | 000,114,984 | ---- | C] (ESET) -- C:\windows\System32\drivers\ehdrv.sys
[2010.04.07 21:03:46 | 000,133,512 | ---- | C] (ESET) -- C:\windows\System32\drivers\eamonm.sys
[2009.05.10 13:10:45 | 000,180,224 | ---- | C] ( ) -- C:\windows\System32\rsnp2uvc.dll
[2008.10.09 03:28:56 | 000,195,120 | ---- | C] ( ) -- C:\windows\System32\csnp2uvc.dll
========== Files - Modified Within 30 Days ==========
[2010.05.01 13:04:22 | 002,621,440 | -HS- | M] () -- C:\Users\Zuzana\NTUSER.DAT
[2010.05.01 12:59:55 | 000,639,248 | ---- | M] () -- C:\windows\System32\perfh005.dat
[2010.05.01 12:59:55 | 000,628,486 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2010.05.01 12:59:55 | 000,135,978 | ---- | M] () -- C:\windows\System32\perfc005.dat
[2010.05.01 12:59:55 | 000,117,988 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2010.05.01 12:59:54 | 001,516,682 | ---- | M] () -- C:\windows\System32\PerfStringBackup.INI
[2010.05.01 12:55:27 | 000,003,216 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.05.01 12:55:27 | 000,003,216 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.05.01 12:55:26 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT
[2010.05.01 12:55:18 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2010.05.01 12:55:14 | 1873,711,104 | -HS- | M] () -- C:\hiberfil.sys
[2010.05.01 12:53:12 | 000,000,012 | ---- | M] () -- C:\windows\bthservsdp.dat
[2010.05.01 12:53:07 | 000,524,288 | -HS- | M] () -- C:\Users\Zuzana\NTUSER.DAT{c78acd14-0c69-11dd-a5c3-001560bf5b5e}.TMContainer00000000000000000001.regtrans-ms
[2010.05.01 12:53:07 | 000,065,536 | -HS- | M] () -- C:\Users\Zuzana\NTUSER.DAT{c78acd14-0c69-11dd-a5c3-001560bf5b5e}.TM.blf
[2010.05.01 12:53:05 | 001,860,820 | -H-- | M] () -- C:\Users\Zuzana\AppData\Local\IconCache.db
[2010.05.01 11:22:00 | 000,377,624 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2010.04.27 21:23:49 | 043,696,640 | ---- | M] () -- C:\Users\Zuzana\Desktop\ess_nt32_csy.msi
[2010.04.27 19:31:50 | 000,284,915 | ---- | M] () -- C:\Users\Zuzana\Desktop\gmer.zip
[2010.04.27 18:55:55 | 000,206,992 | ---- | M] () -- C:\Users\Zuzana\Desktop\vyvoj.exe
[2010.04.27 13:08:05 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010.04.27 13:08:05 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010.04.26 21:17:53 | 000,002,936 | ---- | M] () -- C:\Users\Zuzana\Documents\cc_20100426_211746.reg
[2010.04.26 18:28:41 | 000,563,712 | ---- | M] (OldTimer Tools) -- C:\Users\Zuzana\Desktop\OTL.exe
[2010.04.26 17:57:08 | 003,923,062 | ---- | M] () -- C:\Users\Zuzana\Desktop\abraka.com
[2010.04.26 16:55:08 | 000,001,896 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.04.26 16:35:10 | 000,000,913 | ---- | M] () -- C:\Users\Zuzana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010.04.26 16:35:02 | 000,000,733 | ---- | M] () -- C:\Users\Zuzana\Desktop\NTREGOPT.lnk
[2010.04.26 16:35:02 | 000,000,714 | ---- | M] () -- C:\Users\Zuzana\Desktop\ERUNT.lnk
[2010.04.25 19:54:00 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\javaws.exe
[2010.04.25 19:54:00 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\javaw.exe
[2010.04.25 19:53:58 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\java.exe
[2010.04.25 19:53:57 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\System32\deploytk.dll
[2010.04.25 18:44:15 | 000,000,835 | ---- | M] () -- C:\Users\Zuzana\Desktop\hijackthis – zástupce.lnk
[2010.04.25 17:40:07 | 000,000,385 | ---- | M] () -- C:\windows\red_dialer.ini
[2010.04.25 17:38:34 | 000,781,909 | ---- | M] () -- C:\Users\Zuzana\Desktop\RSIT.exe
[2010.04.23 13:50:16 | 000,000,464 | ---- | M] () -- C:\Users\Zuzana\Documents\cc_20100423_135012.reg
[2010.04.14 16:16:55 | 000,002,675 | ---- | M] () -- C:\Users\Zuzana\Desktop\Microsoft Office Word 2007.lnk
[2010.04.07 21:08:12 | 000,041,312 | ---- | M] (ESET) -- C:\windows\System32\drivers\epfwwfp.sys
[2010.04.07 21:08:06 | 000,032,584 | ---- | M] (ESET) -- C:\windows\System32\drivers\epfwndis.sys
[2010.04.07 21:08:04 | 000,134,488 | ---- | M] (ESET) -- C:\windows\System32\drivers\epfw.sys
[2010.04.07 21:07:08 | 000,114,984 | ---- | M] (ESET) -- C:\windows\System32\drivers\ehdrv.sys
[2010.04.07 21:03:46 | 000,133,512 | ---- | M] (ESET) -- C:\windows\System32\drivers\eamonm.sys
========== Files Created - No Company Name ==========
[2010.05.01 11:57:30 | 1873,711,104 | -HS- | C] () -- C:\hiberfil.sys
[2010.04.27 21:16:30 | 043,696,640 | ---- | C] () -- C:\Users\Zuzana\Desktop\ess_nt32_csy.msi
[2010.04.27 19:34:08 | 000,293,376 | ---- | C] () -- C:\Users\Zuzana\Desktop\gmer.exe
[2010.04.27 19:31:48 | 000,284,915 | ---- | C] () -- C:\Users\Zuzana\Desktop\gmer.zip
[2010.04.27 13:08:05 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010.04.27 13:08:05 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010.04.26 21:17:48 | 000,002,936 | ---- | C] () -- C:\Users\Zuzana\Documents\cc_20100426_211746.reg
[2010.04.26 18:25:09 | 003,923,062 | ---- | C] () -- C:\Users\Zuzana\Desktop\abraka.com
[2010.04.26 17:03:12 | 000,077,312 | ---- | C] () -- C:\windows\MBR.exe
[2010.04.26 17:03:08 | 000,261,632 | ---- | C] () -- C:\windows\PEV.exe
[2010.04.26 17:03:07 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2010.04.26 17:03:06 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2010.04.26 17:03:06 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2010.04.26 16:55:08 | 000,001,896 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.04.26 16:35:10 | 000,000,913 | ---- | C] () -- C:\Users\Zuzana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010.04.26 16:35:02 | 000,000,733 | ---- | C] () -- C:\Users\Zuzana\Desktop\NTREGOPT.lnk
[2010.04.26 16:35:02 | 000,000,714 | ---- | C] () -- C:\Users\Zuzana\Desktop\ERUNT.lnk
[2010.04.25 19:14:07 | 000,206,992 | ---- | C] () -- C:\Users\Zuzana\Desktop\vyvoj.exe
[2010.04.25 18:44:15 | 000,000,835 | ---- | C] () -- C:\Users\Zuzana\Desktop\hijackthis – zástupce.lnk
[2010.04.25 17:37:26 | 000,781,909 | ---- | C] () -- C:\Users\Zuzana\Desktop\RSIT.exe
[2010.04.23 13:50:14 | 000,000,464 | ---- | C] () -- C:\Users\Zuzana\Documents\cc_20100423_135012.reg
[2009.09.11 11:37:17 | 000,117,248 | ---- | C] () -- C:\windows\System32\EhStorAuthn.dll
[2009.05.16 12:34:30 | 000,000,416 | ---- | C] () -- C:\windows\BRWMARK.INI
[2009.05.16 12:34:30 | 000,000,027 | ---- | C] () -- C:\windows\BRPP2KA.INI
[2009.05.16 12:31:27 | 000,000,213 | ---- | C] () -- C:\windows\Brpfx04a.ini
[2009.05.16 12:31:27 | 000,000,094 | ---- | C] () -- C:\windows\brpcfx.ini
[2009.05.16 12:23:14 | 000,031,567 | ---- | C] () -- C:\windows\maxlink.ini
[2009.05.13 17:04:50 | 000,000,385 | ---- | C] () -- C:\windows\red_dialer.ini
[2009.05.10 13:10:44 | 000,015,497 | ---- | C] () -- C:\windows\snp2uvc.ini
[2009.03.27 06:48:22 | 001,810,992 | ---- | C] () -- C:\windows\System32\drivers\snp2uvc.sys
[2009.03.27 06:48:12 | 000,034,096 | ---- | C] () -- C:\windows\System32\drivers\sncduvc.sys
[2008.08.04 16:43:08 | 000,204,800 | ---- | C] () -- C:\windows\System32\IVIresizeW7.dll
[2008.08.04 16:43:08 | 000,200,704 | ---- | C] () -- C:\windows\System32\IVIresizeA6.dll
[2008.08.04 16:43:08 | 000,192,512 | ---- | C] () -- C:\windows\System32\IVIresizeP6.dll
[2008.08.04 16:43:08 | 000,192,512 | ---- | C] () -- C:\windows\System32\IVIresizeM6.dll
[2008.08.04 16:43:08 | 000,188,416 | ---- | C] () -- C:\windows\System32\IVIresizePX.dll
[2008.08.04 16:43:08 | 000,020,480 | ---- | C] () -- C:\windows\System32\IVIresize.dll
[2008.08.04 16:16:55 | 000,000,000 | ---- | C] () -- C:\windows\HPMProp.INI
[2008.05.30 18:36:58 | 000,108,752 | ---- | C] () -- C:\windows\System32\drivers\SafeBoot.sys
[2008.05.21 11:38:12 | 000,159,744 | ---- | C] () -- C:\windows\System32\atitmmxx.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\windows\System32\pacerprf.ini
[2006.03.09 11:58:00 | 001,060,424 | ---- | C] () -- C:\windows\System32\WdfCoInstaller01000.dll
[2005.04.04 00:30:00 | 000,110,592 | ---- | C] () -- C:\windows\System32\scardsyn.dll
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\windows\System32\lcppn21.dll
[1998.05.07 05:10:00 | 000,069,632 | ---- | C] () -- C:\windows\System32\ODMA32.dll
========== Custom Scans ==========
< MD5 for: AUTOCONV.EXE >
[2009.04.11 08:27:22 | 000,656,896 | ---- | M] (Microsoft Corporation) MD5=15B7BDA10B91FE62466F2A18682C16E8 -- C:\Windows\System32\autoconv.exe
< MD5 for: AUTOCHK.EXE >
[2009.04.11 08:27:22 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2004.08.03 23:07:00 | 000,588,800 | ---- | M] (Microsoft Corporation) MD5=B3415B9D6026F65E43089ABED096C38C -- C:\Users\Zuzana\Desktop\OTLPE\I386\SYSTEM32\AUTOCHK.EXE
< MD5 for: RPCNET.DLL >
[2010.04.27 12:54:30 | 000,057,752 | ---- | M] (Absolute Software Corp.) MD5=01A19F74CFB19CC61D62009BCFA59961 -- C:\_OTL\MovedFiles\04272010_125736\C_Windows\System32\rpcnet.dll
[2010.04.27 16:55:03 | 000,057,752 | ---- | M] (Absolute Software Corp.) MD5=01A19F74CFB19CC61D62009BCFA59961 -- C:\_OTL\MovedFiles\04272010_185056\C_Windows\System32\rpcnet.dll
[2010.04.26 18:21:16 | 000,056,680 | ---- | M] (Absolute Software Corp.) MD5=2F4158CFE7801A73BEAA7E8A9DFCAD26 -- C:\_OTL\MovedFiles\04262010_204434\C_Windows\System32\rpcnet.dll
< MD5 for: RPCNET.EXE >
[2009.09.24 09:56:32 | 000,056,680 | ---- | M] (Absolute Software Corp.) MD5=449BF2E12822299C0B153B61C5B8D58E -- C:\_OTL\MovedFiles\04262010_204434\C_Windows\System32\rpcnet.exe
[2010.04.26 20:54:53 | 000,057,752 | ---- | M] (Absolute Software Corp.) MD5=647826DE6F7979432B360D38773570D4 -- C:\_OTL\MovedFiles\04272010_125736\C_Windows\System32\rpcnet.exe
[2010.04.27 13:04:22 | 000,057,752 | ---- | M] (Absolute Software Corp.) MD5=647826DE6F7979432B360D38773570D4 -- C:\_OTL\MovedFiles\04272010_185056\C_Windows\System32\rpcnet.exe
< MD5 for: RPCNETP.DLL >
[2010.04.26 20:50:39 | 000,017,408 | ---- | M] () MD5=09781F9CA8277F1C99EA6C7C1E7F30EE -- C:\_OTL\MovedFiles\04272010_125736\C_Windows\System32\rpcnetp.dll
[2010.04.27 13:01:50 | 000,017,408 | ---- | M] () MD5=09781F9CA8277F1C99EA6C7C1E7F30EE -- C:\_OTL\MovedFiles\04272010_185056\C_Windows\System32\rpcnetp.dll
[2009.10.21 12:34:54 | 000,017,408 | ---- | M] () MD5=AF9E3107108E70C1AF9F3831622068A3 -- C:\_OTL\MovedFiles\04262010_204434\C_Windows\System32\rpcnetp.dll
< MD5 for: RPCNETP.EXE >
[2010.04.26 18:21:18 | 000,017,408 | ---- | M] () MD5=5A186198384A33FF53FB5B3A26368BB3 -- C:\_OTL\MovedFiles\04262010_204434\C_Windows\System32\rpcnetp.exe
[2010.04.27 12:54:33 | 000,017,408 | ---- | M] () MD5=C14731D94AF1EF0CAB3DA53BDF8710E1 -- C:\_OTL\MovedFiles\04272010_125736\C_Windows\System32\rpcnetp.exe
[2010.04.27 16:55:05 | 000,017,408 | ---- | M] () MD5=C14731D94AF1EF0CAB3DA53BDF8710E1 -- C:\_OTL\MovedFiles\04272010_185056\C_Windows\System32\rpcnetp.exe
< End of report >
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
XP internet security- hází varovné hlášky- prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: XP internet security- hází varovné hlášky- prosím o kont
