Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Vytizeny CPU, prosim o kontrolu logu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
hal
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 05 srp 2010 23:24

Vytizeny CPU, prosim o kontrolu logu

#1 Příspěvek od hal »

svchost.exe bere vetsinu vykonu procesoru.
Predem vrele diky.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Halba at 2010-08-05 22:23:33
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 3 GB (8%) free of 40 GB
Total RAM: 3062 MB (78% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:23:49, on 5.8.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\OrCAD\license_manager\lmgrd.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\OrCAD\license_manager\lmgrd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\programs\altera\91sp2\quartus\bin\jtagserver.exe
C:\WINDOWS\system32\lkcitdl.exe
C:\WINDOWS\system32\lkads.exe
C:\OrCAD\license_manager\cdslmd.exe
C:\WINDOWS\system32\lktsrv.exe
C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
C:\WINDOWS\system32\nisvcloc.exe
C:\Program Files\Kerio\Personal Firewall\persfw.exe
C:\WINDOWS\system32\CNAB4RPK.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\SCROLL~1\MouseElf.EXE
C:\WINDOWS\System32\igfxsrvc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Launch Manager\WisLMSvc.exe
C:\WINDOWS\vVX1000.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\Orca Browser\orca.exe
C:\Program Files\Totalcmd 6.01\TOTALCMD.EXE
C:\WINDOWS\system32\taskmgr.exe
d:\Downloads\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\Halba.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cpinvest.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.251:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Halba\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Halba\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [Wbutton] C:\Program Files\Launch Manager\WButton.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [mouseElf] C:\PROGRA~1\SCROLL~1\MouseElf.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: updpxe32.exe
O4 - Global Startup: MonacoGamma.lnk = C:\Program Files\Monaco Systems\MonacoOPTIX 2.0\MonacoGamma.exe
O4 - Global Startup: MonacoReminder.lnk = ?
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O16 - DPF: Yahoo! Chess - http://origin.games.yahoo.net/games/clients/y/ct5_x.cab
O16 - DPF: {8ACDC08B-DC64-4613-97F2-299B65F66E1D} (DigiMeldOcx Control) - http://www.digimeld.com/download/digimeldOcx.CAB
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing)
O23 - Service: Cadence License Manager - Macrovision Corporation - C:\OrCAD\license_manager\lmgrd.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c98cf8638dc1c) (gupdate1c98cf8638dc1c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Altera JTAG Server (JTAGServer) - Unknown owner - c:\programs\altera\91sp2\quartus\bin\jtagserver.exe
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\WINDOWS\system32\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments, Inc. - C:\WINDOWS\system32\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments, Inc. - C:\WINDOWS\system32\lktsrv.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\programs\MATLAB\webserver\bin\win32\matlabserver.exe
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments, Inc. - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NILM License Manager - Macrovision Corporation - C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corp. - C:\WINDOWS\system32\nisvcloc.exe
O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall\persfw.exe
O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe

--
End of file - 12804 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\SDMsgUpdate (SD).job
C:\WINDOWS\tasks\WGASetup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-07-23 1241552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-08-24 329312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Halba\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-12 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-07-23 1241552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\System32\igfxtray.exe [2007-04-20 142104]
"HotKeysCmds"=C:\WINDOWS\System32\hkcmd.exe [2007-04-20 162584]
"Persistence"=C:\WINDOWS\System32\igfxpers.exe [2007-04-20 138008]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-10-23 815104]
"HotkeyApp"=C:\Program Files\Launch Manager\HotkeyApp.exe [2007-04-26 192512]
"CtrlVol"=C:\Program Files\Launch Manager\CtrlVol.exe []
"Wbutton"=C:\Program Files\Launch Manager\WButton.exe []
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"mouseElf"=C:\PROGRA~1\SCROLL~1\MouseElf.EXE [2005-12-16 438364]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"LaunchAp"=C:\Program Files\Launch Manager\LaunchAp.exe []
"LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2007-05-17 279912]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-08-24 198160]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
"VX1000"=C:\WINDOWS\vVX1000.exe [2007-04-10 709992]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-10-07 1461080]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"Uniblue RegistryBooster 2"=C:\Program Files\RegistryBooster 2\RegistryBooster.exe /S []
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Free Download Manager"=C:\Program Files\Free Download Manager\fdm.exe [2009-01-31 3399727]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\Wcescomm.exe [2006-11-13 1289000]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
MonacoGamma.lnk - C:\Program Files\Monaco Systems\MonacoOPTIX 2.0\MonacoGamma.exe
MonacoReminder.lnk - C:\Program Files\Monaco Systems\MonacoOPTIX 2.0\Monaco Reminder.exe

