
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
exe súbory nefungujú a počítač sa nechce reštartovať
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
exe súbory nefungujú a počítač sa nechce reštartovať
Zistil som to, ked som sa pokúšal, naištalovať nový prehliadač, inštalácia sa zasekla pri spúšťaní.
Rovnako RSIT log sem nemôžem nahodiť, lebo po spustení sa mi zasekne na "Running Hijack this" a stojí tak už pár minút.
Počítač sa nechce reštartovať, musím ho vypnúť natvrdo.
Antivirus (Avast) hlási, že webový štít nie je zapnutý, a ani zapnúť nejde. Aktualizácia antiviru a vôbec akákoľvek sa nedokončí, ledva zapne.
Zdá sa, že nič sa nechce nainštalovať.
Môžete mi poradiť?
Rovnako RSIT log sem nemôžem nahodiť, lebo po spustení sa mi zasekne na "Running Hijack this" a stojí tak už pár minút.
Počítač sa nechce reštartovať, musím ho vypnúť natvrdo.
Antivirus (Avast) hlási, že webový štít nie je zapnutý, a ani zapnúť nejde. Aktualizácia antiviru a vôbec akákoľvek sa nedokončí, ledva zapne.
Zdá sa, že nič sa nechce nainštalovať.
Môžete mi poradiť?
- Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: exe súbory nefungujú a počítač sa nechce reštartovať
Zkuste provést sken RSIT v nouz. režimu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:

e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: exe súbory nefungujú a počítač sa nechce reštartovať
Tak v núdzovom ma už poslúcha.
Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrator at 2010-10-15 21:24:30
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 19 GB (28%) free of 68 GB
Total RAM: 1007 MB (77% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:24:46, on 15. 10. 2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HPQ\IAM\bin\asghost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Administrator\Plocha\RSIT.exe
C:\Program Files\trend micro\Administrator.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Data aplikací\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: AutorunsDisabled
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Administrator\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: AutorunsDisabled - Invalid registry found
O20 - Winlogon Notify: OneCard - C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\IFXSPMGT.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\IFXTCS.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O24 - Desktop Component 0: (no name) - (no file)
--
End of file - 7359 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-07-22 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-26 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
HP Credential Manager for ProtectTools - C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll [2005-03-03 50688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-07-26 79648]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2006-07-21 98304]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2006-07-21 86016]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2006-07-21 81920]
"CognizanceTS"=C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll [2003-12-22 17920]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 61440]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-06-08 19552872]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-06-28 2837864]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2010-06-23 1043968]
"PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2007-10-11 29984]
"IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2007-10-11 46368]
"PPort11reminder"=C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [2007-08-31 328992]
"BrMfcWnd"=C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2009-02-10 745472]
"ControlCenter3"=C:\Program Files\Brother\ControlCenter3\brctrcen.exe [2007-10-30 77824]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění
AutorunsDisabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="wbsys.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-04 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-02-11 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AutorunsDisabled]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IfxWlxEN]
C:\WINDOWS\system32\IfxWlxEN.dll [2006-04-07 434176]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-07-21 147456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
C:\WINDOWS\system32\LMIinit.dll [2009-09-28 87352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\OneCard]
C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll [2006-06-07 40448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
