Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola logu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Dratek
Návštěvník
Návštěvník
Příspěvky: 4
Registrován: 17 bře 2008 20:17

Kontrola logu

#1 Příspěvek od Dratek »

Log z RSIT:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Dratek at 2010-05-08 16:35:31
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 11 GB (5%) free of 228 GB
Total RAM: 1788 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:37:19, on 8.5.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
C:\windows\system32\taskeng.exe
C:\windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\windows\system32\taskeng.exe
c:\Program Files\ActivIdentity\ActivClient\acevents.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\windows\system32\SearchFilterHost.exe
C:\Users\Dratek\Desktop\Programs\RSIT.exe
C:\Program Files\trend micro\Dratek.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Operadr\opera.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bsplayer-search.com/startpage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [accrdsub] "c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
O4 - HKLM\..\Run: [PTHOSTTR] c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O9 - Extra button: @C:\windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\System32\APSHook.dll C:\PROGRA~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll C:\Windows\System32\APSHook.dll
O23 - Service: McAfee Application Installer Cleanup (0089741226773579) (0089741226773579mcinstcleanup) - Unknown owner - C:\Users\Dratek\AppData\Local\Temp\008974~1.EXE (file missing)
O23 - Service: ActivClient Middleware Service (accoca) - ActivIdentity - c:\Program Files\ActivIdentity\ActivClient\accoca.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - SafeBoot International - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: O&O Defrag - O&O Software GmbH - C:\windows\system32\oodag.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: rpcnetp - Unknown owner - C:\windows\System32\rpcnetp.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 13370 bytes

======Scheduled tasks folder======

C:\windows\tasks\Google Software Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\HPCeeScheduleForDratek.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2010-02-23 329312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
BHO_Startup Class - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll [2008-05-14 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2010-02-23 761840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll [2010-01-08 700416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
Credential Manager for HP ProtectTools - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2008-05-21 58128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0BF43445-2F28-4351-9252-17FE6E806AA0}
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2008-07-17 691656]
{B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll [2010-01-08 700416]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"StartCCC"=c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"accrdsub"=c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2007-05-16 293168]
"PTHOSTTR"=c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2008-06-02 238984]
"CognizanceTS"=c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll [2008-05-21 24848]
"PDF Complete"=C:\Program Files\PDF Complete\pdfsty.exe [2008-05-12 318488]
"File Sanitizer"=C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2008-05-14 10244096]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-05-14 177456]
"WatchDog"=C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [2008-05-24 197904]
"HP Software Update"=c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-09 54840]
"NeroFilterCheck"=C:\windows\system32\NeroCheck.exe [2001-07-09 155648]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-29 1545512]
"Windows Mobile Device Center"=C:\windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09 75008]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-04-04 1314816]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"WirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-07-23 498744]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-02-23 30192]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-02-23 198160]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"SearchSettings"=C:\Program Files\pdfforge Toolbar\SearchSettings.exe [2010-01-08 974848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-03-18 2289664]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-24 490952]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2008-12-03 1205760]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Dratek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\Windows\System32\APSHook.dll C:\PROGRA~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll C:\Windows\System32\APSHook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\windows\System32\Notepad.exe %1