C:\Documents and Settings\Halba\Nabídka Start\Programy\Po spuštění
updpxe32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-04-16 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digiwet.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0xB1000000
"NoDriveAutoRun"=0xF0030000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\InterVideo\DVD5\WinDVD.exe"="C:\Program Files\InterVideo\DVD5\WinDVD.exe:*:Enabled:WinDVD"
"C:\Programs\OrCAD\tools\bin\cdsMsgServer.exe"="C:\Programs\OrCAD\tools\bin\cdsMsgServer.exe:*:Enabled:cdsMsgServer"
"C:\Programs\OrCAD\tools\bin\cdsNameServer.exe"="C:\Programs\OrCAD\tools\bin\cdsNameServer.exe:*:Enabled:cdsNameServer"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe"
"C:\Program Files\Microsoft LifeCam\LifeExp.exe"="C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\OrCAD\OrCAD_16.0\tools\bin\cdnshelp.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\cdnshelp.exe:*:Enabled:cdnshelp (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\cdsinfo.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\cdsinfo.exe:*:Enabled:cdsinfo (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\cdsmps.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\cdsmps.exe:*:Enabled:cdsmps (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\cdsMsgServer.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\cdsMsgServer.exe:*:Enabled:cdsMsgServer (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\cdsNameServer.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\cdsNameServer.exe:*:Enabled:cdsNameServer (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\cdsOaPathUtil.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\cdsOaPathUtil.exe:*:Enabled:cdsOaPathUtil (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\cdsRemote.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\cdsRemote.exe:*:Enabled:cdsRemote (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\cdsRemshClient.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\cdsRemshClient.exe:*:Enabled:cdsRemshClient (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\cdsRunHidden.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\cdsRunHidden.exe:*:Enabled:cdsRunHidden (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\cdsServIpc.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\cdsServIpc.exe:*:Enabled:cdsServIpc (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\cdsUnzip.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\cdsUnzip.exe:*:Enabled:cdsUnzip (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\cdswhich.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\cdswhich.exe:*:Enabled:cdswhich (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\cdsZip.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\cdsZip.exe:*:Enabled:cdsZip (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\cds_root.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\cds_root.exe:*:Enabled:cds_root (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\clsAdminTool.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\clsAdminTool.exe:*:Enabled:clsAdminTool (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\clsbd.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\clsbd.exe:*:Enabled:clsbd (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\clu.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\clu.exe:*:Enabled:clu (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\cmfeedback.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\cmfeedback.exe:*:Enabled:cmfeedback (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\consmgr.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\consmgr.exe:*:Enabled:consmgr (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\dregprint.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\dregprint.exe:*:Enabled:dregprint (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\emsMkError.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\emsMkError.exe:*:Enabled:emsMkError (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\mpsinfo.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\mpsinfo.exe:*:Enabled:mpsinfo (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\msgHelp.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\msgHelp.exe:*:Enabled:msgHelp (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\nmp.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\nmp.exe:*:Enabled:nmp (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\nmppath.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\nmppath.exe:*:Enabled:nmppath (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\switchversion.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\switchversion.exe:*:Enabled:switchversion (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\van.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\van.exe:*:Enabled:van (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\versionviewer.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\versionviewer.exe:*:Enabled:versionviewer (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\capture\capture.exe"="C:\OrCAD\OrCAD_16.0\tools\capture\capture.exe:*:Enabled:capture (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\capture\comp16.exe"="C:\OrCAD\OrCAD_16.0\tools\capture\comp16.exe:*:Enabled:comp16 (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\capture\pcadi.exe"="C:\OrCAD\OrCAD_16.0\tools\capture\pcadi.exe:*:Enabled:pcadi (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\capture\pspiceexplorersrvr.exe"="C:\OrCAD\OrCAD_16.0\tools\capture\pspiceexplorersrvr.exe:*:Enabled:pspiceexplorersrvr (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\capture\pstswp.exe"="C:\OrCAD\OrCAD_16.0\tools\capture\pstswp.exe:*:Enabled:pstswp (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\capture\regsvr32.exe"="C:\OrCAD\OrCAD_16.0\tools\capture\regsvr32.exe:*:Enabled:regsvr32 (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\capture\sch2cap.exe"="C:\OrCAD\OrCAD_16.0\tools\capture\sch2cap.exe:*:Enabled:sch2cap (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\capture\tutorial\CAPTUTOR.EXE"="C:\OrCAD\OrCAD_16.0\tools\capture\tutorial\CAPTUTOR.EXE:*:Enabled:CAPTUTOR (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\cdnshelp\bin\cdnshelp.exe"="C:\OrCAD\OrCAD_16.0\tools\cdnshelp\bin\cdnshelp.exe:*:Enabled:cdnshelp (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\cdnshelp\bin\topicgen.exe"="C:\OrCAD\OrCAD_16.0\tools\cdnshelp\bin\topicgen.exe:*:Enabled:topicgen (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\cdnshelp\bin\_cdnshelp.exe"="C:\OrCAD\OrCAD_16.0\tools\cdnshelp\bin\_cdnshelp.exe:*:Enabled:_cdnshelp (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\dfII\bin\skill.exe"="C:\OrCAD\OrCAD_16.0\tools\dfII\bin\skill.exe:*:Enabled:skill (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\dfII\bin\skill_g.exe"="C:\OrCAD\OrCAD_16.0\tools\dfII\bin\skill_g.exe:*:Enabled:skill_g (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\fet\bin\bodygen.exe"="C:\OrCAD\OrCAD_16.0\tools\fet\bin\bodygen.exe:*:Enabled:bodygen (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\fet\bin\cpmaccess.exe"="C:\OrCAD\OrCAD_16.0\tools\fet\bin\cpmaccess.exe:*:Enabled:cpmaccess (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\fet\bin\libaccess.exe"="C:\OrCAD\OrCAD_16.0\tools\fet\bin\libaccess.exe:*:Enabled:libaccess (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\fet\bin\lrm.exe"="C:\OrCAD\OrCAD_16.0\tools\fet\bin\lrm.exe:*:Enabled:lrm (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\fet\bin\mkdefcfg.exe"="C:\OrCAD\OrCAD_16.0\tools\fet\bin\mkdefcfg.exe:*:Enabled:mkdefcfg (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\fet\bin\newgenasym.exe"="C:\OrCAD\OrCAD_16.0\tools\fet\bin\newgenasym.exe:*:Enabled:newgenasym (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\fet\bin\pcbCache.exe"="C:\OrCAD\OrCAD_16.0\tools\fet\bin\pcbCache.exe:*:Enabled:pcbCache (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\fet\bin\projmgr.exe"="C:\OrCAD\OrCAD_16.0\tools\fet\bin\projmgr.exe:*:Enabled:projmgr (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\fet\bin\psetup.exe"="C:\OrCAD\OrCAD_16.0\tools\fet\bin\psetup.exe:*:Enabled:psetup (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\fet\bin\purge.exe"="C:\OrCAD\OrCAD_16.0\tools\fet\bin\purge.exe:*:Enabled:purge (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\fet\bin\QPSetup.exe"="C:\OrCAD\OrCAD_16.0\tools\fet\bin\QPSetup.exe:*:Enabled:QPSetup (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\fet\bin\rollback.exe"="C:\OrCAD\OrCAD_16.0\tools\fet\bin\rollback.exe:*:Enabled:rollback (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\fet\bin\UniversalBrowser.exe"="C:\OrCAD\OrCAD_16.0\tools\fet\bin\UniversalBrowser.exe:*:Enabled:UniversalBrowser (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\fet\bin\versiontool.exe"="C:\OrCAD\OrCAD_16.0\tools\fet\bin\versiontool.exe:*:Enabled:versiontool (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\java.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\java.exe:*:Enabled:java (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\javacpl.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\javacpl.exe:*:Enabled:javacpl (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\javaw.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\javaw.exe:*:Enabled:javaw (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\javaws.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\javaws.exe:*:Enabled:javaws (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\jucheck.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\jucheck.exe:*:Enabled:jucheck (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\jusched.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\jusched.exe:*:Enabled:jusched (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\keytool.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\keytool.exe:*:Enabled:keytool (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\kinit.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\kinit.exe:*:Enabled:kinit (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\klist.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\klist.exe:*:Enabled:klist (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\ktab.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\ktab.exe:*:Enabled:ktab (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\orbd.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\orbd.exe:*:Enabled:orbd (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\pack200.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\pack200.exe:*:Enabled:pack200 (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\policytool.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\policytool.exe:*:Enabled:policytool (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\rmid.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\rmid.exe:*:Enabled:rmid (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\rmiregistry.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\rmiregistry.exe:*:Enabled:rmiregistry (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\servertool.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\servertool.exe:*:Enabled:servertool (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\tnameserv.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\tnameserv.exe:*:Enabled:tnameserv (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\unpack200.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\unpack200.exe:*:Enabled:unpack200 (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\fvupdateutil.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\fvupdateutil.exe:*:Enabled:fvupdateutil (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\gcad.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\gcad.exe:*:Enabled:gcad (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\gcam.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\gcam.exe:*:Enabled:gcam (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\gcdin.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\gcdin.exe:*:Enabled:gcdin (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\idfin.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\idfin.exe:*:Enabled:idfin (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\ipc356.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\ipc356.exe:*:Enabled:ipc356 (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\layout.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\layout.exe:*:Enabled:layout (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\libcat.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\libcat.exe:*:Enabled:libcat (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\lsession.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\lsession.exe:*:Enabled:lsession (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\max2hyp.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\max2hyp.exe:*:Enabled:max2hyp (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\maxascb.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\maxascb.exe:*:Enabled:maxascb (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\maxascx.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\maxascx.exe:*:Enabled:maxascx (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\maxdxf.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\maxdxf.exe:*:Enabled:maxdxf (Release OrCAD 16.0)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\OrCAD\OrCAD_16.0\tools\bin\cdnshelp.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\cdnshelp.exe:*:Enabled:cdnshelp (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\cdsinfo.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\cdsinfo.exe:*:Enabled:cdsinfo (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\cdsmps.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\cdsmps.exe:*:Enabled:cdsmps (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\cdsMsgServer.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\cdsMsgServer.exe:*:Enabled:cdsMsgServer (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\cdsNameServer.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\cdsNameServer.exe:*:Enabled:cdsNameServer (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\cdsOaPathUtil.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\cdsOaPathUtil.exe:*:Enabled:cdsOaPathUtil (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\cdsRemote.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\cdsRemote.exe:*:Enabled:cdsRemote (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\cdsRemshClient.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\cdsRemshClient.exe:*:Enabled:cdsRemshClient (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\cdsRunHidden.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\cdsRunHidden.exe:*:Enabled:cdsRunHidden (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\cdsServIpc.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\cdsServIpc.exe:*:Enabled:cdsServIpc (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\cdsUnzip.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\cdsUnzip.exe:*:Enabled:cdsUnzip (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\cdswhich.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\cdswhich.exe:*:Enabled:cdswhich (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\cdsZip.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\cdsZip.exe:*:Enabled:cdsZip (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\cds_root.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\cds_root.exe:*:Enabled:cds_root (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\clsAdminTool.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\clsAdminTool.exe:*:Enabled:clsAdminTool (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\clsbd.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\clsbd.exe:*:Enabled:clsbd (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\clu.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\clu.exe:*:Enabled:clu (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\cmfeedback.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\cmfeedback.exe:*:Enabled:cmfeedback (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\consmgr.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\consmgr.exe:*:Enabled:consmgr (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\dregprint.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\dregprint.exe:*:Enabled:dregprint (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\emsMkError.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\emsMkError.exe:*:Enabled:emsMkError (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\mpsinfo.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\mpsinfo.exe:*:Enabled:mpsinfo (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\msgHelp.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\msgHelp.exe:*:Enabled:msgHelp (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\nmp.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\nmp.exe:*:Enabled:nmp (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\nmppath.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\nmppath.exe:*:Enabled:nmppath (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\switchversion.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\switchversion.exe:*:Enabled:switchversion (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\van.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\van.exe:*:Enabled:van (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\bin\versionviewer.exe"="C:\OrCAD\OrCAD_16.0\tools\bin\versionviewer.exe:*:Enabled:versionviewer (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\capture\capture.exe"="C:\OrCAD\OrCAD_16.0\tools\capture\capture.exe:*:Enabled:capture (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\capture\comp16.exe"="C:\OrCAD\OrCAD_16.0\tools\capture\comp16.exe:*:Enabled:comp16 (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\capture\pcadi.exe"="C:\OrCAD\OrCAD_16.0\tools\capture\pcadi.exe:*:Enabled:pcadi (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\capture\pspiceexplorersrvr.exe"="C:\OrCAD\OrCAD_16.0\tools\capture\pspiceexplorersrvr.exe:*:Enabled:pspiceexplorersrvr (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\capture\pstswp.exe"="C:\OrCAD\OrCAD_16.0\tools\capture\pstswp.exe:*:Enabled:pstswp (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\capture\regsvr32.exe"="C:\OrCAD\OrCAD_16.0\tools\capture\regsvr32.exe:*:Enabled:regsvr32 (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\capture\sch2cap.exe"="C:\OrCAD\OrCAD_16.0\tools\capture\sch2cap.exe:*:Enabled:sch2cap (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\capture\tutorial\CAPTUTOR.EXE"="C:\OrCAD\OrCAD_16.0\tools\capture\tutorial\CAPTUTOR.EXE:*:Enabled:CAPTUTOR (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\cdnshelp\bin\cdnshelp.exe"="C:\OrCAD\OrCAD_16.0\tools\cdnshelp\bin\cdnshelp.exe:*:Enabled:cdnshelp (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\cdnshelp\bin\topicgen.exe"="C:\OrCAD\OrCAD_16.0\tools\cdnshelp\bin\topicgen.exe:*:Enabled:topicgen (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\cdnshelp\bin\_cdnshelp.exe"="C:\OrCAD\OrCAD_16.0\tools\cdnshelp\bin\_cdnshelp.exe:*:Enabled:_cdnshelp (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\dfII\bin\skill.exe"="C:\OrCAD\OrCAD_16.0\tools\dfII\bin\skill.exe:*:Enabled:skill (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\dfII\bin\skill_g.exe"="C:\OrCAD\OrCAD_16.0\tools\dfII\bin\skill_g.exe:*:Enabled:skill_g (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\fet\bin\bodygen.exe"="C:\OrCAD\OrCAD_16.0\tools\fet\bin\bodygen.exe:*:Enabled:bodygen (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\fet\bin\cpmaccess.exe"="C:\OrCAD\OrCAD_16.0\tools\fet\bin\cpmaccess.exe:*:Enabled:cpmaccess (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\fet\bin\libaccess.exe"="C:\OrCAD\OrCAD_16.0\tools\fet\bin\libaccess.exe:*:Enabled:libaccess (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\fet\bin\lrm.exe"="C:\OrCAD\OrCAD_16.0\tools\fet\bin\lrm.exe:*:Enabled:lrm (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\fet\bin\mkdefcfg.exe"="C:\OrCAD\OrCAD_16.0\tools\fet\bin\mkdefcfg.exe:*:Enabled:mkdefcfg (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\fet\bin\newgenasym.exe"="C:\OrCAD\OrCAD_16.0\tools\fet\bin\newgenasym.exe:*:Enabled:newgenasym (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\fet\bin\pcbCache.exe"="C:\OrCAD\OrCAD_16.0\tools\fet\bin\pcbCache.exe:*:Enabled:pcbCache (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\fet\bin\projmgr.exe"="C:\OrCAD\OrCAD_16.0\tools\fet\bin\projmgr.exe:*:Enabled:projmgr (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\fet\bin\psetup.exe"="C:\OrCAD\OrCAD_16.0\tools\fet\bin\psetup.exe:*:Enabled:psetup (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\fet\bin\purge.exe"="C:\OrCAD\OrCAD_16.0\tools\fet\bin\purge.exe:*:Enabled:purge (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\fet\bin\QPSetup.exe"="C:\OrCAD\OrCAD_16.0\tools\fet\bin\QPSetup.exe:*:Enabled:QPSetup (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\fet\bin\rollback.exe"="C:\OrCAD\OrCAD_16.0\tools\fet\bin\rollback.exe:*:Enabled:rollback (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\fet\bin\UniversalBrowser.exe"="C:\OrCAD\OrCAD_16.0\tools\fet\bin\UniversalBrowser.exe:*:Enabled:UniversalBrowser (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\fet\bin\versiontool.exe"="C:\OrCAD\OrCAD_16.0\tools\fet\bin\versiontool.exe:*:Enabled:versiontool (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\java.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\java.exe:*:Enabled:java (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\javacpl.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\javacpl.exe:*:Enabled:javacpl (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\javaw.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\javaw.exe:*:Enabled:javaw (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\javaws.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\javaws.exe:*:Enabled:javaws (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\jucheck.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\jucheck.exe:*:Enabled:jucheck (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\jusched.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\jusched.exe:*:Enabled:jusched (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\keytool.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\keytool.exe:*:Enabled:keytool (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\kinit.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\kinit.exe:*:Enabled:kinit (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\klist.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\klist.exe:*:Enabled:klist (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\ktab.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\ktab.exe:*:Enabled:ktab (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\orbd.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\orbd.exe:*:Enabled:orbd (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\pack200.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\pack200.exe:*:Enabled:pack200 (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\policytool.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\policytool.exe:*:Enabled:policytool (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\rmid.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\rmid.exe:*:Enabled:rmid (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\rmiregistry.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\rmiregistry.exe:*:Enabled:rmiregistry (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\servertool.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\servertool.exe:*:Enabled:servertool (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\tnameserv.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\tnameserv.exe:*:Enabled:tnameserv (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\jre\bin\unpack200.exe"="C:\OrCAD\OrCAD_16.0\tools\jre\bin\unpack200.exe:*:Enabled:unpack200 (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\fvupdateutil.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\fvupdateutil.exe:*:Enabled:fvupdateutil (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\gcad.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\gcad.exe:*:Enabled:gcad (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\gcam.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\gcam.exe:*:Enabled:gcam (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\gcdin.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\gcdin.exe:*:Enabled:gcdin (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\idfin.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\idfin.exe:*:Enabled:idfin (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\ipc356.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\ipc356.exe:*:Enabled:ipc356 (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\layout.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\layout.exe:*:Enabled:layout (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\libcat.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\libcat.exe:*:Enabled:libcat (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\lsession.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\lsession.exe:*:Enabled:lsession (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\max2hyp.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\max2hyp.exe:*:Enabled:max2hyp (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\maxascb.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\maxascb.exe:*:Enabled:maxascb (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\maxascx.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\maxascx.exe:*:Enabled:maxascx (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\maxdxf.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\maxdxf.exe:*:Enabled:maxdxf (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\maxeco.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\maxeco.exe:*:Enabled:maxeco (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\maxfnetx.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\maxfnetx.exe:*:Enabled:maxfnetx (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\maxminb.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\maxminb.exe:*:Enabled:maxminb (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\maxminw.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\maxminw.exe:*:Enabled:maxminw (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\maxminx.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\maxminx.exe:*:Enabled:maxminx (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\maxorcad.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\maxorcad.exe:*:Enabled:maxorcad (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\maxp99x.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\maxp99x.exe:*:Enabled:maxp99x (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\maxpadb.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\maxpadb.exe:*:Enabled:maxpadb (Release OrCAD 16.0)"
"C:\OrCAD\OrCAD_16.0\tools\layout\maxpadx.exe"="C:\OrCAD\OrCAD_16.0\tools\layout\maxpadx.exe:*:Enabled:maxpadx (Release OrCAD 16.0)"

