DObry den, posledni dobou mam PC strasne zpmalene, hlavne po strartu (obcas se satne, ze se PC hned po startu sekne -> musim natvrdo restartovat).... CPU silne pretizene a nevim proc..... dekuji za rady!
Logfile of random's system information tool 1.08 (written by random/random)
Run by Ondra at 2010-10-05 17:12:02
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 368 GB (74%) free of 500 GB
Total RAM: 2047 MB (67% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:12:11, on 5.10.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS.1\System32\smss.exe
C:\WINDOWS.1\system32\winlogon.exe
C:\WINDOWS.1\system32\services.exe
C:\WINDOWS.1\system32\lsass.exe
C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe
C:\WINDOWS.1\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS.1\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS.1\Explorer.EXE
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\WINDOWS.1\system32\ctfmon.exe
D:\uTorrent\uTorrent.exe
C:\WINDOWS.1\system32\spoolsv.exe
C:\WINDOWS.1\system32\taskmgr.exe
C:\WINDOWS.1\System32\svchost.exe
C:\WINDOWS.1\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS.1\System32\msiexec.exe
C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
C:\Program Files\ABBYY FineReader 10\FineReader.exe
c:\program files\abbyy finereader 10\FineExec.exe
c:\program files\abbyy finereader 10\FineExec.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Documents and Settings\Ondra.POČÍTAČ\Dokumenty\Downloads\Programs\RSIT_2.exe
C:\Program Files\trend micro\Ondra.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: HopSurf toolbar - {E9FAB13D-4600-49E1-90D1-EE961C859D39} - C:\Program Files\Comodo\HopSurfToolbar\HopSurfToolbar_IE.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS.1\system32\ctfmon.exe
O4 - HKCU\..\Run: [uTorrent] "D:\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS.1\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS.1\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS.1\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS.1\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM obsah FLV videa - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.1\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.1\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: HopSurf - {ED98F8D1-09AC-4107-B2FF-91DBE011B0C5} - C:\Program Files\Comodo\HopSurfToolbar\HopSurfToolbar_IE.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 7830759218
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS.1\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS.1\System32\browseui.dll
O23 - Service: ABBYY FineReader 10 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.10.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS.1\system32\Ati2evxx.exe (file missing)
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS.1\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Dragon Age: Prameny - aktualizace obsahu (DAUpdaterSvc) - BioWare - C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: O&O Defrag Agent (OODefragAgent) - Unknown owner - C:\Program Files\OO Software\Defrag\oodag.exe
--
End of file - 9066 bytes
======Scheduled tasks folder======
C:\WINDOWS.1\tasks\AppleSoftwareUpdate.job
C:\WINDOWS.1\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS.1\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2010-04-26 193968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2009-11-25 202080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-18 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-07-18 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{E9FAB13D-4600-49E1-90D1-EE961C859D39} - HopSurf toolbar - C:\Program Files\Comodo\HopSurfToolbar\HopSurfToolbar_IE.dll [2010-06-29 1331392]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2009-11-25 1496408]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2010-09-29 2500552]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS.1\system32\ctfmon.exe [2008-04-14 15360]
"uTorrent"=D:\uTorrent\uTorrent.exe [2010-09-25 328056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS.1\ALCMTR.EXE [2010-06-08 64104]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Assassin G13]
C:\Program Files\Assassin G13\assassin.exe [2006-12-21 1318912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICustomerCare]
C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [2010-03-04 311296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-03-24 1983816]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2009-03-18 767312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader]
C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2010-08-18 249856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.2\ICQ.exe [2010-08-10 133368]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
C:\Program Files\Internet Download Manager\IDMan.exe [2010-08-31 3220912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KmsServer]
C:\WINDOWS.1\KmsServer\Server.exe [2006-04-21 22016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\Program Files\OO Software\Defrag\oodtray.exe [2010-09-10 2771784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2010-09-08 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS.1\RTHDCPL.EXE [2010-06-08 19552872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS.1^Nabídka Start^Programy^Po spuštění^Aktualizovat ESET licenci.lnk]
C:\PROGRA~1\ESET\MINODL~1\MINODL~1.EXE -u -d 10000 []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS.1\system32\Ati2evxx.dll [2010-05-27 159744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS.1\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CLPSLS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\uTorrent\uTorrent.exe"="D:\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Killing Floor\System\KillingFloor.exe"="C:\Program Files\Killing Floor\System\KillingFloor.exe:*:Enabled:KillingFloor"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Dragon Age\bin_ship\daorigins.exe"="C:\Program Files\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Prameny Hra"
"C:\Program Files\Dragon Age\DAOriginsLauncher.exe"="C:\Program Files\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Prameny Spustit"
"C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe"="C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Origins Aktualizovat"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
======List of files/folders created in the last 1 months======
2010-10-05 17:04:15 ----A---- C:\WINDOWS.1\system32\drivers\aswSP.sys
2010-10-05 17:04:15 ----A---- C:\WINDOWS.1\system32\drivers\aswFsBlk.sys
2010-10-05 17:04:14 ----A---- C:\WINDOWS.1\system32\drivers\aswRdr.sys
2010-10-05 17:04:13 ----A---- C:\WINDOWS.1\system32\drivers\aswTdi.sys
2010-10-05 17:04:11 ----A---- C:\WINDOWS.1\system32\drivers\aswmon2.sys
2010-10-05 17:04:11 ----A---- C:\WINDOWS.1\system32\drivers\aswmon.sys
2010-10-05 17:04:11 ----A---- C:\WINDOWS.1\system32\drivers\aavmker4.sys
2010-10-05 17:03:49 ----A---- C:\WINDOWS.1\system32\aswBoot.exe
2010-10-05 17:03:45 ----D---- C:\Program Files\Alwil Software
2010-10-05 17:03:45 ----D---- C:\Documents and Settings\All Users.WINDOWS.1\Data aplikací\Alwil Software
2010-10-04 21:09:37 ----HD---- C:\VritualRoot
2010-10-04 20:52:07 ----D---- C:\Program Files\Assassin G13
2010-10-04 20:51:52 ----D---- C:\WINDOWS.1\Downloaded Installations
2010-10-03 20:02:51 ----D---- C:\Documents and Settings\Ondra.POČÍTAČ\Data aplikací\vlc
2010-10-03 18:57:10 ----D---- C:\Program Files\Common Files\ABBYY
2010-10-03 16:26:16 ----D---- C:\Documents and Settings\Ondra.POČÍTAČ\Data aplikací\ABBYY
2010-10-03 16:16:59 ----D---- C:\Program Files\ABBYY FineReader 10
2010-10-03 16:16:59 ----D---- C:\Documents and Settings\All Users.WINDOWS.1\Data aplikací\ABBYY
2010-10-03 16:13:08 ----D---- C:\temp
2010-09-29 15:04:27 ----HDC---- C:\WINDOWS.1\$NtUninstallKB2158563$
2010-09-25 09:21:01 ----D---- C:\Documents and Settings\Ondra.POČÍTAČ\Data aplikací\Apple Computer
2010-09-21 19:17:36 ----D---- C:\Documents and Settings\Ondra.POČÍTAČ\Data aplikací\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
2010-09-21 19:02:17 ----D---- C:\Documents and Settings\Ondra.POČÍTAČ\Data aplikací\HTC
2010-09-21 17:03:02 ----A---- C:\WINDOWS.1\imsins.BAK
2010-09-21 17:03:00 ----HDC---- C:\WINDOWS.1\$NtUninstallwinusb0100$
2010-09-21 17:02:09 ----A---- C:\WINDOWS.1\system32\WinUSBCoInstaller.dll
2010-09-19 19:00:46 ----D---- C:\Documents and Settings\All Users.WINDOWS.1\Data aplikací\Apple Computer
2010-09-19 19:00:17 ----D---- C:\Program Files\Common Files\Apple
2010-09-19 19:00:04 ----D---- C:\Program Files\Apple Software Update
2010-09-19 19:00:04 ----D---- C:\Documents and Settings\All Users.WINDOWS.1\Data aplikací\Apple
2010-09-17 11:30:05 ----D---- C:\WINDOWS.1\system32\oodag
2010-09-17 09:31:46 ----D---- C:\Program Files\2K Games
2010-09-15 20:05:16 ----D---- C:\Documents and Settings\All Users.WINDOWS.1\Data aplikací\CanonIJ
2010-09-15 20:04:45 ----HD---- C:\Documents and Settings\All Users.WINDOWS.1\Data aplikací\CanonIJScan
2010-09-15 19:37:28 ----HDC---- C:\WINDOWS.1\$NtUninstallKB2259922$
2010-09-15 19:37:10 ----HDC---- C:\WINDOWS.1\$NtUninstallKB975558_WM8$
2010-09-15 19:37:06 ----HDC---- C:\WINDOWS.1\$NtUninstallKB2347290$
2010-09-15 19:36:59 ----HDC---- C:\WINDOWS.1\$NtUninstallKB2121546$
2010-09-15 19:36:53 ----HDC---- C:\WINDOWS.1\$NtUninstallKB982802$
2010-09-15 19:36:34 ----HDC---- C:\WINDOWS.1\$NtUninstallKB981322$
2010-09-15 19:34:51 ----HDC---- C:\WINDOWS.1\$NtUninstallKB2141007$
2010-09-10 13:01:14 ----A---- C:\WINDOWS.1\system32\oodbs.exe
2010-09-10 12:59:50 ----A---- C:\WINDOWS.1\system32\oodssrs.dll
