Logfile of random's system information tool 1.08 (written by random/random)
Run by pokoj at 2010-09-13 17:34:30
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 194 GB (51%) free of 382 GB
Total RAM: 2046 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:38:53, on 13.9.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\PDF Complete\pdfsty.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\vsnp2std.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\pokoj\Data aplikací\QipGuard\QipGuard.exe
C:\Documents and Settings\pokoj\Local Settings\Data aplikací\Google\Update\1.2.183.29\GoogleCrashHandler.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\PDF Complete\pdfsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Documents and Settings\pokoj\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pokoj\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pokoj\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pokoj\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pokoj\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pokoj\Plocha\RSIT.exe
C:\Program Files\trend micro\pokoj.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\pokoj\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\pokoj\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - (no file)
O3 - Toolbar: (no name) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - (no file)
O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\pokoj\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Documents and Settings\pokoj\Data aplikací\QipGuard\QipGuard.exe
O4 - HKCU\..\RunOnce: [WiseStubReboot] MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I "C:\Program Files\Common Files\Wise Installation Wizard\WISB83FC356B7C0441F8A4DD71E088E7974_9_09_0428.MSI" TRANSFORMS="C:\Program Files\Common Files\Wise Installation Wizard\WISB83FC356B7C0441F8A4DD71E088E7974_9_09_0428.MST" WISE_SETUP_EXE_PATH="c:\nvidia\displaydriver\186.18\international\PhysX_9.09.0428_SystemSoftware.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O20 - Winlogon Notify: winntn32 - winntn32.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 9414 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-839522115-527237240-682003330-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-839522115-527237240-682003330-1003UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-07-21 1619296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\pokoj\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2010-04-12 149968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-08-04 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{338B4DFE-2E2C-4338-9E41-E176D497299E}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"=C:\Program Files\PDF Complete\pdfsty.exe [2007-04-13 331552]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-07-17 2065760]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"nwiz"=nwiz.exe /installquiet []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-04-03 13670504]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-04-03 110696]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"FixCamera"=C:\WINDOWS\FixCamera.exe [2006-06-01 20480]
"tsnp2std"=C:\WINDOWS\tsnp2std.exe [2006-05-22 262144]
"snp2std"=C:\WINDOWS\vsnp2std.exe [2006-05-15 675840]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\pokoj\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-02-17 135664]
"QIP Internet Guardian"=C:\Documents and Settings\pokoj\Data aplikací\QipGuard\QipGuard.exe [2010-04-12 184272]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WiseStubReboot"=MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I C:\Program Files\Common Files\Wise Installation Wizard\WISB83FC356B7C0441F8A4DD71E088E7974_9_09_0428.MSI TRANSFORMS=C:\Program Files\Common Files\Wise Installation Wizard\WISB83FC356B7C0441F8A4DD71E088E7974_9_09_0428.MST WISE_SETUP_EXE_PATH=c:\nvidia\displaydriver\186.18\international\PhysX_9.09.0428_SystemSoftware.exe []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-07-17 12536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winntn32]
winntn32.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\World of Warcraft\WoW-3.2.0-enGB-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Warcraft III\Warcraft III\Warcraft III.exe"="C:\Program Files\Warcraft III\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\Program Files\Steam\steamapps\pavel88757\team fortress 2\hl2.exe"="C:\Program Files\Steam\steamapps\pavel88757\team fortress 2\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Ventrilo\Ventrilo.exe"="C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\ICQ7.1\aolload.exe"="C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Jabbim\jabbim.exe"="C:\Program Files\Jabbim\jabbim.exe:*:Enabled:Jabbim XMPP client"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe"="C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe:*:Enabled:Assassin's Creed II"
"C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe"="C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe:*:Enabled:Assassin's Creed II Update"
"C:\Program Files\Ubisoft\Assassin's Creed II\UPlayBrowser.exe"="C:\Program Files\Ubisoft\Assassin's Creed II\UPlayBrowser.exe:*:Enabled:Assassin's Creed II Uplay"
"C:\Program Files\Dead Space\Dead Space.exe"="C:\Program Files\Dead Space\Dead Space.exe:*:Enabled:Dead Space ™"
"C:\Casino\ParadiseCasino\casino.exe"="C:\Casino\ParadiseCasino\casino.exe:*:Disabled:casino"
"C:\Program Files\StarCraft II Beta\StarCraft II.exe"="C:\Program Files\StarCraft II Beta\StarCraft II.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\StarCraft II Beta\Versions\Base15343\SC2.exe"="C:\Program Files\StarCraft II Beta\Versions\Base15343\SC2.exe:*:Enabled:StarCraft II"
"C:\Program Files\StarCraft II Beta\Versions\Base15392\SC2.exe"="C:\Program Files\StarCraft II Beta\Versions\Base15392\SC2.exe:*:Enabled:StarCraft II"
"C:\Program Files\StarCraft II Beta\Versions\Base15449\SC2.exe"="C:\Program Files\StarCraft II Beta\Versions\Base15449\SC2.exe:*:Enabled:StarCraft II"
"C:\Program Files\FLOCK!\Flock.exe"="C:\Program Files\FLOCK!\Flock.exe:*:Enabled:FLOCK!"
"D:\HRY\left 4 dead\left4dead.exe"="D:\HRY\left 4 dead\left4dead.exe:*:Enabled:left4dead"
"J:\HRY\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="J:\HRY\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Documents and Settings\pokoj\Data aplikací\GameRanger\GameRanger\GameRanger.exe"="C:\Documents and Settings\pokoj\Data aplikací\GameRanger\GameRanger\GameRanger.exe:*:Enabled:GameRanger"
"C:\Program Files\Diablo II\Diablo II.exe"="C:\Program Files\Diablo II\Diablo II.exe:*:Enabled:Diablo II"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\Program Files\StarCraft II Beta\Versions\Base15623\SC2.exe"="C:\Program Files\StarCraft II Beta\Versions\Base15623\SC2.exe:*:Enabled:StarCraft II"
"C:\Program Files\StarCraft II\StarCraft II.exe"="C:\Program Files\StarCraft II\StarCraft II.exe:*:Enabled:Blizzard Launcher"
"C:\Documents and Settings\pokoj\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe"="C:\Documents and Settings\pokoj\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\StarCraft II\Versions\Base15405\SC2.exe"="C:\Program Files\StarCraft II\Versions\Base15405\SC2.exe:*:Enabled:StarCraft II"
"C:\Program Files\Grand Theft Auto IV\GTAIV.exe"="C:\Program Files\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Documents and Settings\pokoj\Plocha\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="C:\Documents and Settings\pokoj\Plocha\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\GTA4\Grand Theft Auto IV\LaunchGTAIV.exe"="C:\Program Files\GTA4\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\GTA4\Grand Theft Auto IV\GTAIV.exe"="C:\Program Files\GTA4\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\Mirrors Edge\Binaries\MirrorsEdge.exe"="C:\Program Files\Mirrors Edge\Binaries\MirrorsEdge.exe:*:Enabled:Mirror's Edge™"
"C:\Program Files\Steam\steamapps\pavel88757\source sdk base 2007\hl2.exe"="C:\Program Files\Steam\steamapps\pavel88757\source sdk base 2007\hl2.exe:*:Enabled:Source SDK Base 2007"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\pokoj\Local Settings\Apps\2.0\C2MN8RBC.JZ9\5D1QJTO9.GOO\curs..tion_eee711038731a406_0004.0000_172b37d8269e5e48\CurseClient.exe"="C:\Documents and Settings\pokoj\Local Settings\Apps\2.0\C2MN8RBC.JZ9\5D1QJTO9.GOO\curs..tion_eee711038731a406_0004.0000_172b37d8269e5e48\CurseClient.exe:*:Enabled:Curse Client 4.0"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\ICQ7.1\aolload.exe"="C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"
======File associations======
.js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"
======List of files/folders created in the last 1 months======
2010-09-13 17:34:30 ----D---- C:\rsit
2010-09-13 17:34:30 ----D---- C:\Program Files\trend micro
2010-09-01 22:22:34 ----D---- C:\Documents and Settings\pokoj\Data aplikací\NVIDIA
2010-09-01 22:10:59 ----D---- C:\Program Files\Mirrors Edge
2010-09-01 22:09:19 ----D---- C:\WINDOWS\E4D153288C89484BB9AAF5BE9EA6D01C.TMP
2010-09-01 19:59:47 ----D---- C:\Program Files\Rockstar Games
2010-09-01 19:32:54 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2010-09-01 15:21:48 ----D---- C:\Program Files\GTA4
2010-09-01 00:02:18 ----A---- C:\WINDOWS\system32\Msvcr71.dll
2010-09-01 00:02:18 ----A---- C:\WINDOWS\system32\mfc71.dll
2010-09-01 00:02:18 ----A---- C:\WINDOWS\system32\gdiplus.dll
2010-08-27 17:49:19 ----D---- C:\Documents and Settings\pokoj\Data aplikací\LucasArts
2010-08-26 14:07:24 ----RHD---- C:\Documents and Settings\pokoj\Data aplikací\SecuROM
2010-08-22 20:28:34 ----D---- C:\Documents and Settings\pokoj\Data aplikací\skypePM
2010-08-22 20:25:45 ----D---- C:\Documents and Settings\pokoj\Data aplikací\Skype
2010-08-22 20:25:18 ----D---- C:\Program Files\Common Files\Skype
2010-08-22 20:25:16 ----RD---- C:\Program Files\Skype
2010-08-22 20:25:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2010-08-22 18:08:25 ----A---- C:\WINDOWS\system32\drivers\MSTEE.sys
2010-08-22 18:08:22 ----A---- C:\WINDOWS\system32\drivers\NdisIP.sys
2010-08-22 18:08:20 ----A---- C:\WINDOWS\system32\drivers\StreamIP.sys
2010-08-22 18:08:19 ----A---- C:\WINDOWS\system32\drivers\SLIP.sys
2010-08-22 18:08:17 ----A---- C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2010-08-22 18:08:15 ----A---- C:\WINDOWS\system32\drivers\NABTSFEC.sys
2010-08-22 18:08:14 ----A---- C:\WINDOWS\system32\drivers\CCDECODE.sys
2010-08-22 18:07:59 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2010-08-22 18:06:34 ----A---- C:\WINDOWS\amcap.exe
2010-08-22 18:06:33 ----A---- C:\WINDOWS\WindowsXP-KB822603-x86.exe
2010-08-22 18:06:33 ----A---- C:\WINDOWS\FixCamera.exe
2010-08-22 18:06:31 ----A---- C:\WINDOWS\vsnp2std.exe
2010-08-22 18:06:31 ----A---- C:\WINDOWS\tsnp2std.exe
2010-08-22 18:06:30 ----A---- C:\WINDOWS\system32\drivers\snp2sxp.sys
2010-08-22 18:06:30 ----A---- C:\WINDOWS\system32\drivers\sncamd.sys
2010-08-22 18:06:30 ----A---- C:\WINDOWS\snp2std.ini
2010-08-22 18:06:28 ----A---- C:\WINDOWS\vsnp2std.dll
2010-08-22 18:06:28 ----A---- C:\WINDOWS\rsnp2std.dll
2010-08-22 18:06:27 ----D---- C:\Program Files\Common Files\snp2std
2010-08-22 18:06:27 ----A---- C:\WINDOWS\system32\csnp2std.dll
2010-08-20 14:10:58 ----D---- C:\Program Files\Common Files\Java
2010-08-20 14:10:43 ----A---- C:\WINDOWS\system32\javaws.exe
2010-08-20 14:10:43 ----A---- C:\WINDOWS\system32\javaw.exe
2010-08-20 14:10:43 ----A---- C:\WINDOWS\system32\java.exe
======List of files/folders modified in the last 1 months======
2010-09-13 17:34:34 ----D---- C:\WINDOWS\Prefetch
2010-09-13 17:34:30 ----RD---- C:\Program Files
2010-09-13 17:32:09 ----D---- C:\WINDOWS\Temp
2010-09-13 17:31:48 ----D---- C:\WINDOWS\system32\inetsrv
2010-09-13 17:31:10 ----D---- C:\WINDOWS
2010-09-13 09:16:58 ----D---- C:\WINDOWS\system32\drivers\Avg
2010-09-12 22:51:38 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-09-10 18:31:12 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-07 17:50:09 ----D---- C:\Program Files\Steam
2010-09-07 16:06:44 ----D---- C:\Program Files\World of Warcraft
2010-09-03 10:43:05 ----SHD---- C:\WINDOWS\Installer
2010-09-03 10:43:00 ----D---- C:\Program Files\Nokia
2010-09-03 10:43:00 ----D---- C:\Program Files\Common Files
2010-09-03 10:42:59 ----HD---- C:\WINDOWS\inf
2010-09-03 10:42:51 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-09-03 10:11:23 ----D---- C:\WINDOWS\system32\drivers
2010-09-01 22:10:59 ----D---- C:\WINDOWS\system32\DirectX
2010-09-01 22:10:49 ----RSD---- C:\WINDOWS\assembly
2010-09-01 22:09:14 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-09-01 19:32:54 ----D---- C:\WINDOWS\system32\CatRoot
2010-09-01 19:32:54 ----D---- C:\WINDOWS\system32
2010-09-01 15:21:53 ----HD---- C:\Program Files\InstallShield Installation Information
2010-08-25 13:54:51 ----D---- C:\Program Files\ICQ7.1
2010-08-25 00:03:10 ----A---- C:\WINDOWS\win.ini
2010-08-22 18:14:50 ----D---- C:\WINDOWS\security
2010-08-22 18:08:31 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-22 18:06:31 ----D---- C:\WINDOWS\twain_32
2010-08-20 14:10:40 ----D---- C:\Program Files\Java
2010-08-15 12:45:59 ----D---- C:\WINDOWS\Debug
2010-08-15 12:45:58 ----D---- C:\WINDOWS\Minidump
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-02-19 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-07-17 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-06-02 29584]
R1 AvgTdiX;AVG Free Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-07-17 243024]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-02-16 160256]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-02-08 5860384]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-04-04 10232128]
R3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2006-06-07 10305280]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 HWiNFO32;HWiNFO32 Kernel Driver; \??\C:\Documents and Settings\All Users\Plocha\HWiNFO32\HWiNFO32.SYS []
S3 aqvobgme;aqvobgme; C:\WINDOWS\system32\drivers\aqvobgme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 L6DP;L6DP; C:\WINDOWS\System32\Drivers\l6dp.sys []
S3 L6TPortGX;Service - Line 6 TonePort GX; C:\WINDOWS\System32\Drivers\L6TPortGX.sys [2010-03-25 571008]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2009-10-06 136704]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avg9emc;AVG Free E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-07-21 921952]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-07-17 308136]
R2 IISADMIN;Správa služby IIS; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-07-17 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-08-20 73728]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-04-03 154216]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2007-04-13 540448]
R2 SMTPSVC;Simple Mail Transport Protocol (SMTP); C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
R2 W3SVC;Publikování na webu; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-25 136176]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-05-11 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-30 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LPDSVC;Tiskový server TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2001-10-25 19456]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
občas pomalý pc - někdy i modrá smrt a restart pc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: občas pomalý pc - někdy i modrá smrt a restart pc
Zdravim a pekny vecer preji 
Podivejte se, jestli mate vytvorenou slozku C:\Windows\Minidump - mely by v ni byt soubory s priponou dmp - jsou to soubory kam se uklada stav tesne pred BSOD - pokud tam neco je, tak vsechny dmpecka zabalte a poslete na vyosek@forum.viry.cz - poprosim kolegu at se na ne podiva
Spustte HJT a provedeme fixnuti polozek
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Podivejte se, jestli mate vytvorenou slozku C:\Windows\Minidump - mely by v ni byt soubory s priponou dmp - jsou to soubory kam se uklada stav tesne pred BSOD - pokud tam neco je, tak vsechny dmpecka zabalte a poslete na vyosek@forum.viry.cz - poprosim kolegu at se na ne podiva Spustte HJT a provedeme fixnuti polozek
- HJT najdete zde C:\Program Files\trend micro\pokoj.exe
- Otevre se Vam okno, kliknete na Do a system scan only
- V dalsim okne najdete radky které jsem Vam vypsal nize, vedle nich je ctverecek, do ktereho udelate zatrzitko
- R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\pokoj\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file) - Kliknete na Fix checked (vlevo dole)
- HJT se Vas zepta zda opravdu ANO, s tim souhlasite a je hotovo
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Vložte do PC vsechny USB klice (flash disky, ext.disky apod.)