======File associations======

.txt - open - C:\PROGRA~1\PSPADE~1\PSPad.exe "%1"

======List of files/folders created in the last 1 months======

2010-08-05 22:23:33 ----D---- C:\rsit
2010-08-05 22:23:33 ----D---- C:\Program Files\trend micro
2010-08-05 20:51:40 ----D---- C:\Program Files\Crawler
2010-08-03 08:27:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2010-08-03 08:15:14 ----D---- C:\Documents and Settings\Halba\Data aplikací\ElevatedDiagnostics
2010-08-03 08:12:39 ----D---- C:\WINDOWS\system32\windowspowershell
2010-08-03 08:12:24 ----HDC---- C:\WINDOWS\$NtUninstallKB926139-v2$
2010-07-30 15:27:06 ----D---- C:\Program Files\ASF-AVI-RM-WMV Repair
2010-07-28 15:21:16 ----SHD---- C:\Config.Msi
2010-07-27 11:18:40 ----D---- C:\Documents and Settings\Halba\Data aplikací\hte
2010-07-26 23:35:58 ----A---- C:\WINDOWS\system32\drivers\pgdhdlc.sys
2010-07-25 23:29:41 ----D---- C:\WINDOWS\A4W_DATA
2010-07-25 23:29:41 ----A---- C:\WINDOWS\A4W.INI
2010-07-25 18:00:10 ----A---- C:\WINDOWS\system32\RWUXThemeSU.dll
2010-07-25 17:54:57 ----A---- C:\WINDOWS\ODBC.INI
2010-07-25 17:44:45 ----D---- C:\OrCAD_Data
2010-07-25 17:39:06 ----A---- C:\WINDOWS\system32\lmgr326b.dll
2010-07-25 17:38:50 ----D---- C:\OrCAD
2010-07-23 14:50:35 ----D---- C:\Program Files\uTorrent
2010-07-23 14:50:05 ----D---- C:\Documents and Settings\Halba\Data aplikací\uTorrent
2010-07-18 08:57:21 ----D---- C:\WINDOWS\system32\URTTEMP
2010-07-17 18:49:57 ----A---- C:\WINDOWS\system32\usbblstrui.dll
2010-07-17 18:49:57 ----A---- C:\WINDOWS\system32\usbblstrlang.dll
2010-07-17 18:49:57 ----A---- C:\WINDOWS\system32\usbblstr32.dll
2010-07-17 18:49:57 ----A---- C:\WINDOWS\system32\drivers\usbblstr.sys
2010-07-14 19:47:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2010-07-13 08:30:38 ----D---- C:\Program Files\rajce
Nahoru
hal
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 05 srp 2010 23:24

Re: Vytizeny CPU, prosim o kontrolu logu

#2 Příspěvek od hal »

druha cast logu:

======List of files/folders modified in the last 1 months======

2010-08-05 22:23:41 ----D---- C:\WINDOWS\Temp
2010-08-05 22:23:33 ----D---- C:\Program Files
2010-08-05 22:23:06 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-08-05 22:23:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-08-05 22:22:19 ----D---- C:\Documents and Settings\Halba\Data aplikací\Free Download Manager
2010-08-05 21:36:12 ----A---- C:\WINDOWS\WINCMD.INI
2010-08-05 21:29:15 ----D---- C:\WINDOWS\Prefetch
2010-08-05 21:19:05 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-05 21:18:57 ----D---- C:\Documents and Settings\Halba\Data aplikací\Skype
2010-08-05 21:18:48 ----D---- C:\WINDOWS\system32\drivers
2010-08-05 18:10:03 ----A---- C:\WINDOWS\wdict32.INI
2010-08-03 18:17:41 ----D---- C:\Program Files\BSplayer
2010-08-03 14:36:35 ----A---- C:\WINDOWS\capture.INI
2010-08-03 08:37:33 ----D---- C:\WINDOWS
2010-08-03 08:35:02 ----D---- C:\WINDOWS\Microsoft.NET
2010-08-03 08:35:01 ----RSD---- C:\WINDOWS\assembly
2010-08-03 08:31:22 ----HD---- C:\WINDOWS\inf
2010-08-03 08:31:20 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-03 08:29:39 ----D---- C:\WINDOWS\system32
2010-08-03 08:28:20 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-03 08:27:47 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-03 08:26:07 ----HD---- C:\WINDOWS\$hf_mig$
2010-08-03 08:19:04 ----D---- C:\WINDOWS\AppPatch
2010-08-03 08:13:21 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-08-03 08:13:09 ----A---- C:\WINDOWS\imsins.BAK
2010-08-03 08:12:51 ----D---- C:\WINDOWS\system32\config
2010-07-30 15:24:42 ----D---- C:\Programs
2010-07-29 16:41:55 ----A---- C:\WINDOWS\cvavr.ini
2010-07-28 15:56:29 ----D---- C:\Documents and Settings
2010-07-28 15:42:30 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-28 15:35:57 ----D---- C:\Program Files\FOTOSVET Schlecker
2010-07-28 15:35:22 ----SHD---- C:\WINDOWS\Installer
2010-07-28 15:35:21 ----D---- C:\Program Files\Common Files
2010-07-28 15:25:54 ----D---- C:\Program Files\Schlecker
2010-07-28 15:23:44 ----D---- C:\Program Files\Cyklopruvodce
2010-07-28 15:22:08 ----D---- C:\WINDOWS\WinSxS
2010-07-28 15:20:14 ----D---- C:\Program Files\Microsoft SQL Server
2010-07-28 15:19:44 ----D---- C:\Program Files\Microsoft.NET
2010-07-28 15:18:33 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-07-28 13:59:50 ----D---- C:\temp
2010-07-27 20:33:59 ----SHD---- C:\WINDOWS\CSC
2010-07-27 08:30:31 ----A---- C:\WINDOWS\system32\shell32.dll
2010-07-26 11:32:30 ----D---- C:\Documents and Settings\Halba\Data aplikací\FileZilla
2010-07-25 17:39:14 ----D---- C:\Documents and Settings\All Users\Data aplikací\Macrovision
2010-07-24 11:42:15 ----A---- C:\WINDOWS\NeroDigital.ini
2010-07-23 15:01:11 ----D---- C:\WINDOWS\system32\wbem
2010-07-23 14:55:47 ----RD---- C:\Program Files\Skype
2010-07-23 13:48:45 ----A---- C:\WINDOWS\win.ini
2010-07-23 13:48:33 ----D---- C:\Program Files\Microsoft ActiveSync
2010-07-23 08:25:07 ----D---- C:\Documents and Settings\Halba\Data aplikací\skypePM
2010-07-20 16:00:08 ----A---- C:\coffinfo.txt
2010-07-18 08:57:35 ----D---- C:\WINDOWS\Registration
2010-07-14 20:31:09 ----D---- C:\Documents and Settings\Halba\Data aplikací\Download Manager
2010-07-10 16:37:43 ----D---- C:\WINDOWS\system32\Restore
2010-07-08 23:10:03 ----N---- C:\WINDOWS\quartus_web_rules_file.txt