AsWlnPkg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x91000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Opera\Opera.exe"="C:\Program Files\Opera\Opera.exe:*:Enabled:Opera Internet Browser"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe"="C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Ventrilo\Ventrilo.exe"="C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"F:\inštalačky\Half-life 2\hl2.exe"="F:\inštalačky\Half-life 2\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"E:\Medal of Honor Pacific Assault(tm)\mohpa.exe"="E:\Medal of Honor Pacific Assault(tm)\mohpa.exe:*:Enabled:Medal of Honor Pacific Assault(tm)"
"C:\Program Files\Tunngle\tnglctrl.exe"="C:\Program Files\Tunngle\tnglctrl.exe:*:Enabled:Tunngle Service"
"C:\Program Files\Tunngle\tunngle.exe"="C:\Program Files\Tunngle\tunngle.exe:*:Enabled:Tunngle Client"
"F:\Dark Crusade\Dawn of War - Dark Crusade\DarkCrusade.exe"="F:\Dark Crusade\Dawn of War - Dark Crusade\DarkCrusade.exe:*:Enabled:DarkCrusade"
"C:\WINDOWS\system32\svchost.exe"="C:\WINDOWS\system32\svchost.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\services.exe"="C:\WINDOWS\system32\services.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Counter-Strike 1.6\hl.exe"="C:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe"="C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon"
"\??\C:\WINDOWS\system32\winlogon.exe"="\??\C:\WINDOWS\system32\winlogon.exe:*:Enabled:@xpsp2res.dll,-22019"
"F:\StarCraft II\Versions\Base15405\SC2.exe"="F:\StarCraft II\Versions\Base15405\SC2.exe:*:Enabled:StarCraft II"
"F:\War\lancraft.exe"="F:\War\lancraft.exe:*:Enabled:lancraft"
"F:\War\Warcraft III.exe"="F:\War\Warcraft III.exe:*:Enabled:Warcraft III"
"F:\DoD\Day of Defeat\hl.exe"="F:\DoD\Day of Defeat\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\svchost.exe"="C:\WINDOWS\system32\svchost.exe:*:Enabled:@xpsp2res.dll,-22019"
"\??\C:\WINDOWS\system32\winlogon.exe"="\??\C:\WINDOWS\system32\winlogon.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\services.exe"="C:\WINDOWS\system32\services.exe:*:Enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2010-10-15 21:22:19 ----A---- C:\WINDOWS\ntbtlog.txt
2010-10-15 20:10:01 ----A---- C:\WINDOWS\system32\pwd.dll
2010-10-13 22:25:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2010-10-13 22:24:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2279986$
2010-10-13 22:24:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2010-10-13 22:24:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2010-10-13 22:24:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2010-10-13 22:24:08 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2010-10-13 22:23:53 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2010-10-13 22:20:44 ----HDC---- C:\WINDOWS\$NtUninstallKB981957$
2010-10-13 22:20:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2010-10-09 11:55:27 ----D---- C:\Program Files\Common Files\Skype
2010-10-09 11:55:24 ----RD---- C:\Program Files\Skype
2010-09-29 14:39:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2158563$
2010-09-27 11:27:54 ----D---- C:\Program Files\Steam
2010-09-22 18:54:27 ----D---- C:\Program Files\All Ten Fingers
2010-09-19 09:15:26 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Scene Sound
2010-09-19 09:14:36 ----D---- C:\Program Files\Scene Sound
2010-09-18 15:50:08 ----D---- C:\ATF
2010-09-18 13:39:20 ----D---- C:\WINDOWS\ie8updates
2010-09-18 13:38:18 ----A---- C:\WINDOWS\imsins.BAK
2010-09-18 13:36:28 ----HDC---- C:\WINDOWS\ie8
2010-09-17 14:59:23 ----D---- C:\rsit
2010-09-17 14:50:42 ----D---- C:\Program Files\CCleaner
======List of files/folders modified in the last 1 months======
2010-10-15 21:24:33 ----D---- C:\Program Files\Trend Micro
2010-10-15 21:22:19 ----D---- C:\WINDOWS
2010-10-15 20:27:48 ----D---- C:\WINDOWS\Internet Logs
2010-10-15 20:25:17 ----D---- C:\WINDOWS\Prefetch
2010-10-15 20:24:37 ----D---- C:\WINDOWS\Temp
2010-10-15 20:10:01 ----D---- C:\WINDOWS\system32
2010-10-15 20:09:35 ----D---- C:\WINDOWS\system32\CatRoot2
2010-10-15 20:08:06 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Skype
2010-10-15 20:05:00 ----D---- C:\Documents and Settings\Administrator\Data aplikací\skypePM
2010-10-15 17:16:36 ----D---- C:\Program Files\Mozilla Firefox
2010-10-15 16:52:45 ----D---- C:\Documents and Settings\Administrator\Data aplikací\vlc
2010-10-15 13:23:19 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-10-15 11:30:45 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Mumble
2010-10-14 21:33:56 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Tunngle
2010-10-13 22:25:17 ----HD---- C:\WINDOWS\inf
2010-10-13 22:25:15 ----RSHD---- C:\WINDOWS\system32\dllcache