2010-09-10 12:59:26 ----A---- C:\WINDOWS.1\system32\oodbsrs.dll
2010-09-07 17:56:29 ----D---- C:\Documents and Settings\Ondra.POČÍTAČ\Data aplikací\Xilisoft
2010-09-07 17:45:07 ----D---- C:\Program Files\Xilisoft
2010-09-07 15:30:03 ----N---- C:\WINDOWS.1\system32\spmsgXP_2k3.dll
2010-09-07 15:29:57 ----HDC---- C:\WINDOWS.1\$NtUninstallWdf01007$
2010-09-07 15:08:16 ----A---- C:\WINDOWS.1\system32\WdfCoInstaller01007.dll
2010-09-07 15:08:16 ----A---- C:\WINDOWS.1\system32\drivers\ANDROIDUSB.sys
2010-09-07 15:08:10 ----D---- C:\Program Files\Spirent Communications
2010-09-07 15:07:46 ----D---- C:\Program Files\HTC
2010-09-06 20:42:59 ----HDC---- C:\WINDOWS.1\$NtUninstallKB961118$
2010-09-06 18:05:20 ----D---- C:\WINDOWS.1\system32\XPSViewer
2010-09-06 18:05:16 ----D---- C:\WINDOWS.1\system32\en-US
2010-09-06 18:04:49 ----N---- C:\WINDOWS.1\system32\xpssvcs.dll
2010-09-06 18:04:49 ----N---- C:\WINDOWS.1\system32\xpsshhdr.dll
2010-09-06 18:04:49 ----N---- C:\WINDOWS.1\system32\prntvpt.dll
2010-09-06 18:04:49 ----D---- C:\65308eb9ea3279bd3e667bc96e64
======List of files/folders modified in the last 1 months======
2010-10-05 17:12:09 ----D---- C:\Program Files\trend micro
2010-10-05 17:11:42 ----D---- C:\Documents and Settings\Ondra.POČÍTAČ\Data aplikací\DMCache
2010-10-05 17:11:22 ----SHD---- C:\WINDOWS.1\Installer
2010-10-05 17:11:22 ----SHD---- C:\Config.Msi
2010-10-05 17:11:08 ----D---- C:\WINDOWS.1\Temp
2010-10-05 17:10:56 ----D---- C:\Documents and Settings\Ondra.POČÍTAČ\Data aplikací\uTorrent
2010-10-05 17:07:08 ----D---- C:\WINDOWS.1
2010-10-05 17:06:49 ----D---- C:\WINDOWS.1\system32\CatRoot2
2010-10-05 17:05:32 ----A---- C:\WINDOWS.1\SchedLgU.Txt
2010-10-05 17:04:15 ----D---- C:\WINDOWS.1\system32\drivers
2010-10-05 17:04:06 ----D---- C:\WINDOWS.1\WinSxS
2010-10-05 17:03:49 ----D---- C:\WINDOWS.1\system32
2010-10-05 17:03:45 ----RD---- C:\Program Files
2010-10-05 17:01:37 ----HD---- C:\WINDOWS.1\inf
2010-10-04 21:06:43 ----RSH---- C:\boot.ini
2010-10-04 21:06:43 ----A---- C:\WINDOWS.1\win.ini
2010-10-04 21:06:43 ----A---- C:\WINDOWS.1\system.ini
2010-10-04 18:55:27 ----D---- C:\Program Files\EurotelSMS
2010-10-04 18:07:44 ----D---- C:\Documents and Settings\All Users.WINDOWS.1\Data aplikací\CanonIJPLM
2010-10-03 20:01:46 ----D---- C:\WINDOWS.1\Prefetch
2010-10-03 19:57:34 ----D---- C:\Documents and Settings\Ondra.POČÍTAČ\Data aplikací\dvdcss
2010-10-03 18:57:10 ----D---- C:\Program Files\Common Files
2010-10-03 15:53:05 ----SD---- C:\Documents and Settings\Ondra.POČÍTAČ\Data aplikací\Microsoft
2010-10-02 19:39:12 ----D---- C:\Program Files\QIP Infium
2010-10-02 19:26:07 ----D---- C:\Program Files\Killing Floor
2010-09-30 18:49:39 ----D---- C:\Documents and Settings\Ondra.POČÍTAČ\Data aplikací\IDM
2010-09-29 17:34:51 ----D---- C:\Documents and Settings\All Users.WINDOWS.1\Data aplikací\COMODO
2010-09-29 17:33:25 ----A---- C:\WINDOWS.1\system32\guard32.dll
2010-09-26 11:34:08 ----D---- C:\Documents and Settings\Ondra.POČÍTAČ\Data aplikací\Canon Easy-WebPrint EX
2010-09-19 19:01:24 ----D---- C:\Program Files\QuickTime
2010-09-19 19:00:08 ----SD---- C:\WINDOWS.1\Tasks
2010-09-18 10:16:13 ----D---- C:\Program Files\Mozilla Firefox
2010-09-17 09:53:21 ----D---- C:\WINDOWS.1\Debug
2010-09-17 09:53:20 ----D---- C:\WINDOWS.1\Minidump
2010-09-17 09:48:40 ----D---- C:\Program Files\CCleaner
2010-09-15 20:04:45 ----D---- C:\Documents and Settings\Ondra.POČÍTAČ\Data aplikací\Canon
2010-09-15 19:37:26 ----HD---- C:\WINDOWS.1\$hf_mig$
2010-09-15 19:37:23 ----D---- C:\Documents and Settings\All Users.WINDOWS.1\Data aplikací\Microsoft Help
2010-09-15 19:37:12 ----RSHDC---- C:\WINDOWS.1\system32\dllcache
2010-09-15 19:34:59 ----A---- C:\WINDOWS.1\system32\MRT.exe
2010-09-09 19:18:44 ----D---- C:\Documents and Settings\Ondra.POČÍTAČ\Data aplikací\Skype
2010-09-09 18:48:36 ----A---- C:\KillingFloor.exe.log
2010-09-09 18:00:33 ----A---- C:\Play.exe.log
2010-09-09 17:59:35 ----D---- C:\Program Files\Garena
2010-09-09 17:57:08 ----D---- C:\Documents and Settings\Ondra.POČÍTAČ\Data aplikací\skypePM
2010-09-07 15:08:18 ----DC---- C:\WINDOWS.1\system32\DRVSTORE
2010-09-07 15:07:40 ----D---- C:\Documents and Settings\Ondra.POČÍTAČ\Data aplikací\Adobe
2010-09-07 15:07:40 ----D---- C:\Documents and Settings\All Users.WINDOWS.1\Data aplikací\Adobe
2010-09-07 15:07:38 ----D---- C:\Program Files\Adobe
2010-09-07 15:07:36 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-09-07 15:07:24 ----D---- C:\Program Files\MSXML 4.0
2010-09-07 14:31:39 ----D---- C:\WINDOWS.1\Microsoft.NET
2010-09-07 14:31:38 ----RSD---- C:\WINDOWS.1\assembly
2010-09-06 20:43:08 ----D---- C:\WINDOWS.1\system32\CatRoot
2010-09-06 20:41:49 ----A---- C:\WINDOWS.1\system32\PerfStringBackup.INI
2010-09-06 18:05:15 ----RSD---- C:\WINDOWS.1\Fonts
2010-09-06 18:05:00 ----D---- C:\WINDOWS.1\system32\spool
2010-09-06 16:46:26 ----D---- C:\WINDOWS.1\system32\mui
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS.1\System32\DRIVERS\inspect.sys [2010-09-29 91560]
R0 sptd;sptd; C:\WINDOWS.1\System32\Drivers\sptd.sys [2010-08-13 691696]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS.1\system32\drivers\Aavmker4.sys [2010-09-07 28880]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS.1\system32\DRIVERS\AmdK8.sys [2006-06-18 43008]
R1 aswSP;aswSP; C:\WINDOWS.1\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS.1\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS.1\System32\DRIVERS\cmdguard.sys [2010-09-29 239240]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS.1\System32\DRIVERS\cmdhlp.sys [2010-09-29 25240]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS.1\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS.1\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS.1\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMon2;aswMon2; C:\WINDOWS.1\system32\drivers\aswMon2.sys [2010-09-07 100176]
R3 aswRdr;aswRdr; C:\WINDOWS.1\system32\drivers\aswRdr.sys [2010-09-07 23376]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\WINDOWS.1\System32\DRIVERS\l151x86.sys [2007-07-03 39424]
R3 ati2mtag;ati2mtag; C:\WINDOWS.1\system32\DRIVERS\ati2mtag.sys [2010-05-27 4830720]
R3 HdAudAddService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS.1\system32\drivers\AtiHdAud.sys [2006-12-28 84992]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS.1\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS.1\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS.1\system32\drivers\RtkHDAud.sys [2010-06-08 6056040]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS.1\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS.1\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS.1\system32\DRIVERS\tunmp.sys [2008-04-14 12288]
S3 a7lswo23;a7lswo23; C:\WINDOWS.1\system32\drivers\a7lswo23.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS.1\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\ONDRA~1.POT\LOCALS~1\Temp\IRX127.tmp []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\plugins\UI\safedrv.sys []
S3 HTCAND32;HTC Device Driver; C:\WINDOWS.1\System32\Drivers\ANDROIDUSB.sys [2009-06-10 24576]
S3 Monfilt;Monfilt; C:\WINDOWS.1\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS.1\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS.1\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS.1\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS.1\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS.1\System32\Drivers\wdf01000.sys [2008-01-19 503144]
S3 WinUSB;Android USB Driver; C:\WINDOWS.1\system32\DRIVERS\WinUSB.sys [2006-11-02 39368]
S3 wip0204;Wippien Network Adapter 2.4; C:\WINDOWS.1\system32\DRIVERS\wip0204.sys [2008-12-31 23480]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS.1\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS.1\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS.1\system32\svchost.exe [2008-04-14 14336]
R2 ABBYY.Licensing.FineReader.Professional.10.0;ABBYY FineReader 10 PE Licensing Service; C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [2009-09-29 809736]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 CLPSLS;COMODO livePCsupport Service; C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe [2010-02-19 148744]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2010-09-29 1901056]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS.1\system32\Ati2evxx.exe []
S2 ATI Smart;ATI Smart; C:\WINDOWS.1\system32\ati2sgag.exe [2007-05-17 520192]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-06 133104]
S2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE []
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-07-18 153376]
S2 OODefragAgent;O&O Defrag Agent; C:\Program Files\OO Software\Defrag\oodag.exe [2010-09-10 2320712]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS.1\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS.1\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu; C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS.1\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS.1\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS.1\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS.1\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zpomalení PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119426
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalení PC
Dejte log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zpomalení PC
ComboFix 10-10-04.02 - Ondra 05.10.2010 18:08:30.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1509 [GMT 2:00]
Spuštěný z: c:\documents and settings\Ondra.POČÍTAČ\Dokumenty\Downloads\Programs\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-09-05 do 2010-10-05 )))))))))))))))))))))))))))))))
.