======List of files/folders created in the last 3 months======

2010-05-08 16:32:26 ----A---- C:\ComboFix.txt
2010-05-08 16:19:49 ----SHD---- C:\$RECYCLE.BIN
2010-05-08 15:46:15 ----A---- C:\windows\zip.exe
2010-05-08 15:46:15 ----A---- C:\windows\SWSC.exe
2010-05-08 15:46:15 ----A---- C:\windows\SWREG.exe
2010-05-08 15:46:15 ----A---- C:\windows\sed.exe
2010-05-08 15:46:15 ----A---- C:\windows\PEV.exe
2010-05-08 15:46:15 ----A---- C:\windows\NIRCMD.exe
2010-05-08 15:46:15 ----A---- C:\windows\MBR.exe
2010-05-08 15:46:15 ----A---- C:\windows\grep.exe
2010-05-08 15:45:21 ----D---- C:\windows\ERDNT
2010-05-08 15:38:42 ----A---- C:\windows\SWXCACLS.exe
2010-05-08 15:38:33 ----D---- C:\32788R22FWJFW
2010-04-18 21:07:41 ----D---- C:\Config.Msi
2010-04-18 15:43:50 ----D---- C:\ProgramData\Sun
2010-04-18 15:42:42 ----A---- C:\windows\system32\javaws.exe
2010-04-18 15:42:42 ----A---- C:\windows\system32\javaw.exe
2010-04-18 15:42:42 ----A---- C:\windows\system32\java.exe
2010-04-18 15:42:42 ----A---- C:\windows\system32\deployJava1.dll
2010-04-17 15:52:54 ----A---- C:\windows\system32\ntoskrnl.exe
2010-04-17 15:52:53 ----A---- C:\windows\system32\ntkrnlpa.exe
2010-04-17 15:52:49 ----A---- C:\windows\system32\vbscript.dll
2010-04-17 15:52:31 ----A---- C:\windows\system32\iphlpsvc.dll
2010-04-17 15:50:38 ----A---- C:\windows\system32\wintrust.dll
2010-04-17 15:50:31 ----A---- C:\windows\system32\cabview.dll
2010-04-10 20:54:45 ----A---- C:\ProgramData\HPWALog.txt
2010-04-10 20:35:00 ----D---- C:\Program Files\Activision
2010-04-10 20:08:18 ----A---- C:\windows\system32\XAPOFX1_1.dll
2010-04-10 20:08:17 ----A---- C:\windows\system32\XAudio2_2.dll
2010-04-10 20:08:17 ----A---- C:\windows\system32\xactengine3_2.dll
2010-04-10 20:08:16 ----A---- C:\windows\system32\D3DX9_39.dll
2010-04-10 20:08:16 ----A---- C:\windows\system32\d3dx10_39.dll
2010-04-10 20:08:16 ----A---- C:\windows\system32\D3DCompiler_39.dll
2010-04-10 14:59:16 ----D---- C:\Qoobox
2010-04-10 12:47:07 ----A---- C:\windows\apcErrorsLog.txt
2010-04-10 12:28:17 ----D---- C:\Program Files\Packet Tracer 5.2
2010-04-01 09:15:33 ----D---- C:\Program Files\Creative
2010-04-01 09:15:33 ----A---- C:\windows\system32\eax.dll
2010-03-31 18:25:13 ----A---- C:\windows\system32\mshtml.dll
2010-03-31 18:25:08 ----A---- C:\windows\system32\ieframe.dll
2010-03-31 18:25:06 ----A---- C:\windows\system32\urlmon.dll
2010-03-31 18:25:06 ----A---- C:\windows\system32\iertutil.dll
2010-03-31 18:25:05 ----A---- C:\windows\system32\wininet.dll
2010-03-31 18:25:04 ----A---- C:\windows\system32\occache.dll
2010-03-31 18:25:04 ----A---- C:\windows\system32\msfeeds.dll
2010-03-31 18:25:03 ----A---- C:\windows\system32\mstime.dll
2010-03-31 18:25:03 ----A---- C:\windows\system32\iedkcs32.dll
2010-03-31 18:25:01 ----A---- C:\windows\system32\ieui.dll
2010-03-31 18:25:00 ----A---- C:\windows\system32\msfeedsbs.dll
2010-03-31 18:25:00 ----A---- C:\windows\system32\jsproxy.dll
2010-03-31 18:25:00 ----A---- C:\windows\system32\ieUnatt.exe
2010-03-31 18:25:00 ----A---- C:\windows\system32\iesysprep.dll
2010-03-31 18:25:00 ----A---- C:\windows\system32\iepeers.dll
2010-03-31 18:25:00 ----A---- C:\windows\system32\ie4uinit.exe
2010-03-31 18:24:59 ----A---- C:\windows\system32\msfeedssync.exe
2010-03-31 18:24:59 ----A---- C:\windows\system32\iesetup.dll
2010-03-31 18:24:59 ----A---- C:\windows\system32\iernonce.dll
2010-03-22 20:11:27 ----D---- C:\6bc51825d36e8eae15904659
2010-03-18 21:17:13 ----A---- C:\ProgramData\ra3.ini
2010-03-14 15:48:15 ----D---- C:\Program Files\Application Updater
2010-03-14 15:48:11 ----D---- C:\Program Files\pdfforge Toolbar
2010-03-14 15:47:15 ----A---- C:\windows\system32\pdfcmnnt.dll
2010-03-14 15:47:11 ----A---- C:\windows\system32\MSMPIDE.DLL
2010-03-14 15:47:10 ----D---- C:\Program Files\PDFCreator
2010-03-10 22:10:33 ----D---- C:\Program Files\Advanced Port Scanner
2010-03-07 12:07:50 ----A---- C:\windows\system32\browserchoice.exe
2010-02-26 18:04:10 ----A---- C:\windows\system32\jscript.dll
2010-02-26 18:02:50 ----A---- C:\windows\system32\tzres.dll
2010-02-26 17:59:30 ----A---- C:\windows\system32\secproc_isv.dll
2010-02-26 17:59:28 ----A---- C:\windows\system32\secproc.dll
2010-02-26 17:59:23 ----A---- C:\windows\system32\RMActivate_isv.exe
2010-02-26 17:59:21 ----A---- C:\windows\system32\RMActivate_ssp_isv.exe
2010-02-26 17:59:20 ----A---- C:\windows\system32\RMActivate_ssp.exe
2010-02-26 17:59:19 ----A---- C:\windows\system32\RMActivate.exe
2010-02-26 17:59:17 ----A---- C:\windows\system32\secproc_ssp_isv.dll
2010-02-26 17:59:17 ----A---- C:\windows\system32\secproc_ssp.dll
2010-02-26 17:59:16 ----A---- C:\windows\system32\msdrm.dll
2010-02-26 17:58:47 ----A---- C:\windows\system32\gameux.dll
2010-02-26 17:58:43 ----A---- C:\windows\system32\Apphlpdm.dll
2010-02-26 17:58:42 ----A---- C:\windows\system32\GameUXLegacyGDFs.dll
2010-02-23 17:57:16 ----D---- C:\Program Files\Common Files\Skype
2010-02-23 17:57:13 ----RD---- C:\Program Files\Skype
2010-02-23 17:53:45 ----A---- C:\windows\system32\rmoc3260.dll
2010-02-23 17:53:05 ----A---- C:\windows\system32\pndx5032.dll
2010-02-23 17:53:05 ----A---- C:\windows\system32\pndx5016.dll
2010-02-23 17:52:53 ----D---- C:\Program Files\Common Files\xing shared
2010-02-23 17:51:50 ----D---- C:\ProgramData\Real
2010-02-23 16:55:04 ----D---- C:\Program Files\Common Files\PC Tools
2010-02-23 16:55:03 ----D---- C:\Program Files\Spyware Doctor
2010-02-23 16:44:44 ----D---- C:\ProgramData\Google Updater
2010-02-13 12:23:45 ----A---- C:\windows\system32\bcmwlrc.dll
2010-02-13 12:23:43 ----A---- C:\windows\system32\bcmihvui.dll
2010-02-13 12:23:42 ----D---- C:\Program Files\Broadcom
2010-02-12 17:04:20 ----A---- C:\windows\system32\quartz.dll
2010-02-12 17:04:18 ----A---- C:\windows\system32\tsbyuv.dll
2010-02-12 17:04:18 ----A---- C:\windows\system32\msyuv.dll
2010-02-12 17:04:18 ----A---- C:\windows\system32\msvidc32.dll
2010-02-12 17:04:17 ----A---- C:\windows\system32\msrle32.dll
2010-02-12 17:04:17 ----A---- C:\windows\system32\iyuv_32.dll
2010-02-12 17:04:16 ----A---- C:\windows\system32\msvfw32.dll
2010-02-12 17:04:16 ----A---- C:\windows\system32\mciavi32.dll
2010-02-12 17:04:15 ----A---- C:\windows\system32\avifil32.dll