2010-10-13 22:25:03 ----HD---- C:\WINDOWS\$hf_mig$
2010-10-13 22:24:44 ----D---- C:\WINDOWS\system32\drivers
2010-10-13 22:24:30 ----D---- C:\WINDOWS\WinSxS
2010-10-13 22:23:37 ----D---- C:\Program Files\Internet Explorer
2010-10-13 22:20:53 ----A---- C:\WINDOWS\system32\MRT.exe
2010-10-10 08:19:10 ----D---- C:\Config.Msi
2010-10-09 11:55:34 ----SHD---- C:\WINDOWS\Installer
2010-10-09 11:55:27 ----D---- C:\Program Files\Common Files
2010-10-09 11:55:24 ----D---- C:\Program Files
2010-10-09 11:55:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2010-10-09 08:23:24 ----D---- C:\Program Files\Common Files\Adobe
2010-10-09 08:23:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-10-09 08:23:15 ----D---- C:\Program Files\Adobe
2010-10-08 14:51:40 ----D---- C:\WINDOWS\Microsoft.NET
2010-10-08 14:51:36 ----RSD---- C:\WINDOWS\assembly
2010-10-07 06:57:36 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-10-06 08:51:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\Blizzard Entertainment
2010-10-06 07:01:44 ----D---- C:\Program Files\BitTorrent
2010-10-05 21:16:48 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2010-10-05 20:11:14 ----D---- C:\Documents and Settings\Administrator\Data aplikací\BitTorrent
2010-10-04 18:09:25 ----D---- C:\WINDOWS\system32\config
2010-10-04 14:57:10 ----HD---- C:\Program Files\InstallShield Installation Information
2010-10-04 14:57:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
2010-10-04 13:22:36 ----D---- C:\Program Files\Ubisoft
2010-10-04 13:22:31 ----D---- C:\WINDOWS\system32\DirectX
2010-09-19 09:37:57 ----AC---- C:\WINDOWS\wincmd.ini
2010-09-18 15:03:24 ----D---- C:\WINDOWS\system32\cs-cz
2010-09-18 15:03:23 ----D---- C:\WINDOWS\Media
2010-09-18 15:03:23 ----D---- C:\WINDOWS\Help
2010-09-18 13:34:21 ----D---- C:\WINDOWS\Debug
2010-09-18 12:23:38 ----A---- C:\WINDOWS\system32\mfc42u.dll
2010-09-18 08:53:37 ----A---- C:\WINDOWS\system32\mfc42.dll
2010-09-18 08:53:37 ----A---- C:\WINDOWS\system32\mfc40u.dll
2010-09-18 08:53:37 ----A---- C:\WINDOWS\system32\mfc40.dll
2010-09-17 14:56:26 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-09-17 13:30:29 ----D---- C:\WINDOWS\system32\drivers\etc
2010-09-17 13:30:23 ----SD---- C:\WINDOWS\Tasks
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel RAID Controller; C:\WINDOWS\System32\DRIVERS\iaStor.sys [2006-07-06 246784]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-03-31 44944]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-05-17 50176]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2005-05-16 19968]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\WINDOWS\System32\drivers\psd.sys [2006-04-07 31104]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2006-04-25 36608]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-07-07 697328]
S0 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys []
S1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-06-28 28880]
S1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-06-28 165456]
S1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-06-28 46672]
S1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
S1 P3;Ovladač procesoru Intel PentiumIII; C:\WINDOWS\system32\DRIVERS\p3.sys [2008-04-14 46592]
S1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
S1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
S1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2010-05-13 532224]
S2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-06-28 17744]
S2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-06-28 100176]
S2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2007-08-26 271360]
S2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2007-08-26 18048]
S2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys []
S2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []
S3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-06-28 23376]
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-02-11 3565056]
S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-15 15295]
S3 CnxEtP;Conexant AccessRunner USB ADSL WAN Adapter Filter Driver; C:\WINDOWS\system32\DRIVERS\CnxEtP.sys [2004-04-28 60288]
S3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver; C:\WINDOWS\system32\DRIVERS\CnxEtU.sys [2004-04-28 646400]
S3 CnxTgN;Conexant AccessRunner USB ADSL WAN Adapter Driver; C:\WINDOWS\system32\DRIVERS\CnxTgN.sys [2004-04-29 108771]
S3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-10-24 117760]
S3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2006-07-19 230400]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-05-07 10345]