2010-10-05 15:51 . 2010-10-05 15:51 -------- d-----r- C:\MO
2010-10-05 15:04 . 2010-09-07 14:52 165584 ----a-w- c:\windows.1\system32\drivers\aswSP.sys
2010-10-05 15:04 . 2010-09-07 14:47 17744 ----a-w- c:\windows.1\system32\drivers\aswFsBlk.sys
2010-10-05 15:04 . 2010-09-07 14:47 23376 ----a-w- c:\windows.1\system32\drivers\aswRdr.sys
2010-10-05 15:04 . 2010-09-07 14:52 46672 ----a-w- c:\windows.1\system32\drivers\aswTdi.sys
2010-10-05 15:04 . 2010-09-07 14:47 100176 ----a-w- c:\windows.1\system32\drivers\aswmon2.sys
2010-10-05 15:04 . 2010-09-07 14:47 94544 ----a-w- c:\windows.1\system32\drivers\aswmon.sys
2010-10-05 15:04 . 2010-09-07 14:46 28880 ----a-w- c:\windows.1\system32\drivers\aavmker4.sys
2010-10-05 15:03 . 2010-09-07 15:12 38848 ----a-w- c:\windows.1\avastSS.scr
2010-10-05 15:03 . 2010-09-07 15:11 167592 ----a-w- c:\windows.1\system32\aswBoot.exe
2010-10-05 15:03 . 2010-10-05 15:03 -------- d-----w- c:\program files\Alwil Software
2010-10-04 19:09 . 2010-10-04 19:09 -------- d-----w- C:\VritualRoot
2010-10-04 18:52 . 2010-10-04 18:52 40960 ----a-r- c:\documents and settings\Ondra.POČÍTAČ\Data aplikací\Microsoft\Installer\{B2073246-67E3-40CD-A7EF-8882D37119BC}\assassin.exe1_B207324667E340CDA7EF8882D37119BC.exe
2010-10-04 18:52 . 2010-10-04 18:52 40960 ----a-r- c:\documents and settings\Ondra.POČÍTAČ\Data aplikací\Microsoft\Installer\{B2073246-67E3-40CD-A7EF-8882D37119BC}\assassin.exe_B207324667E340CDA7EF8882D37119BC.exe
2010-10-04 18:52 . 2010-10-04 18:52 10134 ----a-r- c:\documents and settings\Ondra.POČÍTAČ\Data aplikací\Microsoft\Installer\{B2073246-67E3-40CD-A7EF-8882D37119BC}\ARPPRODUCTICON.exe
2010-10-04 18:52 . 2010-10-04 18:52 -------- d-----w- c:\program files\Assassin G13
2010-10-04 18:51 . 2010-10-04 18:51 -------- d-----w- c:\windows.1\Downloaded Installations
2010-10-03 16:57 . 2010-10-03 16:57 -------- d-----w- c:\program files\Common Files\ABBYY
2010-10-03 16:27 . 2010-10-03 16:27 -------- d-----w- c:\temp\ABBYY FineReader 10
2010-10-03 14:16 . 2010-10-05 15:48 -------- d-----w- c:\program files\ABBYY FineReader 10
2010-10-03 14:13 . 2010-10-03 16:27 -------- d-----w- C:\temp
2010-10-03 14:13 . 2010-10-03 14:13 -------- d-----w- c:\temp\FR10PE
2010-09-21 15:02 . 2010-06-11 09:32 581192 ----a-w- c:\windows.1\system32\WinUSBCoInstaller.dll
2010-09-19 17:00 . 2010-09-19 17:00 -------- d-----w- c:\program files\Common Files\Apple
2010-09-19 17:00 . 2010-09-19 17:00 -------- d-----w- c:\program files\Apple Software Update
2010-09-17 09:30 . 2010-09-17 09:30 -------- d-----w- c:\windows.1\system32\oodag
2010-09-17 07:31 . 2010-09-17 07:31 -------- d-----w- c:\program files\2K Games
2010-09-10 11:02 . 2010-09-10 11:02 1556808 ----a-w- c:\windows.1\system32\ooscrsav.scr
2010-09-10 11:01 . 2010-09-10 11:01 275272 ----a-w- c:\windows.1\system32\oodbs.exe
2010-09-10 10:59 . 2010-09-10 10:59 535880 ----a-w- c:\windows.1\system32\oodssrs.dll
2010-09-10 10:59 . 2010-09-10 10:59 9544 ----a-w- c:\windows.1\system32\oodbsrs.dll
2010-09-07 15:45 . 2010-09-07 17:22 -------- d-----w- c:\program files\Xilisoft
2010-09-07 13:30 . 2007-11-27 01:24 14640 ------w- c:\windows.1\system32\spmsgXP_2k3.dll
2010-09-07 13:09 . 2010-09-07 13:07 53632 ----a-w- c:\documents and settings\Ondra.POČÍTAČ\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-09-07 13:08 . 2010-06-11 09:32 1112288 ----a-w- c:\windows.1\system32\WdfCoInstaller01007.dll
2010-09-07 13:08 . 2009-06-09 22:49 24576 ----a-w- c:\windows.1\system32\drivers\ANDROIDUSB.sys
2010-09-07 13:08 . 2010-09-07 13:08 -------- d-----w- c:\program files\Spirent Communications
2010-09-07 13:07 . 2010-09-21 17:02 -------- d-----w- c:\program files\HTC
2010-09-07 13:07 . 2010-09-07 13:07 53632 ----a-w- c:\documents and settings\Default User.WINDOWS.1\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-09-06 16:05 . 2010-09-06 16:05 -------- d-----w- c:\windows.1\system32\XPSViewer
2010-09-06 16:05 . 2008-07-06 12:06 89088 ----a-w- c:\windows.1\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-09-06 16:04 . 2010-09-06 16:05 -------- d-----w- C:\65308eb9ea3279bd3e667bc96e64
2010-09-06 16:04 . 2008-07-06 12:06 89088 -c----w- c:\windows.1\system32\dllcache\filterpipelineprintproc.dll
2010-09-06 16:04 . 2008-07-06 12:06 575488 -c----w- c:\windows.1\system32\dllcache\xpsshhdr.dll
2010-09-06 16:04 . 2008-07-06 12:06 575488 ------w- c:\windows.1\system32\xpsshhdr.dll
2010-09-06 16:04 . 2008-07-06 12:06 1676288 -c----w- c:\windows.1\system32\dllcache\xpssvcs.dll
2010-09-06 16:04 . 2008-07-06 12:06 1676288 ------w- c:\windows.1\system32\xpssvcs.dll
2010-09-06 16:04 . 2008-07-06 12:06 117760 ------w- c:\windows.1\system32\prntvpt.dll
2010-09-06 16:04 . 2008-07-06 10:50 597504 -c----w- c:\windows.1\system32\dllcache\printfilterpipelinesvc.exe
2010-09-06 16:04 . 2008-07-06 10:50 597504 ------w- c:\windows.1\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-09-05 16:35 . 2007-03-12 14:42 1123696 ----a-w- c:\windows.1\system32\D3DCompiler_33.dll
2010-09-05 16:19 . 2010-09-05 17:35 -------- d-----w- c:\program files\Dragon Age
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-05 15:12 . 2009-06-24 08:37 -------- d-----w- c:\program files\trend micro
2010-10-04 16:55 . 2009-06-23 14:52 -------- d-----w- c:\program files\EurotelSMS
2010-10-02 17:39 . 2009-10-31 08:38 -------- d-----w- c:\program files\QIP Infium
2010-10-02 17:26 . 2010-07-18 11:28 -------- d-----w- c:\program files\Killing Floor
2010-09-29 15:33 . 2010-04-08 23:26 285480 ----a-w- c:\windows.1\system32\guard32.dll
2010-09-29 15:33 . 2010-04-08 23:25 91560 ----a-w- c:\windows.1\system32\drivers\inspect.sys
2010-09-29 15:33 . 2010-04-08 23:25 25240 ----a-w- c:\windows.1\system32\drivers\cmdhlp.sys
2010-09-29 15:33 . 2010-04-08 23:25 15592 ----a-w- c:\windows.1\system32\drivers\cmderd.sys
2010-09-29 15:33 . 2010-04-08 23:25 239240 ----a-w- c:\windows.1\system32\drivers\cmdGuard.sys
2010-09-21 15:03 . 2010-09-21 15:03 0 ---ha-w- c:\windows.1\system32\drivers\Msft_Kernel_WinUSB_01007.Wdf
2010-09-19 17:01 . 2009-08-30 17:15 -------- d-----w- c:\program files\QuickTime
2010-09-17 07:48 . 2009-06-24 11:00 -------- d-----w- c:\program files\CCleaner
2010-09-09 15:59 . 2010-06-30 14:55 -------- d-----w- c:\program files\Garena
2010-09-07 13:30 . 2010-09-07 13:30 0 ---ha-w- c:\windows.1\system32\drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
2010-09-07 13:30 . 2010-09-07 13:30 0 ---ha-w- c:\windows.1\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2010-09-07 13:07 . 2010-01-06 15:02 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-09-07 13:07 . 2009-06-23 16:22 -------- d-----w- c:\program files\MSXML 4.0
2010-09-06 18:41 . 2001-10-25 12:00 79040 ----a-w- c:\windows.1\system32\perfc005.dat
2010-09-06 18:41 . 2001-10-25 12:00 431998 ----a-w- c:\windows.1\system32\perfh005.dat
2010-09-05 16:17 . 2009-11-28 11:52 -------- d-----w- c:\program files\Common Files\BioWare
2010-08-31 14:48 . 2009-06-23 12:13 -------- d-----w- c:\program files\Internet Download Manager
2010-08-29 14:31 . 2010-08-29 14:31 -------- d-----w- c:\program files\Zoner
2010-08-17 13:17 . 2001-10-25 12:00 58880 ----a-w- c:\windows.1\system32\spoolsv.exe
2010-08-15 16:09 . 2009-07-06 14:17 -------- d-----w- c:\program files\Google