======List of files/folders modified in the last 3 months======

2010-05-08 16:36:11 ----D---- C:\windows\Temp
2010-05-08 16:35:35 ----D---- C:\Program Files\trend micro
2010-05-08 16:35:27 ----D---- C:\ProgramData
2010-05-08 16:32:30 ----D---- C:\windows\system32\drivers
2010-05-08 16:23:05 ----D---- C:\windows\tracing
2010-05-08 16:20:40 ----D---- C:\windows\Tasks
2010-05-08 16:19:50 ----D---- C:\Windows
2010-05-08 16:19:49 ----A---- C:\windows\system.ini
2010-05-08 16:18:20 ----D---- C:\ProgramData\hpqLog
2010-05-08 16:15:47 ----D---- C:\windows\system32\config
2010-05-08 16:15:47 ----D---- C:\boot
2010-05-08 16:02:47 ----D---- C:\windows\System32
2010-05-08 16:02:47 ----D---- C:\windows\AppPatch
2010-05-08 16:02:44 ----D---- C:\Program Files\Common Files
2010-05-08 15:50:54 ----D---- C:\windows\inf
2010-05-08 15:50:54 ----A---- C:\windows\system32\PerfStringBackup.INI
2010-05-07 10:52:40 ----SHD---- C:\System Volume Information
2010-05-07 10:16:59 ----RSD---- C:\windows\Fonts
2010-05-06 15:20:25 ----D---- C:\windows\Prefetch
2010-04-30 14:14:39 ----D---- C:\windows\system32\Tasks
2010-04-30 14:01:27 ----D---- C:\windows\winsxs
2010-04-28 14:54:05 ----D---- C:\windows\system32\catroot
2010-04-28 14:54:03 ----D---- C:\windows\system32\catroot2
2010-04-18 21:09:46 ----SHD---- C:\windows\Installer
2010-04-18 20:58:07 ----D---- C:\Program Files\Windows Mail
2010-04-18 19:40:29 ----D---- C:\Users\Dratek\AppData\Roaming\Hamachi
2010-04-18 15:43:43 ----D---- C:\Program Files\Common Files\Java
2010-04-18 15:42:18 ----D---- C:\Program Files\Java
2010-04-18 12:29:02 ----D---- C:\windows\Debug
2010-04-17 10:59:16 ----D---- C:\Program Files\Google
2010-04-11 01:35:26 ----D---- C:\windows\system32\spool
2010-04-11 01:35:26 ----AD---- C:\windows\system32\cs-CZ
2010-04-11 01:35:25 ----D---- C:\windows\system32\Msdtc
2010-04-11 01:35:25 ----D---- C:\windows\system32\CodeIntegrity
2010-04-11 01:35:24 ----D---- C:\Program Files\IKEA HomePlanner
2010-04-11 01:35:23 ----D---- C:\Program Files\Everest Poker
2010-04-11 01:35:23 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-04-11 01:35:21 ----D---- C:\windows\system32\wbem
2010-04-11 01:35:21 ----D---- C:\windows\registration
2010-04-11 01:33:00 ----D---- C:\windows\system32\LogFiles
2010-04-10 20:35:10 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-10 20:35:00 ----RD---- C:\Program Files
2010-04-10 20:08:43 ----D---- C:\Games
2010-04-10 20:07:45 ----RSD---- C:\windows\assembly
2010-04-10 15:37:44 ----D---- C:\windows\Minidump
2010-04-10 12:49:04 ----D---- C:\Program Files\Remote Desktop Control 2
2010-04-10 12:49:01 ----D---- C:\ProgramData\Remote Desktop Control 2
2010-04-10 12:45:54 ----AD---- C:\ProgramData\TEMP
2010-04-06 19:52:54 ----A---- C:\windows\system32\mrt.exe
2010-04-04 21:14:53 ----D---- C:\windows\system32\migration
2010-04-04 21:14:53 ----D---- C:\Program Files\Internet Explorer
2010-04-01 09:27:14 ----A---- C:\windows\NeroDigital.ini
2010-03-29 18:39:10 ----D---- C:\Program Files\The KMPlayer
2010-03-24 18:45:50 ----SD---- C:\Users\Dratek\AppData\Roaming\Microsoft
2010-03-22 20:29:14 ----D---- C:\Operadr
2010-03-13 14:38:30 ----D---- C:\Program Files\Movie Maker
2010-03-12 19:16:59 ----D---- C:\Dratek's file
2010-02-27 15:42:57 ----D---- C:\Program Files\Common Files\Steam
2010-02-27 13:43:17 ----D---- C:\windows\Microsoft.NET
2010-02-27 11:53:21 ----D---- C:\ProgramData\Adobe
2010-02-27 00:14:03 ----D---- C:\windows\system32\oodag
2010-02-26 18:38:49 ----D---- C:\Program Files\CCleaner
2010-02-26 16:58:17 ----D---- C:\Program Files\Common Files\Adobe
2010-02-26 16:58:05 ----D---- C:\Program Files\Adobe
2010-02-24 10:16:06 ----N---- C:\windows\system32\MpSigStub.exe
2010-02-23 20:55:22 ----D---- C:\Users\Dratek\AppData\Roaming\Adobe
2010-02-23 17:57:12 ----D---- C:\ProgramData\Skype
2010-02-23 17:54:03 ----D---- C:\Program Files\Common Files\Real
2010-02-23 17:52:03 ----A---- C:\windows\system32\pncrt.dll
2010-02-23 16:45:29 ----D---- C:\Program Files\Mozilla Thunderbird
2010-02-13 20:14:26 ----D---- C:\Swsetup
2010-02-13 13:13:15 ----SD---- C:\windows\Downloaded Program Files
2010-02-13 12:48:47 ----D---- C:\windows\system32\zh-TW
2010-02-13 12:48:47 ----D---- C:\windows\system32\zh-HK
2010-02-13 12:48:47 ----D---- C:\windows\system32\zh-CN
2010-02-13 12:48:47 ----D---- C:\windows\system32\tr-TR
2010-02-13 12:48:47 ----D---- C:\windows\system32\th-TH