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ElbyVCD;ElbyVCD; C:\WINDOWS\system32\DRIVERS\ElbyVCD.sys [2002-11-28 22016]
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2006-09-24 5248]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-12-11 717296]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2009-10-07 54184]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-10-07 35168]
R1 fwdrv;Kerio Personal Firewall Driver; C:\WINDOWS\system32\Drivers\fwdrv.sys [2002-04-15 102912]
R1 Hotkey;Hotkey; C:\WINDOWS\system32\drivers\Hotkey.sys [2003-04-28 9867]
R1 hwinterface;hwinterface; C:\WINDOWS\System32\Drivers\hwinterface.sys [2008-07-10 3026]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 cvintdrv;cvintdrv; C:\WINDOWS\system32\drivers\cvintdrv.sys [2006-07-27 4096]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-10-07 40824]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2002-11-29 16320]
R2 IOPort;IOPort; \??\C:\WINDOWS\System32\DRIVERS\IOPORT.SYS []
R2 RA ARMD Wiggler 1.16;Wiggler ARM Debug Interface 1.16; \??\C:\WINDOWS\system32\drivers\RA_ARMD_Wiggler_1_16.sys []
R2 RA ARMD Wiggler 1.9;Wiggler ARM Debug Interface 1.9; \??\C:\WINDOWS\system32\drivers\RA_ARMD_Wiggler_1_9.sys []
R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2007-07-07 76288]
R2 zntport;NTPort Library Driver; \??\C:\WINDOWS\system32\drivers\zntport.sys []
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2002-11-28 15360]
R3 genmcmnUSB;USB Scroll Mouse Driver; C:\WINDOWS\system32\DRIVERS\gflmouhid.sys [2004-04-19 6656]
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDAud.sys [2007-05-01 630272]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\igxpmp32.sys [2007-04-16 5760096]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NETw4x32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows XP 32 Bit; C:\WINDOWS\System32\DRIVERS\NETw4x32.sys [2007-02-25 2203520]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys [2007-02-07 90880]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\System32\DRIVERS\SynTP.sys [2006-10-23 179896]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\System32\DRIVERS\Wdf01000.sys [2005-11-30 474184]
R3 WinDriver6;WinDriver6; C:\WINDOWS\system32\drivers\windrvr6.sys [2009-09-02 195424]
S0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys []
S1 mailKmd;mailKmd; C:\WINDOWS\system32\drivers\mailKmd.sys []
S2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys []
S2 AlteraByteBlaster;Altera ByteBlaster; \??\C:\WINDOWS\system32\drivers\pgdhdlc.sys []
S2 DS1410D;DS1410D; C:\WINDOWS\SYSTEM32\drivers\DS1410D.SYS []
S2 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1; \??\C:\WINDOWS\system32\drivers\libusb0.sys []
S3 abythvtl;abythvtl; C:\WINDOWS\system32\drivers\abythvtl.sys []
S3 AKDWC20ET;Omnivision OV538EN Driver; C:\WINDOWS\System32\Drivers\OV538EN.sys [2008-05-12 75904]
S3 AlteraUSBBlaster;Altera USB-Blaster Device Driver; C:\WINDOWS\system32\drivers\usbblstr.sys [2009-08-19 58960]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-14 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 CyUsb;Cypress Generic USB Driver; C:\WINDOWS\System32\Drivers\CyUsb.sys [2005-03-03 31104]
S3 DLPortIO;DriverLINX Port I/O Driver; \??\C:\WINDOWS\system32\DRIVERS\DLPortIO.SYS []
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2009-10-22 57800]
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2009-10-22 72520]
S3 HidBth;Miniport Bluetooth HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2008-04-14 25600]
S3 JakNDisMP;JakNDisMP; C:\WINDOWS\system32\DRIVERS\JakNDis.sys []
S3 kvpndev;Kerio VPN adapter; C:\WINDOWS\system32\DRIVERS\kvpndrv.sys [2008-01-16 65024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 Rddcrpd;Rddcrpd; C:\WINDOWS\system32\drivers\Rddcrpd.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 s716bus;Sony Ericsson Device 716 driver (WDM); C:\WINDOWS\system32\DRIVERS\s716bus.sys [2007-04-04 83208]
S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s716mdfl.sys [2007-04-04 15112]
S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s716mdm.sys [2007-04-04 108552]
S3 s716mgmt;Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s716mgmt.sys [2007-04-04 100360]
S3 s716nd5;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS); C:\WINDOWS\system32\DRIVERS\s716nd5.sys [2007-04-04 23176]
S3 s716obex;Sony Ericsson Device 716 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s716obex.sys [2007-04-04 98568]
S3 s716unic;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM); C:\WINDOWS\system32\DRIVERS\s716unic.sys [2007-04-04 98952]
S3 Ser2pl;Prolific2 Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2005-06-23 48384]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 Sntnlusb;Rainbow USB SuperPro; C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS [2007-07-07 26120]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 tap0901;TAP-Win32 Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2008-11-19 25216]
S3 TVICLPT;TVICLPT; \??\C:\WINDOWS\system32\DRIVERS\TVICLPT.SYS []
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-14 12800]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 VX1000;VX-1000; C:\WINDOWS\system32\DRIVERS\VX1000.sys [2007-04-10 1966312]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 X-Rite;X-Rite USB Service; C:\WINDOWS\system32\DRIVERS\XrUsb.sys [2003-11-06 14936]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-04-16 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Cadence License Manager;Cadence License Manager; C:\OrCAD\license_manager\lmgrd.exe [2007-03-18 1327104]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-10-07 472280]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 JTAGServer;Altera JTAG Server; c:\programs\altera\91sp2\quartus\bin\jtagserver.exe [2010-03-25 164352]
R2 LkCitadelServer;Lookout Citadel Server; C:\WINDOWS\system32\lkcitdl.exe [2006-06-19 688190]
R2 lkClassAds;National Instruments PSP Server Locator; C:\WINDOWS\system32\lkads.exe [2006-07-25 45056]
R2 lkTimeSync;National Instruments Time Synchronization; C:\WINDOWS\system32\lktsrv.exe [2006-07-25 57344]
R2 NIDomainService;National Instruments Domain Service; C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe [2006-07-25 200704]
R2 niSvcLoc;NI Service Locator; C:\WINDOWS\system32\nisvcloc.exe [2006-02-06 49152]
R2 PersFw;Kerio Personal Firewall; C:\Program Files\Kerio\Personal Firewall\persfw.exe [2003-04-30 389120]
R3 WisLMSvc;WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [2006-11-17 118784]
S2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-10-07 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-03-16 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdate1c98cf8638dc1c;Google Update Service (gupdate1c98cf8638dc1c); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-12 133104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 matlabserver;MATLAB Server; C:\programs\MATLAB\webserver\bin\win32\matlabserver.exe [2001-04-06 258048]
S3 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-05-17 271720]
S3 NILM License Manager;NILM License Manager; C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe [2006-06-27 1007616]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Vytizeny CPU, prosim o kontrolu logu

#3 Příspěvek od motji »

Dobrý večer :)

:arrow: Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

Obrázekzáložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

Obrázekzáložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy :arrow: ok :arrow: zavřít

Obrázek Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.




:arrow: Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

-souhlaste s instalací konzole pro zotavení

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna :!:

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
hal
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 05 srp 2010 23:24

Re: Vytizeny CPU, prosim o kontrolu logu

#4 Příspěvek od hal »

Moc dekuji za rychlou reakci (nedalo se na tom pracovat).
Tady je log:

ComboFix 10-08-05.02 - Halba 06.08.2010 1:23.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3062.2507 [GMT 2:00]
Spuštěný z: d:\downloads\ComboFix.exe
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezidentní štít AV je zapnutý

.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Halba\System
c:\documents and settings\Halba\System\win_qs8.jqx
c:\program files\INSTALL.LOG
c:\windows\d.ini
c:\windows\Downloaded Program Files\Install.inf
c:\windows\system32\2152960329.dat

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-07-05 do 2010-08-05 )))))))))))))))))))))))))))))))
.

2010-08-05 22:57 . 2010-08-05 22:58 -------- d-----w- c:\program files\CCleaner
2010-08-05 20:23 . 2010-08-05 22:34 -------- d-----w- C:\rsit
2010-08-05 20:23 . 2010-08-05 20:23 -------- d-----w- c:\program files\trend micro
2010-08-05 18:51 . 2010-08-05 18:52 -------- d-----w- c:\program files\Crawler
2010-07-30 13:27 . 2010-07-30 13:27 -------- d-----w- c:\program files\ASF-AVI-RM-WMV Repair
2010-07-28 13:56 . 2010-07-28 13:56 -------- d-----w- c:\documents and settings\Eclipse_workspace\.metadata
2010-07-28 13:56 . 2010-07-28 13:56 -------- d-----w- c:\documents and settings\Eclipse_workspace
2010-07-26 21:35 . 2010-03-24 19:01 7680 ----a-w- c:\windows\system32\drivers\pgdhdlc.sys
2010-07-25 21:29 . 2010-07-25 21:29 -------- d-----w- c:\windows\A4W_DATA
2010-07-25 16:00 . 2007-01-18 14:32 73728 ----a-w- c:\windows\system32\RWUXThemeSU.dll
2010-07-25 15:44 . 2010-07-25 15:44 -------- d-----w- C:\OrCAD_Data
2010-07-25 15:39 . 1999-03-08 18:28 309760 ----a-w- c:\windows\system32\lmgr326b.dll
2010-07-25 15:38 . 2010-07-25 15:45 -------- d-----w- C:\OrCAD
2010-07-23 12:50 . 2010-07-23 12:50 -------- d-----w- c:\program files\uTorrent
2010-07-18 06:57 . 2010-07-18 06:57 -------- d-----w- c:\windows\system32\URTTEMP
2010-07-17 16:49 . 2009-08-19 08:49 121424 ----a-w- c:\windows\system32\usbblstrui.dll
2010-07-17 16:49 . 2009-08-19 08:48 191056 ----a-w- c:\windows\system32\usbblstrlang.dll
2010-07-17 16:49 . 2009-08-19 08:47 207440 ----a-w- c:\windows\system32\usbblstr32.dll
2010-07-17 16:49 . 2009-08-19 08:47 58960 ----a-w- c:\windows\system32\drivers\usbblstr.sys
2010-07-14 17:38 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-07-13 06:30 . 2010-07-13 06:50 -------- d-----w- c:\program files\rajce

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-05 20:23 . 2008-05-19 21:14 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-08-03 16:17 . 2008-08-19 14:28 -------- d-----w- c:\program files\BSplayer
2010-08-03 06:28 . 2003-04-16 12:00 500294 ----a-w- c:\windows\system32\perfh005.dat
2010-08-03 06:28 . 2003-04-16 12:00 103962 ----a-w- c:\windows\system32\perfc005.dat
2010-07-28 13:42 . 2008-05-15 11:15 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-28 13:35 . 2009-01-07 19:34 -------- d-----w- c:\program files\FOTOSVET Schlecker
2010-07-28 13:25 . 2009-08-29 15:13 -------- d-----w- c:\program files\Schlecker
2010-07-28 13:23 . 2008-05-16 12:08 -------- d-----w- c:\program files\Cyklopruvodce
2010-07-28 13:20 . 2008-05-15 22:32 -------- d-----w- c:\program files\Microsoft SQL Server
2010-07-28 13:19 . 2008-05-15 21:43 -------- d-----w- c:\program files\Microsoft.NET
2010-07-23 12:55 . 2009-03-14 21:32 -------- d-----r- c:\program files\Skype
2010-07-23 11:48 . 2010-03-25 12:08 -------- d-----w- c:\program files\Microsoft ActiveSync
2010-06-20 20:33 . 2009-05-12 16:45 -------- d-----w- c:\program files\FileZilla FTP Client
2010-06-18 07:53 . 2008-05-15 13:52 -------- d-----w- c:\program files\Common Files\Adobe
2010-06-14 14:31 . 2008-05-15 10:55 744448 ----a-w- c:\windows\PCHealth\HelpCtr\Binaries\helpsvc.exe
2010-06-07 22:12 . 2008-09-22 19:50 -------- d-----w- c:\program files\Microsoft Silverlight
2010-05-17 12:02 . 2008-05-15 20:29 3208 ----a-w- c:\windows\im32st.dat
2006-01-23 09:32 . 2006-01-23 09:32 131072 ----a-w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll
2006-06-07 13:40 . 2006-06-07 13:40 132848 ----a-w- c:\program files\internet explorer\plugins\LV82ActiveXControl.dll
.

------- Sigcheck -------

[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9425B72F40257B45D45D24773273DAD0 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9425B72F40257B45D45D24773273DAD0 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2008-04-13 . ACCF5A9A1FFAA490F33DBA1C632B95E1 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[-] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2GDR\tcpip.sys
[-] 2006-04-20 . B8158E2A6112C0A5CA67BC158FC70218 . 340480 . . [5.1.2600.1831] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[-] 2003-04-16 . 244A2F9816BC9B593957281EF577D976 . 332928 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB917953$\tcpip.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" [2009-01-31 3399727]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\System32\igfxtray.exe" [2007-04-20 142104]
"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2007-04-20 162584]
"Persistence"="c:\windows\System32\igfxpers.exe" [2007-04-20 138008]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 815104]
"HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2007-04-26 192512]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"mouseElf"="c:\progra~1\SCROLL~1\MouseElf.EXE" [2005-12-16 438364]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 279912]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-08-24 198160]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792]
"VX1000"="c:\windows\vVX1000.exe" [2007-04-10 709992]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-10-07 1461080]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Halba\Nabˇdka Start\Programy\Po spuçtŘnˇ\
updpxe32.exe [2008-4-14 32768]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
MonacoGamma.lnk - c:\program files\Monaco Systems\MonacoOPTIX 2.0\MonacoGamma.exe [2009-11-28 102400]
MonacoReminder.lnk - c:\program files\Monaco Systems\MonacoOPTIX 2.0\Monaco Reminder.exe [2009-11-28 176128]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ICQUpdater"="c:\docume~1\Halba\LOCALS~1\Temp\IcqUpdater.exe" -upgrade 2952 "c:\docume~1\Halba\LOCALS~1\Temp\6ACC2D~1 /silent" "c:\progra~1\ICQ6\ICQ.exe loginmode=2 sname=52126431 pwdHashed=PbrP12sKBAzK0erLIN70yD26z9drCgQMytHqyyDe9Mg= status=1 visibility=4 " /autorun