- Přílohy
-
- Extras.zip
- (14.95 KiB) Staženo 91 x
,,Poctivost nelze rozdělit na kousky.Buď je a nebo není."(Honoré de Balzac)
Re: XP internet security- hází varovné hlášky- prosím o kont
combofix spadl- instaluju MBAM
,,Poctivost nelze rozdělit na kousky.Buď je a nebo není."(Honoré de Balzac)
Re: XP internet security- hází varovné hlášky- prosím o kont
tak doskenováno...
posílám log z MBAM:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verze databáze: 4056
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18904
1.5.2010 14:55:09
mbam-log-2010-05-01 (14-55-09).txt
Typ skenu: Úplný sken (C:\|)
Skenované objekty: 256367
Uplynulý čas: 58 minuta(y), 19 sekunda(y)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
posílám log z MBAM:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verze databáze: 4056
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18904
1.5.2010 14:55:09
mbam-log-2010-05-01 (14-55-09).txt
Typ skenu: Úplný sken (C:\|)
Skenované objekty: 256367
Uplynulý čas: 58 minuta(y), 19 sekunda(y)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
,,Poctivost nelze rozdělit na kousky.Buď je a nebo není."(Honoré de Balzac)
Re: XP internet security- hází varovné hlášky- prosím o kont
VT mi hází toto.
0 bytes size received / Se ha recibido un archivo vacio
doplňuji log RSIT:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Zuzana at 2010-05-01 15:11:17
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 168 GB (74%) free of 228 GB
Total RAM: 1788 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:11:24, on 1.5.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal
Running processes:
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
c:\Program Files\Hewlett-Packard\IAM\Bin\AsGHost.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\windows\System32\mobsync.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
c:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\windows\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Zuzana\Desktop\RSIT.exe
C:\Program Files\trend micro\Zuzana.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [accrdsub] "c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
O4 - HKLM\..\Run: [PTHOSTTR] c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Hledání panelu &AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\cs-CZ\local\search.html
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\System32\APSHook.dll C:\Windows\System32\APSHook.dll C:\Windows\System32\APSHook.dll C:\Windows\System32\APSHook.dll C:\Windows\System32\APSHook.dll APSHook.dll
O23 - Service: ActivClient Middleware Service (accoca) - ActivIdentity - c:\Program Files\ActivIdentity\ActivClient\accoca.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - SafeBoot International - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\windows\system32\Hpservice.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\windows\system32\rpcnet.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\windows\System32\TuneUpDefragService.exe
--
End of file - 12281 bytes
======Scheduled tasks folder======
C:\windows\tasks\1-Click Maintenance.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-09-06 329312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
BHO_Startup Class - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll [2008-05-14 110592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
AOL Toolbar BHO - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-02-03 1185120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-25 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
Credential Manager for HP ProtectTools - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2008-05-21 58128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-02-03 1185120]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-12-09 958200]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"StartCCC"=c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"accrdsub"=c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2007-05-16 293168]
"PTHOSTTR"=c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2008-06-02 238984]
"CognizanceTS"=c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll [2008-05-21 24848]
"PDF Complete"=C:\Program Files\PDF Complete\pdfsty.exe [2008-05-12 318488]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-27 1045800]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"File Sanitizer"=C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2008-05-14 10244096]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2010-04-25 149280]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-05-14 177456]
"WatchDog"=C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [2008-05-24 197904]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [2008-03-19 3842048]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
"PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2007-01-29 30248]
"IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2007-01-29 46632]
"PPort11reminder"=C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [2007-02-01 255528]
"BrMfcWnd"=C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2007-03-12 663552]
"ControlCenter3"=C:\Program Files\Brother\ControlCenter3\brctrcen.exe [2007-01-26 65536]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-09-06 198160]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09 75008]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-04-04 1314816]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-04-07 2145000]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-04-29 437584]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-03-18 2289664]
"Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2010-04-06 26102056]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
C:\Users\Zuzana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
ERUNT AutoBackup.lnk - C:\Program Files\ERUNT\AUTOBACK.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\Windows\System32\APSHook.dll C:\Windows\System32\APSHook.dll C:\Windows\System32\APSHook.dll C:\Windows\System32\APSHook.dll C:\Windows\System32\APSHook.dll APSHook.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASWLNPkg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{419fd94f-9310-11de-8ca3-0021867955c0}]
shell\AutoRun\command - G:\EmDesk.exe
shell\EmDesk\command - G:\EmDesk.exe
======File associations======
.js - edit - C:\windows\System32\Notepad.exe %1
.js - open - C:\windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-05-01 13:55:17 ----D---- C:\Users\Zuzana\AppData\Roaming\Malwarebytes
2010-05-01 13:54:46 ----D---- C:\ProgramData\Malwarebytes
2010-05-01 13:54:43 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-05-01 13:44:24 ----SD---- C:\ComboFix
2010-05-01 13:43:51 ----A---- C:\windows\SWXCACLS.exe
2010-05-01 13:42:45 ----N---- C:\windows\system32\rpcnet.exe
2010-05-01 13:42:45 ----A---- C:\windows\system32\rpcnet.dll
2010-05-01 13:34:57 ----A---- C:\windows\system32\rpcnetp.dll
2010-05-01 13:34:34 ----A---- C:\windows\system32\rpcnetp.exe
2010-05-01 12:54:59 ----D---- C:\Avenger
2010-05-01 12:54:58 ----A---- C:\avenger.txt
2010-05-01 11:51:44 ----A---- C:\windows\ntbtlog.txt
2010-04-27 21:28:45 ----SHD---- C:\Config.Msi
2010-04-26 20:44:34 ----D---- C:\_OTL
2010-04-26 17:03:12 ----A---- C:\windows\MBR.exe
2010-04-26 17:03:11 ----A---- C:\windows\NIRCMD.exe
2010-04-26 17:03:08 ----A---- C:\windows\PEV.exe
2010-04-26 17:03:07 ----A---- C:\windows\zip.exe
2010-04-26 17:03:07 ----A---- C:\windows\SWREG.exe
2010-04-26 17:03:06 ----A---- C:\windows\sed.exe
2010-04-26 17:03:06 ----A---- C:\windows\grep.exe
2010-04-26 17:03:05 ----A---- C:\windows\SWSC.exe
2010-04-26 17:02:15 ----D---- C:\Qoobox
2010-04-26 16:55:07 ----D---- C:\Program Files\Common Files\Skype
2010-04-26 16:35:53 ----D---- C:\windows\ERDNT
2010-04-26 16:34:51 ----D---- C:\Program Files\ERUNT
2010-04-25 19:54:21 ----A---- C:\windows\system32\deploytk.dll
2010-04-25 19:54:20 ----A---- C:\windows\system32\javaws.exe
2010-04-25 19:54:20 ----A---- C:\windows\system32\javaw.exe
2010-04-25 19:54:20 ----A---- C:\windows\system32\java.exe
2010-04-25 17:42:53 ----D---- C:\rsit
2010-04-25 17:42:53 ----D---- C:\Program Files\trend micro
2010-04-15 13:31:27 ----A---- C:\windows\system32\mshtml.dll
2010-04-15 13:31:20 ----A---- C:\windows\system32\ieframe.dll
2010-04-15 13:31:18 ----A---- C:\windows\system32\iertutil.dll
2010-04-15 13:31:17 ----A---- C:\windows\system32\urlmon.dll
2010-04-15 13:31:16 ----A---- C:\windows\system32\wininet.dll
2010-04-15 13:31:15 ----A---- C:\windows\system32\msfeeds.dll
2010-04-15 13:31:14 ----A---- C:\windows\system32\occache.dll
2010-04-15 13:31:14 ----A---- C:\windows\system32\iedkcs32.dll
2010-04-15 13:31:13 ----A---- C:\windows\system32\mstime.dll
2010-04-15 13:31:09 ----A---- C:\windows\system32\ieui.dll
2010-04-15 13:31:08 ----A---- C:\windows\system32\iepeers.dll
2010-04-15 13:31:06 ----A---- C:\windows\system32\ieUnatt.exe
2010-04-15 13:31:05 ----A---- C:\windows\system32\msfeedsbs.dll
2010-04-15 13:31:05 ----A---- C:\windows\system32\iesysprep.dll
2010-04-15 13:31:04 ----A---- C:\windows\system32\jsproxy.dll
2010-04-15 13:31:02 ----A---- C:\windows\system32\msfeedssync.exe
2010-04-15 13:31:02 ----A---- C:\windows\system32\ie4uinit.exe
2010-04-15 13:31:01 ----A---- C:\windows\system32\iesetup.dll
2010-04-15 13:31:00 ----A---- C:\windows\system32\iernonce.dll
2010-04-15 13:23:34 ----A---- C:\windows\system32\ntoskrnl.exe
2010-04-15 13:23:33 ----A---- C:\windows\system32\ntkrnlpa.exe
2010-04-15 13:23:03 ----A---- C:\windows\system32\vbscript.dll
2010-04-15 13:17:46 ----A---- C:\windows\system32\iphlpsvc.dll
2010-04-15 13:04:01 ----A---- C:\windows\system32\wintrust.dll
2010-04-15 13:03:55 ----A---- C:\windows\system32\cabview.dll
======List of files/folders modified in the last 1 months======
2010-05-01 15:11:18 ----D---- C:\windows\Temp
2010-05-01 13:54:49 ----D---- C:\windows\system32\drivers
2010-05-01 13:54:46 ----HD---- C:\ProgramData
2010-05-01 13:54:43 ----RD---- C:\Program Files
2010-05-01 13:54:33 ----D---- C:\windows\System32
2010-05-01 13:54:33 ----D---- C:\windows\inf
2010-05-01 13:54:33 ----A---- C:\windows\system32\PerfStringBackup.INI
2010-05-01 13:49:08 ----D---- C:\ProgramData\hpqLog
2010-05-01 13:48:50 ----D---- C:\windows\Minidump
2010-05-01 13:48:44 ----D---- C:\Windows
2010-05-01 13:44:54 ----D---- C:\windows\Prefetch
2010-05-01 11:07:00 ----RSD---- C:\windows\Fonts
2010-05-01 11:06:47 ----D---- C:\windows\winsxs
2010-05-01 11:05:31 ----SHD---- C:\System Volume Information
2010-04-29 21:36:13 ----D---- C:\windows\system32\catroot2
2010-04-29 21:36:13 ----D---- C:\windows\system32\catroot
2010-04-27 22:45:09 ----SD---- C:\Users\Zuzana\AppData\Roaming\Microsoft