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: občas pomalý pc - někdy i modrá smrt a restart pc
tektéž zdravím a přeji dobrý večer
Zde je log z ComboFix:
ComboFix 10-09-12.04 - pokoj 13.09.2010 19:05:42.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1572 [GMT 2:00]
Spuštěný z: c:\documents and settings\pokoj\Plocha\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\install.exe
C:\setup.exe
c:\windows\system32\Cache
J:\Autorun.inf
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-08-13 do 2010-09-13 )))))))))))))))))))))))))))))))
.
2010-09-13 15:34 . 2010-09-13 16:38 -------- d-----w- c:\program files\trend micro
2010-09-13 15:34 . 2010-09-13 15:38 -------- d-----w- C:\rsit
2010-09-01 20:10 . 2010-09-01 20:22 -------- d-----w- c:\program files\Mirrors Edge
2010-09-01 20:09 . 2010-09-01 20:09 -------- d-----w- c:\windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP
2010-09-01 17:59 . 2010-09-01 17:59 -------- d-----w- c:\program files\Rockstar Games
2010-09-01 17:32 . 2010-09-01 17:32 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-09-01 13:21 . 2010-09-01 13:21 -------- d-----w- c:\program files\GTA4
2010-08-31 22:02 . 2010-08-31 22:02 348160 ----a-w- c:\windows\system32\Msvcr71.dll
2010-08-31 22:02 . 2010-08-31 22:02 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2010-08-31 22:02 . 2010-08-31 22:02 1060864 ----a-w- c:\windows\system32\mfc71.dll
2010-08-22 18:28 . 2010-08-22 18:28 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-08-22 18:25 . 2010-08-22 18:25 -------- d-----w- c:\program files\Common Files\Skype
2010-08-22 18:25 . 2010-08-22 18:25 -------- d-----r- c:\program files\Skype
2010-08-22 16:07 . 2008-04-14 06:52 54272 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2010-08-22 16:07 . 2008-04-14 06:52 54272 ----a-w- c:\windows\system32\vfwwdm32.dll
2010-08-22 16:06 . 2004-08-09 15:43 94208 ----a-w- c:\windows\amcap.exe
2010-08-22 16:06 . 2006-06-01 09:26 20480 ----a-w- c:\windows\FixCamera.exe
2010-08-22 16:06 . 2005-01-26 13:45 349472 ----a-w- c:\windows\WindowsXP-KB822603-x86.exe
2010-08-22 16:06 . 2006-05-22 08:37 262144 ----a-w- c:\windows\tsnp2std.exe
2010-08-22 16:06 . 2006-05-15 13:52 675840 ----a-w- c:\windows\vsnp2std.exe
2010-08-22 16:06 . 2006-06-07 08:34 10305280 ----a-w- c:\windows\system32\drivers\snp2sxp.sys
2010-08-22 16:06 . 2006-04-27 18:43 24832 ----a-w- c:\windows\system32\drivers\sncamd.sys
2010-08-22 16:06 . 2006-05-04 09:14 61440 ----a-w- c:\windows\vsnp2std.dll
2010-08-22 16:06 . 2006-04-07 08:33 147456 ----a-w- c:\windows\rsnp2std.dll
2010-08-22 16:06 . 2010-08-22 16:06 -------- d-----w- c:\program files\Common Files\snp2std
2010-08-22 16:06 . 2005-11-23 11:55 53248 ----a-w- c:\windows\system32\csnp2std.dll
2010-08-20 12:10 . 2010-08-20 12:10 -------- d-----w- c:\program files\Common Files\Java
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-07 15:50 . 2010-03-05 18:47 -------- d-----w- c:\program files\Steam
2010-09-07 14:06 . 2010-02-17 15:48 -------- d-----w- c:\program files\World of Warcraft
2010-09-03 08:43 . 2010-06-08 12:38 -------- d-----w- c:\program files\Nokia
2010-09-01 20:09 . 2010-02-16 16:41 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-09-01 13:21 . 2010-02-16 18:26 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-27 12:25 . 2010-03-08 15:03 99 ----a-w- c:\documents and settings\pokoj\jagex_runescape_preferences2.dat
2010-08-27 11:51 . 2010-03-08 15:02 46 ----a-w- c:\documents and settings\pokoj\jagex_runescape_preferences.dat
2010-08-25 11:54 . 2010-05-07 06:57 -------- d-----w- c:\program files\ICQ7.1
2010-08-20 12:10 . 2010-02-17 15:28 -------- d-----w- c:\program files\Java
2010-08-13 10:47 . 2001-10-25 12:00 495604 ----a-w- c:\windows\system32\perfh005.dat
2010-08-13 10:47 . 2001-10-25 12:00 105496 ----a-w- c:\windows\system32\perfc005.dat
2010-08-07 13:14 . 2010-02-26 14:45 -------- d-----w- c:\program files\Warcraft III
2010-07-29 13:37 . 2010-07-29 13:06 -------- d-----w- c:\program files\StarCraft II
2010-07-29 13:28 . 2010-02-17 15:46 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-07-27 15:22 . 2010-03-04 16:05 -------- d-----w- c:\program files\CCleaner
2010-07-20 18:50 . 2010-07-20 18:50 -------- d-----w- c:\program files\Infogrames
2010-07-17 07:56 . 2010-07-17 07:56 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-07-17 07:56 . 2010-02-17 15:20 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-07-17 07:55 . 2010-02-17 15:20 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-07-17 03:00 . 2010-05-01 13:25 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-06-30 12:33 . 2004-08-17 14:49 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:12 . 2004-08-17 14:49 668160 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 12:12 . 2004-08-17 14:49 81920 ----a-w- c:\windows\system32\ieencode.dll
2010-06-24 09:02 . 2004-08-17 14:44 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-22 15:33 . 2010-06-22 15:20 35350 ----a-w- c:\windows\DIIUnin.dat
2010-06-22 15:20 . 2010-06-22 15:20 94208 ----a-w- c:\windows\DIIUnin.exe
2010-06-22 15:20 . 2010-06-22 15:20 2829 ----a-w- c:\windows\DIIUnin.pif
2010-06-21 15:27 . 2004-08-03 22:14 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2004-08-17 14:49 80384 ----a-w- c:\windows\system32\iccvid.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\pokoj\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2010-02-17 135664]
"QIP Internet Guardian"="c:\documents and settings\pokoj\Data aplikací\QipGuard\QipGuard.exe" [2010-04-12 184272]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"WiseStubReboot"="MSIEXEC" [X]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2007-04-13 331552]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-07-17 2065760]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-03 13670504]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-04-03 110696]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"FixCamera"="c:\windows\FixCamera.exe" [2006-06-01 20480]
"tsnp2std"="c:\windows\tsnp2std.exe" [2006-05-22 262144]
"snp2std"="c:\windows\vsnp2std.exe" [2006-05-15 675840]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-07-17 07:56 12536 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\ICQ7.1\\ICQ.exe"=
"c:\\Program Files\\ICQ7.1\\aolload.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\AssassinsCreedIIGame.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\AssassinsCreedII.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\UPlayBrowser.exe"=
"c:\\Program Files\\Dead Space\\Dead Space.exe"=
"c:\\Casino\\ParadiseCasino\\casino.exe"=
"j:\\HRY\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Documents and Settings\\pokoj\\Data aplikací\\GameRanger\\GameRanger\\GameRanger.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\StarCraft II\\StarCraft II.exe"=
"c:\\Documents and Settings\\pokoj\\Data aplikací\\Macromedia\\Flash Player\\www.macromedia.com\\bin\\octoshape\\octoshape.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\StarCraft II\\Versions\\Base15405\\SC2.exe"=
"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Program Files\\GTA4\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"c:\\Program Files\\GTA4\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Program Files\\Mirrors Edge\\Binaries\\MirrorsEdge.exe"=
"c:\\Program Files\\Steam\\steamapps\\pavel88757\\source sdk base 2007\\hl2.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\pokoj\\Local Settings\\Apps\\2.0\\C2MN8RBC.JZ9\\5D1QJTO9.GOO\\curs..tion_eee711038731a406_0004.0000_172b37d8269e5e48\\CurseClient.exe"=
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [17.2.2010 17:20 216400]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [17.2.2010 17:20 243024]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [17.7.2010 9:55 921952]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [17.7.2010 9:56 308136]
R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [17.2.2010 16:49 540448]
S1 HWiNFO32;HWiNFO32 Kernel Driver;\??\c:\documents and settings\All Users\Plocha\HWiNFO32\HWiNFO32.SYS --> c:\documents and settings\All Users\Plocha\HWiNFO32\HWiNFO32.SYS [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [25.3.2010 22:34 136176]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [22.2.2010 21:29 90112]
S3 L6DP;L6DP;c:\windows\system32\Drivers\l6dp.sys --> c:\windows\system32\Drivers\l6dp.sys [?]
S3 L6TPortGX;Service - Line 6 TonePort GX;c:\windows\system32\drivers\L6TPortGX.sys [6.5.2010 10:51 571008]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [8.6.2010 14:38 136704]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [22.2.2010 21:29 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [22.2.2010 21:29 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [22.2.2010 21:29 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [22.2.2010 21:29 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [22.2.2010 21:29 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [22.2.2010 21:29 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [22.2.2010 21:29 115752]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [19.2.2010 21:54 691696]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 12:24 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
2010-09-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-25 20:34]
2010-09-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-25 20:34]
.
.
------- Doplňkový sken -------
.