2010-08-13 14:41 . 2009-06-23 13:22 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-08-13 14:40 . 2010-08-13 14:40 691696 ----a-w- c:\windows.1\system32\drivers\sptd.sys
2010-08-12 15:27 . 2009-06-24 07:29 -------- d-----w- c:\program files\ESET
2010-08-12 12:07 . 2010-08-12 12:06 -------- d-----w- c:\program files\DreamCom
2010-08-10 14:57 . 2010-08-10 14:56 -------- d-----w- c:\program files\ICQ7.2
2010-08-10 14:56 . 2009-06-23 10:55 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-08 14:54 . 2010-08-08 14:54 61440 ----a-w- c:\documents and settings\Ondra.POČÍTAČ\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-1c078969-n\decora-sse.dll
2010-08-08 14:54 . 2010-08-08 14:54 503808 ----a-w- c:\documents and settings\Ondra.POČÍTAČ\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-366176d5-n\msvcp71.dll
2010-08-08 14:54 . 2010-08-08 14:54 499712 ----a-w- c:\documents and settings\Ondra.POČÍTAČ\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-366176d5-n\jmc.dll
2010-08-08 14:54 . 2010-08-08 14:54 348160 ----a-w- c:\documents and settings\Ondra.POČÍTAČ\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-366176d5-n\msvcr71.dll
2010-08-08 14:54 . 2010-08-08 14:54 12800 ----a-w- c:\documents and settings\Ondra.POČÍTAČ\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-1c078969-n\decora-d3d.dll
2010-07-22 15:46 . 2002-09-20 17:04 590848 ----a-w- c:\windows.1\system32\rpcrt4.dll
2010-07-22 06:19 . 2008-05-05 05:25 5632 ----a-w- c:\windows.1\system32\xpsp4res.dll
2010-07-18 14:28 . 2010-07-18 14:28 503808 ----a-w- c:\documents and settings\Ondra.POČÍTAČ\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-315e8a5b-n\msvcp71.dll
2010-07-18 14:28 . 2010-07-18 14:28 499712 ----a-w- c:\documents and settings\Ondra.POČÍTAČ\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-315e8a5b-n\jmc.dll
2010-07-18 14:28 . 2010-07-18 14:28 348160 ----a-w- c:\documents and settings\Ondra.POČÍTAČ\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-315e8a5b-n\msvcr71.dll
2010-07-18 14:28 . 2010-07-18 14:28 61440 ----a-w- c:\documents and settings\Ondra.POČÍTAČ\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-1eabe758-n\decora-sse.dll
2010-07-18 14:28 . 2010-07-18 14:28 12800 ----a-w- c:\documents and settings\Ondra.POČÍTAČ\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-1eabe758-n\decora-d3d.dll
2010-07-18 14:28 . 2010-07-18 14:28 423656 ----a-w- c:\windows.1\system32\deployJava1.dll
2010-06-23 12:45 . 2010-06-23 12:45 1040758 ----a-w- c:\program files\LogMeIn Hamachi.rar
.
------- Sigcheck -------
[-] 2010-06-29 . CBEEBEB899E31EF52B962CB31FC8CA5C . 361600 . . [5.1.2600.5625] . . c:\windows.1\system32\drivers\tcpip.sys
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows.1\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows.1\system32\dllcache\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows.1\$NtUninstallKB951748$\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows.1\ServicePackFiles\i386\tcpip.sys
[-] 2002-08-29 . 244A2F9816BC9B593957281EF577D976 . 332928 . . [5.1.2600.1106] . . c:\windows.1\$NtServicePackUninstall$\tcpip.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="d:\utorrent\uTorrent.exe" [2010-09-25 328056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-09-29 2500552]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows.1\System32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS.1^Nabídka Start^Programy^Po spuštění^Aktualizovat ESET licenci.lnk]
path=c:\documents and settings\All Users.WINDOWS.1\Nabídka Start\Programy\Po spuštění\Aktualizovat ESET licenci.lnk
backup=c:\windows.1\pss\Aktualizovat ESET licenci.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2010-06-08 15:16 64104 ----a-w- c:\windows.1\ALCMTR.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Assassin G13]
2006-12-21 20:00 1318912 ----a-w- c:\program files\Assassin G13\assassin.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICustomerCare]
2010-03-04 12:31 311296 ----a-w- c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2009-03-24 02:00 1983816 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
2009-03-18 01:40 767312 ----a-w- c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader]
2010-08-18 08:53 249856 ----a-w- c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2010-08-10 14:56 133368 ----a-w- c:\program files\ICQ7.2\ICQ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
2010-08-31 13:35 3220912 ----a-w- c:\program files\Internet Download Manager\IDMan.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KmsServer]
2006-04-21 11:42 22016 ----a-w- c:\windows.1\KmsServer\Server.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
2010-09-10 11:01 2771784 ----a-w- c:\program files\OO Software\Defrag\oodtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-09-08 09:17 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2010-06-08 15:16 19552872 ----a-w- c:\windows.1\RTHDCPL.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2006-11-10 10:35 90112 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 09:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Killing Floor\\System\\KillingFloor.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Dragon Age\\bin_ship\\daorigins.exe"=
"c:\\Program Files\\Dragon Age\\DAOriginsLauncher.exe"=
"c:\\Program Files\\Dragon Age\\bin_ship\\daupdatersvc.service.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R1 aswSP;aswSP;c:\windows.1\system32\drivers\aswSP.sys [5.10.2010 17:04 165584]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows.1\system32\drivers\cmdGuard.sys [9.4.2010 1:25 239240]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows.1\system32\drivers\cmdhlp.sys [9.4.2010 1:25 25240]
R2 ABBYY.Licensing.FineReader.Professional.10.0;ABBYY FineReader 10 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [29.9.2009 18:18 809736]
R2 aswFsBlk;aswFsBlk;c:\windows.1\system32\drivers\aswFsBlk.sys [5.10.2010 17:04 17744]
R2 CLPSLS;COMODO livePCsupport Service;c:\program files\COMODO\COMODO livePCsupport\CLPSLS.exe [19.2.2010 17:00 148744]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows.1\system32\drivers\l151x86.sys [29.6.2010 18:40 39424]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [6.7.2009 16:17 133104]
S2 OODefragAgent;O&O Defrag Agent;c:\program files\OO Software\Defrag\oodag.exe [10.9.2010 13:01 2320712]
S3 Ambfilt;Ambfilt;c:\windows.1\system32\drivers\Ambfilt.sys [30.6.2010 9:23 1691480]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu;c:\program files\Dragon Age\bin_ship\daupdatersvc.service.exe [15.12.2009 22:07 25832]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\ONDRA~1.POT\LOCALS~1\Temp\IRX127.tmp --> c:\docume~1\ONDRA~1.POT\LOCALS~1\Temp\IRX127.tmp [?]
S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\Garena\plugins\UI\safedrv.sys --> c:\program files\Garena\plugins\UI\safedrv.sys [?]
S3 HTCAND32;HTC Device Driver;c:\windows.1\system32\drivers\ANDROIDUSB.sys [7.9.2010 15:08 24576]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [25.3.2010 10:25 30969208]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9.1.2010 21:37 4640000]
S3 wip0204;Wippien Network Adapter 2.4;c:\windows.1\system32\drivers\wip0204.sys [29.6.2010 20:11 23480]
S4 sptd;sptd;c:\windows.1\system32\drivers\sptd.sys [13.8.2010 16:40 691696]
.