2010-04-27 22:45:09 ----SD---- C:\ProgramData\Microsoft
2010-04-27 21:30:10 ----SHD---- C:\windows\Installer
2010-04-26 16:55:56 ----D---- C:\Users\Zuzana\AppData\Roaming\Skype
2010-04-26 16:55:20 ----RD---- C:\Program Files\Skype
2010-04-26 16:55:13 ----D---- C:\windows\system32\Tasks
2010-04-26 16:55:07 ----D---- C:\Program Files\Common Files
2010-04-26 16:55:03 ----D---- C:\ProgramData\Skype
2010-04-26 16:15:08 ----D---- C:\Users\Zuzana\AppData\Roaming\skypePM
2010-04-25 19:53:51 ----D---- C:\Program Files\Java
2010-04-25 17:40:08 ----D---- C:\Program Files\Ufonuv fofr internet
2010-04-25 17:40:07 ----A---- C:\windows\red_dialer.ini
2010-04-23 13:50:29 ----D---- C:\windows\Debug
2010-04-19 18:22:19 ----D---- C:\Program Files\Mozilla Firefox
2010-04-19 12:16:22 ----D---- C:\windows\system32\migration
2010-04-19 12:16:22 ----D---- C:\Program Files\Windows Mail
2010-04-19 12:16:22 ----D---- C:\Program Files\Internet Explorer
2010-04-19 12:00:46 ----D---- C:\ProgramData\Microsoft Help
2010-04-15 12:58:21 ----D---- C:\windows\ModemLogs
2010-04-06 19:52:54 ----A---- C:\windows\system32\mrt.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2010-04-07 114984]
R1 RsvLock;RsvLock; C:\windows\system32\drivers\RsvLock.sys [2008-05-30 12496]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2010-04-07 134488]
R2 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2010-04-07 41312]
R3 Accelerometer;HP Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [2008-04-07 34664]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\ADIHdAud.sys [2008-04-11 382464]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2008-11-21 1204128]
R3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2008-05-21 3552768]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\windows\system32\DRIVERS\bcmwl6.sys [2008-03-21 1207288]
R3 BthEnum;Služba Bluetooth Enumerator; C:\windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2008-05-28 80424]
R3 btwavdt;Bluetooth AVDT; C:\windows\system32\drivers\btwavdt.sys [2008-05-28 81960]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2008-05-28 16168]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2010-04-07 133512]
R3 Epfwndis;Eset Personal Firewall; C:\windows\system32\DRIVERS\Epfwndis.sys [2010-04-07 32584]
R3 HBtnKey;HBtnKey; C:\windows\system32\DRIVERS\cpqbttn.sys [2008-04-14 9344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-19 16768]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2009-03-27 1810992]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2008-03-27 199472]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\windows\system32\DRIVERS\yk60x86.sys [2008-04-03 310272]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\windows\system32\DRIVERS\adusbser.sys [2006-12-20 97920]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 catchme;catchme; \??\C:\Users\Zuzana\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2008-01-21 45624]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 accoca;ActivClient Middleware Service; c:\Program Files\ActivIdentity\ActivClient\accoca.exe [2007-05-16 182576]
R2 AEADIFilters;Andrea ADI Filters Service; C:\windows\system32\AEADISRV.EXE [2007-10-19 86016]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2007-12-11 12800]
R2 ASBroker;Logon Session Broker; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 ASChannel;Local Communication Channel; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 Ati External Event Utility;Ati External Event Utility; C:\windows\system32\Ati2evxx.exe [2008-05-21 671744]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\windows\system32\svchost.exe [2008-01-21 21504]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-04-07 810120]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208]
R2 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2008-06-02 18944]
R2 HpFkCryptService;Drive Encryption Service; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2008-05-30 256512]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2008-05-14 77824]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2008-04-07 24936]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-10-19 222456]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-03-18 73728]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2008-05-12 576024]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 rpcnet;Remote Procedure Call (RPC) Net; C:\windows\system32\rpcnet.exe [2010-05-01 57752]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\windows\System32\svchost.exe [2008-01-21 21504]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-04-16 165192]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-04-07 33560]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\windows\system32\svchost.exe [2008-01-21 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\windows\System32\TuneUpDefragService.exe [2009-05-10 306432]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
-----------------EOF-----------------
0 bytes size received / Se ha recibido un archivo vacio
doplňuji log RSIT:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Zuzana at 2010-05-01 15:11:17
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 168 GB (74%) free of 228 GB
Total RAM: 1788 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:11:24, on 1.5.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal
Running processes:
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
c:\Program Files\Hewlett-Packard\IAM\Bin\AsGHost.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\windows\System32\mobsync.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
c:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\windows\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Zuzana\Desktop\RSIT.exe
C:\Program Files\trend micro\Zuzana.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [accrdsub] "c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
O4 - HKLM\..\Run: [PTHOSTTR] c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Hledání panelu &AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\cs-CZ\local\search.html
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\System32\APSHook.dll C:\Windows\System32\APSHook.dll C:\Windows\System32\APSHook.dll C:\Windows\System32\APSHook.dll C:\Windows\System32\APSHook.dll APSHook.dll
O23 - Service: ActivClient Middleware Service (accoca) - ActivIdentity - c:\Program Files\ActivIdentity\ActivClient\accoca.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - SafeBoot International - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\windows\system32\Hpservice.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\windows\system32\rpcnet.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\windows\System32\TuneUpDefragService.exe
--
End of file - 12281 bytes
======Scheduled tasks folder======
C:\windows\tasks\1-Click Maintenance.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-09-06 329312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
BHO_Startup Class - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll [2008-05-14 110592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
AOL Toolbar BHO - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-02-03 1185120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-25 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
Credential Manager for HP ProtectTools - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2008-05-21 58128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll [2008-02-03 1185120]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-12-09 958200]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"StartCCC"=c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"accrdsub"=c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2007-05-16 293168]
"PTHOSTTR"=c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2008-06-02 238984]
"CognizanceTS"=c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll [2008-05-21 24848]
"PDF Complete"=C:\Program Files\PDF Complete\pdfsty.exe [2008-05-12 318488]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-27 1045800]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"File Sanitizer"=C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2008-05-14 10244096]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2010-04-25 149280]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-05-14 177456]
"WatchDog"=C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [2008-05-24 197904]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [2008-03-19 3842048]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
"PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2007-01-29 30248]
"IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2007-01-29 46632]
"PPort11reminder"=C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [2007-02-01 255528]
"BrMfcWnd"=C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2007-03-12 663552]
"ControlCenter3"=C:\Program Files\Brother\ControlCenter3\brctrcen.exe [2007-01-26 65536]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-09-06 198160]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09 75008]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-04-04 1314816]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-04-07 2145000]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-04-29 437584]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-03-18 2289664]
"Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2010-04-06 26102056]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
C:\Users\Zuzana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
ERUNT AutoBackup.lnk - C:\Program Files\ERUNT\AUTOBACK.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\Windows\System32\APSHook.dll C:\Windows\System32\APSHook.dll C:\Windows\System32\APSHook.dll C:\Windows\System32\APSHook.dll C:\Windows\System32\APSHook.dll APSHook.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASWLNPkg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{419fd94f-9310-11de-8ca3-0021867955c0}]
shell\AutoRun\command - G:\EmDesk.exe
shell\EmDesk\command - G:\EmDesk.exe
======File associations======
.js - edit - C:\windows\System32\Notepad.exe %1
.js - open - C:\windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-05-01 13:55:17 ----D---- C:\Users\Zuzana\AppData\Roaming\Malwarebytes
2010-05-01 13:54:46 ----D---- C:\ProgramData\Malwarebytes
2010-05-01 13:54:43 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-05-01 13:44:24 ----SD---- C:\ComboFix
2010-05-01 13:43:51 ----A---- C:\windows\SWXCACLS.exe
2010-05-01 13:42:45 ----N---- C:\windows\system32\rpcnet.exe
2010-05-01 13:42:45 ----A---- C:\windows\system32\rpcnet.dll
2010-05-01 13:34:57 ----A---- C:\windows\system32\rpcnetp.dll
2010-05-01 13:34:34 ----A---- C:\windows\system32\rpcnetp.exe
2010-05-01 12:54:59 ----D---- C:\Avenger