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKLM-Run-nwiz - nwiz.exe
Notify-winntn32 - winntn32.dll
AddRemove-Half-Life - c:\half-life\Uninst.isu
AddRemove-TeamSpeak 3 Client - c:\documents and settings\pokoj\Local Settings\Data aplikací\TeamSpeak 3 Client\uninstall.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-13 19:09
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-839522115-527237240-682003330-1003\Software\SecuROM\License information*]
"datasecu"=hex:ec,57,51,2a,cd,bf,0b,5e,78,ba,15,a1,34,57,09,4d,c7,7c,ca,9e,73,
1b,d1,81,3c,61,21,93,62,95,d9,c1,1d,0d,7d,1b,3f,2b,5c,43,ab,37,12,89,74,cc,\
"rkeysecu"=hex:f1,1a,9d,8d,02,c1,5c,7a,04,a8,25,e0,ce,95,ba,4a
.
Celkový čas: 2010-09-13 19:11:26
ComboFix-quarantined-files.txt 2010-09-13 17:11
Před spuštěním: Volných bajtů: 203 290 234 880
Po spuštění: Volných bajtů: 203 291 185 152
- - End Of File - - 1BEA6255E804820756B25CBAAEF78EF3
Zde je log z ComboFix:
ComboFix 10-09-12.04 - pokoj 13.09.2010 19:05:42.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1572 [GMT 2:00]
Spuštěný z: c:\documents and settings\pokoj\Plocha\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\install.exe
C:\setup.exe
c:\windows\system32\Cache
J:\Autorun.inf
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-08-13 do 2010-09-13 )))))))))))))))))))))))))))))))
.
2010-09-13 15:34 . 2010-09-13 16:38 -------- d-----w- c:\program files\trend micro
2010-09-13 15:34 . 2010-09-13 15:38 -------- d-----w- C:\rsit
2010-09-01 20:10 . 2010-09-01 20:22 -------- d-----w- c:\program files\Mirrors Edge
2010-09-01 20:09 . 2010-09-01 20:09 -------- d-----w- c:\windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP
2010-09-01 17:59 . 2010-09-01 17:59 -------- d-----w- c:\program files\Rockstar Games
2010-09-01 17:32 . 2010-09-01 17:32 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-09-01 13:21 . 2010-09-01 13:21 -------- d-----w- c:\program files\GTA4
2010-08-31 22:02 . 2010-08-31 22:02 348160 ----a-w- c:\windows\system32\Msvcr71.dll
2010-08-31 22:02 . 2010-08-31 22:02 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2010-08-31 22:02 . 2010-08-31 22:02 1060864 ----a-w- c:\windows\system32\mfc71.dll
2010-08-22 18:28 . 2010-08-22 18:28 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-08-22 18:25 . 2010-08-22 18:25 -------- d-----w- c:\program files\Common Files\Skype
2010-08-22 18:25 . 2010-08-22 18:25 -------- d-----r- c:\program files\Skype
2010-08-22 16:07 . 2008-04-14 06:52 54272 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2010-08-22 16:07 . 2008-04-14 06:52 54272 ----a-w- c:\windows\system32\vfwwdm32.dll
2010-08-22 16:06 . 2004-08-09 15:43 94208 ----a-w- c:\windows\amcap.exe
2010-08-22 16:06 . 2006-06-01 09:26 20480 ----a-w- c:\windows\FixCamera.exe
2010-08-22 16:06 . 2005-01-26 13:45 349472 ----a-w- c:\windows\WindowsXP-KB822603-x86.exe
2010-08-22 16:06 . 2006-05-22 08:37 262144 ----a-w- c:\windows\tsnp2std.exe
2010-08-22 16:06 . 2006-05-15 13:52 675840 ----a-w- c:\windows\vsnp2std.exe
2010-08-22 16:06 . 2006-06-07 08:34 10305280 ----a-w- c:\windows\system32\drivers\snp2sxp.sys
2010-08-22 16:06 . 2006-04-27 18:43 24832 ----a-w- c:\windows\system32\drivers\sncamd.sys
2010-08-22 16:06 . 2006-05-04 09:14 61440 ----a-w- c:\windows\vsnp2std.dll
2010-08-22 16:06 . 2006-04-07 08:33 147456 ----a-w- c:\windows\rsnp2std.dll
2010-08-22 16:06 . 2010-08-22 16:06 -------- d-----w- c:\program files\Common Files\snp2std
2010-08-22 16:06 . 2005-11-23 11:55 53248 ----a-w- c:\windows\system32\csnp2std.dll
2010-08-20 12:10 . 2010-08-20 12:10 -------- d-----w- c:\program files\Common Files\Java
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-07 15:50 . 2010-03-05 18:47 -------- d-----w- c:\program files\Steam
2010-09-07 14:06 . 2010-02-17 15:48 -------- d-----w- c:\program files\World of Warcraft
2010-09-03 08:43 . 2010-06-08 12:38 -------- d-----w- c:\program files\Nokia
2010-09-01 20:09 . 2010-02-16 16:41 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-09-01 13:21 . 2010-02-16 18:26 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-27 12:25 . 2010-03-08 15:03 99 ----a-w- c:\documents and settings\pokoj\jagex_runescape_preferences2.dat
2010-08-27 11:51 . 2010-03-08 15:02 46 ----a-w- c:\documents and settings\pokoj\jagex_runescape_preferences.dat
2010-08-25 11:54 . 2010-05-07 06:57 -------- d-----w- c:\program files\ICQ7.1
2010-08-20 12:10 . 2010-02-17 15:28 -------- d-----w- c:\program files\Java
2010-08-13 10:47 . 2001-10-25 12:00 495604 ----a-w- c:\windows\system32\perfh005.dat
2010-08-13 10:47 . 2001-10-25 12:00 105496 ----a-w- c:\windows\system32\perfc005.dat
2010-08-07 13:14 . 2010-02-26 14:45 -------- d-----w- c:\program files\Warcraft III
2010-07-29 13:37 . 2010-07-29 13:06 -------- d-----w- c:\program files\StarCraft II
2010-07-29 13:28 . 2010-02-17 15:46 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-07-27 15:22 . 2010-03-04 16:05 -------- d-----w- c:\program files\CCleaner
2010-07-20 18:50 . 2010-07-20 18:50 -------- d-----w- c:\program files\Infogrames
2010-07-17 07:56 . 2010-07-17 07:56 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-07-17 07:56 . 2010-02-17 15:20 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-07-17 07:55 . 2010-02-17 15:20 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-07-17 03:00 . 2010-05-01 13:25 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-06-30 12:33 . 2004-08-17 14:49 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:12 . 2004-08-17 14:49 668160 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 12:12 . 2004-08-17 14:49 81920 ----a-w- c:\windows\system32\ieencode.dll
2010-06-24 09:02 . 2004-08-17 14:44 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-22 15:33 . 2010-06-22 15:20 35350 ----a-w- c:\windows\DIIUnin.dat
2010-06-22 15:20 . 2010-06-22 15:20 94208 ----a-w- c:\windows\DIIUnin.exe
2010-06-22 15:20 . 2010-06-22 15:20 2829 ----a-w- c:\windows\DIIUnin.pif
2010-06-21 15:27 . 2004-08-03 22:14 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2004-08-17 14:49 80384 ----a-w- c:\windows\system32\iccvid.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\pokoj\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2010-02-17 135664]
"QIP Internet Guardian"="c:\documents and settings\pokoj\Data aplikací\QipGuard\QipGuard.exe" [2010-04-12 184272]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"WiseStubReboot"="MSIEXEC" [X]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2007-04-13 331552]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-07-17 2065760]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-03 13670504]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-04-03 110696]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"FixCamera"="c:\windows\FixCamera.exe" [2006-06-01 20480]
"tsnp2std"="c:\windows\tsnp2std.exe" [2006-05-22 262144]
"snp2std"="c:\windows\vsnp2std.exe" [2006-05-15 675840]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-07-17 07:56 12536 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\ICQ7.1\\ICQ.exe"=
"c:\\Program Files\\ICQ7.1\\aolload.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\AssassinsCreedIIGame.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\AssassinsCreedII.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\UPlayBrowser.exe"=
"c:\\Program Files\\Dead Space\\Dead Space.exe"=
"c:\\Casino\\ParadiseCasino\\casino.exe"=
"j:\\HRY\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Documents and Settings\\pokoj\\Data aplikací\\GameRanger\\GameRanger\\GameRanger.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\StarCraft II\\StarCraft II.exe"=
"c:\\Documents and Settings\\pokoj\\Data aplikací\\Macromedia\\Flash Player\\www.macromedia.com\\bin\\octoshape\\octoshape.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\StarCraft II\\Versions\\Base15405\\SC2.exe"=
"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Program Files\\GTA4\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"c:\\Program Files\\GTA4\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Program Files\\Mirrors Edge\\Binaries\\MirrorsEdge.exe"=
"c:\\Program Files\\Steam\\steamapps\\pavel88757\\source sdk base 2007\\hl2.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\pokoj\\Local Settings\\Apps\\2.0\\C2MN8RBC.JZ9\\5D1QJTO9.GOO\\curs..tion_eee711038731a406_0004.0000_172b37d8269e5e48\\CurseClient.exe"=
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [17.2.2010 17:20 216400]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [17.2.2010 17:20 243024]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [17.7.2010 9:55 921952]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [17.7.2010 9:56 308136]
R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [17.2.2010 16:49 540448]
S1 HWiNFO32;HWiNFO32 Kernel Driver;\??\c:\documents and settings\All Users\Plocha\HWiNFO32\HWiNFO32.SYS --> c:\documents and settings\All Users\Plocha\HWiNFO32\HWiNFO32.SYS [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [25.3.2010 22:34 136176]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [22.2.2010 21:29 90112]
S3 L6DP;L6DP;c:\windows\system32\Drivers\l6dp.sys --> c:\windows\system32\Drivers\l6dp.sys [?]
S3 L6TPortGX;Service - Line 6 TonePort GX;c:\windows\system32\drivers\L6TPortGX.sys [6.5.2010 10:51 571008]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [8.6.2010 14:38 136704]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [22.2.2010 21:29 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [22.2.2010 21:29 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [22.2.2010 21:29 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [22.2.2010 21:29 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [22.2.2010 21:29 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [22.2.2010 21:29 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [22.2.2010 21:29 115752]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [19.2.2010 21:54 691696]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 12:24 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
2010-09-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-25 20:34]
2010-09-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-25 20:34]
.
.
------- Doplňkový sken -------
.
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKLM-Run-nwiz - nwiz.exe
Notify-winntn32 - winntn32.dll
AddRemove-Half-Life - c:\half-life\Uninst.isu
AddRemove-TeamSpeak 3 Client - c:\documents and settings\pokoj\Local Settings\Data aplikací\TeamSpeak 3 Client\uninstall.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-13 19:09
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-839522115-527237240-682003330-1003\Software\SecuROM\License information*]
"datasecu"=hex:ec,57,51,2a,cd,bf,0b,5e,78,ba,15,a1,34,57,09,4d,c7,7c,ca,9e,73,
1b,d1,81,3c,61,21,93,62,95,d9,c1,1d,0d,7d,1b,3f,2b,5c,43,ab,37,12,89,74,cc,\
"rkeysecu"=hex:f1,1a,9d,8d,02,c1,5c,7a,04,a8,25,e0,ce,95,ba,4a
.
Celkový čas: 2010-09-13 19:11:26
ComboFix-quarantined-files.txt 2010-09-13 17:11
Před spuštěním: Volných bajtů: 203 290 234 880
Po spuštění: Volných bajtů: 203 291 185 152
- - End Of File - - 1BEA6255E804820756B25CBAAEF78EF3
Re: občas pomalý pc - někdy i modrá smrt a restart pc
Nasledujici soubory otestujte na VirusTotalu (viz muj podpis)
- c:\documents and settings\All Users\Plocha\HWiNFO32\HWiNFO32.SYS
- Kliknete na Prochazet
- Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
- Pokud napise Soubor byl jiz testovan, dejte otestovat znovu (ReAnalyse)
- Kliknete na Otestovat soubor
- Vysledek analyzy sem vlozte (jako odkaz)
Zapojte do PC vsechny USB klice (flashky, ext. disky apod.) - zrejme je mate nakazene virem Autorun.inf
- Stahne a ulozte na plochu UsbFix http://www.viry.cz/forum/viewtopic.php?f=24&t=102308
- Spustte a kliknete na Deletion
- Po dokonceni sem vlozte log, pokud na Vas nevyskoci, najdete jej zde C:\UsbFix.txt
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: občas pomalý pc - někdy i modrá smrt a restart pc
U VirusTotalu mně to píše, že: Tato cesta neexistuje..