Obsah adresáře 'Naplánované úlohy'
2010-09-19 c:\windows.1\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
2010-10-05 c:\windows.1\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-06 14:17]
2010-10-05 c:\windows.1\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-06 14:17]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Stáhnout s IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM obsah FLV videa - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Stáhnout s IDM všechny odkazy - c:\program files\Internet Download Manager\IEGetAll.htm
LSP: c:\windows.1\system32\idmmbc.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\documents and settings\Ondra.POČÍTAČ\Data aplikací\Mozilla\Firefox\Profiles\fpdwb1f3.default\
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - component: c:\documents and settings\Ondra.POČÍTAČ\Data aplikací\IDM\idmmzcc3\components\idmmzcc.dll
FF - plugin: c:\progra~1\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: c:\program files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows.1\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\ONDRA~1.POT\LOCALS~1\Temp\IRX127.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):a5,29,38,a5,eb,cb,4f,12,9a,4b,a9,30,19,24,68,87,a2,a8,05,35,f2,
6b,db,84,fe,e5,7a,55,6c,95,6f,d4,93,1e,a4,94,a5,b0,15,9f,00,00,00,00,00,00,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{679b1fe7-da03-4d92-a5ee-fc27cb72eaeb}]
@Denied: (Full) (Everyone)
"Model"=dword:000000ca
"Therad"=dword:00000018
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):0d,62,55,86,8b,be,de,2b,6d,3d,dc,67,a4,5f,aa,ea,ff,75,3b,c9,62,
ae,f0,19,72,bf,e8,04,d3,e3,ef,33,b0,aa,da,c4,97,1d,26,56,00,00,00,00,00,00,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS.1\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS.1\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{b147e01f-3135-411c-86dd-6db4e5835727}]
@Denied: (Full) (Everyone)
"Model"=dword:000000f5
"Therad"=dword:0000000a
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="E91F64FC033112D4A9AFC824DD4727488CCBAB35D82B488076A37976848FC8585E3A7AA8CC1E5624A1E8B9D593326EE2693F79ED5ACD55461AA3403202F42A86D7D3E2FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808BA7FD869164D6794C038D530D6EB34529DB7CE019D40AA5C16050067583C3351E1CDD6B54EA9935FAB139B12627F51262A38AC674157246CBCE39BD495302424E1C400375470C6786AD496CEE6F725FC8A3932661BBF15DEB4287B95EC140F2CC866058F954CEBAB8D51A5817229E642FB772D7D3C2CFCEAE24566FD051210BA48C060F2945262F933CD185D8531DB472B9063813F62A6539C53B125383D16A206021ED789FBDD666D34CF5D54131B6035C7A90FF78EAE5E310E4AE4158763BB9902DFFCDFA6E67AC31343BD483514E82E856C036CBF08D65F56325D5E4B0F621137DA60B693D8C3AE1C7B00FC6185BC1D53A9FED3E9770C5B2E7BF10A4382F46E4058C762E763D01CA51968424684BE7C5FF6EA9D6496504C3FD0C9C2917FD7A3DCB63A6AAE0B386F284C819DF579D33B7E796FE9E853F9CED3ECCFE73A95729CF265830A532792FDC35C9848E8A2663C26EDFA109970E373DD20330BA42DAFB50BEAB530A762FB1138A23DAD768F64D7F1A23F98F7036C3DEECD67F21E8081BED160220162BD15E7EC8FC56E5FA53E591FFBB3406CF376A4C0F0A299561FD9FD98F264D41B8C81B3EA23CADF441D6AFC137012F9C1036895AE13DF2FE1EAAF2CD3E256B451776B9ADF75A90A2D836278538A5769A740ADF0B756DF94B99C80761C0818E263797F371F2F83A882B8A3718CEB47E93192B38A81EDA5E1B93C4B7C2F498E521AE1EC171D0FBDAD1572AF038A456609D6B26EA8D22376DEA2A813556DA462A81DD46ABB746781BC16B80D3D425E808772AF548997D0DF0D9997DF0ADB2CFD43F9CAAE9BE29F3BAE1CE8C322C914235AC3E9DE5C60E8AF9EA40D3D1624039331A18F77A14A301D0F213363A95DD420ABEF970D45DF6EF87832E5BBEA126595B66942062BB0289B20821C7D3DD9230DD97B43E3DA6FF912B592CE6D6D961E3DC90C561D0AC02AEF5585FDA53DC3174675544A662B8A381825F84B6BF7C7108617A7940683C6EC1758CF04F77DC1DB67C3485E22365068E9487F33CF56DCAF31FCBA188E53B4B8D20469AF10429EB0D4BF0C05246F84E029D7A1B0BCC93485C011ABD00727A26EA7E9C2D5114948E7B1953619FEBD11873EBDBEC153084E31FE19C40343A0C7FD5FCDAD9FA0C0536BEBA641C64AFD7FD9D3961DB93CB750E1779133C49C55836F07296108E64AF5B32F880F11A08181685937E3BFA3F901DDF9A88883EFCED7DA6F28F66212FE8A516D86E04D208969D681A4A04E38DB50FD1B43"
"OODEFRAG14.00.00.01PROFESSIONAL"="BD9314F0615E8C295327762589FD204F83653A26CB637DE2597223148D0BA2F964314DCD0746A9264E0D46327E8D4502B55BEFF7D3E58BC8E3CA36844E5C158647DC8F6B5109654CC9FBD468CDA22B7D6E9366750CABCCAB42401E6DC5A641FD9D0F15BA0E57C2FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808BA7FD869164D6794C038D530D6EB34528EDD5E5BE2F6E667D4E7ED425E8BEA212DBBEE15927AD526EF6F0268A5EFCDF1B7637B64BCB7CE737189C97381153F76CD2631835C28AF4F326220233031B7D3CA2A87DE2F0C582B23DBCDF6BE12F36A4C4BC9E66640D3001F9255B6D6ACBF6D0031E72079D1A3DA3EF9C70593A6C5ECF85AC632F787907420641272CBEE62E9F9318FF5D579FCB93F94CB0764C6F162C7187C8ABD9AB2DE41CF0A58A35721657C7931DF62C9B5F145EC2F18793D3B22505C02CA49E69064B4E23622D71B7FF3F16C4892215AA5A2125B0B8B7CA7E8F74F9231818D2F009C4DBF53B946400619680010F5F898A35E0E4B3FE77EF744A323BC2A71E30A5D16069A5FBF30A342D0123D0B2834C490AD423C6CE372729DDA50EDD011886408D1F9BD1F06BAF4458946457D788173CA095FBFF9EF2E3347C400CF4A0C9AF9E443EB051C166F3822237B47716C730DBA633600112CEE26177CFB1D043EA05F59D44063A1ABBC43F275538B34BA7F50489B4035A06DD30EE6933627ABBC817B53E2FDDCBFB3F145544A8CEA55D100CBE08B17B0DA3EDF80980DC05034CC8A88C03F540BCAD445BA655E0FD52C52356577FCF9D435DB7A660BE05514D5696B94162E939A5A64D179CBE4644C4F0E3FD50230CA196A386F7E287CCEFB8BC0B805CBE8B04ECBED93A8300539E69E9026A978D69189F7776DDB583E2CA914B56B0DDB1CC37A3F32EA4340D5E04DB816D342D918F8C3A0F588E18A7A93D071DDDE3AC56A8A8817259F1BAA6751BF840D9553A68E4F7C6A3EB74B32F84BBAED8555E90FE666757D6B59D1253BA30F2B9B9FE5E54B08FA1F9357254677BFC191A970CEBE1CDAD3DCE3A4DF68481623199987D7214FBA1A4D6A25D240A480D8ADFCBA715F0511C7E61C7512B0768AF40015C7D86413A04847EC45889E25428154E6A0AA029457890ED82007BF260713D3CC3E6E4200998923F840516610DBD5DB81702A39309C688C90DDB2D8A7B5204FB52E70D17629F5BA1F000A1BF1CA81611B61721D2F76C45CEECB5CC442E3D2EDF73D0CA9C9F4B72CA5D4654ACAAC44C2B689594A5E1F94BF53EB22D0AE037372717642EABEC80FD906F1E7800FC6F3A30A678CDE817260B9D22470CD9BAA63E0B1C7E7B41393CEE9EDEDEB502681776B00D9877F4A70C49233BB0E8F2C1312837E8326ACF3E6DD47BD45A0D1EB67"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(840)
c:\windows.1\system32\Ati2evxx.dll
c:\windows.1\system32\atiadlxx.dll
- - - - - - - > 'lsass.exe'(896)
c:\windows.1\system32\MPR.dll
c:\windows.1\system32\guard32.dll
c:\windows.1\system32\idmmbc.dll
- - - - - - - > 'explorer.exe'(1956)
c:\windows.1\system32\guard32.dll
c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
c:\progra~1\MICROS~2\Office14\1029\GrooveIntlResource.dll
c:\windows.1\system32\webcheck.dll
c:\windows.1\system32\WPDShServiceObj.dll
c:\windows.1\system32\PortableDeviceTypes.dll
c:\windows.1\system32\PortableDeviceApi.dll
.