2010-02-13 12:48:47 ----D---- C:\windows\system32\sv-SE
2010-02-13 12:48:47 ----D---- C:\windows\system32\ru-RU
2010-02-13 12:48:47 ----D---- C:\windows\system32\pt-PT
2010-02-13 12:48:47 ----D---- C:\windows\system32\pt-BR
2010-02-13 12:48:47 ----D---- C:\windows\system32\pl-PL
2010-02-13 12:48:47 ----D---- C:\windows\system32\nl-NL
2010-02-13 12:48:47 ----D---- C:\windows\system32\nb-NO
2010-02-13 12:48:47 ----D---- C:\windows\system32\ko-KR
2010-02-13 12:48:47 ----D---- C:\windows\system32\ja-JP
2010-02-13 12:48:47 ----D---- C:\windows\system32\it-IT
2010-02-13 12:48:47 ----D---- C:\windows\system32\hu-HU
2010-02-13 12:48:47 ----D---- C:\windows\system32\he-IL
2010-02-13 12:48:47 ----D---- C:\windows\system32\fr-FR
2010-02-13 12:48:47 ----D---- C:\windows\system32\fi-FI
2010-02-13 12:48:47 ----D---- C:\windows\system32\es-ES
2010-02-13 12:48:47 ----D---- C:\windows\system32\en-US
2010-02-13 12:48:47 ----D---- C:\windows\system32\el-GR
2010-02-13 12:48:47 ----D---- C:\windows\system32\de-DE
2010-02-13 12:48:47 ----D---- C:\windows\system32\da-DK
2010-02-13 12:48:47 ----D---- C:\windows\system32\ar-SA
2010-02-13 12:48:47 ----AD---- C:\windows\system32\sl-SI
2010-02-13 12:48:47 ----AD---- C:\windows\system32\sk-SK
2010-02-13 12:48:47 ----AD---- C:\windows\system32\ro-RO
2010-02-13 12:48:47 ----AD---- C:\windows\system32\lv-LV
2010-02-13 12:48:47 ----AD---- C:\windows\system32\lt-LT
2010-02-13 12:48:47 ----AD---- C:\windows\system32\hr-HR
2010-02-13 12:48:47 ----AD---- C:\windows\system32\et-EE
2010-02-13 12:48:47 ----AD---- C:\windows\system32\bg-BG
2010-02-13 12:44:00 ----D---- C:\Users\Dratek\AppData\Roaming\Hewlett-Packard
2010-02-13 12:43:35 ----D---- C:\Program Files\Hewlett-Packard
2010-02-13 12:24:15 ----D---- C:\Users\Dratek\AppData\Roaming\HPQLOG
2010-02-13 12:23:33 ----A---- C:\windows\system32\bcmwlcoi.dll
2010-02-13 12:23:33 ----A---- C:\windows\system32\bcmihvsrv.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\windows\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 mfehidk;McAfee Inc. mfehidk; C:\windows\system32\drivers\mfehidk.sys [2008-07-14 207688]
R1 mfetdik;McAfee Inc. mfetdik; C:\windows\system32\drivers\mfetdik.sys [2008-07-14 55176]
R1 RsvLock;RsvLock; C:\windows\system32\drivers\RsvLock.sys [2008-05-30 12496]
R1 vmm;Virtual Machine Monitor; \??\C:\windows\system32\Drivers\vmm.sys [2007-02-18 232816]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\DRIVERS\aswMonFlt.sys [2009-09-15 53328]
R2 atksgt;atksgt; C:\windows\system32\DRIVERS\atksgt.sys [2008-10-27 271360]
R2 lirsgt;lirsgt; C:\windows\system32\DRIVERS\lirsgt.sys [2008-10-27 18048]
R3 Accelerometer;HP Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [2008-08-07 34608]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\ADIHdAud.sys [2008-04-11 382464]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2008-03-21 1203776]
R3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2008-05-21 3552768]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\windows\system32\DRIVERS\bcmwl6.sys [2010-02-13 2661368]
R3 BthEnum;Služba Bluetooth Enumerator; C:\windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2008-05-28 80424]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\drivers\btwavdt.sys [2008-05-28 81960]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2008-05-28 16168]
R3 CamSpaceBus;CamSpace Virtual Joystick Bus device driver; C:\windows\system32\drivers\CamSpaceBus.sys [2008-08-24 14848]
R3 CamSpaceJoy;CamSpace Virtual Joystick device driver; C:\windows\system32\drivers\CamSpaceJoy.sys [2008-08-24 30464]
R3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2009-09-01 25280]
R3 HBtnKey;HBtnKey; C:\windows\system32\DRIVERS\cpqbttn.sys [2008-04-14 9344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-19 16768]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2008-10-09 1810856]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-07-29 213680]
R3 VPCNetS2;Virtual Machine Network Services Driver; C:\windows\system32\DRIVERS\VMNetSrv.sys [2007-01-29 59280]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 WUDFRd;WUDFRd; C:\windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\windows\system32\DRIVERS\yk60x86.sys [2008-04-03 310272]
S3 ax05r4ey;ax05r4ey; C:\windows\system32\drivers\ax05r4ey.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 GarenaPEngine;GarenaPEngine; \??\C:\Users\Dratek\AppData\Local\Temp\YMBB598.tmp []