Ale UsbFix Log mám:
############################## | UsbFix 7.024 | [Deletion]
User: pokoj (Administrator) # VACLAV-FE8AA932 [ ]
Updated 09/09/10 by El Desaparecido / C_XX
Started at 19:39:59 | 13/09/2010
Website: http://www.teamxscript.org
Contact: FindyKill.Contact@gmail.com
CPU: Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz
Systém Microsoft Windows XP Professional (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 6.0.2900.5512
Windows Firewall: Enabled
Antivirus: AVG Anti-Virus Free 9.0 [(!) Disabled | Updated]
RAM -> 2046 Mb
C:\ (%systemdrive%) -> Fixed drive # 373 Gb (189 Mb free - 51%) [] # NTFS
H:\ -> CD-ROM
J:\ -> Fixed drive # 931 Gb (538 Mb free - 58%) [HADR] # FAT32
################## | Files # Infected Folders |
################## | Registry |
Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools
Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
################## | Mountpoints2 |
################## | Listing |
[17/02/2010 - 17:20:31 | D ] C:\$AVG
[19/02/2010 - 17:56:50 | D ] C:\98e9f4bd14699e1b7a
[06/07/2010 - 16:07:47 | D ] C:\Acala3gpMovies
[18/02/2010 - 21:01:49 | RD ] C:\AHCache
[15/02/2010 - 23:33:00 | A | 0] C:\AUTOEXEC.BAT
[15/02/2010 - 23:28:08 | SH | 211] C:\boot.ini
[25/10/2001 - 14:00:00 | RASH | 4952] C:\Bootfont.bin
[14/05/2010 - 06:17:25 | D ] C:\Casino
[13/09/2010 - 19:11:26 | A | 14171] C:\ComboFix.txt
[15/02/2010 - 23:33:00 | A | 0] C:\CONFIG.SYS
[19/02/2010 - 23:32:57 | D ] C:\DirectX
[15/02/2010 - 23:36:28 | D ] C:\Documents and Settings
[19/02/2010 - 17:58:24 | D ] C:\ef1b40f2d2f72eddbffe83b34bd06a03
[07/11/2007 - 08:00:40 | A | 17734] C:\eula.1028.txt
[07/11/2007 - 08:00:40 | A | 17734] C:\eula.1031.txt
[07/11/2007 - 08:00:40 | A | 10134] C:\eula.1033.txt
[07/11/2007 - 08:00:40 | A | 17734] C:\eula.1036.txt
[07/11/2007 - 08:00:40 | A | 17734] C:\eula.1040.txt
[07/11/2007 - 08:00:40 | A | 118] C:\eula.1041.txt
[07/11/2007 - 08:00:40 | A | 17734] C:\eula.1042.txt
[07/11/2007 - 08:00:40 | A | 17734] C:\eula.2052.txt
[07/11/2007 - 08:00:40 | A | 17734] C:\eula.3082.txt
[07/11/2007 - 08:00:40 | A | 1110] C:\globdata.ini
[16/02/2010 - 17:49:02 | D ] C:\Inetpub
[07/11/2007 - 08:00:40 | A | 843] C:\install.ini
[07/11/2007 - 08:03:18 | A | 76304] C:\install.res.1028.dll
[07/11/2007 - 08:03:18 | A | 96272] C:\install.res.1031.dll
[07/11/2007 - 08:03:18 | A | 91152] C:\install.res.1033.dll
[07/11/2007 - 08:03:18 | A | 97296] C:\install.res.1036.dll
[07/11/2007 - 08:03:18 | A | 95248] C:\install.res.1040.dll
[07/11/2007 - 08:03:18 | A | 81424] C:\install.res.1041.dll
[07/11/2007 - 08:03:18 | A | 79888] C:\install.res.1042.dll
[07/11/2007 - 08:03:18 | A | 75792] C:\install.res.2052.dll
[07/11/2007 - 08:03:18 | A | 96272] C:\install.res.3082.dll
[16/02/2010 - 20:29:38 | D ] C:\Intel
[15/02/2010 - 23:33:00 | RASH | 0] C:\IO.SYS
[15/02/2010 - 23:33:00 | RASH | 0] C:\MSDOS.SYS
[03/08/2004 - 23:38:34 | RASH | 47564] C:\NTDETECT.COM
[16/02/2010 - 18:48:05 | RASH | 250576] C:\ntldr
[16/02/2010 - 18:40:23 | D ] C:\NVIDIA
[13/09/2010 - 19:02:26 | ASH | 2145386496] C:\pagefile.sys
[13/04/2010 - 20:27:08 | D ] C:\PASCAL7
[11/03/2010 - 23:06:27 | A | 173] C:\pdisdk.log
[13/09/2010 - 17:34:30 | RD ] C:\Program Files
[13/09/2010 - 19:11:28 | AD ] C:\Qoobox
[13/09/2010 - 19:40:46 | SHD ] C:\RECYCLER
[13/09/2010 - 17:38:55 | D ] C:\rsit
[24/08/2010 - 23:15:03 | A | 28824] C:\snp2sxp-001.raw
[17/02/2010 - 17:01:24 | D ] C:\SWSetup
[15/02/2010 - 23:35:31 | SHD ] C:\System Volume Information
[13/09/2010 - 19:40:46 | D ] C:\UsbFix
[13/09/2010 - 19:40:50 | A | 1043] C:\UsbFix.txt
[07/11/2007 - 08:00:40 | A | 5686] C:\vcredist.bmp
[07/11/2007 - 08:09:22 | A | 1442522] C:\VC_RED.cab
[07/11/2007 - 08:12:28 | A | 232960] C:\VC_RED.MSI
[18/04/2010 - 11:52:59 | A | 13970] C:\video.pass
[13/09/2010 - 19:09:49 | D ] C:\WINDOWS
[24/10/2009 - 14:28:00 | D ] J:\$RECYCLE.BIN
[01/01/1980 - 00:00:00 | A | 65521] J:\Coredump
[28/11/2009 - 14:31:40 | D ] J:\FILMY SERIALY
[28/11/2009 - 14:30:28 | D ] J:\HRY
[16/06/2009 - 15:16:40 | SHD ] J:\System Volume Information
[16/06/2009 - 15:23:18 | SHD ] J:\Recycled
################## | Vaccin |
C:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
J:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
################## | E.O.F |
Ale UsbFix Log mám:
############################## | UsbFix 7.024 | [Deletion]
User: pokoj (Administrator) # VACLAV-FE8AA932 [ ]
Updated 09/09/10 by El Desaparecido / C_XX
Started at 19:39:59 | 13/09/2010
Website: http://www.teamxscript.org
Contact: FindyKill.Contact@gmail.com
CPU: Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz
Systém Microsoft Windows XP Professional (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 6.0.2900.5512
Windows Firewall: Enabled
Antivirus: AVG Anti-Virus Free 9.0 [(!) Disabled | Updated]
RAM -> 2046 Mb
C:\ (%systemdrive%) -> Fixed drive # 373 Gb (189 Mb free - 51%) [] # NTFS
H:\ -> CD-ROM
J:\ -> Fixed drive # 931 Gb (538 Mb free - 58%) [HADR] # FAT32
################## | Files # Infected Folders |
################## | Registry |
Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools
Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
################## | Mountpoints2 |
################## | Listing |
[17/02/2010 - 17:20:31 | D ] C:\$AVG
[19/02/2010 - 17:56:50 | D ] C:\98e9f4bd14699e1b7a
[06/07/2010 - 16:07:47 | D ] C:\Acala3gpMovies
[18/02/2010 - 21:01:49 | RD ] C:\AHCache
[15/02/2010 - 23:33:00 | A | 0] C:\AUTOEXEC.BAT
[15/02/2010 - 23:28:08 | SH | 211] C:\boot.ini
[25/10/2001 - 14:00:00 | RASH | 4952] C:\Bootfont.bin
[14/05/2010 - 06:17:25 | D ] C:\Casino
[13/09/2010 - 19:11:26 | A | 14171] C:\ComboFix.txt
[15/02/2010 - 23:33:00 | A | 0] C:\CONFIG.SYS
[19/02/2010 - 23:32:57 | D ] C:\DirectX
[15/02/2010 - 23:36:28 | D ] C:\Documents and Settings
[19/02/2010 - 17:58:24 | D ] C:\ef1b40f2d2f72eddbffe83b34bd06a03
[07/11/2007 - 08:00:40 | A | 17734] C:\eula.1028.txt
[07/11/2007 - 08:00:40 | A | 17734] C:\eula.1031.txt
[07/11/2007 - 08:00:40 | A | 10134] C:\eula.1033.txt
[07/11/2007 - 08:00:40 | A | 17734] C:\eula.1036.txt
[07/11/2007 - 08:00:40 | A | 17734] C:\eula.1040.txt
[07/11/2007 - 08:00:40 | A | 118] C:\eula.1041.txt
[07/11/2007 - 08:00:40 | A | 17734] C:\eula.1042.txt
[07/11/2007 - 08:00:40 | A | 17734] C:\eula.2052.txt
[07/11/2007 - 08:00:40 | A | 17734] C:\eula.3082.txt
[07/11/2007 - 08:00:40 | A | 1110] C:\globdata.ini
[16/02/2010 - 17:49:02 | D ] C:\Inetpub
[07/11/2007 - 08:00:40 | A | 843] C:\install.ini
[07/11/2007 - 08:03:18 | A | 76304] C:\install.res.1028.dll
[07/11/2007 - 08:03:18 | A | 96272] C:\install.res.1031.dll
[07/11/2007 - 08:03:18 | A | 91152] C:\install.res.1033.dll
[07/11/2007 - 08:03:18 | A | 97296] C:\install.res.1036.dll
[07/11/2007 - 08:03:18 | A | 95248] C:\install.res.1040.dll
[07/11/2007 - 08:03:18 | A | 81424] C:\install.res.1041.dll
[07/11/2007 - 08:03:18 | A | 79888] C:\install.res.1042.dll
[07/11/2007 - 08:03:18 | A | 75792] C:\install.res.2052.dll
[07/11/2007 - 08:03:18 | A | 96272] C:\install.res.3082.dll
[16/02/2010 - 20:29:38 | D ] C:\Intel
[15/02/2010 - 23:33:00 | RASH | 0] C:\IO.SYS
[15/02/2010 - 23:33:00 | RASH | 0] C:\MSDOS.SYS
[03/08/2004 - 23:38:34 | RASH | 47564] C:\NTDETECT.COM
[16/02/2010 - 18:48:05 | RASH | 250576] C:\ntldr
[16/02/2010 - 18:40:23 | D ] C:\NVIDIA
[13/09/2010 - 19:02:26 | ASH | 2145386496] C:\pagefile.sys
[13/04/2010 - 20:27:08 | D ] C:\PASCAL7
[11/03/2010 - 23:06:27 | A | 173] C:\pdisdk.log
[13/09/2010 - 17:34:30 | RD ] C:\Program Files
[13/09/2010 - 19:11:28 | AD ] C:\Qoobox
[13/09/2010 - 19:40:46 | SHD ] C:\RECYCLER
[13/09/2010 - 17:38:55 | D ] C:\rsit
[24/08/2010 - 23:15:03 | A | 28824] C:\snp2sxp-001.raw
[17/02/2010 - 17:01:24 | D ] C:\SWSetup
[15/02/2010 - 23:35:31 | SHD ] C:\System Volume Information
[13/09/2010 - 19:40:46 | D ] C:\UsbFix
[13/09/2010 - 19:40:50 | A | 1043] C:\UsbFix.txt
[07/11/2007 - 08:00:40 | A | 5686] C:\vcredist.bmp
[07/11/2007 - 08:09:22 | A | 1442522] C:\VC_RED.cab
[07/11/2007 - 08:12:28 | A | 232960] C:\VC_RED.MSI
[18/04/2010 - 11:52:59 | A | 13970] C:\video.pass
[13/09/2010 - 19:09:49 | D ] C:\WINDOWS
[24/10/2009 - 14:28:00 | D ] J:\$RECYCLE.BIN
[01/01/1980 - 00:00:00 | A | 65521] J:\Coredump
[28/11/2009 - 14:31:40 | D ] J:\FILMY SERIALY
[28/11/2009 - 14:30:28 | D ] J:\HRY
[16/06/2009 - 15:16:40 | SHD ] J:\System Volume Information
[16/06/2009 - 15:23:18 | SHD ] J:\Recycled
################## | Vaccin |
C:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
J:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
################## | E.O.F |
Re: občas pomalý pc - někdy i modrá smrt a restart pc
Dobra tedy, jdeme dale, jeste docistime...
Pokud nemate, tak presunte Combofix na plochu
Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci
Pokud nemate, tak presunte Combofix na plochu
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Registry:: [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "WiseStubReboot"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{338B4DFE-2E2C-4338-9E41-E176D497299E}"=- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Google Update"=- [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Documents and Settings\\pokoj\\Local Settings\\Apps\\2.0\\C2MN8RBC.JZ9\\5D1QJTO9.GOO\\curs..tion_eee711038731a406_0004.0000_172b37d8269e5e48\\CurseClient.exe"=- File:: C:\Documents and Settings\pokoj\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-839522115-527237240-682003330-1003Core.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-839522115-527237240-682003330-1003UA.job c:\windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP RegLock:: [HKEY_USERS\S-1-5-21-839522115-527237240-682003330-1003\Software\SecuROM\License information*]- Ulozte vytvoreny TXT jako CFScript.txt
- Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
- Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: občas pomalý pc - někdy i modrá smrt a restart pc
Restartoval jsem PC naběhl v pohodě..