Celkový čas: 2010-10-05 18:15:11
ComboFix-quarantined-files.txt 2010-10-05 16:15
Před spuštěním: Volných bajtů: 385 438 056 448
Po spuštění: Volných bajtů: 388 462 931 968
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS.1
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS.1="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn /usepmtimer
- - End Of File - - EEC77E599A07969B3E7572511EE9C036
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1509 [GMT 2:00]
Spuštěný z: c:\documents and settings\Ondra.POČÍTAČ\Dokumenty\Downloads\Programs\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-09-05 do 2010-10-05 )))))))))))))))))))))))))))))))
.
2010-10-05 15:51 . 2010-10-05 15:51 -------- d-----r- C:\MO
2010-10-05 15:04 . 2010-09-07 14:52 165584 ----a-w- c:\windows.1\system32\drivers\aswSP.sys
2010-10-05 15:04 . 2010-09-07 14:47 17744 ----a-w- c:\windows.1\system32\drivers\aswFsBlk.sys
2010-10-05 15:04 . 2010-09-07 14:47 23376 ----a-w- c:\windows.1\system32\drivers\aswRdr.sys
2010-10-05 15:04 . 2010-09-07 14:52 46672 ----a-w- c:\windows.1\system32\drivers\aswTdi.sys
2010-10-05 15:04 . 2010-09-07 14:47 100176 ----a-w- c:\windows.1\system32\drivers\aswmon2.sys
2010-10-05 15:04 . 2010-09-07 14:47 94544 ----a-w- c:\windows.1\system32\drivers\aswmon.sys
2010-10-05 15:04 . 2010-09-07 14:46 28880 ----a-w- c:\windows.1\system32\drivers\aavmker4.sys
2010-10-05 15:03 . 2010-09-07 15:12 38848 ----a-w- c:\windows.1\avastSS.scr
2010-10-05 15:03 . 2010-09-07 15:11 167592 ----a-w- c:\windows.1\system32\aswBoot.exe
2010-10-05 15:03 . 2010-10-05 15:03 -------- d-----w- c:\program files\Alwil Software
2010-10-04 19:09 . 2010-10-04 19:09 -------- d-----w- C:\VritualRoot
2010-10-04 18:52 . 2010-10-04 18:52 40960 ----a-r- c:\documents and settings\Ondra.POČÍTAČ\Data aplikací\Microsoft\Installer\{B2073246-67E3-40CD-A7EF-8882D37119BC}\assassin.exe1_B207324667E340CDA7EF8882D37119BC.exe
2010-10-04 18:52 . 2010-10-04 18:52 40960 ----a-r- c:\documents and settings\Ondra.POČÍTAČ\Data aplikací\Microsoft\Installer\{B2073246-67E3-40CD-A7EF-8882D37119BC}\assassin.exe_B207324667E340CDA7EF8882D37119BC.exe
2010-10-04 18:52 . 2010-10-04 18:52 10134 ----a-r- c:\documents and settings\Ondra.POČÍTAČ\Data aplikací\Microsoft\Installer\{B2073246-67E3-40CD-A7EF-8882D37119BC}\ARPPRODUCTICON.exe
2010-10-04 18:52 . 2010-10-04 18:52 -------- d-----w- c:\program files\Assassin G13
2010-10-04 18:51 . 2010-10-04 18:51 -------- d-----w- c:\windows.1\Downloaded Installations
2010-10-03 16:57 . 2010-10-03 16:57 -------- d-----w- c:\program files\Common Files\ABBYY
2010-10-03 16:27 . 2010-10-03 16:27 -------- d-----w- c:\temp\ABBYY FineReader 10
2010-10-03 14:16 . 2010-10-05 15:48 -------- d-----w- c:\program files\ABBYY FineReader 10
2010-10-03 14:13 . 2010-10-03 16:27 -------- d-----w- C:\temp
2010-10-03 14:13 . 2010-10-03 14:13 -------- d-----w- c:\temp\FR10PE
2010-09-21 15:02 . 2010-06-11 09:32 581192 ----a-w- c:\windows.1\system32\WinUSBCoInstaller.dll
2010-09-19 17:00 . 2010-09-19 17:00 -------- d-----w- c:\program files\Common Files\Apple
2010-09-19 17:00 . 2010-09-19 17:00 -------- d-----w- c:\program files\Apple Software Update
2010-09-17 09:30 . 2010-09-17 09:30 -------- d-----w- c:\windows.1\system32\oodag
2010-09-17 07:31 . 2010-09-17 07:31 -------- d-----w- c:\program files\2K Games
2010-09-10 11:02 . 2010-09-10 11:02 1556808 ----a-w- c:\windows.1\system32\ooscrsav.scr
2010-09-10 11:01 . 2010-09-10 11:01 275272 ----a-w- c:\windows.1\system32\oodbs.exe
2010-09-10 10:59 . 2010-09-10 10:59 535880 ----a-w- c:\windows.1\system32\oodssrs.dll
2010-09-10 10:59 . 2010-09-10 10:59 9544 ----a-w- c:\windows.1\system32\oodbsrs.dll
2010-09-07 15:45 . 2010-09-07 17:22 -------- d-----w- c:\program files\Xilisoft
2010-09-07 13:30 . 2007-11-27 01:24 14640 ------w- c:\windows.1\system32\spmsgXP_2k3.dll
2010-09-07 13:09 . 2010-09-07 13:07 53632 ----a-w- c:\documents and settings\Ondra.POČÍTAČ\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-09-07 13:08 . 2010-06-11 09:32 1112288 ----a-w- c:\windows.1\system32\WdfCoInstaller01007.dll
2010-09-07 13:08 . 2009-06-09 22:49 24576 ----a-w- c:\windows.1\system32\drivers\ANDROIDUSB.sys
2010-09-07 13:08 . 2010-09-07 13:08 -------- d-----w- c:\program files\Spirent Communications
2010-09-07 13:07 . 2010-09-21 17:02 -------- d-----w- c:\program files\HTC
2010-09-07 13:07 . 2010-09-07 13:07 53632 ----a-w- c:\documents and settings\Default User.WINDOWS.1\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-09-06 16:05 . 2010-09-06 16:05 -------- d-----w- c:\windows.1\system32\XPSViewer
2010-09-06 16:05 . 2008-07-06 12:06 89088 ----a-w- c:\windows.1\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-09-06 16:04 . 2010-09-06 16:05 -------- d-----w- C:\65308eb9ea3279bd3e667bc96e64
2010-09-06 16:04 . 2008-07-06 12:06 89088 -c----w- c:\windows.1\system32\dllcache\filterpipelineprintproc.dll
2010-09-06 16:04 . 2008-07-06 12:06 575488 -c----w- c:\windows.1\system32\dllcache\xpsshhdr.dll
2010-09-06 16:04 . 2008-07-06 12:06 575488 ------w- c:\windows.1\system32\xpsshhdr.dll
2010-09-06 16:04 . 2008-07-06 12:06 1676288 -c----w- c:\windows.1\system32\dllcache\xpssvcs.dll
2010-09-06 16:04 . 2008-07-06 12:06 1676288 ------w- c:\windows.1\system32\xpssvcs.dll
2010-09-06 16:04 . 2008-07-06 12:06 117760 ------w- c:\windows.1\system32\prntvpt.dll
2010-09-06 16:04 . 2008-07-06 10:50 597504 -c----w- c:\windows.1\system32\dllcache\printfilterpipelinesvc.exe
2010-09-06 16:04 . 2008-07-06 10:50 597504 ------w- c:\windows.1\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-09-05 16:35 . 2007-03-12 14:42 1123696 ----a-w- c:\windows.1\system32\D3DCompiler_33.dll
2010-09-05 16:19 . 2010-09-05 17:35 -------- d-----w- c:\program files\Dragon Age
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-05 15:12 . 2009-06-24 08:37 -------- d-----w- c:\program files\trend micro
2010-10-04 16:55 . 2009-06-23 14:52 -------- d-----w- c:\program files\EurotelSMS
2010-10-02 17:39 . 2009-10-31 08:38 -------- d-----w- c:\program files\QIP Infium
2010-10-02 17:26 . 2010-07-18 11:28 -------- d-----w- c:\program files\Killing Floor
2010-09-29 15:33 . 2010-04-08 23:26 285480 ----a-w- c:\windows.1\system32\guard32.dll
2010-09-29 15:33 . 2010-04-08 23:25 91560 ----a-w- c:\windows.1\system32\drivers\inspect.sys
2010-09-29 15:33 . 2010-04-08 23:25 25240 ----a-w- c:\windows.1\system32\drivers\cmdhlp.sys
2010-09-29 15:33 . 2010-04-08 23:25 15592 ----a-w- c:\windows.1\system32\drivers\cmderd.sys
2010-09-29 15:33 . 2010-04-08 23:25 239240 ----a-w- c:\windows.1\system32\drivers\cmdGuard.sys
2010-09-21 15:03 . 2010-09-21 15:03 0 ---ha-w- c:\windows.1\system32\drivers\Msft_Kernel_WinUSB_01007.Wdf
2010-09-19 17:01 . 2009-08-30 17:15 -------- d-----w- c:\program files\QuickTime
2010-09-17 07:48 . 2009-06-24 11:00 -------- d-----w- c:\program files\CCleaner
2010-09-09 15:59 . 2010-06-30 14:55 -------- d-----w- c:\program files\Garena
2010-09-07 13:30 . 2010-09-07 13:30 0 ---ha-w- c:\windows.1\system32\drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
2010-09-07 13:30 . 2010-09-07 13:30 0 ---ha-w- c:\windows.1\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2010-09-07 13:07 . 2010-01-06 15:02 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-09-07 13:07 . 2009-06-23 16:22 -------- d-----w- c:\program files\MSXML 4.0
2010-09-06 18:41 . 2001-10-25 12:00 79040 ----a-w- c:\windows.1\system32\perfc005.dat
2010-09-06 18:41 . 2001-10-25 12:00 431998 ----a-w- c:\windows.1\system32\perfh005.dat
2010-09-05 16:17 . 2009-11-28 11:52 -------- d-----w- c:\program files\Common Files\BioWare