2010-05-01 12:54:58 ----A---- C:\avenger.txt
2010-05-01 11:51:44 ----A---- C:\windows\ntbtlog.txt
2010-04-27 21:28:45 ----SHD---- C:\Config.Msi
2010-04-26 20:44:34 ----D---- C:\_OTL
2010-04-26 17:03:12 ----A---- C:\windows\MBR.exe
2010-04-26 17:03:11 ----A---- C:\windows\NIRCMD.exe
2010-04-26 17:03:08 ----A---- C:\windows\PEV.exe
2010-04-26 17:03:07 ----A---- C:\windows\zip.exe
2010-04-26 17:03:07 ----A---- C:\windows\SWREG.exe
2010-04-26 17:03:06 ----A---- C:\windows\sed.exe
2010-04-26 17:03:06 ----A---- C:\windows\grep.exe
2010-04-26 17:03:05 ----A---- C:\windows\SWSC.exe
2010-04-26 17:02:15 ----D---- C:\Qoobox
2010-04-26 16:55:07 ----D---- C:\Program Files\Common Files\Skype
2010-04-26 16:35:53 ----D---- C:\windows\ERDNT
2010-04-26 16:34:51 ----D---- C:\Program Files\ERUNT
2010-04-25 19:54:21 ----A---- C:\windows\system32\deploytk.dll
2010-04-25 19:54:20 ----A---- C:\windows\system32\javaws.exe
2010-04-25 19:54:20 ----A---- C:\windows\system32\javaw.exe
2010-04-25 19:54:20 ----A---- C:\windows\system32\java.exe
2010-04-25 17:42:53 ----D---- C:\rsit
2010-04-25 17:42:53 ----D---- C:\Program Files\trend micro
2010-04-15 13:31:27 ----A---- C:\windows\system32\mshtml.dll
2010-04-15 13:31:20 ----A---- C:\windows\system32\ieframe.dll
2010-04-15 13:31:18 ----A---- C:\windows\system32\iertutil.dll
2010-04-15 13:31:17 ----A---- C:\windows\system32\urlmon.dll
2010-04-15 13:31:16 ----A---- C:\windows\system32\wininet.dll
2010-04-15 13:31:15 ----A---- C:\windows\system32\msfeeds.dll
2010-04-15 13:31:14 ----A---- C:\windows\system32\occache.dll
2010-04-15 13:31:14 ----A---- C:\windows\system32\iedkcs32.dll
2010-04-15 13:31:13 ----A---- C:\windows\system32\mstime.dll
2010-04-15 13:31:09 ----A---- C:\windows\system32\ieui.dll
2010-04-15 13:31:08 ----A---- C:\windows\system32\iepeers.dll
2010-04-15 13:31:06 ----A---- C:\windows\system32\ieUnatt.exe
2010-04-15 13:31:05 ----A---- C:\windows\system32\msfeedsbs.dll
2010-04-15 13:31:05 ----A---- C:\windows\system32\iesysprep.dll
2010-04-15 13:31:04 ----A---- C:\windows\system32\jsproxy.dll
2010-04-15 13:31:02 ----A---- C:\windows\system32\msfeedssync.exe
2010-04-15 13:31:02 ----A---- C:\windows\system32\ie4uinit.exe
2010-04-15 13:31:01 ----A---- C:\windows\system32\iesetup.dll
2010-04-15 13:31:00 ----A---- C:\windows\system32\iernonce.dll
2010-04-15 13:23:34 ----A---- C:\windows\system32\ntoskrnl.exe
2010-04-15 13:23:33 ----A---- C:\windows\system32\ntkrnlpa.exe
2010-04-15 13:23:03 ----A---- C:\windows\system32\vbscript.dll
2010-04-15 13:17:46 ----A---- C:\windows\system32\iphlpsvc.dll
2010-04-15 13:04:01 ----A---- C:\windows\system32\wintrust.dll
2010-04-15 13:03:55 ----A---- C:\windows\system32\cabview.dll
======List of files/folders modified in the last 1 months======
2010-05-01 15:11:18 ----D---- C:\windows\Temp
2010-05-01 13:54:49 ----D---- C:\windows\system32\drivers
2010-05-01 13:54:46 ----HD---- C:\ProgramData
2010-05-01 13:54:43 ----RD---- C:\Program Files
2010-05-01 13:54:33 ----D---- C:\windows\System32
2010-05-01 13:54:33 ----D---- C:\windows\inf
2010-05-01 13:54:33 ----A---- C:\windows\system32\PerfStringBackup.INI
2010-05-01 13:49:08 ----D---- C:\ProgramData\hpqLog
2010-05-01 13:48:50 ----D---- C:\windows\Minidump
2010-05-01 13:48:44 ----D---- C:\Windows
2010-05-01 13:44:54 ----D---- C:\windows\Prefetch
2010-05-01 11:07:00 ----RSD---- C:\windows\Fonts
2010-05-01 11:06:47 ----D---- C:\windows\winsxs
2010-05-01 11:05:31 ----SHD---- C:\System Volume Information
2010-04-29 21:36:13 ----D---- C:\windows\system32\catroot2
2010-04-29 21:36:13 ----D---- C:\windows\system32\catroot
2010-04-27 22:45:09 ----SD---- C:\Users\Zuzana\AppData\Roaming\Microsoft
2010-04-27 22:45:09 ----SD---- C:\ProgramData\Microsoft
2010-04-27 21:30:10 ----SHD---- C:\windows\Installer
2010-04-26 16:55:56 ----D---- C:\Users\Zuzana\AppData\Roaming\Skype
2010-04-26 16:55:20 ----RD---- C:\Program Files\Skype
2010-04-26 16:55:13 ----D---- C:\windows\system32\Tasks
2010-04-26 16:55:07 ----D---- C:\Program Files\Common Files
2010-04-26 16:55:03 ----D---- C:\ProgramData\Skype
2010-04-26 16:15:08 ----D---- C:\Users\Zuzana\AppData\Roaming\skypePM
2010-04-25 19:53:51 ----D---- C:\Program Files\Java
2010-04-25 17:40:08 ----D---- C:\Program Files\Ufonuv fofr internet
2010-04-25 17:40:07 ----A---- C:\windows\red_dialer.ini
2010-04-23 13:50:29 ----D---- C:\windows\Debug
2010-04-19 18:22:19 ----D---- C:\Program Files\Mozilla Firefox
2010-04-19 12:16:22 ----D---- C:\windows\system32\migration
2010-04-19 12:16:22 ----D---- C:\Program Files\Windows Mail
2010-04-19 12:16:22 ----D---- C:\Program Files\Internet Explorer
2010-04-19 12:00:46 ----D---- C:\ProgramData\Microsoft Help
2010-04-15 12:58:21 ----D---- C:\windows\ModemLogs
2010-04-06 19:52:54 ----A---- C:\windows\system32\mrt.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2010-04-07 114984]
R1 RsvLock;RsvLock; C:\windows\system32\drivers\RsvLock.sys [2008-05-30 12496]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2010-04-07 134488]
R2 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2010-04-07 41312]
R3 Accelerometer;HP Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [2008-04-07 34664]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\ADIHdAud.sys [2008-04-11 382464]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2008-11-21 1204128]
R3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2008-05-21 3552768]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\windows\system32\DRIVERS\bcmwl6.sys [2008-03-21 1207288]
R3 BthEnum;Služba Bluetooth Enumerator; C:\windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2008-05-28 80424]
R3 btwavdt;Bluetooth AVDT; C:\windows\system32\drivers\btwavdt.sys [2008-05-28 81960]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2008-05-28 16168]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2010-04-07 133512]
R3 Epfwndis;Eset Personal Firewall; C:\windows\system32\DRIVERS\Epfwndis.sys [2010-04-07 32584]
R3 HBtnKey;HBtnKey; C:\windows\system32\DRIVERS\cpqbttn.sys [2008-04-14 9344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-19 16768]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2009-03-27 1810992]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2008-03-27 199472]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\windows\system32\DRIVERS\yk60x86.sys [2008-04-03 310272]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\windows\system32\DRIVERS\adusbser.sys [2006-12-20 97920]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 catchme;catchme; \??\C:\Users\Zuzana\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2008-01-21 45624]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 accoca;ActivClient Middleware Service; c:\Program Files\ActivIdentity\ActivClient\accoca.exe [2007-05-16 182576]
R2 AEADIFilters;Andrea ADI Filters Service; C:\windows\system32\AEADISRV.EXE [2007-10-19 86016]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2007-12-11 12800]
R2 ASBroker;Logon Session Broker; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 ASChannel;Local Communication Channel; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 Ati External Event Utility;Ati External Event Utility; C:\windows\system32\Ati2evxx.exe [2008-05-21 671744]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\windows\system32\svchost.exe [2008-01-21 21504]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-04-07 810120]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208]
R2 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2008-06-02 18944]
R2 HpFkCryptService;Drive Encryption Service; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2008-05-30 256512]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2008-05-14 77824]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2008-04-07 24936]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-10-19 222456]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-03-18 73728]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2008-05-12 576024]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 rpcnet;Remote Procedure Call (RPC) Net; C:\windows\system32\rpcnet.exe [2010-05-01 57752]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\windows\System32\svchost.exe [2008-01-21 21504]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-04-16 165192]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-04-07 33560]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\windows\system32\svchost.exe [2008-01-21 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\windows\System32\TuneUpDefragService.exe [2009-05-10 306432]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
-----------------EOF-----------------
,,Poctivost nelze rozdělit na kousky.Buď je a nebo není."(Honoré de Balzac)
Re: XP internet security- hází varovné hlášky- prosím o kont
,,Poctivost nelze rozdělit na kousky.Buď je a nebo není."(Honoré de Balzac)
Re: XP internet security- hází varovné hlášky- prosím o kont
vše podle pokynů hotovo
soubor tam je
soubor tam je
,,Poctivost nelze rozdělit na kousky.Buď je a nebo není."(Honoré de Balzac)
Re: XP internet security- hází varovné hlášky- prosím o kont
rpcnetp.exe - jsem zadala do řádku???/ne do okna/- pak hledat a nic to nenašlo
,,Poctivost nelze rozdělit na kousky.Buď je a nebo není."(Honoré de Balzac)
Re: XP internet security- hází varovné hlášky- prosím o kont
v té levé části to není- rpcnetp.exe - je tam rpcnet.exe
,,Poctivost nelze rozdělit na kousky.Buď je a nebo není."(Honoré de Balzac)
Re: XP internet security- hází varovné hlášky- prosím o kont
jo- tam mi vyjelo 12 souborů či čeho 
,,Poctivost nelze rozdělit na kousky.Buď je a nebo není."(Honoré de Balzac)
Re: XP internet security- hází varovné hlášky- prosím o kont
Process PID CPU Private Bytes Working Set Description Company Name
System Idle Process 0 81.86 0 K 24 K
Interrupts n/a 1.35 0 K 0 K Hardware Interrupts
DPCs n/a 0.68 0 K 0 K Deferred Procedure Calls
System 4 0 K 1 596 K
smss.exe 520 288 K 616 K Windows Session Manager Microsoft Corporation
csrss.exe 592 2 020 K 6 500 K Client Server Runtime Process Microsoft Corporation
wininit.exe 652 1 388 K 3 352 K Windows Start-Up Application Microsoft Corporation
services.exe 736 0.68 2 796 K 6 152 K Services and Controller app Microsoft Corporation
svchost.exe 900 3 156 K 6 152 K Host Process for Windows Services Microsoft Corporation
WmiPrvSE.exe 3084 3 276 K 5 856 K WMI Provider Host Microsoft Corporation
asghost.exe 3944 3.38 9 740 K 12 992 K Global Virtual Card Host Bioscrypt Inc.
acevents.exe 1324 4 472 K 6 872 K ActivIdentity Event Service ActivIdentity
HpqToaster.exe 3456 2 024 K 6 312 K HpqToaster Module
BTStackServer.exe 4476 12 388 begin_of_the_skype_highlighting 4476 12 388 end_of_the_skype_highlighting begin_of_the_skype_highlighting 4476 12 388 end_of_the_skype_highlighting K 12 016 K Bluetooth Stack COM Server Broadcom Corporation.