ComboFix 10-09-12.04 - pokoj 13.09.2010 19:57:15.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1546 [GMT 2:00]
Spuštěný z: c:\documents and settings\pokoj\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\pokoj\Plocha\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
FILE ::
"c:\documents and settings\pokoj\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll"
"c:\windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP"
"c:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-839522115-527237240-682003330-1003Core.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-839522115-527237240-682003330-1003UA.job"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\pokoj\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
c:\windows\tasks\GoogleUpdateTaskMachineCore.job
c:\windows\tasks\GoogleUpdateTaskMachineUA.job
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-08-13 do 2010-09-13 )))))))))))))))))))))))))))))))
.
2010-09-13 17:39 . 2010-09-13 17:40 -------- d-----w- C:\UsbFix
2010-09-13 15:34 . 2010-09-13 16:38 -------- d-----w- c:\program files\trend micro
2010-09-13 15:34 . 2010-09-13 15:38 -------- d-----w- C:\rsit
2010-09-01 20:10 . 2010-09-01 20:22 -------- d-----w- c:\program files\Mirrors Edge
2010-09-01 20:09 . 2010-09-01 20:09 -------- d-----w- c:\windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP
2010-09-01 17:59 . 2010-09-01 17:59 -------- d-----w- c:\program files\Rockstar Games
2010-09-01 17:32 . 2010-09-01 17:32 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-09-01 13:21 . 2010-09-01 13:21 -------- d-----w- c:\program files\GTA4
2010-08-31 22:02 . 2010-08-31 22:02 348160 ----a-w- c:\windows\system32\Msvcr71.dll
2010-08-31 22:02 . 2010-08-31 22:02 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2010-08-31 22:02 . 2010-08-31 22:02 1060864 ----a-w- c:\windows\system32\mfc71.dll
2010-08-22 18:28 . 2010-08-22 18:28 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-08-22 18:25 . 2010-08-22 18:25 -------- d-----w- c:\program files\Common Files\Skype
2010-08-22 18:25 . 2010-08-22 18:25 -------- d-----r- c:\program files\Skype
2010-08-22 16:07 . 2008-04-14 06:52 54272 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2010-08-22 16:07 . 2008-04-14 06:52 54272 ----a-w- c:\windows\system32\vfwwdm32.dll
2010-08-22 16:06 . 2004-08-09 15:43 94208 ----a-w- c:\windows\amcap.exe
2010-08-22 16:06 . 2006-06-01 09:26 20480 ----a-w- c:\windows\FixCamera.exe
2010-08-22 16:06 . 2005-01-26 13:45 349472 ----a-w- c:\windows\WindowsXP-KB822603-x86.exe
2010-08-22 16:06 . 2006-05-22 08:37 262144 ----a-w- c:\windows\tsnp2std.exe
2010-08-22 16:06 . 2006-05-15 13:52 675840 ----a-w- c:\windows\vsnp2std.exe
2010-08-22 16:06 . 2006-06-07 08:34 10305280 ----a-w- c:\windows\system32\drivers\snp2sxp.sys
2010-08-22 16:06 . 2006-04-27 18:43 24832 ----a-w- c:\windows\system32\drivers\sncamd.sys
2010-08-22 16:06 . 2006-05-04 09:14 61440 ----a-w- c:\windows\vsnp2std.dll
2010-08-22 16:06 . 2006-04-07 08:33 147456 ----a-w- c:\windows\rsnp2std.dll
2010-08-22 16:06 . 2010-08-22 16:06 -------- d-----w- c:\program files\Common Files\snp2std
2010-08-22 16:06 . 2005-11-23 11:55 53248 ----a-w- c:\windows\system32\csnp2std.dll
2010-08-20 12:10 . 2010-08-20 12:10 -------- d-----w- c:\program files\Common Files\Java
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-07 15:50 . 2010-03-05 18:47 -------- d-----w- c:\program files\Steam
2010-09-07 14:06 . 2010-02-17 15:48 -------- d-----w- c:\program files\World of Warcraft
2010-09-03 08:43 . 2010-06-08 12:38 -------- d-----w- c:\program files\Nokia
2010-09-01 20:09 . 2010-02-16 16:41 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-09-01 13:21 . 2010-02-16 18:26 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-27 12:25 . 2010-03-08 15:03 99 ----a-w- c:\documents and settings\pokoj\jagex_runescape_preferences2.dat
2010-08-27 11:51 . 2010-03-08 15:02 46 ----a-w- c:\documents and settings\pokoj\jagex_runescape_preferences.dat
2010-08-25 11:54 . 2010-05-07 06:57 -------- d-----w- c:\program files\ICQ7.1
2010-08-20 12:10 . 2010-02-17 15:28 -------- d-----w- c:\program files\Java
2010-08-13 10:47 . 2001-10-25 12:00 495604 ----a-w- c:\windows\system32\perfh005.dat
2010-08-13 10:47 . 2001-10-25 12:00 105496 ----a-w- c:\windows\system32\perfc005.dat
2010-08-07 13:14 . 2010-02-26 14:45 -------- d-----w- c:\program files\Warcraft III
2010-07-29 13:37 . 2010-07-29 13:06 -------- d-----w- c:\program files\StarCraft II
2010-07-29 13:28 . 2010-02-17 15:46 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-07-27 15:22 . 2010-03-04 16:05 -------- d-----w- c:\program files\CCleaner
2010-07-20 18:50 . 2010-07-20 18:50 -------- d-----w- c:\program files\Infogrames
2010-07-17 07:56 . 2010-07-17 07:56 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-07-17 07:56 . 2010-02-17 15:20 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-07-17 07:55 . 2010-02-17 15:20 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-07-17 03:00 . 2010-05-01 13:25 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-06-30 12:33 . 2004-08-17 14:49 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:12 . 2004-08-17 14:49 668160 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 12:12 . 2004-08-17 14:49 81920 ----a-w- c:\windows\system32\ieencode.dll
2010-06-24 09:02 . 2004-08-17 14:44 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-22 15:33 . 2010-06-22 15:20 35350 ----a-w- c:\windows\DIIUnin.dat
2010-06-22 15:20 . 2010-06-22 15:20 94208 ----a-w- c:\windows\DIIUnin.exe
2010-06-22 15:20 . 2010-06-22 15:20 2829 ----a-w- c:\windows\DIIUnin.pif
2010-06-21 15:27 . 2004-08-03 22:14 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2004-08-17 14:49 80384 ----a-w- c:\windows\system32\iccvid.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-09-13_17.09.49 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-09-13 17:43 . 2010-09-13 17:43 16384 c:\windows\Temp\Perflib_Perfdata_a4.dat
+ 2010-02-16 15:48 . 2010-09-13 17:43 224438 c:\windows\system32\inetsrv\MetaBase.bin
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QIP Internet Guardian"="c:\documents and settings\pokoj\Data aplikací\QipGuard\QipGuard.exe" [2010-04-12 184272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2007-04-13 331552]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-07-17 2065760]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-03 13670504]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-04-03 110696]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"FixCamera"="c:\windows\FixCamera.exe" [2006-06-01 20480]
"tsnp2std"="c:\windows\tsnp2std.exe" [2006-05-22 262144]
"snp2std"="c:\windows\vsnp2std.exe" [2006-05-15 675840]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-07-17 07:56 12536 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\ICQ7.1\\ICQ.exe"=
"c:\\Program Files\\ICQ7.1\\aolload.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\AssassinsCreedIIGame.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\AssassinsCreedII.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\UPlayBrowser.exe"=
"c:\\Program Files\\Dead Space\\Dead Space.exe"=
"c:\\Casino\\ParadiseCasino\\casino.exe"=
"j:\\HRY\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Documents and Settings\\pokoj\\Data aplikací\\GameRanger\\GameRanger\\GameRanger.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\StarCraft II\\StarCraft II.exe"=
"c:\\Documents and Settings\\pokoj\\Data aplikací\\Macromedia\\Flash Player\\www.macromedia.com\\bin\\octoshape\\octoshape.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\StarCraft II\\Versions\\Base15405\\SC2.exe"=
"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Program Files\\GTA4\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"c:\\Program Files\\GTA4\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Program Files\\Mirrors Edge\\Binaries\\MirrorsEdge.exe"=
"c:\\Program Files\\Steam\\steamapps\\pavel88757\\source sdk base 2007\\hl2.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [17.2.2010 17:20 216400]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [17.2.2010 17:20 243024]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [17.7.2010 9:55 921952]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [17.7.2010 9:56 308136]
R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [17.2.2010 16:49 540448]
S1 HWiNFO32;HWiNFO32 Kernel Driver;\??\c:\documents and settings\All Users\Plocha\HWiNFO32\HWiNFO32.SYS --> c:\documents and settings\All Users\Plocha\HWiNFO32\HWiNFO32.SYS [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [25.3.2010 22:34 136176]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [22.2.2010 21:29 90112]
S3 L6DP;L6DP;c:\windows\system32\Drivers\l6dp.sys --> c:\windows\system32\Drivers\l6dp.sys [?]
S3 L6TPortGX;Service - Line 6 TonePort GX;c:\windows\system32\drivers\L6TPortGX.sys [6.5.2010 10:51 571008]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [8.6.2010 14:38 136704]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [22.2.2010 21:29 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [22.2.2010 21:29 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [22.2.2010 21:29 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [22.2.2010 21:29 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [22.2.2010 21:29 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [22.2.2010 21:29 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [22.2.2010 21:29 115752]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [19.2.2010 21:54 691696]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 12:24 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
.
------- Doplňkový sken -------
.
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-13 20:01
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-839522115-527237240-682003330-1003\Software\SecuROM\License information*]
"datasecu"=hex:ec,57,51,2a,cd,bf,0b,5e,78,ba,15,a1,34,57,09,4d,c7,7c,ca,9e,73,
1b,d1,81,3c,61,21,93,62,95,d9,c1,1d,0d,7d,1b,3f,2b,5c,43,ab,37,12,89,74,cc,\
"rkeysecu"=hex:f1,1a,9d,8d,02,c1,5c,7a,04,a8,25,e0,ce,95,ba,4a
.
Celkový čas: 2010-09-13 20:03:11
ComboFix-quarantined-files.txt 2010-09-13 18:03
ComboFix2.txt 2010-09-13 17:11
Před spuštěním: Volných bajtů: 203 233 349 632
Po spuštění: Volných bajtů: 203 222 773 760
- - End Of File - - 64A39286A633F16F1DF3447068396AC9
ComboFix 10-09-12.04 - pokoj 13.09.2010 19:57:15.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1546 [GMT 2:00]
Spuštěný z: c:\documents and settings\pokoj\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\pokoj\Plocha\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
FILE ::
"c:\documents and settings\pokoj\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll"
"c:\windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP"
"c:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-839522115-527237240-682003330-1003Core.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-839522115-527237240-682003330-1003UA.job"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\pokoj\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
c:\windows\tasks\GoogleUpdateTaskMachineCore.job
c:\windows\tasks\GoogleUpdateTaskMachineUA.job
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-08-13 do 2010-09-13 )))))))))))))))))))))))))))))))
.