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"WinampAgent"="c:\program files\Winamp\winampa.exe"
"NeroFilterCheck"=c:\windows\system32\NeroCheck.exe
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
"LaunchAp"=c:\program files\Launch Manager\LaunchAp.exe
"CloneCDElbyCDFL"="c:\program files\CloneCD\ElbyCheck.exe" /L ElbyCDFL
"VX1000"=c:\windows\vVX1000.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\InterVideo\\DVD5\\WinDVD.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\cdnshelp.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\cdsinfo.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\cdsmps.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\cdsMsgServer.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\cdsNameServer.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\cdsOaPathUtil.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\cdsRemote.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\cdsRemshClient.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\cdsRunHidden.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\cdsServIpc.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\cdsUnzip.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\cdswhich.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\cdsZip.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\cds_root.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\clsAdminTool.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\clsbd.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\clu.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\cmfeedback.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\consmgr.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\dregprint.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\emsMkError.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\mpsinfo.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\msgHelp.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\nmp.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\nmppath.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\switchversion.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\van.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\versionviewer.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\capture\\capture.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\capture\\comp16.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\capture\\pcadi.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\capture\\pspiceexplorersrvr.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\capture\\pstswp.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\capture\\regsvr32.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\capture\\sch2cap.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\capture\\tutorial\\CAPTUTOR.EXE"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\cdnshelp\\bin\\cdnshelp.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\cdnshelp\\bin\\topicgen.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\cdnshelp\\bin\\_cdnshelp.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\dfII\\bin\\skill.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\dfII\\bin\\skill_g.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\fet\\bin\\bodygen.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\fet\\bin\\cpmaccess.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\fet\\bin\\libaccess.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\fet\\bin\\lrm.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\fet\\bin\\mkdefcfg.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\fet\\bin\\newgenasym.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\fet\\bin\\pcbCache.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\fet\\bin\\projmgr.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\fet\\bin\\psetup.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\fet\\bin\\purge.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\fet\\bin\\QPSetup.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\fet\\bin\\rollback.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\fet\\bin\\UniversalBrowser.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\fet\\bin\\versiontool.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\java.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\javacpl.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\javaw.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\javaws.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\jucheck.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\jusched.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\keytool.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\kinit.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\klist.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\ktab.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\orbd.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\pack200.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\policytool.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\rmid.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\rmiregistry.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\servertool.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\tnameserv.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\unpack200.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\fvupdateutil.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\gcad.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\gcam.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\gcdin.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\idfin.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\ipc356.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\layout.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\libcat.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\lsession.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\max2hyp.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxascb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxascx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxdxf.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxeco.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxfnetx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxminb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxminw.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxminx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxorcad.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxp99x.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxpadb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxpadx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxpcadb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxpcadx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxprotb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxprotx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxstrb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxstrx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxtangb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxtangx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\mfceco.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\orcadodb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\padb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\padx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\pcadb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\pcadx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\pcb2max.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\prcat.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\protb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\protx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\searchTool.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\setbrows.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\specin.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\strb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\strx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\tangb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\tangx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\to386.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\toidf.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\tomax.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\tospec.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\update90.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\gtool\\Fonts\\F2G.EXE"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\gtool\\Fonts\\G2F.EXE"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\gtool\\Program\\custaped.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\gtool\\Program\\GERBLINE.EXE"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\gtool\\Program\\GerbTool.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\gtool\\Program\\GT2VIEW.EXE"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\gtool\\Program\\gzip124.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\gtool\\System\\FixTbar.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\samples\\demo\\reset.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\sroute\\batch32.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\sroute\\sroute.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\tutorial\\laytutor.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\vcadd\\vcadd32.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\fvupdateutil.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\gcad.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\gcam.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\gcdin.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\idfin.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\ipc356.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\layout.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\libcat.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\lsession.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\max2hyp.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxascb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxascx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxdxf.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxeco.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxfnetx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxminb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxminw.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxminx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxorcad.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxp99x.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxpadb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxpadx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxpcadb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxpcadx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxprotb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxprotx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxstrb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxstrx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxtangb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxtangx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\mfceco.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\orcadodb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\padb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\padx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\pcadb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\pcadx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\pcb2max.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\prcat.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\protb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\protx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\searchTool.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\setbrows.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\specin.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\strb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\strx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\tangb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\tangx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\to386.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\toidf.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\tomax.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\tospec.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\update90.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\gtool\\Fonts\\F2G.EXE"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\gtool\\Fonts\\G2F.EXE"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\gtool\\Program\\custaped.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\gtool\\Program\\GERBLINE.EXE"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\gtool\\Program\\GerbTool.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\gtool\\Program\\GT2VIEW.EXE"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\gtool\\Program\\gzip124.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\gtool\\System\\FixTbar.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\samples\\demo\\reset.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\sroute\\batch32.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\sroute\\sroute.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\tutorial\\laytutor.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\vcadd\\vcadd32.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\fvupdateutil.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\gcad.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\gcam.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\gcdin.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\idfin.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\ipc356.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\layout.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\libcat.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\lsession.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\max2hyp.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxascb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxascx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxdxf.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxeco.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxfnetx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxminb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxminw.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxminx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxorcad.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxp99x.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxpadb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxpadx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxpcadb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxpcadx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxprotb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxprotx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxstrb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxstrx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxtangb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxtangx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\mfceco.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\orcadodb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\padb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\padx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\pcadb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\pcadx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\pcb2max.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\prcat.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\protb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\protx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\searchTool.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\setbrows.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\specin.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\strb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\strx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\tangb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\tangx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\to386.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\toidf.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\tomax.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\tospec.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\update90.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\gtool\\Fonts\\F2G.EXE"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\gtool\\Fonts\\G2F.EXE"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\gtool\\Program\\custaped.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\gtool\\Program\\GERBLINE.EXE"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\gtool\\Program\\GerbTool.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\gtool\\Program\\GT2VIEW.EXE"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\gtool\\Program\\gzip124.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\gtool\\System\\FixTbar.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\samples\\demo\\reset.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\sroute\\batch32.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\sroute\\sroute.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\tutorial\\laytutor.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\vcadd\\vcadd32.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\a2dxf.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\a2sdf.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\aconvmap.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\allegro.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\allegro_free_viewer.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\aprepmap.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\artwork.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\ashowmap.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\axlform.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\batch_drc.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\bbvia.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\bem2d.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\brd2dml.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\create_devices.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\create_sym.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\dbdoctor.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\dbdoctor14.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\dbdoctor15.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\dbdoctor_ui.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\dbfix11.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\dbfix12.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\dbfix13.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\dbstat.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\dfa_dlg.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\dfa_update.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\dml2brd.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\dmlcheck.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\dmlcrypt.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\downrev14.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\downrev_library.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\draw_check.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\dump_libraries.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\dxf2a.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\ecl_schedule.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\enved.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\explot.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\extracta.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\flash_convert.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\fpbrowse.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\FSvia.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\FSviaSolver.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\ftsmerge.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\gbplot.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\genfeedformat.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\genrad.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\gloss.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\ibis2signoise.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\ibischk3.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\ibischk4.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\icmchk.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\idf_in.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\idf_out.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\iges_in.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\iges_out.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\il_allegro.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\ipc356_out.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\j2script.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\l2a.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\lis2buf.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\mbs2lib.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\mergedml.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\mkdeviceindex.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\modelintegrity.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\modelsim.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\ncroute.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\nctape.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\netin.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\netrev.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\pads_in.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\pad_designer.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\parallel.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\pcad_in.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\pe_wordpad.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\placement.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\plctxt.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\pre_check.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\productServer.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\quad2signoise.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\qvupdate.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\rd_stream.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\refresh_padstack.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\refresh_symbol.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\refresh_vs.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\reftxt.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\report.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\signoise.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\sigwave.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\sigwave_sc.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\sigxp.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\sigxsect.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\spc2dml.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\spc2spc.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\spif.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\spif_batch.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\stream_out.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\swap.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\systemdump.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\sys_root.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\techfile.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\techfile13.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\techfile14.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\techfile15.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\tlp2.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\tlsim.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\ts2dml.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\uprev.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\zrouter.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\perl5\\bin\\perl.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\perl5\\bin\\perlglob.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\perl5\\ntt\\cmd32.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\appmgr.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\IndiceFileGeneration.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\lxcwin.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\Magneticdesigner.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\modeled.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\MrkSrvr.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\msgview.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\PDesign.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\psched.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\pspice.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\pspiceaa.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\PSpiceEnc.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\pspiceexplorersrvr.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\psp_cmd.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\regsvr32.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\simmgr.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\simsrvr.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\stmed.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\specctra\\bin\\mbs2sp.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\specctra\\bin\\sp2mbs.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\specctra\\bin\\specctra.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\specctra\\bin\\specctra.com"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R0 ElbyVCD;ElbyVCD;c:\windows\system32\drivers\ElbyVCD.sys [28.11.2002 12:43 22016]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [18.8.2008 14:27 35168]
R1 fwdrv;Kerio Personal Firewall Driver;c:\windows\system32\drivers\FWDRV.SYS [2.2.2010 21:13 102912]
R1 hwinterface;hwinterface;c:\windows\system32\drivers\hwinterface.sys [10.7.2008 18:00 3026]
R2 Cadence License Manager;Cadence License Manager;c:\orcad\license_manager\lmgrd.exe [25.7.2010 17:39 1327104]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [7.10.2009 10:16 472280]
R2 IOPort;IOPort;c:\windows\system32\drivers\IOPORT.SYS [15.5.2008 22:18 6144]
R2 RA ARMD Wiggler 1.16;Wiggler ARM Debug Interface 1.16;c:\windows\system32\drivers\RA_ARMD_Wiggler_1_16.sys [18.10.2009 17:13 16384]
R2 RA ARMD Wiggler 1.9;Wiggler ARM Debug Interface 1.9;c:\windows\system32\drivers\RA_ARMD_Wiggler_1_9.sys [9.3.2009 17:39 13312]
R3 genmcmnUSB;USB Scroll Mouse Driver;c:\windows\system32\drivers\gflmouhid.sys [19.5.2008 11:39 6656]
S1 mailKmd;mailKmd; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [9.3.2009 22:41 33792]
S3 AKDWC20ET;Omnivision OV538EN Driver;c:\windows\system32\drivers\OV538EN.sys [17.6.2009 13:05 75904]
S3 AlteraUSBBlaster;Altera USB-Blaster Device Driver;c:\windows\system32\drivers\usbblstr.sys [17.7.2010 18:49 58960]
S3 CyUsb;Cypress Generic USB Driver;c:\windows\system32\drivers\CyUsb.sys [3.3.2005 20:47 31104]
S3 DLPortIO;DriverLINX Port I/O Driver;c:\windows\system32\drivers\DLPORTIO.SYS [13.8.2008 17:34 3584]
S3 gupdate1c98cf8638dc1c;Google Update Service (gupdate1c98cf8638dc1c);c:\program files\Google\Update\GoogleUpdate.exe [12.2.2009 11:55 133104]
S3 JakNDisMP;JakNDisMP;c:\windows\system32\DRIVERS\JakNDis.sys --> c:\windows\system32\DRIVERS\JakNDis.sys [?]
S3 kvpndev;Kerio VPN adapter;c:\windows\system32\drivers\kvpndrv.sys [16.1.2008 9:58 65024]
S3 Rddcrpd;Rddcrpd; [x]
S3 TVICLPT;TVICLPT;\??\c:\windows\system32\DRIVERS\TVICLPT.SYS --> c:\windows\system32\DRIVERS\TVICLPT.SYS [?]
S3 WisLMSvc;WisLMSvc;c:\program files\Launch Manager\WisLMSvc.exe [15.5.2008 13:16 118784]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
S3 X-Rite;X-Rite USB Service;c:\windows\system32\drivers\XrUsb.sys [28.11.2009 15:58 14936]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [11.12.2008 12:30 717296]
.
Obsah adresáře 'Naplánované úlohy'