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MfeAVFK;McAfee Inc. MfeAVFK; C:\windows\system32\drivers\MfeAVFK.sys [2008-07-14 79240]
S3 MfeBOPK;McAfee Inc. MfeBOPK; C:\windows\system32\drivers\MfeBOPK.sys [2008-07-14 35240]
S3 MfeRKDK;McAfee Inc. MfeRKDK; C:\windows\system32\drivers\MfeRKDK.sys [2008-07-14 34152]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 nhcNT_driver;Notebook Hardware Control NT Driver; \??\C:\windows\system32\drivers\nhcNT.sys [2008-10-22 8960]
S3 nmwcd;Nokia USB Phone Parent; C:\windows\system32\drivers\ccdcmb.sys [2008-09-15 17664]
S3 nmwcdc;Nokia USB Generic; C:\windows\system32\drivers\ccdcmbo.sys [2008-09-15 22016]
S3 NPF;NetGroup Packet Filter Driver; C:\windows\system32\drivers\npf.sys [2007-11-06 34064]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2008-01-21 45624]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064]
S3 usb_rndisx;Adaptér USB RNDIS; C:\windows\system32\DRIVERS\usb8023x.sys [2009-04-11 15872]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbser;Nokia USB Serial Port; C:\windows\system32\drivers\usbser.sys [2009-04-11 27648]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltj.sys [2008-09-15 8064]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S4 RsFx0102;RsFx0102 Driver; C:\windows\system32\DRIVERS\RsFx0102.sys [2008-07-10 242712]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 accoca;ActivClient Middleware Service; c:\Program Files\ActivIdentity\ActivClient\accoca.exe [2007-05-16 182576]
R2 AEADIFilters;Andrea ADI Filters Service; C:\windows\system32\AEADISRV.EXE [2007-10-19 86016]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2008-03-18 13312]
R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2010-01-08 380928]
R2 ASBroker;Logon Session Broker; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 ASChannel;Local Communication Channel; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati External Event Utility;Ati External Event Utility; C:\windows\system32\Ati2evxx.exe [2008-05-21 671744]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\windows\system32\svchost.exe [2008-01-21 21504]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208]
R2 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2008-06-02 18944]
R2 HpFkCryptService;Drive Encryption Service; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2008-05-30 256512]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2008-05-14 77824]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2008-08-07 24880]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-03-18 73728]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2008-07-11 40999448]
R2 MySQL;MySQL; C:\Program Files\MySQL\MySQL Server 6.0\bin\mysqld-nt --defaults-file=C:\Program Files\MySQL\MySQL Server 6.0\my.ini MySQL []
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 O&O Defrag;O&O Defrag; C:\windows\system32\oodag.exe [2005-05-11 225280]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2008-05-12 576024]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 PnkBstrA;PnkBstrA; C:\windows\system32\PnkBstrA.exe [2008-10-28 66872]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\windows\system32\svchost.exe [2008-01-21 21504]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2008-04-07 241734]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 98840]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\windows\system32\svchost.exe [2008-01-21 21504]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-03-04 621056]
S2 0089741226773579mcinstcleanup;McAfee Application Installer Cleanup (0089741226773579); C:\Users\Dratek\AppData\Local\Temp\008974~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-23 135664]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-02-23 194032]
S2 rpcnetp;rpcnetp; C:\windows\System32\rpcnetp.exe []
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-10-18 72704]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\windows\system32\svchost.exe [2008-01-21 21504]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-02-23 30192]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-02-27 332720]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-11 47128]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-11 369688]
S4 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-07-10 258072]