WmiPrvSE.exe 2648 6 240 K 9 632 K WMI Provider Host Microsoft Corporation
svchost.exe 944 7 460 K 7 240 K Host Process for Windows Services Microsoft Corporation
HPFSService.exe 972 1 192 K 3 304 K File Sanitizer for HP ProtectTools Hewlett-Packard
HpFkCrypt.exe 1000 716 K 2 324 K Drive Encryption for HP ProtectTools Service SafeBoot International
svchost.exe 1036 4 092 K 6 280 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1076 67 448 K 31 076 K Host Process for Windows Services Microsoft Corporation
Ati2evxx.exe 1160 1 116 K 3 752 K ATI External Event Utility EXE Module ATI Technologies Inc.
Ati2evxx.exe 1524 3 448 K 5 816 K ATI External Event Utility EXE Module ATI Technologies Inc.
svchost.exe 1176 14 516 K 10 908 K Host Process for Windows Services Microsoft Corporation
audiodg.exe 1304 11 796 K 9 948 K Windows Audio Device Graph Isolation Microsoft Corporation
svchost.exe 1208 53 092 K 54 704 K Host Process for Windows Services Microsoft Corporation
wlanext.exe 1920 2 336 K 4 304 K Windows Wireless LAN 802.11 Extensibility Framework Microsoft Corporation
dwm.exe 3824 2.03 32 960 K 35 444 K Správce oken plochy Microsoft Corporation
svchost.exe 1232 61 796 K 65 712 K Host Process for Windows Services Microsoft Corporation
taskeng.exe 2012 2 068 K 5 820 K Task Scheduler Engine Microsoft Corporation
taskeng.exe 3776 9 672 K 9 048 K Task Scheduler Engine Microsoft Corporation
svchost.exe 1348 2 032 K 3 984 K Host Process for Windows Services Microsoft Corporation
SLsvc.exe 1368 5 628 K 3 852 K Microsoft Software Licensing Service Microsoft Corporation
svchost.exe 1432 7 268 K 10 544 K Host Process for Windows Services Microsoft Corporation
hpservice.exe 1492 2 640 K 4 100 K HpService Hewlett-Packard Corporation
svchost.exe 1676 15 304 K 12 396 K Host Process for Windows Services Microsoft Corporation
spoolsv.exe 340 5 840 K 7 800 K Spooler SubSystem App Microsoft Corporation
svchost.exe 412 16 444 K 13 540 K Host Process for Windows Services Microsoft Corporation
accoca.exe 548 2 056 K 4 548 K ActivIdentity Cache Server ActivIdentity
acevents.exe 2152 4 144 K 5 868 K ActivIdentity Event Service ActivIdentity
AEADISRV.EXE 908 708 K 2 264 K Andrea filters APO access service (32-bit) Andrea Electronics Corporation
agrsmsvc.exe 896 776 K 2 172 K Agere Soft Modem Call Progress Service Agere Systems
svchost.exe 1996 2 392 K 3 440 K Host Process for Windows Services Microsoft Corporation
ekrn.exe 1032 53 696 K 45 288 K ESET Service ESET
PTChangeFilterService.exe 2184 133 408 K 43 760 K PTChangeFilterService Hewlett-Packard Development Company, L.P
ICQ Service.exe 2252 1 508 K 3 924 K ICQIEUpdater Module
iviRegMgr.exe 2292 916 K 3 244 K RegMgr Module InterVideo
LSSrvc.exe 2320 1 124 K 3 252 K LightScribe Service Hewlett-Packard Company
svchost.exe 2348 1 048 K 2 660 K Host Process for Windows Services Microsoft Corporation
pdfsvc.exe 2368 1 380 K 4 616 K Dispatcher PDF Complete Inc
svchost.exe 2452 876 K 2 508 K Host Process for Windows Services Microsoft Corporation
svchost.exe 2472 2 504 K 4 668 K Host Process for Windows Services Microsoft Corporation
rpcnet.exe 2492 1 860 K 4 156 K rpcnet Absolute Software Corp.
svchost.exe 2552 3 720 K 5 656 K Host Process for Windows Services Microsoft Corporation
svchost.exe 2588 588 K 2 032 K Host Process for Windows Services Microsoft Corporation
SearchIndexer.exe 2608 45 584 K 26 980 K Microsoft Windows Search Indexer Microsoft Corporation
hpqWmiEx.exe 2952 2 804 K 4 972 K hpqwmiex Module Hewlett-Packard Development Company, L.P.
wmpnetwk.exe 892 4 800 K 7 776 K Služba Windows Media Player Network Sharing Microsoft Corporation
Com4QLBEx.exe 1420 1 044 K 4 136 K Com for QLB application Hewlett-Packard Development Company, L.P.
HPHC_Service.exe 5880 14 692 K 12 580 K HP Health Check Service Hewlett-Packard
lsass.exe 752 3 708 K 7 260 K LSA Shell Microsoft Corporation
lsm.exe 760 1 992 K 3 468 K Local Session Manager Service Microsoft Corporation
csrss.exe 660 1 844 K 9 732 K Client Server Runtime Process Microsoft Corporation
winlogon.exe 700 3 312 K 4 700 K Windows Logon Application Microsoft Corporation
explorer.exe 3880 2.03 37 164 K 47 008 K Průzkumník Windows Microsoft Corporation
MSASCui.exe 1684 24 640 K 5 444 K Windows Defender User Interface Microsoft Corporation
accrdsub.exe 3316 5 280 K 6 740 K ActivIdentity card event handler ActivIdentity
pthosttr.exe 2512 24 684 K 15 856 K HP ProtectTools Security Manager Hewlett-Packard Development Company, L.P.
SynTPEnh.exe 3352 2 860 K 5 720 K Synaptics TouchPad Enhancements Synaptics, Inc.
SynTPHelper.exe 4996 1 036 K 3 488 K Synaptics Pointing Device Helper Synaptics, Inc.
HPWAMain.exe 3400 3 240 K 5 812 K HPWAMain Module Hewlett-Packard Development Company, L.P.
WiFiMsg.exe 1344 1 896 K 4 208 K Module to process WiFi messages. Hewlett-Packard Development Company, L.P.
CoreShredder.exe 3476 1 800 K 4 840 K File Sanitizer for HP ProtectTools Hewlett-Packard
jusched.exe 3500 1 364 K 3 732 K Java(TM) Platform SE binary Sun Microsystems, Inc.
QLBCTRL.exe 3508 3 656 K 6 664 K Quick Launch Buttons Hewlett-Packard Development Company, L.P.
VolCtrl.exe 3080 5 856 K 4 268 K Volume related element Hewlett-Packard Development Company, L.P.
GrooveMonitor.exe 2968 3 064 K 8 024 K GrooveMonitor Utility Microsoft Corporation
pptd40nt.exe 3872 1 632 K 3 660 K PaperPort Print to Desktop for NT Nuance Communications, Inc.
realsched.exe 3940 1 980 K 372 K RealNetworks Scheduler RealNetworks, Inc.
hpwuschd2.exe 3288 1 204 K 3 236 K hpwuSchd Application Hewlett-Packard
smax4pnp.exe 1904 7 652 K 4 772 K SMax4PNP Analog Devices, Inc.
egui.exe 3416 4 436 K 7 828 K ESET GUI ESET
LightScribeControlPanel.exe 1964 2 872 K 4 852 K Hewlett-Packard Company
BTTray.exe 3460 5 912 K 7 756 K Bluetooth Tray Application Broadcom Corporation.
wmpnscfg.exe 3756 1 860 K 4 952 K Windows Media Player Network Sharing Service Configuration Application Microsoft Corporation
firefox.exe 5188 0.68 85 160 K 104 428 K Firefox Mozilla Corporation
procexp.exe 6016 7.44 21 460 K 37 712 K Sysinternals Process Explorer Sysinternals - http://www.sysinternals.com
BrccMCtl.exe 4016 49 316 K 22 500 K Control Center 3 Main Program Brother Industries, Ltd.
MOM.exe 4288 24 644 K 4 724 K Catalyst Control Center: Monitoring program Advanced Micro Devices Inc.
CCC.exe 4576 33 360 K 5 900 K Catalyst Control Centre: Host application ATI Technologies Inc.