2010-08-05 c:\windows\Tasks\SDMsgUpdate (SD).job
- c:\progra~1\SMARTD~2\Messages\SDNotify.exe [2010-03-23 09:09]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.cpinvest.cz/
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = 192.168.1.251:8080
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: Crawler Search - tbr:iemenu
IE: Download all with Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: Download selected with Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Sothink SWF Catcher - c:\program files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
DPF: Yahoo! Chess - hxxp://origin.games.yahoo.net/games/clients/y/ct5_x.cab
DPF: {8ACDC08B-DC64-4613-97F2-299B65F66E1D} - hxxp://www.digimeld.com/download/digimeldOcx.CAB
FF - ProfilePath - c:\documents and settings\Halba\Data aplikací\Mozilla\Firefox\Profiles\0k29u6bb.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - prefs.js: keyword.enabled - false
FF - component: c:\program files\Free Download Manager\Firefox\Extension\components\vmsfdmff.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\Google\Update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
.
------- Asociace souborů -------
.
txtfile="c:\program files\PSPad editor\PSPad.exe" "%1"
.txt=txt_file
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKCU-Run-AdobeBridge - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-06 01:28
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
Celkový čas: 2010-08-06 01:32:02
ComboFix-quarantined-files.txt 2010-08-05 23:32

Před spuštěním: 3 440 291 840
Po spuštění: 3 392 630 784

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

- - End Of File - - E907073660164F018F6D584F340CEB51
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Vytizeny CPU, prosim o kontrolu logu

#5 Příspěvek od motji »

:arrow: Program c:\\OrCAD\\OrCAD_16.0\ znáte?
Téměř všechny jeho soubory jsou povoleny ve firewallu, to máte schválně?

:arrow: Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše


Restore::
c:\windows\system32\drivers\tcpip.sys

Registry::
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ICQUpdater"=-

Driver::
mailKmd

DDS::
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip

Collect::
c:\documents and settings\Halba\Nabídka Start\Programy\Po spuštění\updpxe32.exe
-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:

Obrázek


-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
hal
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 05 srp 2010 23:24

Re: Vytizeny CPU, prosim o kontrolu logu

#6 Příspěvek od hal »

Orcad 16 je v poradku.
Zkusim spustit ten skript.
Diky moc
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Vytizeny CPU, prosim o kontrolu logu

#7 Příspěvek od motji »

Log z combofixu pak vložte sem :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
hal
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 05 srp 2010 23:24

Re: Vytizeny CPU, prosim o kontrolu logu

#8 Příspěvek od hal »

ComboFix 10-08-05.02 - Halba 06.08.2010 9:58.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3062.2473 [GMT 2:00]
Spuštěný z: d:\downloads\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Halba\Plocha\CFScript.txt
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

file zipped: c:\documents and settings\Halba\Nabídka Start\Programy\Po spuštění\updpxe32.exe
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Halba\Nabídka Start\Programy\Po spuštění\updpxe32.exe

Nakažená kopie c:\windows\system32\drivers\tcpip.sys byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_mailKmd


((((((((((((((((((((((((( Soubory vytvořené od 2010-07-06 do 2010-08-06 )))))))))))))))))))))))))))))))
.

2010-08-05 22:57 . 2010-08-05 22:58 -------- d-----w- c:\program files\CCleaner
2010-08-05 20:23 . 2010-08-05 22:34 -------- d-----w- C:\rsit
2010-08-05 20:23 . 2010-08-05 20:23 -------- d-----w- c:\program files\trend micro
2010-07-30 13:27 . 2010-07-30 13:27 -------- d-----w- c:\program files\ASF-AVI-RM-WMV Repair
2010-07-28 13:56 . 2010-07-28 13:56 -------- d-----w- c:\documents and settings\Eclipse_workspace\.metadata
2010-07-28 13:56 . 2010-07-28 13:56 -------- d-----w- c:\documents and settings\Eclipse_workspace
2010-07-26 21:35 . 2010-03-24 19:01 7680 ----a-w- c:\windows\system32\drivers\pgdhdlc.sys
2010-07-25 21:29 . 2010-07-25 21:29 -------- d-----w- c:\windows\A4W_DATA
2010-07-25 16:00 . 2007-01-18 14:32 73728 ----a-w- c:\windows\system32\RWUXThemeSU.dll
2010-07-25 15:44 . 2010-07-25 15:44 -------- d-----w- C:\OrCAD_Data
2010-07-25 15:39 . 1999-03-08 18:28 309760 ----a-w- c:\windows\system32\lmgr326b.dll
2010-07-25 15:38 . 2010-07-25 15:45 -------- d-----w- C:\OrCAD
2010-07-23 12:50 . 2010-07-23 12:50 -------- d-----w- c:\program files\uTorrent
2010-07-18 06:57 . 2010-07-18 06:57 -------- d-----w- c:\windows\system32\URTTEMP
2010-07-17 16:49 . 2009-08-19 08:49 121424 ----a-w- c:\windows\system32\usbblstrui.dll
2010-07-17 16:49 . 2009-08-19 08:48 191056 ----a-w- c:\windows\system32\usbblstrlang.dll
2010-07-17 16:49 . 2009-08-19 08:47 207440 ----a-w- c:\windows\system32\usbblstr32.dll
2010-07-17 16:49 . 2009-08-19 08:47 58960 ----a-w- c:\windows\system32\drivers\usbblstr.sys
2010-07-14 17:38 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-07-13 06:30 . 2010-07-13 06:50 -------- d-----w- c:\program files\rajce