2010-08-31 14:48 . 2009-06-23 12:13 -------- d-----w- c:\program files\Internet Download Manager
2010-08-29 14:31 . 2010-08-29 14:31 -------- d-----w- c:\program files\Zoner
2010-08-17 13:17 . 2001-10-25 12:00 58880 ----a-w- c:\windows.1\system32\spoolsv.exe
2010-08-15 16:09 . 2009-07-06 14:17 -------- d-----w- c:\program files\Google
2010-08-13 14:41 . 2009-06-23 13:22 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-08-13 14:40 . 2010-08-13 14:40 691696 ----a-w- c:\windows.1\system32\drivers\sptd.sys
2010-08-12 15:27 . 2009-06-24 07:29 -------- d-----w- c:\program files\ESET
2010-08-12 12:07 . 2010-08-12 12:06 -------- d-----w- c:\program files\DreamCom
2010-08-10 14:57 . 2010-08-10 14:56 -------- d-----w- c:\program files\ICQ7.2
2010-08-10 14:56 . 2009-06-23 10:55 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-08 14:54 . 2010-08-08 14:54 61440 ----a-w- c:\documents and settings\Ondra.POČÍTAČ\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-1c078969-n\decora-sse.dll
2010-08-08 14:54 . 2010-08-08 14:54 503808 ----a-w- c:\documents and settings\Ondra.POČÍTAČ\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-366176d5-n\msvcp71.dll
2010-08-08 14:54 . 2010-08-08 14:54 499712 ----a-w- c:\documents and settings\Ondra.POČÍTAČ\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-366176d5-n\jmc.dll
2010-08-08 14:54 . 2010-08-08 14:54 348160 ----a-w- c:\documents and settings\Ondra.POČÍTAČ\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-366176d5-n\msvcr71.dll
2010-08-08 14:54 . 2010-08-08 14:54 12800 ----a-w- c:\documents and settings\Ondra.POČÍTAČ\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-1c078969-n\decora-d3d.dll
2010-07-22 15:46 . 2002-09-20 17:04 590848 ----a-w- c:\windows.1\system32\rpcrt4.dll
2010-07-22 06:19 . 2008-05-05 05:25 5632 ----a-w- c:\windows.1\system32\xpsp4res.dll
2010-07-18 14:28 . 2010-07-18 14:28 503808 ----a-w- c:\documents and settings\Ondra.POČÍTAČ\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-315e8a5b-n\msvcp71.dll
2010-07-18 14:28 . 2010-07-18 14:28 499712 ----a-w- c:\documents and settings\Ondra.POČÍTAČ\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-315e8a5b-n\jmc.dll
2010-07-18 14:28 . 2010-07-18 14:28 348160 ----a-w- c:\documents and settings\Ondra.POČÍTAČ\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-315e8a5b-n\msvcr71.dll
2010-07-18 14:28 . 2010-07-18 14:28 61440 ----a-w- c:\documents and settings\Ondra.POČÍTAČ\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-1eabe758-n\decora-sse.dll
2010-07-18 14:28 . 2010-07-18 14:28 12800 ----a-w- c:\documents and settings\Ondra.POČÍTAČ\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-1eabe758-n\decora-d3d.dll
2010-07-18 14:28 . 2010-07-18 14:28 423656 ----a-w- c:\windows.1\system32\deployJava1.dll
2010-06-23 12:45 . 2010-06-23 12:45 1040758 ----a-w- c:\program files\LogMeIn Hamachi.rar
.
------- Sigcheck -------
[-] 2010-06-29 . CBEEBEB899E31EF52B962CB31FC8CA5C . 361600 . . [5.1.2600.5625] . . c:\windows.1\system32\drivers\tcpip.sys
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows.1\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows.1\system32\dllcache\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows.1\$NtUninstallKB951748$\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows.1\ServicePackFiles\i386\tcpip.sys
[-] 2002-08-29 . 244A2F9816BC9B593957281EF577D976 . 332928 . . [5.1.2600.1106] . . c:\windows.1\$NtServicePackUninstall$\tcpip.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="d:\utorrent\uTorrent.exe" [2010-09-25 328056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-09-29 2500552]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows.1\System32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS.1^Nabídka Start^Programy^Po spuštění^Aktualizovat ESET licenci.lnk]
path=c:\documents and settings\All Users.WINDOWS.1\Nabídka Start\Programy\Po spuštění\Aktualizovat ESET licenci.lnk
backup=c:\windows.1\pss\Aktualizovat ESET licenci.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2010-06-08 15:16 64104 ----a-w- c:\windows.1\ALCMTR.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Assassin G13]
2006-12-21 20:00 1318912 ----a-w- c:\program files\Assassin G13\assassin.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICustomerCare]
2010-03-04 12:31 311296 ----a-w- c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2009-03-24 02:00 1983816 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
2009-03-18 01:40 767312 ----a-w- c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader]
2010-08-18 08:53 249856 ----a-w- c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2010-08-10 14:56 133368 ----a-w- c:\program files\ICQ7.2\ICQ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
2010-08-31 13:35 3220912 ----a-w- c:\program files\Internet Download Manager\IDMan.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KmsServer]
2006-04-21 11:42 22016 ----a-w- c:\windows.1\KmsServer\Server.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
2010-09-10 11:01 2771784 ----a-w- c:\program files\OO Software\Defrag\oodtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-09-08 09:17 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2010-06-08 15:16 19552872 ----a-w- c:\windows.1\RTHDCPL.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2006-11-10 10:35 90112 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 09:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Killing Floor\\System\\KillingFloor.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Dragon Age\\bin_ship\\daorigins.exe"=
"c:\\Program Files\\Dragon Age\\DAOriginsLauncher.exe"=
"c:\\Program Files\\Dragon Age\\bin_ship\\daupdatersvc.service.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R1 aswSP;aswSP;c:\windows.1\system32\drivers\aswSP.sys [5.10.2010 17:04 165584]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows.1\system32\drivers\cmdGuard.sys [9.4.2010 1:25 239240]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows.1\system32\drivers\cmdhlp.sys [9.4.2010 1:25 25240]
R2 ABBYY.Licensing.FineReader.Professional.10.0;ABBYY FineReader 10 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [29.9.2009 18:18 809736]
R2 aswFsBlk;aswFsBlk;c:\windows.1\system32\drivers\aswFsBlk.sys [5.10.2010 17:04 17744]
R2 CLPSLS;COMODO livePCsupport Service;c:\program files\COMODO\COMODO livePCsupport\CLPSLS.exe [19.2.2010 17:00 148744]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows.1\system32\drivers\l151x86.sys [29.6.2010 18:40 39424]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [6.7.2009 16:17 133104]
S2 OODefragAgent;O&O Defrag Agent;c:\program files\OO Software\Defrag\oodag.exe [10.9.2010 13:01 2320712]
S3 Ambfilt;Ambfilt;c:\windows.1\system32\drivers\Ambfilt.sys [30.6.2010 9:23 1691480]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu;c:\program files\Dragon Age\bin_ship\daupdatersvc.service.exe [15.12.2009 22:07 25832]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\ONDRA~1.POT\LOCALS~1\Temp\IRX127.tmp --> c:\docume~1\ONDRA~1.POT\LOCALS~1\Temp\IRX127.tmp [?]
S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\Garena\plugins\UI\safedrv.sys --> c:\program files\Garena\plugins\UI\safedrv.sys [?]
S3 HTCAND32;HTC Device Driver;c:\windows.1\system32\drivers\ANDROIDUSB.sys [7.9.2010 15:08 24576]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [25.3.2010 10:25 30969208]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9.1.2010 21:37 4640000]
S3 wip0204;Wippien Network Adapter 2.4;c:\windows.1\system32\drivers\wip0204.sys [29.6.2010 20:11 23480]
S4 sptd;sptd;c:\windows.1\system32\drivers\sptd.sys [13.8.2010 16:40 691696]
.