Process: services.exe Pid: 736
Type Name
Directory \KnownDlls
Directory \BaseNamedObjects
Event \BaseNamedObjects\SC_AutoStartComplete
Event \BaseNamedObjects\SvcctrlStartEvent_A3752DX
Event \BaseNamedObjects\ScNetDrvMsg
Event \BaseNamedObjects\WBEM_ESS_OPEN_FOR_BUSINESS
File C:\Windows\System32
File \Device\NamedPipe\ntsvcs
File \Device\NamedPipe\ntsvcs
File \Device\NamedPipe\ntsvcs
File \Device\KsecDD
File \Device\NamedPipe\scerpc
File \Device\NamedPipe\scerpc
File \Device\NamedPipe\scerpc
File \Device\NamedPipe\net\NtControlPipe37
File \Device\Afd
File \Device\NamedPipe\net\NtControlPipe38
File \Device\NamedPipe\net\NtControlPipe1
File \Device\NamedPipe\net\NtControlPipe2
File \Device\NamedPipe\net\NtControlPipe3
File \Device\NamedPipe\net\NtControlPipe4
File \Device\NamedPipe\net\NtControlPipe5
File \Device\NamedPipe\net\NtControlPipe6
File \Device\NamedPipe\net\NtControlPipe7
File \Device\NamedPipe\net\NtControlPipe8
File \Device\NamedPipe\net\NtControlPipe9
File \Device\NamedPipe\net\NtControlPipe10
File \Device\NamedPipe\net\NtControlPipe11
File \Device\NamedPipe\net\NtControlPipe12
File \Device\NamedPipe\net\NtControlPipe13
File \Device\NamedPipe\net\NtControlPipe14
File \Device\NamedPipe\net\NtControlPipe15
File \Device\NamedPipe\net\NtControlPipe0
File \Device\NamedPipe\net\NtControlPipe16
File \Device\NamedPipe\net\NtControlPipe17
File \Device\NamedPipe\net\NtControlPipe18
File \Device\NamedPipe\net\NtControlPipe19
File \Device\NamedPipe\net\NtControlPipe20
File \Device\NamedPipe\net\NtControlPipe21
File \Device\NamedPipe\net\NtControlPipe22
File \Device\NamedPipe\net\NtControlPipe39
File \Device\NamedPipe\net\NtControlPipe23
File \Device\NamedPipe\net\NtControlPipe24
File \Device\NamedPipe\net\NtControlPipe25
File \Device\NamedPipe\net\NtControlPipe26
File \Device\NamedPipe\net\NtControlPipe27
File \Device\NamedPipe\net\NtControlPipe28
File \Device\NamedPipe\net\NtControlPipe29
File \Device\NamedPipe\net\NtControlPipe30
File \Device\NamedPipe\net\NtControlPipe31
File \Device\NamedPipe\net\NtControlPipe32
File \Device\NamedPipe\net\NtControlPipe33
File \Device\NamedPipe\PIPE_EVENTROOT\CIMV2SCM EVENT PROVIDER
File \Device\NamedPipe\net\NtControlPipe34
File \Device\Afd
File \Device\NamedPipe\Winsock2\CatalogChangeListener-2e0-0
File \Device\Afd
File \Device\Afd
File \Device\NamedPipe\net\NtControlPipe35
Key HKLM
Key HKLM\SYSTEM\ControlSet001\Control\Session Manager
Key HKLM\SYSTEM\ControlSet001\Control\Nls\Locale\Alternate Sorts
Key HKLM\SYSTEM\ControlSet001\Control\Nls\Locale
Key HKLM\SYSTEM\ControlSet001\Control\Nls\Language Groups
Key HKLM\SYSTEM\ControlSet001\Control\NetworkProvider\Order
Key HKLM\SYSTEM\ControlSet001\Control\ServiceGroupOrder
Key HKLM\SYSTEM\ControlSet001\Services
Key HKU\S-1-5-20
Key HKU
Key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
Key HKLM\SYSTEM\ControlSet001\Control\ServiceCurrent
Key HKU\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion
Key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
Key HKU\S-1-5-20
Key HKU\S-1-5-19
Key HKU\S-1-5-20
Key HKU\S-1-5-19
Key HKU\S-1-5-20
Key HKU\S-1-5-19
Key HKU\S-1-5-19
Key HKU\S-1-5-19
Key HKU\S-1-5-19
Key HKU\S-1-5-20
Key HKU\S-1-5-19
Key HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9
Key HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\NameSpace_Catalog5
Mutant \BaseNamedObjects\CognizanceAPSvc
Process HPHC_Service.exe(5880)
Process Com4QLBEx.exe(1420)
Process wmpnetwk.exe(892)
Process svchost.exe(900)
Process svchost.exe(944)
Process HPFSService.exe(972)
Process HpFkCrypt.exe(1000)
Process svchost.exe(1036)
Process svchost.exe(1076)
Process Ati2evxx.exe(1160)
Process svchost.exe(1176)
Process svchost.exe(1208)
Process svchost.exe(1232)
Process svchost.exe(1348)
Process SLsvc.exe(1368)
Process svchost.exe(1432)
Process hpservice.exe(1492)
Process svchost.exe(1676)
Process spoolsv.exe(340)
Process svchost.exe(412)
Process accoca.exe(548)
Process AEADISRV.EXE(908)
Process agrsmsvc.exe(896)
Process svchost.exe(1996)
Process ekrn.exe(1032)
Process PTChangeFilterService.exe(2184)
Process ICQ Service.exe(2252)
Process iviRegMgr.exe(2292)
Process LSSrvc.exe(2320)
Process svchost.exe(2348)
Process pdfsvc.exe(2368)
Process svchost.exe(2452)
Process svchost.exe(2472)
Process rpcnet.exe(2492)
Process svchost.exe(2552)
Process svchost.exe(2588)
Process SearchIndexer.exe(2608)
Process hpqWmiEx.exe(2952)
Thread services.exe(736): 852
Thread services.exe(736): 852
Thread services.exe(736): 3296
Thread services.exe(736): 864
Thread services.exe(736): 1960
Thread services.exe(736): 2576
Thread services.exe(736): 6004
Thread services.exe(736): 5572
Token NT AUTHORITY\SYSTEM:3e7
Token NT AUTHORITY\SYSTEM:3e7
Token NT AUTHORITY\NETWORK SERVICE:3e4
Token NT AUTHORITY\SYSTEM:3e7
Token NT AUTHORITY\LOCAL SERVICE:3e5
Token NT AUTHORITY\SYSTEM:3e7
Token NT AUTHORITY\SYSTEM:3e7
Token NT AUTHORITY\NETWORK SERVICE:3e4
Token NT AUTHORITY\LOCAL SERVICE:3e5
Token NT AUTHORITY\SYSTEM:3e7
Token NT AUTHORITY\NETWORK SERVICE:3e4
Token NT AUTHORITY\LOCAL SERVICE:3e5
Token NT AUTHORITY\LOCAL SERVICE:3e5
Token NT AUTHORITY\LOCAL SERVICE:3e5
Token NT AUTHORITY\LOCAL SERVICE:3e5
Token NT AUTHORITY\NETWORK SERVICE:3e4
Token NT AUTHORITY\LOCAL SERVICE:3e5
Token NT AUTHORITY\SYSTEM:3e7
Token NT AUTHORITY\SYSTEM:3e7
Token NT AUTHORITY\NETWORK SERVICE:3e4
System Idle Process 0 81.86 0 K 24 K
Interrupts n/a 1.35 0 K 0 K Hardware Interrupts
DPCs n/a 0.68 0 K 0 K Deferred Procedure Calls
System 4 0 K 1 596 K
smss.exe 520 288 K 616 K Windows Session Manager Microsoft Corporation
csrss.exe 592 2 020 K 6 500 K Client Server Runtime Process Microsoft Corporation
wininit.exe 652 1 388 K 3 352 K Windows Start-Up Application Microsoft Corporation
services.exe 736 0.68 2 796 K 6 152 K Services and Controller app Microsoft Corporation
svchost.exe 900 3 156 K 6 152 K Host Process for Windows Services Microsoft Corporation
WmiPrvSE.exe 3084 3 276 K 5 856 K WMI Provider Host Microsoft Corporation
asghost.exe 3944 3.38 9 740 K 12 992 K Global Virtual Card Host Bioscrypt Inc.
acevents.exe 1324 4 472 K 6 872 K ActivIdentity Event Service ActivIdentity
HpqToaster.exe 3456 2 024 K 6 312 K HpqToaster Module
BTStackServer.exe 4476 12 388 begin_of_the_skype_highlighting 4476 12 388 end_of_the_skype_highlighting begin_of_the_skype_highlighting 4476 12 388 end_of_the_skype_highlighting K 12 016 K Bluetooth Stack COM Server Broadcom Corporation.
WmiPrvSE.exe 2648 6 240 K 9 632 K WMI Provider Host Microsoft Corporation
svchost.exe 944 7 460 K 7 240 K Host Process for Windows Services Microsoft Corporation
HPFSService.exe 972 1 192 K 3 304 K File Sanitizer for HP ProtectTools Hewlett-Packard
HpFkCrypt.exe 1000 716 K 2 324 K Drive Encryption for HP ProtectTools Service SafeBoot International
svchost.exe 1036 4 092 K 6 280 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1076 67 448 K 31 076 K Host Process for Windows Services Microsoft Corporation
Ati2evxx.exe 1160 1 116 K 3 752 K ATI External Event Utility EXE Module ATI Technologies Inc.
Ati2evxx.exe 1524 3 448 K 5 816 K ATI External Event Utility EXE Module ATI Technologies Inc.
svchost.exe 1176 14 516 K 10 908 K Host Process for Windows Services Microsoft Corporation
audiodg.exe 1304 11 796 K 9 948 K Windows Audio Device Graph Isolation Microsoft Corporation
svchost.exe 1208 53 092 K 54 704 K Host Process for Windows Services Microsoft Corporation
wlanext.exe 1920 2 336 K 4 304 K Windows Wireless LAN 802.11 Extensibility Framework Microsoft Corporation
dwm.exe 3824 2.03 32 960 K 35 444 K Správce oken plochy Microsoft Corporation
svchost.exe 1232 61 796 K 65 712 K Host Process for Windows Services Microsoft Corporation
taskeng.exe 2012 2 068 K 5 820 K Task Scheduler Engine Microsoft Corporation
taskeng.exe 3776 9 672 K 9 048 K Task Scheduler Engine Microsoft Corporation
svchost.exe 1348 2 032 K 3 984 K Host Process for Windows Services Microsoft Corporation
SLsvc.exe 1368 5 628 K 3 852 K Microsoft Software Licensing Service Microsoft Corporation
svchost.exe 1432 7 268 K 10 544 K Host Process for Windows Services Microsoft Corporation
hpservice.exe 1492 2 640 K 4 100 K HpService Hewlett-Packard Corporation
svchost.exe 1676 15 304 K 12 396 K Host Process for Windows Services Microsoft Corporation
spoolsv.exe 340 5 840 K 7 800 K Spooler SubSystem App Microsoft Corporation
svchost.exe 412 16 444 K 13 540 K Host Process for Windows Services Microsoft Corporation
accoca.exe 548 2 056 K 4 548 K ActivIdentity Cache Server ActivIdentity
acevents.exe 2152 4 144 K 5 868 K ActivIdentity Event Service ActivIdentity
AEADISRV.EXE 908 708 K 2 264 K Andrea filters APO access service (32-bit) Andrea Electronics Corporation
agrsmsvc.exe 896 776 K 2 172 K Agere Soft Modem Call Progress Service Agere Systems
svchost.exe 1996 2 392 K 3 440 K Host Process for Windows Services Microsoft Corporation
ekrn.exe 1032 53 696 K 45 288 K ESET Service ESET
PTChangeFilterService.exe 2184 133 408 K 43 760 K PTChangeFilterService Hewlett-Packard Development Company, L.P
ICQ Service.exe 2252 1 508 K 3 924 K ICQIEUpdater Module
iviRegMgr.exe 2292 916 K 3 244 K RegMgr Module InterVideo
LSSrvc.exe 2320 1 124 K 3 252 K LightScribe Service Hewlett-Packard Company
svchost.exe 2348 1 048 K 2 660 K Host Process for Windows Services Microsoft Corporation
pdfsvc.exe 2368 1 380 K 4 616 K Dispatcher PDF Complete Inc
svchost.exe 2452 876 K 2 508 K Host Process for Windows Services Microsoft Corporation
svchost.exe 2472 2 504 K 4 668 K Host Process for Windows Services Microsoft Corporation
rpcnet.exe 2492 1 860 K 4 156 K rpcnet Absolute Software Corp.
svchost.exe 2552 3 720 K 5 656 K Host Process for Windows Services Microsoft Corporation
svchost.exe 2588 588 K 2 032 K Host Process for Windows Services Microsoft Corporation
SearchIndexer.exe 2608 45 584 K 26 980 K Microsoft Windows Search Indexer Microsoft Corporation
hpqWmiEx.exe 2952 2 804 K 4 972 K hpqwmiex Module Hewlett-Packard Development Company, L.P.
wmpnetwk.exe 892 4 800 K 7 776 K Služba Windows Media Player Network Sharing Microsoft Corporation
Com4QLBEx.exe 1420 1 044 K 4 136 K Com for QLB application Hewlett-Packard Development Company, L.P.
HPHC_Service.exe 5880 14 692 K 12 580 K HP Health Check Service Hewlett-Packard
lsass.exe 752 3 708 K 7 260 K LSA Shell Microsoft Corporation
lsm.exe 760 1 992 K 3 468 K Local Session Manager Service Microsoft Corporation
csrss.exe 660 1 844 K 9 732 K Client Server Runtime Process Microsoft Corporation
winlogon.exe 700 3 312 K 4 700 K Windows Logon Application Microsoft Corporation
explorer.exe 3880 2.03 37 164 K 47 008 K Průzkumník Windows Microsoft Corporation
MSASCui.exe 1684 24 640 K 5 444 K Windows Defender User Interface Microsoft Corporation
accrdsub.exe 3316 5 280 K 6 740 K ActivIdentity card event handler ActivIdentity
pthosttr.exe 2512 24 684 K 15 856 K HP ProtectTools Security Manager Hewlett-Packard Development Company, L.P.