2010-09-13 17:39 . 2010-09-13 17:40 -------- d-----w- C:\UsbFix
2010-09-13 15:34 . 2010-09-13 16:38 -------- d-----w- c:\program files\trend micro
2010-09-13 15:34 . 2010-09-13 15:38 -------- d-----w- C:\rsit
2010-09-01 20:10 . 2010-09-01 20:22 -------- d-----w- c:\program files\Mirrors Edge
2010-09-01 20:09 . 2010-09-01 20:09 -------- d-----w- c:\windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP
2010-09-01 17:59 . 2010-09-01 17:59 -------- d-----w- c:\program files\Rockstar Games
2010-09-01 17:32 . 2010-09-01 17:32 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-09-01 13:21 . 2010-09-01 13:21 -------- d-----w- c:\program files\GTA4
2010-08-31 22:02 . 2010-08-31 22:02 348160 ----a-w- c:\windows\system32\Msvcr71.dll
2010-08-31 22:02 . 2010-08-31 22:02 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2010-08-31 22:02 . 2010-08-31 22:02 1060864 ----a-w- c:\windows\system32\mfc71.dll
2010-08-22 18:28 . 2010-08-22 18:28 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-08-22 18:25 . 2010-08-22 18:25 -------- d-----w- c:\program files\Common Files\Skype
2010-08-22 18:25 . 2010-08-22 18:25 -------- d-----r- c:\program files\Skype
2010-08-22 16:07 . 2008-04-14 06:52 54272 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2010-08-22 16:07 . 2008-04-14 06:52 54272 ----a-w- c:\windows\system32\vfwwdm32.dll
2010-08-22 16:06 . 2004-08-09 15:43 94208 ----a-w- c:\windows\amcap.exe
2010-08-22 16:06 . 2006-06-01 09:26 20480 ----a-w- c:\windows\FixCamera.exe
2010-08-22 16:06 . 2005-01-26 13:45 349472 ----a-w- c:\windows\WindowsXP-KB822603-x86.exe
2010-08-22 16:06 . 2006-05-22 08:37 262144 ----a-w- c:\windows\tsnp2std.exe
2010-08-22 16:06 . 2006-05-15 13:52 675840 ----a-w- c:\windows\vsnp2std.exe
2010-08-22 16:06 . 2006-06-07 08:34 10305280 ----a-w- c:\windows\system32\drivers\snp2sxp.sys
2010-08-22 16:06 . 2006-04-27 18:43 24832 ----a-w- c:\windows\system32\drivers\sncamd.sys
2010-08-22 16:06 . 2006-05-04 09:14 61440 ----a-w- c:\windows\vsnp2std.dll
2010-08-22 16:06 . 2006-04-07 08:33 147456 ----a-w- c:\windows\rsnp2std.dll
2010-08-22 16:06 . 2010-08-22 16:06 -------- d-----w- c:\program files\Common Files\snp2std
2010-08-22 16:06 . 2005-11-23 11:55 53248 ----a-w- c:\windows\system32\csnp2std.dll
2010-08-20 12:10 . 2010-08-20 12:10 -------- d-----w- c:\program files\Common Files\Java
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-07 15:50 . 2010-03-05 18:47 -------- d-----w- c:\program files\Steam
2010-09-07 14:06 . 2010-02-17 15:48 -------- d-----w- c:\program files\World of Warcraft
2010-09-03 08:43 . 2010-06-08 12:38 -------- d-----w- c:\program files\Nokia
2010-09-01 20:09 . 2010-02-16 16:41 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-09-01 13:21 . 2010-02-16 18:26 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-27 12:25 . 2010-03-08 15:03 99 ----a-w- c:\documents and settings\pokoj\jagex_runescape_preferences2.dat
2010-08-27 11:51 . 2010-03-08 15:02 46 ----a-w- c:\documents and settings\pokoj\jagex_runescape_preferences.dat
2010-08-25 11:54 . 2010-05-07 06:57 -------- d-----w- c:\program files\ICQ7.1
2010-08-20 12:10 . 2010-02-17 15:28 -------- d-----w- c:\program files\Java
2010-08-13 10:47 . 2001-10-25 12:00 495604 ----a-w- c:\windows\system32\perfh005.dat
2010-08-13 10:47 . 2001-10-25 12:00 105496 ----a-w- c:\windows\system32\perfc005.dat
2010-08-07 13:14 . 2010-02-26 14:45 -------- d-----w- c:\program files\Warcraft III
2010-07-29 13:37 . 2010-07-29 13:06 -------- d-----w- c:\program files\StarCraft II
2010-07-29 13:28 . 2010-02-17 15:46 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-07-27 15:22 . 2010-03-04 16:05 -------- d-----w- c:\program files\CCleaner
2010-07-20 18:50 . 2010-07-20 18:50 -------- d-----w- c:\program files\Infogrames
2010-07-17 07:56 . 2010-07-17 07:56 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-07-17 07:56 . 2010-02-17 15:20 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-07-17 07:55 . 2010-02-17 15:20 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-07-17 03:00 . 2010-05-01 13:25 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-06-30 12:33 . 2004-08-17 14:49 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:12 . 2004-08-17 14:49 668160 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 12:12 . 2004-08-17 14:49 81920 ----a-w- c:\windows\system32\ieencode.dll
2010-06-24 09:02 . 2004-08-17 14:44 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-22 15:33 . 2010-06-22 15:20 35350 ----a-w- c:\windows\DIIUnin.dat
2010-06-22 15:20 . 2010-06-22 15:20 94208 ----a-w- c:\windows\DIIUnin.exe
2010-06-22 15:20 . 2010-06-22 15:20 2829 ----a-w- c:\windows\DIIUnin.pif
2010-06-21 15:27 . 2004-08-03 22:14 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2004-08-17 14:49 80384 ----a-w- c:\windows\system32\iccvid.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-09-13_17.09.49 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-09-13 17:43 . 2010-09-13 17:43 16384 c:\windows\Temp\Perflib_Perfdata_a4.dat
+ 2010-02-16 15:48 . 2010-09-13 17:43 224438 c:\windows\system32\inetsrv\MetaBase.bin
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QIP Internet Guardian"="c:\documents and settings\pokoj\Data aplikací\QipGuard\QipGuard.exe" [2010-04-12 184272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2007-04-13 331552]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-07-17 2065760]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-03 13670504]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-04-03 110696]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"FixCamera"="c:\windows\FixCamera.exe" [2006-06-01 20480]
"tsnp2std"="c:\windows\tsnp2std.exe" [2006-05-22 262144]
"snp2std"="c:\windows\vsnp2std.exe" [2006-05-15 675840]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-07-17 07:56 12536 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\ICQ7.1\\ICQ.exe"=
"c:\\Program Files\\ICQ7.1\\aolload.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\AssassinsCreedIIGame.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\AssassinsCreedII.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\UPlayBrowser.exe"=
"c:\\Program Files\\Dead Space\\Dead Space.exe"=
"c:\\Casino\\ParadiseCasino\\casino.exe"=
"j:\\HRY\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Documents and Settings\\pokoj\\Data aplikací\\GameRanger\\GameRanger\\GameRanger.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\StarCraft II\\StarCraft II.exe"=
"c:\\Documents and Settings\\pokoj\\Data aplikací\\Macromedia\\Flash Player\\www.macromedia.com\\bin\\octoshape\\octoshape.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\StarCraft II\\Versions\\Base15405\\SC2.exe"=
"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Program Files\\GTA4\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"c:\\Program Files\\GTA4\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Program Files\\Mirrors Edge\\Binaries\\MirrorsEdge.exe"=
"c:\\Program Files\\Steam\\steamapps\\pavel88757\\source sdk base 2007\\hl2.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [17.2.2010 17:20 216400]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [17.2.2010 17:20 243024]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [17.7.2010 9:55 921952]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [17.7.2010 9:56 308136]
R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [17.2.2010 16:49 540448]
S1 HWiNFO32;HWiNFO32 Kernel Driver;\??\c:\documents and settings\All Users\Plocha\HWiNFO32\HWiNFO32.SYS --> c:\documents and settings\All Users\Plocha\HWiNFO32\HWiNFO32.SYS [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [25.3.2010 22:34 136176]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [22.2.2010 21:29 90112]
S3 L6DP;L6DP;c:\windows\system32\Drivers\l6dp.sys --> c:\windows\system32\Drivers\l6dp.sys [?]
S3 L6TPortGX;Service - Line 6 TonePort GX;c:\windows\system32\drivers\L6TPortGX.sys [6.5.2010 10:51 571008]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [8.6.2010 14:38 136704]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [22.2.2010 21:29 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [22.2.2010 21:29 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [22.2.2010 21:29 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [22.2.2010 21:29 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [22.2.2010 21:29 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [22.2.2010 21:29 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [22.2.2010 21:29 115752]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [19.2.2010 21:54 691696]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 12:24 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
.
------- Doplňkový sken -------
.
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-13 20:01
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-839522115-527237240-682003330-1003\Software\SecuROM\License information*]
"datasecu"=hex:ec,57,51,2a,cd,bf,0b,5e,78,ba,15,a1,34,57,09,4d,c7,7c,ca,9e,73,
1b,d1,81,3c,61,21,93,62,95,d9,c1,1d,0d,7d,1b,3f,2b,5c,43,ab,37,12,89,74,cc,\
"rkeysecu"=hex:f1,1a,9d,8d,02,c1,5c,7a,04,a8,25,e0,ce,95,ba,4a
.
Celkový čas: 2010-09-13 20:03:11
ComboFix-quarantined-files.txt 2010-09-13 18:03
ComboFix2.txt 2010-09-13 17:11
Před spuštěním: Volných bajtů: 203 233 349 632
Po spuštění: Volných bajtů: 203 222 773 760
- - End Of File - - 64A39286A633F16F1DF3447068396AC9
Re: občas pomalý pc - někdy i modrá smrt a restart pc
Fajn, jak se chova PC 
Na rozlusteni te BSOD budeme muset pockat, kolega tu byva hlavne v noci...zatim se pokusime zbavit pomaleho PC...
Na rozlusteni te BSOD budeme muset pockat, kolega tu byva hlavne v noci...zatim se pokusime zbavit pomaleho PC..."Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: občas pomalý pc - někdy i modrá smrt a restart pc
Zatím podle mě běží líp ale uvidí se časem jestli se nějak zpomalí nebo ne
K tomu BSOD.. informujte mě zde nebo přes e-mail?
Zatím moc moc díky
ale uvidí se časem jestli se nějak zpomalí nebo ne K tomu BSOD.. informujte mě zde nebo přes e-mail?
Zatím moc moc díky
Re: občas pomalý pc - někdy i modrá smrt a restart pc
Jeste neutikejte, uklidime po utilitach a jeste neco malo pro zrychleni snad udelame Vytah z toho dmp souboru dam sem, aby byl pristupny i kolegum ale poslu Vam i mail ze to tu je...
Odinstalujte Combofix
Znovu spusťte Usbfix a zvolte možnost Uninstall.
Havet se usadila v bodech obnoveni - smazte je dle navodu kolegy riffa http://www.viry.cz/forum/viewtopic.php?f=11&t=47040
T-Cleaner http://sweb.cz/Marinus/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner (viz muj podpis), pri instalaci dejte fajfku pryc u yahoo toolbaru
Panel čistič
Otevrete si poznamkovy blok
Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R
Doporucuji provest defragmentaci disku
Vlozte novy log ze RSITu a napiste ci se PC jeste nejak zlepsilo
Vytah z toho dmp souboru dam sem, aby byl pristupny i kolegum ale poslu Vam i mail ze to tu je... Odinstalujte Combofix
- Start - Spustit (nebo pouzijte klavesobou zkratku Win+R)
- Napiste ComboFix /Uninstall
- Stisknete Enter
- Tohle smaze Combofix a jeho slozky
Znovu spusťte Usbfix a zvolte možnost Uninstall. Havet se usadila v bodech obnoveni - smazte je dle navodu kolegy riffa http://www.viry.cz/forum/viewtopic.php?f=11&t=47040 T-Cleaner http://sweb.cz/Marinus/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner (viz muj podpis), pri instalaci dejte fajfku pryc u yahoo toolbaruPanel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
Otevrete si poznamkovy blok
- Start->spustit->notepad
- Vlozte text nize
Kód: Vybrat vše
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"=- "Adobe Reader Speed Launcher"=-- Soubor ulozte jako oprava.reg
- Pri ukladani dejte ulozit jako typ Vsechny soubory (nastevni je uvedeno na obrazku nize)
- Zavrit notepad a spustit dvojklikem oprava.reg
- Pripadny dotaz na zmenu registru potvrdte
- Okno jen problikne a opravi regsitry - soubor muzete smazat
Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R
- Vyskoci na Vas okenko, do ktereho zkopirujte text nize
Kód: Vybrat vše
services.msc- Kliknete na OK
- Najdete sluzby nize
- Google Update Service
- U kazde provedte toto
- Klik na ni pravym mysidlem a zvolit Vlastnosti
- Nyní klik na Zastavit
- Typ spousteni nastavit na Zakazano
- Potvrdte kliknutim na OK
Doporucuji provest defragmentaci disku
- Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
- Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
- prepnete se do zalozky Nastroje
- Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
- Toto provedte se vsemi disky
- Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
- Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
- Kliknete na Analyzovat
- Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
- Postup provedte se vsemi disky
- Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
- Vyhodou programku je, ze se neinstaluje
- Staci tedy jen stahnout dle verze vaseho OS a rozbalit
- Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
- Probehne analyza disku a nasledne i defragmentace
Vlozte novy log ze RSITu a napiste ci se PC jeste nejak zlepsilo"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: občas pomalý pc - někdy i modrá smrt a restart pc
Tak jo zatím jsem udělal všechno. Teď probíhá ta defragmentace pomocí prográmku od Piriformu (38% fragmentováno) a tak si myslím že to bude trvat trošku dýl.. ten nový log vám mám poslat až po defragmentaci (což bude asi ráno) nebo můžu i teď ještě než to defragmentuju?
Re: občas pomalý pc - někdy i modrá smrt a restart pc
Defragmentace log z RSITu neovlivni, spise jestli se da na PC pracovat kdyz probiha defragmentace - PC muze byt hodne pomale...38% je hodne velka fragmentace, takze to mohlo i zpomalovat PC...
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: občas pomalý pc - někdy i modrá smrt a restart pc
Tak jo zde je další log z RSIT. Defragmentace probíhá a počítač nejede nějak extrémně pomalu..