-----------------EOF-----------------
Nahoru
Dratek
Návštěvník
Návštěvník
Příspěvky: 4
Registrován: 17 bře 2008 20:17

Re: Kontrola logu

#2 Příspěvek od Dratek »

Log z ComboFix:

ComboFix 10-05-07.07 - Dratek 08.05.2010 15:51:52.1.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.1788.896 [GMT 2:00]
Spuštěný z: c:\users\Dratek\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Install.exe
c:\program files\pdfforge Toolbar\SearchSettings.dll
c:\users\Dratek\AppData\Roaming\inst.exe
c:\users\Dratek\AppData\Roaming\PnkBstrB.exe
.
---- Předchozí spuštění -------
.
c:\$recycle.bin\S-1-5-21-1616171370-2119082768-3999185646-500
C:\install.exe
c:\program files\pdfforge Toolbar\SearchSettings.dll
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
c:\users\Dratek\AppData\Roaming\inst.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-04-08 do 2010-05-08 )))))))))))))))))))))))))))))))
.

2010-05-08 14:14 . 2010-05-08 14:19 -------- d-----w- c:\users\Dratek\AppData\Local\temp
2010-05-08 14:14 . 2010-05-08 14:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-05-08 13:38 . 2010-05-08 13:39 -------- d-----w- C:\32788R22FWJFW
2010-04-18 13:42 . 2010-04-12 15:29 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-04-17 13:53 . 2010-02-23 11:10 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-04-17 13:53 . 2010-02-23 11:10 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-04-17 13:53 . 2010-02-23 11:10 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-04-17 13:52 . 2010-02-18 14:07 3548040 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-04-17 13:52 . 2010-02-18 14:07 3600776 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-04-17 13:52 . 2010-03-05 14:01 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-04-17 13:52 . 2010-02-18 14:07 904576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-04-17 13:52 . 2010-02-18 13:30 200704 ----a-w- c:\windows\system32\iphlpsvc.dll
2010-04-17 13:52 . 2010-02-18 11:28 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
2010-04-17 13:50 . 2009-12-23 11:33 172032 ----a-w- c:\windows\system32\wintrust.dll
2010-04-17 13:50 . 2010-01-13 17:34 98304 ----a-w- c:\windows\system32\cabview.dll
2010-04-10 18:35 . 2010-04-10 18:35 -------- d-----w- c:\program files\Activision
2010-04-10 18:08 . 2008-07-31 08:41 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2010-04-10 18:08 . 2008-07-31 08:41 238088 ----a-w- c:\windows\system32\xactengine3_2.dll
2010-04-10 18:08 . 2008-07-31 08:40 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2010-04-10 18:08 . 2008-07-12 06:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2010-04-10 18:08 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2010-04-10 18:08 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2010-04-10 13:30 . 2010-04-10 13:30 -------- d-----w- c:\users\Dratek\AppData\Local\Temp(24)
2010-04-10 10:28 . 2010-04-10 10:30 -------- d-----w- c:\program files\Packet Tracer 5.2