S3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2006-07-25 43392]
S3 i81x;i81x; C:\WINDOWS\system32\DRIVERS\i81xnt5.sys [2004-08-03 161020]
S3 iAimFP0;iAimFP0; C:\WINDOWS\system32\DRIVERS\wADV01nt.sys [2004-08-03 12415]
S3 iAimFP1;iAimFP1; C:\WINDOWS\system32\DRIVERS\wADV02NT.sys [2004-08-03 12127]
S3 iAimFP2;iAimFP2; C:\WINDOWS\system32\DRIVERS\wADV05NT.sys [2004-08-03 11775]
S3 iAimFP3;iAimFP3; C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys [2004-08-03 12063]
S3 iAimFP4;iAimFP4; C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys [2004-08-03 19455]
S3 iAimFP5;iAimFP5; C:\WINDOWS\system32\DRIVERS\wADV07nt.sys [2004-08-03 11807]
S3 iAimFP6;iAimFP6; C:\WINDOWS\system32\DRIVERS\wADV08nt.sys [2004-08-03 11295]
S3 iAimFP7;iAimFP7; C:\WINDOWS\system32\DRIVERS\wADV09nt.sys [2004-08-03 11871]
S3 iAimTV0;iAimTV0; C:\WINDOWS\system32\DRIVERS\wATV01nt.sys [2004-08-03 29311]
S3 iAimTV1;iAimTV1; C:\WINDOWS\system32\DRIVERS\wATV02NT.sys [2004-08-03 19551]
S3 iAimTV3;iAimTV3; C:\WINDOWS\system32\DRIVERS\wATV04nt.sys [2004-08-03 33599]
S3 iAimTV4;iAimTV4; C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys [2004-08-03 23615]
S3 iAimTV5;iAimTV5; C:\WINDOWS\system32\DRIVERS\wATV10nt.sys [2004-08-03 25471]
S3 iAimTV6;iAimTV6; C:\WINDOWS\system32\DRIVERS\wATV06nt.sys [2004-08-03 22271]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2006-07-21 1095968]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-06-08 6056040]
S3 LgBttPort;LGE Bluetooth TransPort; C:\WINDOWS\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]
S3 LGVMODEM;LGE Virtual Modem; C:\WINDOWS\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]
S3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2008-08-11 10144]
S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys []
S3 NAL;Nal Service ; \??\C:\WINDOWS\system32\Drivers\iqvw32.sys []
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-07-20 3198368]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\WINDOWS\system32\DRIVERS\s1039bus.sys [2009-11-19 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s1039mdfl.sys [2009-11-19 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s1039mdm.sys [2009-11-19 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s1039mgmt.sys [2009-11-19 117872]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s1039obex.sys [2009-11-19 113904]
S3 s716bus;Sony Ericsson Device 716 driver (WDM); C:\WINDOWS\system32\DRIVERS\s716bus.sys [2007-04-04 83208]
S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s716mdfl.sys [2007-04-04 15112]
S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s716mdm.sys [2007-04-04 108552]
S3 s716mgmt;Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s716mgmt.sys [2007-04-04 100360]
S3 s716nd5;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS); C:\WINDOWS\system32\DRIVERS\s716nd5.sys [2007-04-04 23176]
S3 s716obex;Sony Ericsson Device 716 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s716obex.sys [2007-04-04 98568]
S3 s716unic;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM); C:\WINDOWS\system32\DRIVERS\s716unic.sys [2007-04-04 98952]
S3 s816bus;Sony Ericsson Device 816 driver (WDM); C:\WINDOWS\system32\DRIVERS\s816bus.sys [2007-06-19 81832]
S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s816mdfl.sys [2007-06-19 13864]
S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s816mdm.sys [2007-06-19 107304]
S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s816obex.sys [2007-06-19 97320]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\WINDOWS\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-11-19 13056]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-11-19 19968]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-11-19 24832]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 w200bus;Sony Ericsson W200 driver (WDM); C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 61504]
S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-11-07 9328]
S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-11-07 97056]
S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w200mgmt.sys [2006-11-07 88560]
S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w200obex.sys [2006-11-07 86368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 adpu320;adpu320; C:\WINDOWS\system32\DRIVERS\adpu320.sys [2002-05-08 105472]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []
S4 Symmpi;Symmpi; C:\WINDOWS\system32\DRIVERS\symmpi.sys [2002-04-04 28416]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 ASChannel;Local Communication Channel; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-02-11 602112]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2010-02-10 593920]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