Logfile of random's system information tool 1.08 (written by random/random)
Run by pokoj at 2010-09-13 21:53:05
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 198 GB (52%) free of 382 GB
Total RAM: 2046 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:53:35, on 13.9.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\PDF Complete\pdfsty.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\vsnp2std.exe
C:\Documents and Settings\pokoj\Data aplikací\QipGuard\QipGuard.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Documents and Settings\pokoj\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\Program Files\PDF Complete\pdfsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Documents and Settings\pokoj\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pokoj\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pokoj\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\Defraggler\Defraggler.exe
C:\Documents and Settings\pokoj\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pokoj\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pokoj\Plocha\RSIT.exe
C:\Program Files\trend micro\pokoj.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - (no file)
O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Documents and Settings\pokoj\Data aplikací\QipGuard\QipGuard.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 7609 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-07-21 1619296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-08-04 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"=C:\Program Files\PDF Complete\pdfsty.exe [2007-04-13 331552]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-07-17 2065760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-04-03 13670504]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-04-03 110696]
"FixCamera"=C:\WINDOWS\FixCamera.exe [2006-06-01 20480]
"tsnp2std"=C:\WINDOWS\tsnp2std.exe [2006-05-22 262144]
"snp2std"=C:\WINDOWS\vsnp2std.exe [2006-05-15 675840]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"QIP Internet Guardian"=C:\Documents and Settings\pokoj\Data aplikací\QipGuard\QipGuard.exe [2010-04-12 184272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-07-17 12536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\Warcraft III\Warcraft III\Warcraft III.exe"="C:\Program Files\Warcraft III\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\Program Files\Ventrilo\Ventrilo.exe"="C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\ICQ7.1\aolload.exe"="C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe"="C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe:*:Enabled:Assassin's Creed II"
"C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe"="C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe:*:Enabled:Assassin's Creed II Update"
"C:\Program Files\Ubisoft\Assassin's Creed II\UPlayBrowser.exe"="C:\Program Files\Ubisoft\Assassin's Creed II\UPlayBrowser.exe:*:Enabled:Assassin's Creed II Uplay"
"C:\Program Files\Dead Space\Dead Space.exe"="C:\Program Files\Dead Space\Dead Space.exe:*:Enabled:Dead Space ™"
"C:\Casino\ParadiseCasino\casino.exe"="C:\Casino\ParadiseCasino\casino.exe:*:Disabled:casino"
"J:\HRY\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="J:\HRY\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Documents and Settings\pokoj\Data aplikací\GameRanger\GameRanger\GameRanger.exe"="C:\Documents and Settings\pokoj\Data aplikací\GameRanger\GameRanger\GameRanger.exe:*:Enabled:GameRanger"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\StarCraft II\StarCraft II.exe"="C:\Program Files\StarCraft II\StarCraft II.exe:*:Enabled:Blizzard Launcher"
"C:\Documents and Settings\pokoj\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe"="C:\Documents and Settings\pokoj\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\StarCraft II\Versions\Base15405\SC2.exe"="C:\Program Files\StarCraft II\Versions\Base15405\SC2.exe:*:Enabled:StarCraft II"
"C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\Program Files\GTA4\Grand Theft Auto IV\LaunchGTAIV.exe"="C:\Program Files\GTA4\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\GTA4\Grand Theft Auto IV\GTAIV.exe"="C:\Program Files\GTA4\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\Mirrors Edge\Binaries\MirrorsEdge.exe"="C:\Program Files\Mirrors Edge\Binaries\MirrorsEdge.exe:*:Enabled:Mirror's Edge™"
"C:\Program Files\Steam\steamapps\pavel88757\source sdk base 2007\hl2.exe"="C:\Program Files\Steam\steamapps\pavel88757\source sdk base 2007\hl2.exe:*:Enabled:Source SDK Base 2007"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\ICQ7.1\aolload.exe"="C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"
======File associations======
.js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"
======List of files/folders created in the last 1 months======
2010-09-13 21:53:05 ----D---- C:\rsit
2010-09-13 21:07:51 ----D---- C:\Program Files\Defraggler
2010-09-13 20:05:30 ----SHD---- C:\RECYCLER
2010-09-13 19:40:50 ----RAD---- C:\Autorun.inf
2010-09-13 18:46:14 ----D---- C:\Documents and Settings\pokoj\Data aplikací\AVG9
2010-09-13 17:34:30 ----D---- C:\Program Files\trend micro
2010-09-01 22:22:34 ----D---- C:\Documents and Settings\pokoj\Data aplikací\NVIDIA
2010-09-01 22:10:59 ----D---- C:\Program Files\Mirrors Edge
2010-09-01 19:59:47 ----D---- C:\Program Files\Rockstar Games
2010-09-01 19:32:54 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2010-09-01 15:21:48 ----D---- C:\Program Files\GTA4
2010-09-01 00:02:18 ----A---- C:\WINDOWS\system32\Msvcr71.dll
2010-09-01 00:02:18 ----A---- C:\WINDOWS\system32\mfc71.dll
2010-09-01 00:02:18 ----A---- C:\WINDOWS\system32\gdiplus.dll
2010-08-27 17:49:19 ----D---- C:\Documents and Settings\pokoj\Data aplikací\LucasArts
2010-08-26 14:07:24 ----RHD---- C:\Documents and Settings\pokoj\Data aplikací\SecuROM
2010-08-22 20:28:34 ----D---- C:\Documents and Settings\pokoj\Data aplikací\skypePM
2010-08-22 20:25:45 ----D---- C:\Documents and Settings\pokoj\Data aplikací\Skype
2010-08-22 20:25:18 ----D---- C:\Program Files\Common Files\Skype
2010-08-22 20:25:16 ----RD---- C:\Program Files\Skype
2010-08-22 20:25:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2010-08-22 18:08:25 ----A---- C:\WINDOWS\system32\drivers\MSTEE.sys
2010-08-22 18:08:22 ----A---- C:\WINDOWS\system32\drivers\NdisIP.sys
2010-08-22 18:08:20 ----A---- C:\WINDOWS\system32\drivers\StreamIP.sys
2010-08-22 18:08:19 ----A---- C:\WINDOWS\system32\drivers\SLIP.sys
2010-08-22 18:08:17 ----A---- C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2010-08-22 18:08:15 ----A---- C:\WINDOWS\system32\drivers\NABTSFEC.sys
2010-08-22 18:08:14 ----A---- C:\WINDOWS\system32\drivers\CCDECODE.sys
2010-08-22 18:07:59 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2010-08-22 18:06:34 ----A---- C:\WINDOWS\amcap.exe
2010-08-22 18:06:33 ----A---- C:\WINDOWS\WindowsXP-KB822603-x86.exe
2010-08-22 18:06:33 ----A---- C:\WINDOWS\FixCamera.exe
2010-08-22 18:06:31 ----A---- C:\WINDOWS\vsnp2std.exe
2010-08-22 18:06:31 ----A---- C:\WINDOWS\tsnp2std.exe
2010-08-22 18:06:30 ----A---- C:\WINDOWS\system32\drivers\snp2sxp.sys
2010-08-22 18:06:30 ----A---- C:\WINDOWS\system32\drivers\sncamd.sys
2010-08-22 18:06:30 ----A---- C:\WINDOWS\snp2std.ini
2010-08-22 18:06:28 ----A---- C:\WINDOWS\vsnp2std.dll
2010-08-22 18:06:28 ----A---- C:\WINDOWS\rsnp2std.dll
2010-08-22 18:06:27 ----D---- C:\Program Files\Common Files\snp2std
2010-08-22 18:06:27 ----A---- C:\WINDOWS\system32\csnp2std.dll
2010-08-20 14:10:58 ----D---- C:\Program Files\Common Files\Java
2010-08-20 14:10:43 ----A---- C:\WINDOWS\system32\javaws.exe
2010-08-20 14:10:43 ----A---- C:\WINDOWS\system32\javaw.exe
2010-08-20 14:10:43 ----A---- C:\WINDOWS\system32\java.exe
======List of files/folders modified in the last 1 months======
2010-09-13 21:53:12 ----D---- C:\WINDOWS\Prefetch
2010-09-13 21:07:51 ----RD---- C:\Program Files
2010-09-13 21:07:03 ----D---- C:\WINDOWS\system32\inetsrv
2010-09-13 21:04:40 ----D---- C:\WINDOWS\Temp
2010-09-13 21:04:40 ----D---- C:\WINDOWS
2010-09-13 21:01:24 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-09-13 21:01:14 ----D---- C:\WINDOWS\system32
2010-09-13 20:56:33 ----D---- C:\WINDOWS\Minidump
2010-09-13 20:56:19 ----SHD---- C:\System Volume Information
2010-09-13 20:56:19 ----D---- C:\WINDOWS\system32\Restore
2010-09-13 20:46:13 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-13 20:01:56 ----A---- C:\WINDOWS\system.ini
2010-09-13 20:01:50 ----D---- C:\WINDOWS\system32\drivers\etc
2010-09-13 20:01:40 ----SD---- C:\WINDOWS\Tasks
2010-09-13 20:00:52 ----D---- C:\WINDOWS\system32\drivers
2010-09-13 20:00:52 ----D---- C:\WINDOWS\AppPatch
2010-09-13 20:00:50 ----D---- C:\Program Files\Common Files
2010-09-13 17:44:45 ----D---- C:\WINDOWS\system32\drivers\Avg
2010-09-07 17:50:09 ----D---- C:\Program Files\Steam
2010-09-07 16:06:44 ----D---- C:\Program Files\World of Warcraft
2010-09-03 10:43:05 ----SHD---- C:\WINDOWS\Installer
2010-09-03 10:43:00 ----D---- C:\Program Files\Nokia
2010-09-03 10:42:59 ----HD---- C:\WINDOWS\inf
2010-09-03 10:42:51 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-09-01 22:10:59 ----D---- C:\WINDOWS\system32\DirectX
2010-09-01 22:10:49 ----RSD---- C:\WINDOWS\assembly
2010-09-01 22:09:14 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-09-01 19:32:54 ----D---- C:\WINDOWS\system32\CatRoot
2010-09-01 15:21:53 ----HD---- C:\Program Files\InstallShield Installation Information
2010-08-25 13:54:51 ----D---- C:\Program Files\ICQ7.1
2010-08-25 00:03:10 ----A---- C:\WINDOWS\win.ini
2010-08-22 18:14:50 ----D---- C:\WINDOWS\security
2010-08-22 18:08:31 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-22 18:06:31 ----D---- C:\WINDOWS\twain_32
2010-08-20 14:10:40 ----D---- C:\Program Files\Java
2010-08-15 12:45:59 ----D---- C:\WINDOWS\Debug
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-02-19 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-07-17 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-06-02 29584]
R1 AvgTdiX;AVG Free Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-07-17 243024]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-02-16 160256]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-02-08 5860384]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-04-04 10232128]
R3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2006-06-07 10305280]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 HWiNFO32;HWiNFO32 Kernel Driver; \??\C:\Documents and Settings\All Users\Plocha\HWiNFO32\HWiNFO32.SYS []
S3 axtjbeep;axtjbeep; C:\WINDOWS\system32\drivers\axtjbeep.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 L6DP;L6DP; C:\WINDOWS\System32\Drivers\l6dp.sys []
S3 L6TPortGX;Service - Line 6 TonePort GX; C:\WINDOWS\System32\Drivers\L6TPortGX.sys [2010-03-25 571008]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2009-10-06 136704]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avg9emc;AVG Free E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-07-21 921952]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-07-17 308136]
R2 IISADMIN;Správa služby IIS; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-07-17 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-08-20 73728]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-04-03 154216]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2007-04-13 540448]
R2 SMTPSVC;Simple Mail Transport Protocol (SMTP); C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
R2 W3SVC;Publikování na webu; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-05-11 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-30 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LPDSVC;Tiskový server TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2001-10-25 19456]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-25 136176]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Logfile of random's system information tool 1.08 (written by random/random)
Run by pokoj at 2010-09-13 21:53:05
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 198 GB (52%) free of 382 GB
Total RAM: 2046 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:53:35, on 13.9.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\PDF Complete\pdfsty.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\FixCamera.exe
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\vsnp2std.exe
C:\Documents and Settings\pokoj\Data aplikací\QipGuard\QipGuard.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Documents and Settings\pokoj\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\Program Files\PDF Complete\pdfsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Documents and Settings\pokoj\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pokoj\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pokoj\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\Defraggler\Defraggler.exe
C:\Documents and Settings\pokoj\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pokoj\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\pokoj\Plocha\RSIT.exe