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-05 20:23 . 2008-05-19 21:14 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-08-03 16:17 . 2008-08-19 14:28 -------- d-----w- c:\program files\BSplayer
2010-08-03 06:28 . 2003-04-16 12:00 500294 ----a-w- c:\windows\system32\perfh005.dat
2010-08-03 06:28 . 2003-04-16 12:00 103962 ----a-w- c:\windows\system32\perfc005.dat
2010-07-28 13:42 . 2008-05-15 11:15 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-28 13:35 . 2009-01-07 19:34 -------- d-----w- c:\program files\FOTOSVET Schlecker
2010-07-28 13:25 . 2009-08-29 15:13 -------- d-----w- c:\program files\Schlecker
2010-07-28 13:23 . 2008-05-16 12:08 -------- d-----w- c:\program files\Cyklopruvodce
2010-07-28 13:20 . 2008-05-15 22:32 -------- d-----w- c:\program files\Microsoft SQL Server
2010-07-28 13:19 . 2008-05-15 21:43 -------- d-----w- c:\program files\Microsoft.NET
2010-07-23 12:55 . 2009-03-14 21:32 -------- d-----r- c:\program files\Skype
2010-07-23 11:48 . 2010-03-25 12:08 -------- d-----w- c:\program files\Microsoft ActiveSync
2010-06-20 20:33 . 2009-05-12 16:45 -------- d-----w- c:\program files\FileZilla FTP Client
2010-06-18 07:53 . 2008-05-15 13:52 -------- d-----w- c:\program files\Common Files\Adobe
2010-06-14 14:31 . 2008-05-15 10:55 744448 ----a-w- c:\windows\PCHealth\HelpCtr\Binaries\helpsvc.exe
2010-06-07 22:12 . 2008-09-22 19:50 -------- d-----w- c:\program files\Microsoft Silverlight
2010-05-17 12:02 . 2008-05-15 20:29 3208 ----a-w- c:\windows\im32st.dat
2006-01-23 09:32 . 2006-01-23 09:32 131072 ----a-w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll
2006-06-07 13:40 . 2006-06-07 13:40 132848 ----a-w- c:\program files\internet explorer\plugins\LV82ActiveXControl.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" [2009-01-31 3399727]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\System32\igfxtray.exe" [2007-04-20 142104]
"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2007-04-20 162584]
"Persistence"="c:\windows\System32\igfxpers.exe" [2007-04-20 138008]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 815104]
"HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2007-04-26 192512]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"mouseElf"="c:\progra~1\SCROLL~1\MouseElf.EXE" [2005-12-16 438364]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 279912]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-08-24 198160]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792]
"VX1000"="c:\windows\vVX1000.exe" [2007-04-10 709992]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-10-07 1461080]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
MonacoGamma.lnk - c:\program files\Monaco Systems\MonacoOPTIX 2.0\MonacoGamma.exe [2009-11-28 102400]
MonacoReminder.lnk - c:\program files\Monaco Systems\MonacoOPTIX 2.0\Monaco Reminder.exe [2009-11-28 176128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"WinampAgent"="c:\program files\Winamp\winampa.exe"
"NeroFilterCheck"=c:\windows\system32\NeroCheck.exe
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
"LaunchAp"=c:\program files\Launch Manager\LaunchAp.exe
"CloneCDElbyCDFL"="c:\program files\CloneCD\ElbyCheck.exe" /L ElbyCDFL
"VX1000"=c:\windows\vVX1000.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\InterVideo\\DVD5\\WinDVD.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\cdnshelp.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\cdsinfo.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\cdsmps.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\cdsMsgServer.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\cdsNameServer.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\cdsOaPathUtil.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\cdsRemote.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\cdsRemshClient.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\cdsRunHidden.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\cdsServIpc.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\cdsUnzip.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\cdswhich.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\cdsZip.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\cds_root.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\clsAdminTool.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\clsbd.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\clu.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\cmfeedback.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\consmgr.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\dregprint.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\emsMkError.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\mpsinfo.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\msgHelp.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\nmp.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\nmppath.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\switchversion.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\van.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\bin\\versionviewer.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\capture\\capture.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\capture\\comp16.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\capture\\pcadi.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\capture\\pspiceexplorersrvr.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\capture\\pstswp.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\capture\\regsvr32.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\capture\\sch2cap.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\capture\\tutorial\\CAPTUTOR.EXE"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\cdnshelp\\bin\\cdnshelp.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\cdnshelp\\bin\\topicgen.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\cdnshelp\\bin\\_cdnshelp.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\dfII\\bin\\skill.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\dfII\\bin\\skill_g.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\fet\\bin\\bodygen.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\fet\\bin\\cpmaccess.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\fet\\bin\\libaccess.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\fet\\bin\\lrm.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\fet\\bin\\mkdefcfg.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\fet\\bin\\newgenasym.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\fet\\bin\\pcbCache.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\fet\\bin\\projmgr.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\fet\\bin\\psetup.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\fet\\bin\\purge.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\fet\\bin\\QPSetup.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\fet\\bin\\rollback.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\fet\\bin\\UniversalBrowser.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\fet\\bin\\versiontool.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\java.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\javacpl.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\javaw.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\javaws.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\jucheck.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\jusched.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\keytool.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\kinit.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\klist.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\ktab.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\orbd.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\pack200.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\policytool.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\rmid.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\rmiregistry.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\servertool.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\tnameserv.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\jre\\bin\\unpack200.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\fvupdateutil.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\gcad.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\gcam.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\gcdin.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\idfin.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\ipc356.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\layout.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\libcat.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\lsession.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\max2hyp.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxascb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxascx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxdxf.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxeco.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxfnetx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxminb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxminw.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxminx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxorcad.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxp99x.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxpadb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxpadx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxpcadb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxpcadx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxprotb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxprotx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxstrb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxstrx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxtangb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\maxtangx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\mfceco.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\orcadodb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\padb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\padx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\pcadb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\pcadx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\pcb2max.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\prcat.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\protb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\protx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\searchTool.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\setbrows.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\specin.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\strb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\strx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\tangb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\tangx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\to386.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\toidf.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\tomax.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\tospec.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\update90.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\gtool\\Fonts\\F2G.EXE"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\gtool\\Fonts\\G2F.EXE"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\gtool\\Program\\custaped.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\gtool\\Program\\GERBLINE.EXE"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\gtool\\Program\\GerbTool.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\gtool\\Program\\GT2VIEW.EXE"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\gtool\\Program\\gzip124.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\gtool\\System\\FixTbar.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\samples\\demo\\reset.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\sroute\\batch32.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\sroute\\sroute.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\tutorial\\laytutor.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout\\vcadd\\vcadd32.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\fvupdateutil.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\gcad.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\gcam.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\gcdin.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\idfin.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\ipc356.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\layout.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\libcat.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\lsession.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\max2hyp.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxascb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxascx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxdxf.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxeco.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxfnetx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxminb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxminw.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxminx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxorcad.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxp99x.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxpadb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxpadx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxpcadb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxpcadx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxprotb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxprotx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxstrb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxstrx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxtangb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\maxtangx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\mfceco.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\orcadodb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\padb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\padx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\pcadb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\pcadx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\pcb2max.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\prcat.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\protb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\protx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\searchTool.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\setbrows.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\specin.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\strb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\strx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\tangb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\tangx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\to386.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\toidf.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\tomax.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\tospec.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\update90.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\gtool\\Fonts\\F2G.EXE"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\gtool\\Fonts\\G2F.EXE"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\gtool\\Program\\custaped.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\gtool\\Program\\GERBLINE.EXE"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\gtool\\Program\\GerbTool.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\gtool\\Program\\GT2VIEW.EXE"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\gtool\\Program\\gzip124.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\gtool\\System\\FixTbar.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\samples\\demo\\reset.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\sroute\\batch32.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\sroute\\sroute.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\tutorial\\laytutor.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_eng_ed\\vcadd\\vcadd32.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\fvupdateutil.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\gcad.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\gcam.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\gcdin.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\idfin.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\ipc356.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\layout.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\libcat.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\lsession.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\max2hyp.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxascb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxascx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxdxf.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxeco.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxfnetx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxminb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxminw.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxminx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxorcad.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxp99x.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxpadb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxpadx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxpcadb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxpcadx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxprotb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxprotx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxstrb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxstrx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxtangb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\maxtangx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\mfceco.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\orcadodb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\padb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\padx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\pcadb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\pcadx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\pcb2max.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\prcat.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\protb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\protx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\searchTool.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\setbrows.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\specin.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\strb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\strx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\tangb.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\tangx.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\to386.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\toidf.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\tomax.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\tospec.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\update90.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\gtool\\Fonts\\F2G.EXE"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\gtool\\Fonts\\G2F.EXE"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\gtool\\Program\\custaped.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\gtool\\Program\\GERBLINE.EXE"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\gtool\\Program\\GerbTool.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\gtool\\Program\\GT2VIEW.EXE"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\gtool\\Program\\gzip124.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\gtool\\System\\FixTbar.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\samples\\demo\\reset.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\sroute\\batch32.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\sroute\\sroute.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\tutorial\\laytutor.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\layout_plus\\vcadd\\vcadd32.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\a2dxf.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\a2sdf.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\aconvmap.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\allegro.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\allegro_free_viewer.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\aprepmap.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\artwork.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\ashowmap.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\axlform.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\batch_drc.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\bbvia.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\bem2d.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\brd2dml.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\create_devices.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\create_sym.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\dbdoctor.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\dbdoctor14.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\dbdoctor15.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\dbdoctor_ui.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\dbfix11.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\dbfix12.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\dbfix13.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\dbstat.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\dfa_dlg.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\dfa_update.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\dml2brd.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\dmlcheck.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\dmlcrypt.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\downrev14.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\downrev_library.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\draw_check.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\dump_libraries.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\dxf2a.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\ecl_schedule.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\enved.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\explot.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\extracta.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\flash_convert.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\fpbrowse.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\FSvia.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\FSviaSolver.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\ftsmerge.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\gbplot.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\genfeedformat.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\genrad.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\gloss.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\ibis2signoise.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\ibischk3.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\ibischk4.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\icmchk.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\idf_in.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\idf_out.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\iges_in.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\iges_out.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\il_allegro.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\ipc356_out.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\j2script.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\l2a.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\lis2buf.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\mbs2lib.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\mergedml.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\mkdeviceindex.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\modelintegrity.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\modelsim.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\ncroute.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\nctape.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\netin.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\netrev.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\pads_in.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\pad_designer.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\parallel.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\pcad_in.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\pe_wordpad.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\placement.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\plctxt.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\pre_check.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\productServer.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\quad2signoise.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\qvupdate.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\rd_stream.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\refresh_padstack.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\refresh_symbol.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\refresh_vs.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\reftxt.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\report.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\signoise.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\sigwave.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\sigwave_sc.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\sigxp.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\sigxsect.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\spc2dml.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\spc2spc.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\spif.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\spif_batch.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\stream_out.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\swap.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\systemdump.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\sys_root.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\techfile.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\techfile13.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\techfile14.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\techfile15.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\tlp2.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\tlsim.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\ts2dml.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\uprev.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pcb\\bin\\zrouter.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\perl5\\bin\\perl.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\perl5\\bin\\perlglob.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\perl5\\ntt\\cmd32.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\appmgr.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\IndiceFileGeneration.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\lxcwin.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\Magneticdesigner.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\modeled.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\MrkSrvr.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\msgview.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\PDesign.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\psched.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\pspice.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\pspiceaa.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\PSpiceEnc.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\pspiceexplorersrvr.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\psp_cmd.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\regsvr32.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\simmgr.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\simsrvr.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\pspice\\stmed.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\specctra\\bin\\mbs2sp.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\specctra\\bin\\sp2mbs.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\specctra\\bin\\specctra.exe"=
"c:\\OrCAD\\OrCAD_16.0\\tools\\specctra\\bin\\specctra.com"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R0 ElbyVCD;ElbyVCD;c:\windows\system32\drivers\ElbyVCD.sys [28.11.2002 12:43 22016]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [18.8.2008 14:27 35168]
R1 hwinterface;hwinterface;c:\windows\system32\drivers\hwinterface.sys [10.7.2008 18:00 3026]
R2 Cadence License Manager;Cadence License Manager;c:\orcad\license_manager\lmgrd.exe [25.7.2010 17:39 1327104]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [7.10.2009 10:16 472280]
R2 IOPort;IOPort;c:\windows\system32\drivers\IOPORT.SYS [15.5.2008 22:18 6144]
R2 RA ARMD Wiggler 1.16;Wiggler ARM Debug Interface 1.16;c:\windows\system32\drivers\RA_ARMD_Wiggler_1_16.sys [18.10.2009 17:13 16384]
R2 RA ARMD Wiggler 1.9;Wiggler ARM Debug Interface 1.9;c:\windows\system32\drivers\RA_ARMD_Wiggler_1_9.sys [9.3.2009 17:39 13312]
R3 genmcmnUSB;USB Scroll Mouse Driver;c:\windows\system32\drivers\gflmouhid.sys [19.5.2008 11:39 6656]
R3 WisLMSvc;WisLMSvc;c:\program files\Launch Manager\WisLMSvc.exe [15.5.2008 13:16 118784]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [9.3.2009 22:41 33792]
S3 AKDWC20ET;Omnivision OV538EN Driver;c:\windows\system32\drivers\OV538EN.sys [17.6.2009 13:05 75904]
S3 AlteraUSBBlaster;Altera USB-Blaster Device Driver;c:\windows\system32\drivers\usbblstr.sys [17.7.2010 18:49 58960]
S3 CyUsb;Cypress Generic USB Driver;c:\windows\system32\drivers\CyUsb.sys [3.3.2005 20:47 31104]
S3 DLPortIO;DriverLINX Port I/O Driver;c:\windows\system32\drivers\DLPORTIO.SYS [13.8.2008 17:34 3584]
S3 gupdate1c98cf8638dc1c;Google Update Service (gupdate1c98cf8638dc1c);c:\program files\Google\Update\GoogleUpdate.exe [12.2.2009 11:55 133104]
S3 JakNDisMP;JakNDisMP;c:\windows\system32\DRIVERS\JakNDis.sys --> c:\windows\system32\DRIVERS\JakNDis.sys [?]
S3 kvpndev;Kerio VPN adapter;c:\windows\system32\drivers\kvpndrv.sys [16.1.2008 9:58 65024]
S3 Rddcrpd;Rddcrpd; [x]
S3 TVICLPT;TVICLPT;\??\c:\windows\system32\DRIVERS\TVICLPT.SYS --> c:\windows\system32\DRIVERS\TVICLPT.SYS [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
S3 X-Rite;X-Rite USB Service;c:\windows\system32\drivers\XrUsb.sys [28.11.2009 15:58 14936]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [11.12.2008 12:30 717296]
.
Obsah adresáře 'Naplánované úlohy'

2010-08-06 c:\windows\Tasks\SDMsgUpdate (SD).job
- c:\progra~1\SMARTD~2\Messages\SDNotify.exe [2010-03-23 09:09]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.cpinvest.cz/
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = 192.168.1.251:8080
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: Download all with Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: Download selected with Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Sothink SWF Catcher - c:\program files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
DPF: Yahoo! Chess - hxxp://origin.games.yahoo.net/games/clients/y/ct5_x.cab
DPF: {8ACDC08B-DC64-4613-97F2-299B65F66E1D} - hxxp://www.digimeld.com/download/digimeldOcx.CAB
FF - ProfilePath - c:\documents and settings\Halba\Data aplikací\Mozilla\Firefox\Profiles\0k29u6bb.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - prefs.js: keyword.enabled - false
FF - component: c:\program files\Free Download Manager\Firefox\Extension\components\vmsfdmff.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\Google\Update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-Run-CtrlVol - c:\program files\Launch Manager\CtrlVol.exe
HKLM-Run-LaunchAp - c:\program files\Launch Manager\LaunchAp.exe
HKLM-Run-Wbutton - c:\program files\Launch Manager\WButton.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-06 10:10
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CtrlVol = c:\program files\Launch Manager\CtrlVol.exe?x???0??? ???????0???a??|???? ??|???|???????|????????L????????V????F?????????????h?????????????B????? ??|`??|????]??|J?A?????????i?A??[????7~??????F??b@?????????????? A?8???????i?A?{?@?pV??6m@?pV???[????@??V?????
LaunchAp = c:\program files\Launch Manager\LaunchAp.exe????0??? ???????0???a??|???? ??|???|???????|????????L????????V????F?????????????h?????????????B????? ??|`??|????]??|J?A?????????i?A??[????7~??????F??b@?????????????? A?8???????i?A?{?@?pV??6m@?pV???[????@??V?????
Wbutton = c:\program files\Launch Manager\WButton.exe?????0??? ???????0???a??|???? ??|???|???????|????????L????????V????F?????????????h?????????????B????? ??|`??|????]??|J?A?????????i?A??[????7~??????F??b@?????????????? A?8???????i?A?{?@?pV??6m@?pV???[????@??V?????