S2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
S2 IFXSpMgtSrv;Security Platform Management Service; C:\WINDOWS\system32\IFXSPMGT.exe [2006-04-24 516096]
S2 IFXTCS;Trusted Platform Core Service; C:\WINDOWS\system32\IFXTCS.exe [2006-04-07 745472]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-07-20 127043]
S2 PCA;PC Angel; C:\WINDOWS\SMINST\PCAngel.exe [2006-06-13 364544]
S2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2006-07-14 534040]
S2 PersonalSecureDriveService;Personal Secure Drive Service; C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE [2006-04-07 94208]
S2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
S2 TunngleService;TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [2010-07-06 716024]
S2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2010-06-23 2435592]
S2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 gupdate1ca0add293f1772;Služba Google Update (gupdate1ca0add293f1772); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-22 133104]
S4 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-22 190448]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-07-26 153376]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrator at 2010-10-15 21:24:30
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 19 GB (28%) free of 68 GB
Total RAM: 1007 MB (77% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:24:46, on 15. 10. 2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HPQ\IAM\bin\asghost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Administrator\Plocha\RSIT.exe
C:\Program Files\trend micro\Administrator.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Data aplikací\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: AutorunsDisabled
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Administrator\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: AutorunsDisabled - Invalid registry found
O20 - Winlogon Notify: OneCard - C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\IFXSPMGT.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\IFXTCS.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O24 - Desktop Component 0: (no name) - (no file)
--
End of file - 7359 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-07-22 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-26 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
HP Credential Manager for ProtectTools - C:\Program Files\HPQ\IAM\Bin\ItIeAddIN.dll [2005-03-03 50688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-07-26 79648]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2006-07-21 98304]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2006-07-21 86016]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2006-07-21 81920]
"CognizanceTS"=C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll [2003-12-22 17920]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 61440]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-06-08 19552872]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-06-28 2837864]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2010-06-23 1043968]
"PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2007-10-11 29984]
"IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2007-10-11 46368]
"PPort11reminder"=C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [2007-08-31 328992]
"BrMfcWnd"=C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2009-02-10 745472]
"ControlCenter3"=C:\Program Files\Brother\ControlCenter3\brctrcen.exe [2007-10-30 77824]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění
AutorunsDisabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="wbsys.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-04 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-02-11 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AutorunsDisabled]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IfxWlxEN]
C:\WINDOWS\system32\IfxWlxEN.dll [2006-04-07 434176]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-07-21 147456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
C:\WINDOWS\system32\LMIinit.dll [2009-09-28 87352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\OneCard]
C:\Program Files\HPQ\IAM\Bin\AsWlnPkg.dll [2006-06-07 40448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