C:\Program Files\trend micro\pokoj.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - (no file)
O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Documents and Settings\pokoj\Data aplikací\QipGuard\QipGuard.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 7609 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-07-21 1619296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-08-04 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"=C:\Program Files\PDF Complete\pdfsty.exe [2007-04-13 331552]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-07-17 2065760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-04-03 13670504]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-04-03 110696]
"FixCamera"=C:\WINDOWS\FixCamera.exe [2006-06-01 20480]
"tsnp2std"=C:\WINDOWS\tsnp2std.exe [2006-05-22 262144]
"snp2std"=C:\WINDOWS\vsnp2std.exe [2006-05-15 675840]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"QIP Internet Guardian"=C:\Documents and Settings\pokoj\Data aplikací\QipGuard\QipGuard.exe [2010-04-12 184272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-07-17 12536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\Warcraft III\Warcraft III\Warcraft III.exe"="C:\Program Files\Warcraft III\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\Program Files\Ventrilo\Ventrilo.exe"="C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\ICQ7.1\aolload.exe"="C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe"="C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe:*:Enabled:Assassin's Creed II"
"C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe"="C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe:*:Enabled:Assassin's Creed II Update"
"C:\Program Files\Ubisoft\Assassin's Creed II\UPlayBrowser.exe"="C:\Program Files\Ubisoft\Assassin's Creed II\UPlayBrowser.exe:*:Enabled:Assassin's Creed II Uplay"
"C:\Program Files\Dead Space\Dead Space.exe"="C:\Program Files\Dead Space\Dead Space.exe:*:Enabled:Dead Space ™"
"C:\Casino\ParadiseCasino\casino.exe"="C:\Casino\ParadiseCasino\casino.exe:*:Disabled:casino"
"J:\HRY\Rockstar Games\Grand Theft Auto IV\GTAIV.exe"="J:\HRY\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Documents and Settings\pokoj\Data aplikací\GameRanger\GameRanger\GameRanger.exe"="C:\Documents and Settings\pokoj\Data aplikací\GameRanger\GameRanger\GameRanger.exe:*:Enabled:GameRanger"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\StarCraft II\StarCraft II.exe"="C:\Program Files\StarCraft II\StarCraft II.exe:*:Enabled:Blizzard Launcher"
"C:\Documents and Settings\pokoj\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe"="C:\Documents and Settings\pokoj\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\StarCraft II\Versions\Base15405\SC2.exe"="C:\Program Files\StarCraft II\Versions\Base15405\SC2.exe:*:Enabled:StarCraft II"
"C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\Program Files\GTA4\Grand Theft Auto IV\LaunchGTAIV.exe"="C:\Program Files\GTA4\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\GTA4\Grand Theft Auto IV\GTAIV.exe"="C:\Program Files\GTA4\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\Mirrors Edge\Binaries\MirrorsEdge.exe"="C:\Program Files\Mirrors Edge\Binaries\MirrorsEdge.exe:*:Enabled:Mirror's Edge™"
"C:\Program Files\Steam\steamapps\pavel88757\source sdk base 2007\hl2.exe"="C:\Program Files\Steam\steamapps\pavel88757\source sdk base 2007\hl2.exe:*:Enabled:Source SDK Base 2007"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\ICQ7.1\aolload.exe"="C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"
======File associations======
.js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"
======List of files/folders created in the last 1 months======
2010-09-13 21:53:05 ----D---- C:\rsit
2010-09-13 21:07:51 ----D---- C:\Program Files\Defraggler
2010-09-13 20:05:30 ----SHD---- C:\RECYCLER
2010-09-13 19:40:50 ----RAD---- C:\Autorun.inf
2010-09-13 18:46:14 ----D---- C:\Documents and Settings\pokoj\Data aplikací\AVG9
2010-09-13 17:34:30 ----D---- C:\Program Files\trend micro
2010-09-01 22:22:34 ----D---- C:\Documents and Settings\pokoj\Data aplikací\NVIDIA
2010-09-01 22:10:59 ----D---- C:\Program Files\Mirrors Edge
2010-09-01 19:59:47 ----D---- C:\Program Files\Rockstar Games
2010-09-01 19:32:54 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2010-09-01 15:21:48 ----D---- C:\Program Files\GTA4
2010-09-01 00:02:18 ----A---- C:\WINDOWS\system32\Msvcr71.dll
2010-09-01 00:02:18 ----A---- C:\WINDOWS\system32\mfc71.dll
2010-09-01 00:02:18 ----A---- C:\WINDOWS\system32\gdiplus.dll
2010-08-27 17:49:19 ----D---- C:\Documents and Settings\pokoj\Data aplikací\LucasArts
2010-08-26 14:07:24 ----RHD---- C:\Documents and Settings\pokoj\Data aplikací\SecuROM
2010-08-22 20:28:34 ----D---- C:\Documents and Settings\pokoj\Data aplikací\skypePM
2010-08-22 20:25:45 ----D---- C:\Documents and Settings\pokoj\Data aplikací\Skype
2010-08-22 20:25:18 ----D---- C:\Program Files\Common Files\Skype
2010-08-22 20:25:16 ----RD---- C:\Program Files\Skype
2010-08-22 20:25:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2010-08-22 18:08:25 ----A---- C:\WINDOWS\system32\drivers\MSTEE.sys
2010-08-22 18:08:22 ----A---- C:\WINDOWS\system32\drivers\NdisIP.sys
2010-08-22 18:08:20 ----A---- C:\WINDOWS\system32\drivers\StreamIP.sys
2010-08-22 18:08:19 ----A---- C:\WINDOWS\system32\drivers\SLIP.sys
2010-08-22 18:08:17 ----A---- C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2010-08-22 18:08:15 ----A---- C:\WINDOWS\system32\drivers\NABTSFEC.sys
2010-08-22 18:08:14 ----A---- C:\WINDOWS\system32\drivers\CCDECODE.sys
2010-08-22 18:07:59 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2010-08-22 18:06:34 ----A---- C:\WINDOWS\amcap.exe
2010-08-22 18:06:33 ----A---- C:\WINDOWS\WindowsXP-KB822603-x86.exe
2010-08-22 18:06:33 ----A---- C:\WINDOWS\FixCamera.exe
2010-08-22 18:06:31 ----A---- C:\WINDOWS\vsnp2std.exe
2010-08-22 18:06:31 ----A---- C:\WINDOWS\tsnp2std.exe
2010-08-22 18:06:30 ----A---- C:\WINDOWS\system32\drivers\snp2sxp.sys
2010-08-22 18:06:30 ----A---- C:\WINDOWS\system32\drivers\sncamd.sys
2010-08-22 18:06:30 ----A---- C:\WINDOWS\snp2std.ini
2010-08-22 18:06:28 ----A---- C:\WINDOWS\vsnp2std.dll
2010-08-22 18:06:28 ----A---- C:\WINDOWS\rsnp2std.dll
2010-08-22 18:06:27 ----D---- C:\Program Files\Common Files\snp2std
2010-08-22 18:06:27 ----A---- C:\WINDOWS\system32\csnp2std.dll
2010-08-20 14:10:58 ----D---- C:\Program Files\Common Files\Java
2010-08-20 14:10:43 ----A---- C:\WINDOWS\system32\javaws.exe
2010-08-20 14:10:43 ----A---- C:\WINDOWS\system32\javaw.exe
2010-08-20 14:10:43 ----A---- C:\WINDOWS\system32\java.exe
======List of files/folders modified in the last 1 months======
2010-09-13 21:53:12 ----D---- C:\WINDOWS\Prefetch
2010-09-13 21:07:51 ----RD---- C:\Program Files
2010-09-13 21:07:03 ----D---- C:\WINDOWS\system32\inetsrv
2010-09-13 21:04:40 ----D---- C:\WINDOWS\Temp
2010-09-13 21:04:40 ----D---- C:\WINDOWS
2010-09-13 21:01:24 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-09-13 21:01:14 ----D---- C:\WINDOWS\system32
2010-09-13 20:56:33 ----D---- C:\WINDOWS\Minidump
2010-09-13 20:56:19 ----SHD---- C:\System Volume Information
2010-09-13 20:56:19 ----D---- C:\WINDOWS\system32\Restore
2010-09-13 20:46:13 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-13 20:01:56 ----A---- C:\WINDOWS\system.ini
2010-09-13 20:01:50 ----D---- C:\WINDOWS\system32\drivers\etc
2010-09-13 20:01:40 ----SD---- C:\WINDOWS\Tasks
2010-09-13 20:00:52 ----D---- C:\WINDOWS\system32\drivers
2010-09-13 20:00:52 ----D---- C:\WINDOWS\AppPatch
2010-09-13 20:00:50 ----D---- C:\Program Files\Common Files
2010-09-13 17:44:45 ----D---- C:\WINDOWS\system32\drivers\Avg
2010-09-07 17:50:09 ----D---- C:\Program Files\Steam
2010-09-07 16:06:44 ----D---- C:\Program Files\World of Warcraft
2010-09-03 10:43:05 ----SHD---- C:\WINDOWS\Installer
2010-09-03 10:43:00 ----D---- C:\Program Files\Nokia
2010-09-03 10:42:59 ----HD---- C:\WINDOWS\inf
2010-09-03 10:42:51 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-09-01 22:10:59 ----D---- C:\WINDOWS\system32\DirectX
2010-09-01 22:10:49 ----RSD---- C:\WINDOWS\assembly
2010-09-01 22:09:14 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-09-01 19:32:54 ----D---- C:\WINDOWS\system32\CatRoot
2010-09-01 15:21:53 ----HD---- C:\Program Files\InstallShield Installation Information
2010-08-25 13:54:51 ----D---- C:\Program Files\ICQ7.1
2010-08-25 00:03:10 ----A---- C:\WINDOWS\win.ini
2010-08-22 18:14:50 ----D---- C:\WINDOWS\security
2010-08-22 18:08:31 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-22 18:06:31 ----D---- C:\WINDOWS\twain_32
2010-08-20 14:10:40 ----D---- C:\Program Files\Java
2010-08-15 12:45:59 ----D---- C:\WINDOWS\Debug
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-02-19 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-07-17 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-06-02 29584]
R1 AvgTdiX;AVG Free Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-07-17 243024]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-02-16 160256]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-02-08 5860384]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-04-04 10232128]
R3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2006-06-07 10305280]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 HWiNFO32;HWiNFO32 Kernel Driver; \??\C:\Documents and Settings\All Users\Plocha\HWiNFO32\HWiNFO32.SYS []
S3 axtjbeep;axtjbeep; C:\WINDOWS\system32\drivers\axtjbeep.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 L6DP;L6DP; C:\WINDOWS\System32\Drivers\l6dp.sys []
S3 L6TPortGX;Service - Line 6 TonePort GX; C:\WINDOWS\System32\Drivers\L6TPortGX.sys [2010-03-25 571008]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2009-10-06 136704]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avg9emc;AVG Free E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-07-21 921952]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-07-17 308136]
R2 IISADMIN;Správa služby IIS; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-07-17 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-08-20 73728]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-04-03 154216]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2007-04-13 540448]
R2 SMTPSVC;Simple Mail Transport Protocol (SMTP); C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
R2 W3SVC;Publikování na webu; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-05-11 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-30 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LPDSVC;Tiskový server TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2001-10-25 19456]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-25 136176]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Re: občas pomalý pc - někdy i modrá smrt a restart pc
Otevrete si poznamkovy blok
- Start->spustit->notepad
- Vlozte text nize
Kód: Vybrat vše
Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"=-- Soubor ulozte jako oprava.reg
- Pri ukladani dejte ulozit jako typ Vsechny soubory (nastevni je uvedeno na obrazku nize)
- Zavrit notepad a spustit dvojklikem oprava.reg
- Pripadny dotaz na zmenu registru potvrdte
- Okno jen problikne a opravi regsitry - soubor muzete smazat
Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R
- Vyskoci na Vas okenko, do ktereho zkopirujte text nize
Kód: Vybrat vše
services.msc- Kliknete na OK
- Najdete sluzby nize
- Java Quick Starter
Nero BackItUp Scheduler 4.0 - U kazde provedte toto
- Klik na ni pravym mysidlem a zvolit Vlastnosti
- Nyní klik na Zastavit
- Typ spousteni nastavit na Zakazano
- Potvrdte kliknutim na OK
Z logu je patrno, ze nemate aktualni verzi Internet Exploreru - aktualizujte jej
- Aktualizaci najdete zde (pod tlacitkem "Ke stazeni") http://www.microsoft.com/cze/windows/internet-explorer/
- Doporucuji vsak pouzivat alternativni prohlizece - vice zde http://www.viry.cz/forum/viewtopic.php?f=19&t=6116
Ohledne te BSOD - myslite ze kolega to popsal a napsal i co s tim
MiliNess píše:Vypršení timeoutu při práci ovladače GK s grafickou kartou (v určitém časovém úseku ovladač GK nereagoval a nepřekresloval)
Většinou to prostě v ovladači GK zůstane viset, při čekání na dokončení nějaké operace s GK (na přerušení od GK nebo může vlákno vykonávající kód ovladače GK zůstat viset v nekonečné smyčce)
Zkusit jiný ovladač GK, monitorovat teplotu GK, eventuelně ji vytáhnout ze slotu, očistit kontakty a znovu usadit. Taky je tu možnost, že GK už má odslouženo.
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: občas pomalý pc - někdy i modrá smrt a restart pc
Internet explorer nepoužívám.. pro mě je příjemnější Google chrome.. K té grafické kartě.. zkusím nějaké jiné ovladače
Jinak vše ostatní provedeno
mockrát díky za pročištění PC i za tu BSOD
Jinak vše ostatní provedeno
mockrát díky za pročištění PC i za tu BSOD
Přispějete na provoz fóra?