SynTPEnh.exe 3352 2 860 K 5 720 K Synaptics TouchPad Enhancements Synaptics, Inc.
SynTPHelper.exe 4996 1 036 K 3 488 K Synaptics Pointing Device Helper Synaptics, Inc.
HPWAMain.exe 3400 3 240 K 5 812 K HPWAMain Module Hewlett-Packard Development Company, L.P.
WiFiMsg.exe 1344 1 896 K 4 208 K Module to process WiFi messages. Hewlett-Packard Development Company, L.P.
CoreShredder.exe 3476 1 800 K 4 840 K File Sanitizer for HP ProtectTools Hewlett-Packard
jusched.exe 3500 1 364 K 3 732 K Java(TM) Platform SE binary Sun Microsystems, Inc.
QLBCTRL.exe 3508 3 656 K 6 664 K Quick Launch Buttons Hewlett-Packard Development Company, L.P.
VolCtrl.exe 3080 5 856 K 4 268 K Volume related element Hewlett-Packard Development Company, L.P.
GrooveMonitor.exe 2968 3 064 K 8 024 K GrooveMonitor Utility Microsoft Corporation
pptd40nt.exe 3872 1 632 K 3 660 K PaperPort Print to Desktop for NT Nuance Communications, Inc.
realsched.exe 3940 1 980 K 372 K RealNetworks Scheduler RealNetworks, Inc.
hpwuschd2.exe 3288 1 204 K 3 236 K hpwuSchd Application Hewlett-Packard
smax4pnp.exe 1904 7 652 K 4 772 K SMax4PNP Analog Devices, Inc.
egui.exe 3416 4 436 K 7 828 K ESET GUI ESET
LightScribeControlPanel.exe 1964 2 872 K 4 852 K Hewlett-Packard Company
BTTray.exe 3460 5 912 K 7 756 K Bluetooth Tray Application Broadcom Corporation.
wmpnscfg.exe 3756 1 860 K 4 952 K Windows Media Player Network Sharing Service Configuration Application Microsoft Corporation
firefox.exe 5188 0.68 85 160 K 104 428 K Firefox Mozilla Corporation
procexp.exe 6016 7.44 21 460 K 37 712 K Sysinternals Process Explorer Sysinternals - http://www.sysinternals.com
BrccMCtl.exe 4016 49 316 K 22 500 K Control Center 3 Main Program Brother Industries, Ltd.
MOM.exe 4288 24 644 K 4 724 K Catalyst Control Center: Monitoring program Advanced Micro Devices Inc.
CCC.exe 4576 33 360 K 5 900 K Catalyst Control Centre: Host application ATI Technologies Inc.
Process: services.exe Pid: 736
Type Name
Directory \KnownDlls
Directory \BaseNamedObjects
Event \BaseNamedObjects\SC_AutoStartComplete
Event \BaseNamedObjects\SvcctrlStartEvent_A3752DX
Event \BaseNamedObjects\ScNetDrvMsg
Event \BaseNamedObjects\WBEM_ESS_OPEN_FOR_BUSINESS
File C:\Windows\System32
File \Device\NamedPipe\ntsvcs
File \Device\NamedPipe\ntsvcs
File \Device\NamedPipe\ntsvcs
File \Device\KsecDD
File \Device\NamedPipe\scerpc
File \Device\NamedPipe\scerpc
File \Device\NamedPipe\scerpc
File \Device\NamedPipe\net\NtControlPipe37
File \Device\Afd
File \Device\NamedPipe\net\NtControlPipe38
File \Device\NamedPipe\net\NtControlPipe1
File \Device\NamedPipe\net\NtControlPipe2
File \Device\NamedPipe\net\NtControlPipe3
File \Device\NamedPipe\net\NtControlPipe4
File \Device\NamedPipe\net\NtControlPipe5
File \Device\NamedPipe\net\NtControlPipe6
File \Device\NamedPipe\net\NtControlPipe7
File \Device\NamedPipe\net\NtControlPipe8
File \Device\NamedPipe\net\NtControlPipe9
File \Device\NamedPipe\net\NtControlPipe10
File \Device\NamedPipe\net\NtControlPipe11
File \Device\NamedPipe\net\NtControlPipe12
File \Device\NamedPipe\net\NtControlPipe13
File \Device\NamedPipe\net\NtControlPipe14
File \Device\NamedPipe\net\NtControlPipe15
File \Device\NamedPipe\net\NtControlPipe0
File \Device\NamedPipe\net\NtControlPipe16
File \Device\NamedPipe\net\NtControlPipe17
File \Device\NamedPipe\net\NtControlPipe18
File \Device\NamedPipe\net\NtControlPipe19
File \Device\NamedPipe\net\NtControlPipe20
File \Device\NamedPipe\net\NtControlPipe21
File \Device\NamedPipe\net\NtControlPipe22
File \Device\NamedPipe\net\NtControlPipe39
File \Device\NamedPipe\net\NtControlPipe23
File \Device\NamedPipe\net\NtControlPipe24
File \Device\NamedPipe\net\NtControlPipe25
File \Device\NamedPipe\net\NtControlPipe26
File \Device\NamedPipe\net\NtControlPipe27
File \Device\NamedPipe\net\NtControlPipe28
File \Device\NamedPipe\net\NtControlPipe29
File \Device\NamedPipe\net\NtControlPipe30
File \Device\NamedPipe\net\NtControlPipe31
File \Device\NamedPipe\net\NtControlPipe32
File \Device\NamedPipe\net\NtControlPipe33
File \Device\NamedPipe\PIPE_EVENTROOT\CIMV2SCM EVENT PROVIDER
File \Device\NamedPipe\net\NtControlPipe34
File \Device\Afd
File \Device\NamedPipe\Winsock2\CatalogChangeListener-2e0-0
File \Device\Afd
File \Device\Afd
File \Device\NamedPipe\net\NtControlPipe35
Key HKLM
Key HKLM\SYSTEM\ControlSet001\Control\Session Manager
Key HKLM\SYSTEM\ControlSet001\Control\Nls\Locale\Alternate Sorts
Key HKLM\SYSTEM\ControlSet001\Control\Nls\Locale
Key HKLM\SYSTEM\ControlSet001\Control\Nls\Language Groups
Key HKLM\SYSTEM\ControlSet001\Control\NetworkProvider\Order
Key HKLM\SYSTEM\ControlSet001\Control\ServiceGroupOrder
Key HKLM\SYSTEM\ControlSet001\Services
Key HKU\S-1-5-20
Key HKU
Key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
Key HKLM\SYSTEM\ControlSet001\Control\ServiceCurrent
Key HKU\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion
Key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
Key HKU\S-1-5-20
Key HKU\S-1-5-19
Key HKU\S-1-5-20
Key HKU\S-1-5-19
Key HKU\S-1-5-20
Key HKU\S-1-5-19
Key HKU\S-1-5-19
Key HKU\S-1-5-19
Key HKU\S-1-5-19
Key HKU\S-1-5-20
Key HKU\S-1-5-19
Key HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9
Key HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\NameSpace_Catalog5
Mutant \BaseNamedObjects\CognizanceAPSvc
Process HPHC_Service.exe(5880)
Process Com4QLBEx.exe(1420)
Process wmpnetwk.exe(892)
Process svchost.exe(900)
Process svchost.exe(944)
Process HPFSService.exe(972)
Process HpFkCrypt.exe(1000)
Process svchost.exe(1036)
Process svchost.exe(1076)
Process Ati2evxx.exe(1160)
Process svchost.exe(1176)
Process svchost.exe(1208)
Process svchost.exe(1232)
Process svchost.exe(1348)
Process SLsvc.exe(1368)
Process svchost.exe(1432)
Process hpservice.exe(1492)
Process svchost.exe(1676)
Process spoolsv.exe(340)
Process svchost.exe(412)
Process accoca.exe(548)
Process AEADISRV.EXE(908)
Process agrsmsvc.exe(896)
Process svchost.exe(1996)
Process ekrn.exe(1032)
Process PTChangeFilterService.exe(2184)
Process ICQ Service.exe(2252)
Process iviRegMgr.exe(2292)
Process LSSrvc.exe(2320)
Process svchost.exe(2348)
Process pdfsvc.exe(2368)
Process svchost.exe(2452)
Process svchost.exe(2472)
Process rpcnet.exe(2492)
Process svchost.exe(2552)
Process svchost.exe(2588)
Process SearchIndexer.exe(2608)
Process hpqWmiEx.exe(2952)
Thread services.exe(736): 852
Thread services.exe(736): 852
Thread services.exe(736): 3296
Thread services.exe(736): 864
Thread services.exe(736): 1960
Thread services.exe(736): 2576
Thread services.exe(736): 6004
Thread services.exe(736): 5572
Token NT AUTHORITY\SYSTEM:3e7
Token NT AUTHORITY\SYSTEM:3e7
Token NT AUTHORITY\NETWORK SERVICE:3e4
Token NT AUTHORITY\SYSTEM:3e7
Token NT AUTHORITY\LOCAL SERVICE:3e5
Token NT AUTHORITY\SYSTEM:3e7
Token NT AUTHORITY\SYSTEM:3e7
Token NT AUTHORITY\NETWORK SERVICE:3e4
Token NT AUTHORITY\LOCAL SERVICE:3e5
Token NT AUTHORITY\SYSTEM:3e7
Token NT AUTHORITY\NETWORK SERVICE:3e4
Token NT AUTHORITY\LOCAL SERVICE:3e5
Token NT AUTHORITY\LOCAL SERVICE:3e5
Token NT AUTHORITY\LOCAL SERVICE:3e5
Token NT AUTHORITY\LOCAL SERVICE:3e5
Token NT AUTHORITY\NETWORK SERVICE:3e4
Token NT AUTHORITY\LOCAL SERVICE:3e5
Token NT AUTHORITY\SYSTEM:3e7
Token NT AUTHORITY\SYSTEM:3e7
Token NT AUTHORITY\NETWORK SERVICE:3e4
- Přílohy
-
- obrazek.jpg
- (167.6 KiB) Staženo 55 x
Naposledy upravil(a) Ecinazuz dne 01 kvě 2010 15:50, celkem upraveno 1 x.
,,Poctivost nelze rozdělit na kousky.Buď je a nebo není."(Honoré de Balzac)
Re: XP internet security- hází varovné hlášky- prosím o kont
rpcnet.exe
- Přílohy
-
- rpcnet.jpg
- (181.06 KiB) Staženo 55 x
,,Poctivost nelze rozdělit na kousky.Buď je a nebo není."(Honoré de Balzac)
Re: XP internet security- hází varovné hlášky- prosím o kont
SystemLook v1.0 by jpshortstuff (11.01.10)
Log created at 17:15 on 01/05/2010 by Zuzana (Administrator - Elevation successful)
========== filefind ==========
Searching for "rpcnet.exe"
C:\Windows\System32\rpcnet.exe ------ 57752 bytes [11:42 01/05/2010] [11:42 01/05/2010] 647826DE6F7979432B360D38773570D4
Searching for "rpcnet.dll"
C:\Windows\System32\rpcnet.dll --a--- 57752 bytes [11:42 01/05/2010] [13:51 01/05/2010] 01A19F74CFB19CC61D62009BCFA59961
Searching for "rpcnetp.dll"
C:\Windows\System32\rpcnetp.dll --a--- 17408 bytes [11:34 01/05/2010] [11:34 01/05/2010] 09781F9CA8277F1C99EA6C7C1E7F30EE
Searching for "rpcnetp.exe"
C:\Windows\System32\rpcnetp.exe --a--- 17408 bytes [11:34 01/05/2010] [13:51 01/05/2010] C14731D94AF1EF0CAB3DA53BDF8710E1
Searching for "rpcnet"
No files found.