AsWlnPkg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x91000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Opera\Opera.exe"="C:\Program Files\Opera\Opera.exe:*:Enabled:Opera Internet Browser"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe"="C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\Ventrilo\Ventrilo.exe"="C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"F:\inštalačky\Half-life 2\hl2.exe"="F:\inštalačky\Half-life 2\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"E:\Medal of Honor Pacific Assault(tm)\mohpa.exe"="E:\Medal of Honor Pacific Assault(tm)\mohpa.exe:*:Enabled:Medal of Honor Pacific Assault(tm)"
"C:\Program Files\Tunngle\tnglctrl.exe"="C:\Program Files\Tunngle\tnglctrl.exe:*:Enabled:Tunngle Service"
"C:\Program Files\Tunngle\tunngle.exe"="C:\Program Files\Tunngle\tunngle.exe:*:Enabled:Tunngle Client"
"F:\Dark Crusade\Dawn of War - Dark Crusade\DarkCrusade.exe"="F:\Dark Crusade\Dawn of War - Dark Crusade\DarkCrusade.exe:*:Enabled:DarkCrusade"
"C:\WINDOWS\system32\svchost.exe"="C:\WINDOWS\system32\svchost.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\services.exe"="C:\WINDOWS\system32\services.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Counter-Strike 1.6\hl.exe"="C:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe"="C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon"
"\??\C:\WINDOWS\system32\winlogon.exe"="\??\C:\WINDOWS\system32\winlogon.exe:*:Enabled:@xpsp2res.dll,-22019"
"F:\StarCraft II\Versions\Base15405\SC2.exe"="F:\StarCraft II\Versions\Base15405\SC2.exe:*:Enabled:StarCraft II"
"F:\War\lancraft.exe"="F:\War\lancraft.exe:*:Enabled:lancraft"
"F:\War\Warcraft III.exe"="F:\War\Warcraft III.exe:*:Enabled:Warcraft III"
"F:\DoD\Day of Defeat\hl.exe"="F:\DoD\Day of Defeat\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\svchost.exe"="C:\WINDOWS\system32\svchost.exe:*:Enabled:@xpsp2res.dll,-22019"
"\??\C:\WINDOWS\system32\winlogon.exe"="\??\C:\WINDOWS\system32\winlogon.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\services.exe"="C:\WINDOWS\system32\services.exe:*:Enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2010-10-15 21:22:19 ----A---- C:\WINDOWS\ntbtlog.txt
2010-10-15 20:10:01 ----A---- C:\WINDOWS\system32\pwd.dll
2010-10-13 22:25:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2010-10-13 22:24:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2279986$
2010-10-13 22:24:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2010-10-13 22:24:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2010-10-13 22:24:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2010-10-13 22:24:08 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2010-10-13 22:23:53 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2010-10-13 22:20:44 ----HDC---- C:\WINDOWS\$NtUninstallKB981957$
2010-10-13 22:20:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2010-10-09 11:55:27 ----D---- C:\Program Files\Common Files\Skype
2010-10-09 11:55:24 ----RD---- C:\Program Files\Skype
2010-09-29 14:39:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2158563$
2010-09-27 11:27:54 ----D---- C:\Program Files\Steam
2010-09-22 18:54:27 ----D---- C:\Program Files\All Ten Fingers
2010-09-19 09:15:26 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Scene Sound
2010-09-19 09:14:36 ----D---- C:\Program Files\Scene Sound
2010-09-18 15:50:08 ----D---- C:\ATF
2010-09-18 13:39:20 ----D---- C:\WINDOWS\ie8updates
2010-09-18 13:38:18 ----A---- C:\WINDOWS\imsins.BAK
2010-09-18 13:36:28 ----HDC---- C:\WINDOWS\ie8
2010-09-17 14:59:23 ----D---- C:\rsit
2010-09-17 14:50:42 ----D---- C:\Program Files\CCleaner
======List of files/folders modified in the last 1 months======
2010-10-15 21:24:33 ----D---- C:\Program Files\Trend Micro
2010-10-15 21:22:19 ----D---- C:\WINDOWS
2010-10-15 20:27:48 ----D---- C:\WINDOWS\Internet Logs
2010-10-15 20:25:17 ----D---- C:\WINDOWS\Prefetch
2010-10-15 20:24:37 ----D---- C:\WINDOWS\Temp
2010-10-15 20:10:01 ----D---- C:\WINDOWS\system32
2010-10-15 20:09:35 ----D---- C:\WINDOWS\system32\CatRoot2
2010-10-15 20:08:06 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Skype
2010-10-15 20:05:00 ----D---- C:\Documents and Settings\Administrator\Data aplikací\skypePM
2010-10-15 17:16:36 ----D---- C:\Program Files\Mozilla Firefox
2010-10-15 16:52:45 ----D---- C:\Documents and Settings\Administrator\Data aplikací\vlc
2010-10-15 13:23:19 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-10-15 11:30:45 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Mumble
2010-10-14 21:33:56 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Tunngle
2010-10-13 22:25:17 ----HD---- C:\WINDOWS\inf
2010-10-13 22:25:15 ----RSHD---- C:\WINDOWS\system32\dllcache
2010-10-13 22:25:03 ----HD---- C:\WINDOWS\$hf_mig$
2010-10-13 22:24:44 ----D---- C:\WINDOWS\system32\drivers
2010-10-13 22:24:30 ----D---- C:\WINDOWS\WinSxS