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(2416)
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\programs\altera\91sp2\quartus\bin\jtagserver.exe
c:\orcad\license_manager\cdslmd.exe
c:\windows\system32\lkcitdl.exe
c:\windows\system32\lkads.exe
c:\windows\system32\lktsrv.exe
c:\program files\National Instruments\Shared\Security\nidmsrv.exe
c:\windows\system32\nisvcloc.exe
c:\windows\system32\CNAB4RPK.EXE
c:\windows\System32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\rundll32.exe
c:\windows\System32\igfxsrvc.exe
c:\program files\Microsoft ActiveSync\Wcescomm.exe
c:\progra~1\MICROS~3\rapimgr.exe
.
**************************************************************************
.
Celkový čas: 2010-08-06 10:18:20 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-08-06 08:18
ComboFix2.txt 2010-08-05 23:32

Před spuštěním: 3 470 544 896
Po spuštění: 3 302 100 992

- - End Of File - - A05B1746B17A6E592CF8B930249B6410
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Vytizeny CPU, prosim o kontrolu logu

#9 Příspěvek od motji »

Jak to ted vypadá s počítačem?

:arrow: Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT :!:
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
hal
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 05 srp 2010 23:24

Re: Vytizeny CPU, prosim o kontrolu logu

#10 Příspěvek od hal »

Vypada to zatim dobre :-).
Spustim MBAM a dam log
Nahoru
hal
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 05 srp 2010 23:24

Re: Vytizeny CPU, prosim o kontrolu logu

#11 Příspěvek od hal »

Tady to je:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4397

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

6.8.2010 13:31:21
mbam-log-2010-08-06 (13-31-21).txt

Typ skenu: Úplný sken (C:\|D:\|)
Skenované objekty: 576798
Uplynulý čas: 2 hodina(y), 52 minuta(y), 16 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 4

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
D:\Hw\Diplomka down\DownLoad\WinDriver\vb\samples\interrupt\interrupts.exe (Spyware.Passwords) -> No action taken.
D:\Hw\Diplomka down\DownLoad\WinDriver\vb\samples\parallel\parallel_port.exe (Spyware.Passwords) -> No action taken.
D:\Hw\Diplomka down\DownLoad\WinDriver\vb\samples\speaker\speaker.exe (Spyware.Passwords) -> No action taken.
C:\Documents and Settings\Halba\Data aplikací\avdrn.dat (Malware.Trace) -> No action taken.
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Vytizeny CPU, prosim o kontrolu logu

#12 Příspěvek od motji »

Otestujte na www.virustotal.com
D:\Hw\Diplomka down\DownLoad\WinDriver\vb\samples\interrupt\interrupts.exe
D:\Hw\Diplomka down\DownLoad\WinDriver\vb\samples\parallel\parallel_port.exe
D:\Hw\Diplomka down\DownLoad\WinDriver\vb\samples\speaker\speaker.exe
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Zaitsev
Návštěvník
Návštěvník
Příspěvky: 27
Registrován: 06 srp 2010 13:40

Re: Vytizeny CPU, prosim o kontrolu logu

#13 Příspěvek od Zaitsev »

Dobrý den,
snažil jsem se už věmožně čistit a odvirovávat - ve správci úloh - 7x svchost.exe, ale nikterak mi nepřijde, že procentuelně výrazně. CPU 100% a PC je zpomalený ve všech ohledech.

log:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Adolfik at 2010-08-06 14:35:34
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 31 GB (23%) free of 131 GB
Total RAM: 1023 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:36:49, on 6.8.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\rmctrl.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\program files\real\realplayer\RealPlay.exe
C:\Documents and Settings\Adolfik\Plocha\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\Adolfik.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Adolfik\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Adolfik\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Adolfik\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [RemoteControl] C:\WINDOWS\system32\rmctrl.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: updpxe32.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 5265427701
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 5266880186
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {FEC048AB-277A-460C-BF50-1A4193AEF148} (DownloadCenter Control) - http://192.168.1.249/cab/DownloadCenter_8200.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{865005C8-6FB1-46D5-B78A-D3319BB361E3}: NameServer = 192.168.1.1
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe

--
End of file - 11902 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\AWC Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1659004503-790525478-839522115-1003.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1659004503-790525478-839522115-1003.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{F7A6ADA6-3D06-44FD-BC50-AA49DB618CEC}.job
C:\WINDOWS\tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
C:\WINDOWS\tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job
C:\WINDOWS\tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job
C:\WINDOWS\tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-03-23 341600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{500BCA15-57A7-4eaf-8143-8C619470B13D}]
XML Class

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2007-08-31 1122128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Documents and Settings\Adolfik\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Adolfik\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-05-25 814648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-03 13529088]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-03 86016]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2010-03-16 47392]
"RemoteControl"=C:\WINDOWS\system32\rmctrl.exe [2000-10-16 32768]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2007-12-21 1443072]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-03-23 202256]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-03-17 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-07-21 141608]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-18 15360]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2007-08-31 1460560]
"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2009-11-06 323392]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-21 68856]
"Advanced SystemCare 3"=C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2010-07-02 2347216]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]

C:\Documents and Settings\Adolfik\Nabídka Start\Programy\Po spuštění
updpxe32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\v8010\DMMultiView\MultiView.exe"="C:\Program Files\v8010\DMMultiView\MultiView.exe:*:Enabled:MultiView"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"F:\bitdefender\bitdefender_avplus_v10.exe"="F:\bitdefender\bitdefender_avplus_v10.exe:*:Enabled:ipsec"
"F:\spybotsd15.exe"="F:\spybotsd15.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe:*:Enabled:ipsec"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Sony\Station\LaunchPad\LaunchPad.exe"="C:\Program Files\Sony\Station\LaunchPad\LaunchPad.exe:*:Enabled:LaunchPad"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe"="C:\Program Files\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe:*:Enabled:biahh"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-08-06 14:35:37 ----D---- C:\Program Files\trend micro
2010-08-06 14:35:34 ----D---- C:\rsit
2010-08-06 14:22:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\IObit
2010-08-01 11:20:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2010-07-25 16:53:46 ----D---- C:\Program Files\iPod
2010-07-25 16:47:28 ----D---- C:\Program Files\Bonjour

======List of files/folders modified in the last 1 months======

2010-08-06 14:36:19 ----D---- C:\WINDOWS\Temp
2010-08-06 14:35:37 ----RD---- C:\Program Files
2010-08-06 14:35:01 ----D---- C:\WINDOWS\Prefetch
2010-08-06 14:34:10 ----D---- C:\Documents and Settings\Adolfik\Data aplikací\DNA
2010-08-06 14:24:07 ----D---- C:\Program Files\DNA
2010-08-06 14:22:42 ----D---- C:\WINDOWS
2010-08-06 14:22:33 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-06 13:55:19 ----SD---- C:\WINDOWS\Tasks
2010-08-06 12:47:08 ----D---- C:\WINDOWS\system32\drivers
2010-08-06 12:46:59 ----D---- C:\WINDOWS\system32
2010-08-06 12:13:58 ----A---- C:\WINDOWS\m3jpeg.ini
2010-08-06 11:50:16 ----D---- C:\Documents and Settings\Adolfik\Data aplikací\IObit
2010-08-06 11:49:51 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-06 11:49:40 ----D---- C:\WINDOWS\system32\config
2010-08-06 11:49:39 ----D---- C:\WINDOWS\repair
2010-08-06 11:49:39 ----D---- C:\WINDOWS\Debug
2010-08-06 11:49:38 ----D---- C:\Temp
2010-08-06 11:49:38 ----D---- C:\Program Files\WorldNet
2010-08-06 11:49:38 ----D---- C:\Program Files\K-Lite Codec Pack
2010-08-06 11:49:35 ----D---- C:\Downloads
2010-08-06 11:49:33 ----SHD---- C:\WINDOWS\Installer
2010-08-06 11:49:32 ----D---- C:\Program Files\WinRAR
2010-08-06 11:49:32 ----D---- C:\Program Files\Apple Software Update
2010-08-01 11:37:17 ----D---- C:\Config.Msi
2010-08-01 11:34:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-08-01 11:34:34 ----D---- C:\Program Files\Common Files\Adobe
2010-08-01 11:20:22 ----HD---- C:\WINDOWS\inf
2010-08-01 11:20:16 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-01 11:18:56 ----HD---- C:\WINDOWS\$hf_mig$
2010-07-31 09:44:10 ----D---- C:\Program Files\Adobe
2010-07-25 16:54:56 ----D---- C:\Program Files\iTunes
2010-07-25 16:53:42 ----D---- C:\Program Files\Common Files\Apple
2010-07-25 16:48:14 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-07-25 16:43:34 ----D---- C:\Program Files\Safari
2010-07-20 12:04:45 ----A---- C:\WINDOWS\hpqcopy.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-01-04 43528]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2006-03-26 51200]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2006-03-13 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2005-05-16 19968]
R0 sfsync04;StarForce Protection Synchronization Driver (version 4.x); C:\WINDOWS\System32\drivers\sfsync04.sys [2006-03-24 50176]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-06-20 691696]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2007-03-30 82380]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-10-18 11008]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2007-12-21 30216]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2007-12-21 33800]
R1 HWiNFO32;HWiNFO32 Kernel Driver; \??\C:\Program Files\HWiNFO32\HWiNFO32.SYS []
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2004-08-18 14848]
R2 acedrv11;acedrv11; \??\C:\WINDOWS\system32\drivers\acedrv11.sys []
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2010-06-06 279712]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2007-12-21 39944]
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-09-21 25888]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Adapter; C:\WINDOWS\System32\DRIVERS\atl01_xp.sys [2006-07-27 34944]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-08-02 4356608]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2008-05-03 6554496]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 aonk1pvw;aonk1pvw; C:\WINDOWS\system32\drivers\aonk1pvw.sys []
S3 arkoeby4;arkoeby4; C:\WINDOWS\system32\drivers\arkoeby4.sys []
S3 Nokia USB Generic;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2006-05-29 8704]
S3 Nokia USB Modem;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2006-05-29 13312]
S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2006-05-29 127488]
S3 Nokia USB Port;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2006-05-29 13312]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176]
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2006-09-04 241664]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2007-12-21 468224]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-03 159812]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 UserAccess7;SecuROM User Access Service (V7); C:\WINDOWS\system32\UAService7.exe [2009-02-08 126976]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-07-21 540968]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-06 135664]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2007-12-21 19200]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-29 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe [2006-06-05 174080]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-18 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Vytizeny CPU, prosim o kontrolu logu

#14 Příspěvek od motji »

Zaitsev
Hezké odpoledne, vítejte na foru :)

Prosím založte si nový topic a vložte do něj log ze rsitu.
Takto by to bylo nepřehledné. Děkujeme za pochopení :) .
Nějaké potvůrky tam vidím, takže založte topic a počkejte, až se Vás někdo ujme :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
hal
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 05 srp 2010 23:24

Re: Vytizeny CPU, prosim o kontrolu logu

#15 Příspěvek od hal »

Tak ty soubory jsou v poradku, nicmene uz jsou na nic a lze je stejne smazat.
Mohu tedy problem pokladat za vyreseny a zeptat se v cem byl problem?
Jeste jednou mnohokrat dekuju a obdivne smekam :-)
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“