Searching for "rpcnetp"
No files found.
========== file ==========
rpcnet.exe - Unable to find/read file.
rpcnet.dll - Unable to find/read file.
rpcnetp.dll - Unable to find/read file.
rpcnetp.exe - Unable to find/read file.
========== regfind ==========
Searching for "rpcnet"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List]
"File1"="C:\Users\Zuzana\Desktop\rpcnet.jpg"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List]
"File1"="C:\Users\Zuzana\Desktop\rpcnet.jpg"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\rpcnet]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\rpcnet]
"ImagePath"="C:\windows\system32\rpcnet.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\rpcnet]
"ImagePath"="C:\windows\system32\rpcnet.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\rpcnet]
"ImagePath"="C:\windows\system32\rpcnet.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\rpcnet]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\rpcnet]
"ImagePath"="C:\windows\system32\rpcnet.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\rpcnet]
"ImagePath"="C:\windows\system32\rpcnet.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\rpcnet]
"ImagePath"="C:\windows\system32\rpcnet.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rpcnet]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rpcnet]
"ImagePath"="C:\windows\system32\rpcnet.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rpcnet]
"ImagePath"="C:\windows\system32\rpcnet.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rpcnet]
"ImagePath"="C:\windows\system32\rpcnet.exe"
[HKEY_USERS\S-1-5-21-4068558042-2140266930-2156247005-1004\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List]
"File1"="C:\Users\Zuzana\Desktop\rpcnet.jpg"
[HKEY_USERS\S-1-5-21-4068558042-2140266930-2156247005-1004\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List]
"File1"="C:\Users\Zuzana\Desktop\rpcnet.jpg"
Searching for "rpcnetp"
No data found.
========== service ==========
rpcnet
Remote Procedure Call (RPC) Net
(No Description)
Current Status: Started
Startup Type: Automatic
Error Control: Severe
Binary: C:\windows\system32\rpcnet.exe
Group: (none)
SafeBoot:
Dependencies:
(none)
Dependant Services:
(none)
rpcnetp - Unable to open Service Handle.
========== process ==========
rpcnet.exe - 1 handle(s) returned.
File path: C:\windows\system32\rpcnet.exe
MD5: 647826DE6F7979432B360D38773570D4
Modules:
C:\windows\system32\rpcnet.exe
C:\windows\system32\ntdll.dll
C:\windows\system32\kernel32.dll
C:\windows\system32\TAPI32.dll
C:\windows\system32\msvcrt.dll
C:\windows\system32\ADVAPI32.dll
C:\windows\system32\RPCRT4.dll
C:\windows\system32\GDI32.dll
C:\windows\system32\USER32.dll
C:\windows\system32\ole32.dll
C:\windows\system32\SHLWAPI.dll
C:\windows\system32\rtutils.dll
C:\windows\system32\WINMM.dll
C:\windows\system32\OLEAUT32.dll
C:\windows\system32\OLEACC.dll
C:\windows\system32\NETAPI32.dll
C:\windows\system32\PSAPI.DLL
C:\windows\system32\USERENV.dll
C:\windows\system32\Secur32.dll
C:\windows\system32\WSOCK32.dll
C:\windows\system32\WS2_32.dll
C:\windows\system32\NSI.dll
C:\windows\system32\ShimEng.dll
C:\windows\system32\apphelp.dll
C:\windows\AppPatch\AcGenral.DLL
C:\windows\system32\UxTheme.dll
C:\windows\system32\MSACM32.dll
C:\windows\system32\VERSION.dll
C:\windows\system32\SHELL32.dll
C:\windows\system32\sfc.dll
C:\windows\system32\sfc_os.dll
C:\windows\system32\SETUPAPI.dll
C:\windows\system32\dwmapi.dll
C:\windows\system32\urlmon.dll
C:\windows\system32\iertutil.dll
C:\windows\system32\MPR.dll
C:\windows\system32\IMM32.DLL
C:\windows\system32\MSCTF.dll
C:\windows\system32\LPK.DLL
C:\windows\system32\USP10.dll
C:\Windows\System32\APSHook.dll
C:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
C:\windows\system32\rpcnet.dll
C:\windows\system32\NTMARTA.DLL
C:\windows\system32\WLDAP32.dll
C:\windows\system32\SAMLIB.dll
rpcnetp.exe - Unable to open process handle.
-=End Of File=-
musím odjet....mrzí mě to- ale plánovaná akce
zatím děkuji a zítra se ozvu- napiš další plán
ahoj
Log created at 17:15 on 01/05/2010 by Zuzana (Administrator - Elevation successful)
========== filefind ==========
Searching for "rpcnet.exe"
C:\Windows\System32\rpcnet.exe ------ 57752 bytes [11:42 01/05/2010] [11:42 01/05/2010] 647826DE6F7979432B360D38773570D4
Searching for "rpcnet.dll"
C:\Windows\System32\rpcnet.dll --a--- 57752 bytes [11:42 01/05/2010] [13:51 01/05/2010] 01A19F74CFB19CC61D62009BCFA59961
Searching for "rpcnetp.dll"
C:\Windows\System32\rpcnetp.dll --a--- 17408 bytes [11:34 01/05/2010] [11:34 01/05/2010] 09781F9CA8277F1C99EA6C7C1E7F30EE
Searching for "rpcnetp.exe"
C:\Windows\System32\rpcnetp.exe --a--- 17408 bytes [11:34 01/05/2010] [13:51 01/05/2010] C14731D94AF1EF0CAB3DA53BDF8710E1
Searching for "rpcnet"
No files found.
Searching for "rpcnetp"
No files found.
========== file ==========
rpcnet.exe - Unable to find/read file.
rpcnet.dll - Unable to find/read file.
rpcnetp.dll - Unable to find/read file.
rpcnetp.exe - Unable to find/read file.
========== regfind ==========
Searching for "rpcnet"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List]
"File1"="C:\Users\Zuzana\Desktop\rpcnet.jpg"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List]
"File1"="C:\Users\Zuzana\Desktop\rpcnet.jpg"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\rpcnet]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\rpcnet]
"ImagePath"="C:\windows\system32\rpcnet.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\rpcnet]
"ImagePath"="C:\windows\system32\rpcnet.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\rpcnet]
"ImagePath"="C:\windows\system32\rpcnet.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\rpcnet]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\rpcnet]
"ImagePath"="C:\windows\system32\rpcnet.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\rpcnet]
"ImagePath"="C:\windows\system32\rpcnet.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\rpcnet]
"ImagePath"="C:\windows\system32\rpcnet.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rpcnet]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rpcnet]
"ImagePath"="C:\windows\system32\rpcnet.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rpcnet]
"ImagePath"="C:\windows\system32\rpcnet.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rpcnet]
"ImagePath"="C:\windows\system32\rpcnet.exe"
[HKEY_USERS\S-1-5-21-4068558042-2140266930-2156247005-1004\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List]
"File1"="C:\Users\Zuzana\Desktop\rpcnet.jpg"
[HKEY_USERS\S-1-5-21-4068558042-2140266930-2156247005-1004\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List]
"File1"="C:\Users\Zuzana\Desktop\rpcnet.jpg"
Searching for "rpcnetp"
No data found.
========== service ==========
rpcnet
Remote Procedure Call (RPC) Net
(No Description)
Current Status: Started
Startup Type: Automatic
Error Control: Severe
Binary: C:\windows\system32\rpcnet.exe
Group: (none)
SafeBoot:
Dependencies:
(none)
Dependant Services:
(none)
rpcnetp - Unable to open Service Handle.
========== process ==========
rpcnet.exe - 1 handle(s) returned.
File path: C:\windows\system32\rpcnet.exe
MD5: 647826DE6F7979432B360D38773570D4
Modules:
C:\windows\system32\rpcnet.exe
C:\windows\system32\ntdll.dll
C:\windows\system32\kernel32.dll
C:\windows\system32\TAPI32.dll
C:\windows\system32\msvcrt.dll
C:\windows\system32\ADVAPI32.dll
C:\windows\system32\RPCRT4.dll
C:\windows\system32\GDI32.dll
C:\windows\system32\USER32.dll
C:\windows\system32\ole32.dll
C:\windows\system32\SHLWAPI.dll
C:\windows\system32\rtutils.dll
C:\windows\system32\WINMM.dll
C:\windows\system32\OLEAUT32.dll
C:\windows\system32\OLEACC.dll
C:\windows\system32\NETAPI32.dll
C:\windows\system32\PSAPI.DLL
C:\windows\system32\USERENV.dll
C:\windows\system32\Secur32.dll
C:\windows\system32\WSOCK32.dll
C:\windows\system32\WS2_32.dll
C:\windows\system32\NSI.dll
C:\windows\system32\ShimEng.dll
C:\windows\system32\apphelp.dll
C:\windows\AppPatch\AcGenral.DLL
C:\windows\system32\UxTheme.dll
C:\windows\system32\MSACM32.dll
C:\windows\system32\VERSION.dll
C:\windows\system32\SHELL32.dll
C:\windows\system32\sfc.dll
C:\windows\system32\sfc_os.dll
C:\windows\system32\SETUPAPI.dll
C:\windows\system32\dwmapi.dll
C:\windows\system32\urlmon.dll
C:\windows\system32\iertutil.dll
C:\windows\system32\MPR.dll
C:\windows\system32\IMM32.DLL
C:\windows\system32\MSCTF.dll
C:\windows\system32\LPK.DLL
C:\windows\system32\USP10.dll
C:\Windows\System32\APSHook.dll
C:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
C:\windows\system32\rpcnet.dll
C:\windows\system32\NTMARTA.DLL
C:\windows\system32\WLDAP32.dll
C:\windows\system32\SAMLIB.dll
rpcnetp.exe - Unable to open process handle.
-=End Of File=-
musím odjet....mrzí mě to- ale plánovaná akce
zatím děkuji a zítra se ozvu- napiš další plán
ahoj
,,Poctivost nelze rozdělit na kousky.Buď je a nebo není."(Honoré de Balzac)
Re: XP internet security- hází varovné hlášky- prosím o kont
dobré ráno přeji- ahoj- jsem tu. soubor stažen....jsem připravena 
,,Poctivost nelze rozdělit na kousky.Buď je a nebo není."(Honoré de Balzac)
Re: XP internet security- hází varovné hlášky- prosím o kont
ahoj
pro upřesnění- ty dva předchozí soubory- to máš na mysli ty z té tvé zazipované složky- autochk.exe a autoconv.exe ?
pro upřesnění- ty dva předchozí soubory- to máš na mysli ty z té tvé zazipované složky- autochk.exe a autoconv.exe ?
,,Poctivost nelze rozdělit na kousky.Buď je a nebo není."(Honoré de Balzac)
Re: XP internet security- hází varovné hlášky- prosím o kont
a kam do C? přesně... 
,,Poctivost nelze rozdělit na kousky.Buď je a nebo není."(Honoré de Balzac)
Přispějete na provoz fóra?