2010-10-13 22:23:37 ----D---- C:\Program Files\Internet Explorer
2010-10-13 22:20:53 ----A---- C:\WINDOWS\system32\MRT.exe
2010-10-10 08:19:10 ----D---- C:\Config.Msi
2010-10-09 11:55:34 ----SHD---- C:\WINDOWS\Installer
2010-10-09 11:55:27 ----D---- C:\Program Files\Common Files
2010-10-09 11:55:24 ----D---- C:\Program Files
2010-10-09 11:55:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2010-10-09 08:23:24 ----D---- C:\Program Files\Common Files\Adobe
2010-10-09 08:23:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-10-09 08:23:15 ----D---- C:\Program Files\Adobe
2010-10-08 14:51:40 ----D---- C:\WINDOWS\Microsoft.NET
2010-10-08 14:51:36 ----RSD---- C:\WINDOWS\assembly
2010-10-07 06:57:36 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-10-06 08:51:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\Blizzard Entertainment
2010-10-06 07:01:44 ----D---- C:\Program Files\BitTorrent
2010-10-05 21:16:48 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2010-10-05 20:11:14 ----D---- C:\Documents and Settings\Administrator\Data aplikací\BitTorrent
2010-10-04 18:09:25 ----D---- C:\WINDOWS\system32\config
2010-10-04 14:57:10 ----HD---- C:\Program Files\InstallShield Installation Information
2010-10-04 14:57:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
2010-10-04 13:22:36 ----D---- C:\Program Files\Ubisoft
2010-10-04 13:22:31 ----D---- C:\WINDOWS\system32\DirectX
2010-09-19 09:37:57 ----AC---- C:\WINDOWS\wincmd.ini
2010-09-18 15:03:24 ----D---- C:\WINDOWS\system32\cs-cz
2010-09-18 15:03:23 ----D---- C:\WINDOWS\Media
2010-09-18 15:03:23 ----D---- C:\WINDOWS\Help
2010-09-18 13:34:21 ----D---- C:\WINDOWS\Debug
2010-09-18 12:23:38 ----A---- C:\WINDOWS\system32\mfc42u.dll
2010-09-18 08:53:37 ----A---- C:\WINDOWS\system32\mfc42.dll
2010-09-18 08:53:37 ----A---- C:\WINDOWS\system32\mfc40u.dll
2010-09-18 08:53:37 ----A---- C:\WINDOWS\system32\mfc40.dll
2010-09-17 14:56:26 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-09-17 13:30:29 ----D---- C:\WINDOWS\system32\drivers\etc
2010-09-17 13:30:23 ----SD---- C:\WINDOWS\Tasks
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel RAID Controller; C:\WINDOWS\System32\DRIVERS\iaStor.sys [2006-07-06 246784]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-03-31 44944]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-05-17 50176]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2005-05-16 19968]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\WINDOWS\System32\drivers\psd.sys [2006-04-07 31104]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2006-04-25 36608]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-07-07 697328]
S0 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys []
S1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-06-28 28880]
S1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-06-28 165456]
S1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-06-28 46672]
S1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
S1 P3;Ovladač procesoru Intel PentiumIII; C:\WINDOWS\system32\DRIVERS\p3.sys [2008-04-14 46592]
S1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
S1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
S1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2010-05-13 532224]
S2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-06-28 17744]
S2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-06-28 100176]
S2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2007-08-26 271360]
S2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2007-08-26 18048]
S2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys []
S2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []
S3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-06-28 23376]
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-02-11 3565056]
S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-15 15295]
S3 CnxEtP;Conexant AccessRunner USB ADSL WAN Adapter Filter Driver; C:\WINDOWS\system32\DRIVERS\CnxEtP.sys [2004-04-28 60288]
S3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver; C:\WINDOWS\system32\DRIVERS\CnxEtU.sys [2004-04-28 646400]
S3 CnxTgN;Conexant AccessRunner USB ADSL WAN Adapter Driver; C:\WINDOWS\system32\DRIVERS\CnxTgN.sys [2004-04-29 108771]
S3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-10-24 117760]
S3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2006-07-19 230400]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-05-07 10345]
S3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2006-07-25 43392]
S3 i81x;i81x; C:\WINDOWS\system32\DRIVERS\i81xnt5.sys [2004-08-03 161020]
S3 iAimFP0;iAimFP0; C:\WINDOWS\system32\DRIVERS\wADV01nt.sys [2004-08-03 12415]