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-08 14:18 . 2008-08-04 13:56 -------- d-----w- c:\programdata\hpqLog
2010-05-08 14:16 . 2008-10-17 23:18 7460 ----a-w- c:\windows\bthservsdp.dat
2010-05-08 14:12 . 2010-03-14 13:48 -------- d-----w- c:\program files\pdfforge Toolbar
2010-05-08 13:50 . 2008-04-17 10:02 702982 ----a-w- c:\windows\system32\perfh005.dat
2010-05-08 13:50 . 2008-04-17 10:02 159906 ----a-w- c:\windows\system32\perfc005.dat
2010-05-06 13:20 . 2008-10-23 11:15 680 ----a-w- c:\users\Dratek\AppData\Local\d3d9caps.dat
2010-04-18 18:58 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-04-18 17:40 . 2009-09-01 13:39 -------- d-----w- c:\users\Dratek\AppData\Roaming\Hamachi
2010-04-18 13:43 . 2008-08-04 15:02 -------- d-----w- c:\program files\Common Files\Java
2010-04-18 13:42 . 2008-08-04 15:02 -------- d-----w- c:\program files\Java
2010-04-17 08:59 . 2008-12-24 19:48 -------- d-----w- c:\program files\Google
2010-04-10 23:35 . 2010-02-23 14:55 -------- d-----w- c:\program files\Spyware Doctor
2010-04-10 23:35 . 2010-01-06 20:55 -------- d-----w- c:\program files\IKEA HomePlanner
2010-04-10 23:35 . 2009-08-14 13:20 -------- d-----w- c:\program files\trend micro
2010-04-10 23:35 . 2010-02-05 15:50 -------- d-----w- c:\program files\Everest Poker
2010-04-10 23:35 . 2009-04-25 16:04 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-04-10 23:34 . 2010-02-23 14:55 -------- d-----w- c:\program files\Common Files\PC Tools
2010-04-10 18:35 . 2008-08-04 14:12 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-10 10:49 . 2009-12-05 17:44 -------- d-----w- c:\program files\Remote Desktop Control 2
2010-04-10 10:49 . 2009-12-05 17:44 -------- d-----w- c:\programdata\Remote Desktop Control 2
2010-04-01 07:15 . 2010-04-01 07:15 -------- d-----w- c:\program files\Creative
2010-03-29 16:39 . 2008-10-17 17:32 -------- d-----w- c:\program files\The KMPlayer
2010-03-17 10:53 . 2010-03-17 10:53 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2010-03-14 13:49 . 2010-03-14 13:47 -------- d-----w- c:\program files\PDFCreator
2010-03-14 13:48 . 2010-03-14 13:48 -------- d-----w- c:\program files\Application Updater
2010-03-10 20:10 . 2010-03-10 20:10 -------- d-----w- c:\program files\Advanced Port Scanner
2010-02-27 09:53 . 2008-10-17 14:47 107680 ----a-w- c:\users\Dratek\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-24 08:16 . 2009-10-03 13:43 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-23 06:39 . 2010-03-31 16:25 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-23 06:33 . 2010-03-31 16:25 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-02-23 06:33 . 2010-03-31 16:24 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-02-23 04:55 . 2010-03-31 16:25 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-02-13 10:47 . 2010-02-13 10:23 6656 ----a-w- c:\windows\system32\bcmwlrc.dll
2010-02-13 10:23 . 2010-02-13 10:23 3555328 ----a-w- c:\windows\system32\bcmihvui.dll
2010-02-13 10:23 . 2010-02-13 10:23 2661368 ----a-w- c:\windows\system32\drivers\BCMWL6.SYS
2010-02-13 10:23 . 2008-03-21 18:35 91376 ----a-w- c:\windows\system32\bcmwlcoi.dll
2010-02-13 10:23 . 2008-03-21 18:35 3866624 ----a-w- c:\windows\system32\bcmihvsrv.dll
2010-02-12 10:32 . 2010-03-07 10:07 293376 ----a-w- c:\windows\system32\browserchoice.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
2010-01-08 02:17 700416 ----a-w- c:\program files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{B922D405-6D13-4A2B-AE89-08A030DA4402}"= "c:\program files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll" [2010-01-08 700416]

[HKEY_CLASSES_ROOT\clsid\{b922d405-6d13-4a2b-ae89-08a030da4402}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-03-18 2289664]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-12-03 1205760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe" [2007-05-15 293168]
"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2008-06-02 238984]
"CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2008-05-21 24848]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2008-05-12 318488]
"File Sanitizer"="c:\program files\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2008-05-14 10244096]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-05-14 177456]
"WatchDog"="c:\program files\InterVideo\DVD Check\DVDCheck.exe" [2008-05-24 197904]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-29 1545512]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-04-04 1314816]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-02-23 30192]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-02-23 198160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"SearchSettings"="c:\program files\pdfforge Toolbar\SearchSettings.exe" [2010-01-08 974848]

c:\users\Dratek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-10-4 393216]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-5-13 727592]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\APSHook.dll c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll c:\windows\System32\APSHook.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):cb,18,ac,29,de,3d,ca,01

R2 0089741226773579mcinstcleanup;McAfee Application Installer Cleanup (0089741226773579);c:\users\Dratek\AppData\Local\Temp\008974~1.EXE [x]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-23 135664]
R2 rpcnetp;rpcnetp;c:\windows\System32\rpcnetp.exe [x]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 GarenaPEngine;GarenaPEngine;c:\users\Dratek\AppData\Local\Temp\YMBB598.tmp [x]
R3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-02-23 30192]
R3 nhcNT_driver;Notebook Hardware Control NT Driver;c:\windows\system32\drivers\nhcNT.sys [2008-10-22 8960]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-06 34064]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-11 47128]
R4 RsFx0102;RsFx0102 Driver;c:\windows\system32\DRIVERS\RsFx0102.sys [2008-07-10 242712]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-11 369688]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2008-10-18 717296]
S1 aswSP;avast! Self Protection; [x]
S1 RsvLock;RsvLock; [x]
S2 accoca;ActivClient Middleware Service;c:\program files\ActivIdentity\ActivClient\accoca.exe [2007-05-15 182576]
S2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [2010-01-07 380928]
S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-09-15 53328]
S2 HP ProtectTools Service;HP ProtectTools Service;c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2008-06-02 18944]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2008-05-30 256512]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2008-05-14 77824]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2008-08-07 24880]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2008-05-12 576024]
S3 CamSpaceBus;CamSpace Virtual Joystick Bus device driver;c:\windows\system32\drivers\CamSpaceBus.sys [2008-08-24 14848]
S3 CamSpaceJoy;CamSpace Virtual Joystick device driver;c:\windows\system32\drivers\CamSpaceJoy.sys [2008-08-24 30464]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
Cognizance REG_MULTI_SZ ASBroker ASChannel
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-03-18 00:56 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2010-05-08 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-12-24 14:44]