Obsah adresáře 'Naplánované úlohy'
2010-09-19 c:\windows.1\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
2010-10-05 c:\windows.1\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-06 14:17]
2010-10-05 c:\windows.1\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-06 14:17]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Stáhnout s IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM obsah FLV videa - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Stáhnout s IDM všechny odkazy - c:\program files\Internet Download Manager\IEGetAll.htm
LSP: c:\windows.1\system32\idmmbc.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\documents and settings\Ondra.POČÍTAČ\Data aplikací\Mozilla\Firefox\Profiles\fpdwb1f3.default\
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - component: c:\documents and settings\Ondra.POČÍTAČ\Data aplikací\IDM\idmmzcc3\components\idmmzcc.dll
FF - plugin: c:\progra~1\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: c:\program files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows.1\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\ONDRA~1.POT\LOCALS~1\Temp\IRX127.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):a5,29,38,a5,eb,cb,4f,12,9a,4b,a9,30,19,24,68,87,a2,a8,05,35,f2,
6b,db,84,fe,e5,7a,55,6c,95,6f,d4,93,1e,a4,94,a5,b0,15,9f,00,00,00,00,00,00,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{679b1fe7-da03-4d92-a5ee-fc27cb72eaeb}]
@Denied: (Full) (Everyone)
"Model"=dword:000000ca
"Therad"=dword:00000018
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):0d,62,55,86,8b,be,de,2b,6d,3d,dc,67,a4,5f,aa,ea,ff,75,3b,c9,62,
ae,f0,19,72,bf,e8,04,d3,e3,ef,33,b0,aa,da,c4,97,1d,26,56,00,00,00,00,00,00,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS.1\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS.1\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{b147e01f-3135-411c-86dd-6db4e5835727}]
@Denied: (Full) (Everyone)
"Model"=dword:000000f5
"Therad"=dword:0000000a
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="E91F64FC033112D4A9AFC824DD4727488CCBAB35D82B488076A37976848FC8585E3A7AA8CC1E5624A1E8B9D593326EE2693F79ED5ACD55461AA3403202F42A86D7D3E2FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808BA7FD869164D6794C038D530D6EB34529DB7CE019D40AA5C16050067583C3351E1CDD6B54EA9935FAB139B12627F51262A38AC674157246CBCE39BD495302424E1C400375470C6786AD496CEE6F725FC8A3932661BBF15DEB4287B95EC140F2CC866058F954CEBAB8D51A5817229E642FB772D7D3C2CFCEAE24566FD051210BA48C060F2945262F933CD185D8531DB472B9063813F62A6539C53B125383D16A206021ED789FBDD666D34CF5D54131B6035C7A90FF78EAE5E310E4AE4158763BB9902DFFCDFA6E67AC31343BD483514E82E856C036CBF08D65F56325D5E4B0F621137DA60B693D8C3AE1C7B00FC6185BC1D53A9FED3E9770C5B2E7BF10A4382F46E4058C762E763D01CA51968424684BE7C5FF6EA9D6496504C3FD0C9C2917FD7A3DCB63A6AAE0B386F284C819DF579D33B7E796FE9E853F9CED3ECCFE73A95729CF265830A532792FDC35C9848E8A2663C26EDFA109970E373DD20330BA42DAFB50BEAB530A762FB1138A23DAD768F64D7F1A23F98F7036C3DEECD67F21E8081BED160220162BD15E7EC8FC56E5FA53E591FFBB3406CF376A4C0F0A299561FD9FD98F264D41B8C81B3EA23CADF441D6AFC137012F9C1036895AE13DF2FE1EAAF2CD3E256B451776B9ADF75A90A2D836278538A5769A740ADF0B756DF94B99C80761C0818E263797F371F2F83A882B8A3718CEB47E93192B38A81EDA5E1B93C4B7C2F498E521AE1EC171D0FBDAD1572AF038A456609D6B26EA8D22376DEA2A813556DA462A81DD46ABB746781BC16B80D3D425E808772AF548997D0DF0D9997DF0ADB2CFD43F9CAAE9BE29F3BAE1CE8C322C914235AC3E9DE5C60E8AF9EA40D3D1624039331A18F77A14A301D0F213363A95DD420ABEF970D45DF6EF87832E5BBEA126595B66942062BB0289B20821C7D3DD9230DD97B43E3DA6FF912B592CE6D6D961E3DC90C561D0AC02AEF5585FDA53DC3174675544A662B8A381825F84B6BF7C7108617A7940683C6EC1758CF04F77DC1DB67C3485E22365068E9487F33CF56DCAF31FCBA188E53B4B8D20469AF10429EB0D4BF0C05246F84E029D7A1B0BCC93485C011ABD00727A26EA7E9C2D5114948E7B1953619FEBD11873EBDBEC153084E31FE19C40343A0C7FD5FCDAD9FA0C0536BEBA641C64AFD7FD9D3961DB93CB750E1779133C49C55836F07296108E64AF5B32F880F11A08181685937E3BFA3F901DDF9A88883EFCED7DA6F28F66212FE8A516D86E04D208969D681A4A04E38DB50FD1B43"
"OODEFRAG14.00.00.01PROFESSIONAL"="BD9314F0615E8C295327762589FD204F83653A26CB637DE2597223148D0BA2F964314DCD0746A9264E0D46327E8D4502B55BEFF7D3E58BC8E3CA36844E5C158647DC8F6B5109654CC9FBD468CDA22B7D6E9366750CABCCAB42401E6DC5A641FD9D0F15BA0E57C2FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808BA7FD869164D6794C038D530D6EB34528EDD5E5BE2F6E667D4E7ED425E8BEA212DBBEE15927AD526EF6F0268A5EFCDF1B7637B64BCB7CE737189C97381153F76CD2631835C28AF4F326220233031B7D3CA2A87DE2F0C582B23DBCDF6BE12F36A4C4BC9E66640D3001F9255B6D6ACBF6D0031E72079D1A3DA3EF9C70593A6C5ECF85AC632F787907420641272CBEE62E9F9318FF5D579FCB93F94CB0764C6F162C7187C8ABD9AB2DE41CF0A58A35721657C7931DF62C9B5F145EC2F18793D3B22505C02CA49E69064B4E23622D71B7FF3F16C4892215AA5A2125B0B8B7CA7E8F74F9231818D2F009C4DBF53B946400619680010F5F898A35E0E4B3FE77EF744A323BC2A71E30A5D16069A5FBF30A342D0123D0B2834C490AD423C6CE372729DDA50EDD011886408D1F9BD1F06BAF4458946457D788173CA095FBFF9EF2E3347C400CF4A0C9AF9E443EB051C166F3822237B47716C730DBA633600112CEE26177CFB1D043EA05F59D44063A1ABBC43F275538B34BA7F50489B4035A06DD30EE6933627ABBC817B53E2FDDCBFB3F145544A8CEA55D100CBE08B17B0DA3EDF80980DC05034CC8A88C03F540BCAD445BA655E0FD52C52356577FCF9D435DB7A660BE05514D5696B94162E939A5A64D179CBE4644C4F0E3FD50230CA196A386F7E287CCEFB8BC0B805CBE8B04ECBED93A8300539E69E9026A978D69189F7776DDB583E2CA914B56B0DDB1CC37A3F32EA4340D5E04DB816D342D918F8C3A0F588E18A7A93D071DDDE3AC56A8A8817259F1BAA6751BF840D9553A68E4F7C6A3EB74B32F84BBAED8555E90FE666757D6B59D1253BA30F2B9B9FE5E54B08FA1F9357254677BFC191A970CEBE1CDAD3DCE3A4DF68481623199987D7214FBA1A4D6A25D240A480D8ADFCBA715F0511C7E61C7512B0768AF40015C7D86413A04847EC45889E25428154E6A0AA029457890ED82007BF260713D3CC3E6E4200998923F840516610DBD5DB81702A39309C688C90DDB2D8A7B5204FB52E70D17629F5BA1F000A1BF1CA81611B61721D2F76C45CEECB5CC442E3D2EDF73D0CA9C9F4B72CA5D4654ACAAC44C2B689594A5E1F94BF53EB22D0AE037372717642EABEC80FD906F1E7800FC6F3A30A678CDE817260B9D22470CD9BAA63E0B1C7E7B41393CEE9EDEDEB502681776B00D9877F4A70C49233BB0E8F2C1312837E8326ACF3E6DD47BD45A0D1EB67"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(840)
c:\windows.1\system32\Ati2evxx.dll
c:\windows.1\system32\atiadlxx.dll
- - - - - - - > 'lsass.exe'(896)
c:\windows.1\system32\MPR.dll
c:\windows.1\system32\guard32.dll
c:\windows.1\system32\idmmbc.dll
- - - - - - - > 'explorer.exe'(1956)
c:\windows.1\system32\guard32.dll
c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
c:\progra~1\MICROS~2\Office14\1029\GrooveIntlResource.dll
c:\windows.1\system32\webcheck.dll
c:\windows.1\system32\WPDShServiceObj.dll
c:\windows.1\system32\PortableDeviceTypes.dll
c:\windows.1\system32\PortableDeviceApi.dll
.
Celkový čas: 2010-10-05 18:15:11
ComboFix-quarantined-files.txt 2010-10-05 16:15
Před spuštěním: Volných bajtů: 385 438 056 448
Po spuštění: Volných bajtů: 388 462 931 968
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS.1
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS.1="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn /usepmtimer
- - End Of File - - EEC77E599A07969B3E7572511EE9C036
-
Rudy
- Site Admin
- Příspěvky: 119426
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalení PC
Log vypadá čistý. Zkuste PC vyčistit CCleanerem: http://www.viry.cz/forum/viewtopic.php?f=46&t=7478 a přeinstalovat Avast.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zpomalení PC
Dekuji, mam jeste jeden drobny problem:
Kdyz chci zapnout IE8 naskoci mi tato chyba, ne ze bych IE pouzival, ale obcas se hodi (aktualizace...). diky za radu
Kdyz chci zapnout IE8 naskoci mi tato chyba, ne ze bych IE pouzival, ale obcas se hodi (aktualizace...). diky za radu
-
Rudy
- Site Admin
- Příspěvky: 119426
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomalení PC
Je to chyba ve visual C++ (programovací jazyk). Pokud IE požíváje jen k aktualkizacím, nejde o nic podstatného. Můžete zkusit IE8 přeinstalovat.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?