2010-05-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-23 14:46]

2010-05-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-23 14:46]

2010-05-07 c:\windows\Tasks\HPCeeScheduleForDratek.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-08-04 22:07]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.bsplayer-search.com/startpage
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=cs_us&c=83&bd=all&pf=cmnb
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Stáhnout Free Download Managerem - file://c:\program files\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files\Free Download Manager\dlall.htm
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-Run-RemoconCon - (no file)
AddRemove-AMX Mod X Installer - c:\program files\Valve\cstrike\AMX Mod X\uninst.exe



**************************************************************************
skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory:

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\users\Dratek\AppData\Local\Temp\YMBB598.tmp"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MySQL]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 6.0\bin\mysqld-nt\" --defaults-file=\"c:\program files\MySQL\MySQL Server 6.0\my.ini\" MySQL"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-525858922-2813100890-1550418856-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{68A0E644-26B9-E2FD-7C9B-C877E851A57E}*]
"iaknjigonbmmfinaje"=hex:6a,61,6e,61,62,6a,68,69,6c,63,69,61,64,66,6f,6c,65,69,
66,6a,00,fa
"haemgkjlioiheiie"=hex:6a,61,62,62,65,69,66,6c,6e,6f,6c,68,6d,69,67,6c,66,67,
6c,63,00,fa
"halmkbocbohnekdc"=hex:66,61,6d,61,6f,68,6d,6a,66,6b,68,62,00,f6

[HKEY_USERS\S-1-5-21-525858922-2813100890-1550418856-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:a9,dd,a9,42,1b,4e,89,06,74,d4,38,56,81,dd,7d,28,87,ad,ca,9f,2a,7f,17,
64,73,97,c0,0a,ff,dc,30,6b,ca,4b,67,84,b1,4e,2d,7f,af,58,b1,3f,5c,20,8c,35,\
"??"=hex:7a,43,fd,85,f6,f5,b9,17,2c,ce,f5,4c,17,b5,8e,d8

[HKEY_USERS\S-1-5-21-525858922-2813100890-1550418856-1004\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:a8,13,3e,d6,88,8e,6a,d6,4c,64,98,d2,b4,09,4c,e7,c4,67,73,d0,4f,
ea,ac,fd,fb,99,0c,ad,8d,84,44,85,39,7a,ce,b7,95,39,f3,07,c8,8f,cd,b3,7d,e8,\
"rkeysecu"=hex:96,3c,2f,93,de,0b,09,70,47,11,72,00,72,3a,3a,26

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(5072)
c:\program files\Hewlett-Packard\IAM\Bin\ItClient.dll
c:\windows\system32\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\program files\Microsoft Virtual PC\VPCShExH.DLL
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\WLANExt.exe
c:\program files\Hewlett-Packard\IAM\Bin\AsGHost.exe
c:\program files\Google\Update\1.2.183.23\GoogleCrashHandler.exe
c:\windows\system32\AEADISRV.EXE
c:\windows\system32\agrsmsvc.exe
c:\program files\ActivIdentity\ActivClient\acevents.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\program files\MySQL\MySQL Server 6.0\bin\mysqld-nt.exe
c:\windows\system32\oodag.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\conime.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
.
**************************************************************************
.
Celkový čas: 2010-05-08 16:32:25 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-05-08 14:32

Před spuštěním: Volných bajtů: 13 451 235 328
Po spuštění: Volných bajtů: 11 789 946 880

- - End Of File - - E870BA601BB9D81CC8E4BB86B8950A91
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Kontrola logu

#3 Příspěvek od motji »

Dobrý večer :)

Garenu používáte?
Jak to ted vypadá s počítačem?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Dratek
Návštěvník
Návštěvník
Příspěvky: 4
Registrován: 17 bře 2008 20:17

Re: Kontrola logu

#4 Příspěvek od Dratek »

Garenu uz nepouzivam pocitac v pohode obcas pracuje pomaleji..
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Kontrola logu

#5 Příspěvek od motji »

:arrow: Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

Driver::
GarenaPEngine
0089741226773579mcinstcleanup

File::
c:\users\Dratek\AppData\Local\Temp\YMBB598.tmp

Folder::
c:\program files\pdfforge Toolbar

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{B922D405-6D13-4A2B-AE89-08A030DA4402}"=-
[-HKEY_CLASSES_ROOT\clsid\{b922d405-6d13-4a2b-ae89-08a030da4402}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"SearchSettings"=-

Regnull::
[HKEY_USERS\S-1-5-21-525858922-2813100890-1550418856-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{68A0E644-26B9-E2FD-7C9B-C877E851A57E}*]

Reglock::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]

Extra::

DDS::
uStart Page = hxxp://www.bsplayer-search.com/startpage
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... ll&pf=cmnb
-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:

Obrázek


-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Kontrola logu

#6 Příspěvek od motji »

Jak to tu vypadá? :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Odpovědět

Zpět na „Preventivní kontroly logů“