S3 iAimFP1;iAimFP1; C:\WINDOWS\system32\DRIVERS\wADV02NT.sys [2004-08-03 12127]
S3 iAimFP2;iAimFP2; C:\WINDOWS\system32\DRIVERS\wADV05NT.sys [2004-08-03 11775]
S3 iAimFP3;iAimFP3; C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys [2004-08-03 12063]
S3 iAimFP4;iAimFP4; C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys [2004-08-03 19455]
S3 iAimFP5;iAimFP5; C:\WINDOWS\system32\DRIVERS\wADV07nt.sys [2004-08-03 11807]
S3 iAimFP6;iAimFP6; C:\WINDOWS\system32\DRIVERS\wADV08nt.sys [2004-08-03 11295]
S3 iAimFP7;iAimFP7; C:\WINDOWS\system32\DRIVERS\wADV09nt.sys [2004-08-03 11871]
S3 iAimTV0;iAimTV0; C:\WINDOWS\system32\DRIVERS\wATV01nt.sys [2004-08-03 29311]
S3 iAimTV1;iAimTV1; C:\WINDOWS\system32\DRIVERS\wATV02NT.sys [2004-08-03 19551]
S3 iAimTV3;iAimTV3; C:\WINDOWS\system32\DRIVERS\wATV04nt.sys [2004-08-03 33599]
S3 iAimTV4;iAimTV4; C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys [2004-08-03 23615]
S3 iAimTV5;iAimTV5; C:\WINDOWS\system32\DRIVERS\wATV10nt.sys [2004-08-03 25471]
S3 iAimTV6;iAimTV6; C:\WINDOWS\system32\DRIVERS\wATV06nt.sys [2004-08-03 22271]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2006-07-21 1095968]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-06-08 6056040]
S3 LgBttPort;LGE Bluetooth TransPort; C:\WINDOWS\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]
S3 LGVMODEM;LGE Virtual Modem; C:\WINDOWS\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]
S3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2008-08-11 10144]
S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys []
S3 NAL;Nal Service ; \??\C:\WINDOWS\system32\Drivers\iqvw32.sys []
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-07-20 3198368]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\WINDOWS\system32\DRIVERS\s1039bus.sys [2009-11-19 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s1039mdfl.sys [2009-11-19 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s1039mdm.sys [2009-11-19 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s1039mgmt.sys [2009-11-19 117872]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s1039obex.sys [2009-11-19 113904]
S3 s716bus;Sony Ericsson Device 716 driver (WDM); C:\WINDOWS\system32\DRIVERS\s716bus.sys [2007-04-04 83208]
S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s716mdfl.sys [2007-04-04 15112]
S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s716mdm.sys [2007-04-04 108552]
S3 s716mgmt;Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s716mgmt.sys [2007-04-04 100360]
S3 s716nd5;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS); C:\WINDOWS\system32\DRIVERS\s716nd5.sys [2007-04-04 23176]
S3 s716obex;Sony Ericsson Device 716 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s716obex.sys [2007-04-04 98568]
S3 s716unic;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM); C:\WINDOWS\system32\DRIVERS\s716unic.sys [2007-04-04 98952]
S3 s816bus;Sony Ericsson Device 816 driver (WDM); C:\WINDOWS\system32\DRIVERS\s816bus.sys [2007-06-19 81832]
S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s816mdfl.sys [2007-06-19 13864]
S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s816mdm.sys [2007-06-19 107304]
S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s816obex.sys [2007-06-19 97320]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\WINDOWS\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-11-19 13056]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-11-19 19968]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-11-19 24832]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 w200bus;Sony Ericsson W200 driver (WDM); C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 61504]
S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-11-07 9328]
S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-11-07 97056]
S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w200mgmt.sys [2006-11-07 88560]
S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w200obex.sys [2006-11-07 86368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 adpu320;adpu320; C:\WINDOWS\system32\DRIVERS\adpu320.sys [2002-05-08 105472]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []
S4 Symmpi;Symmpi; C:\WINDOWS\system32\DRIVERS\symmpi.sys [2002-04-04 28416]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 ASChannel;Local Communication Channel; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-02-11 602112]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2010-02-10 593920]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
S2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
S2 IFXSpMgtSrv;Security Platform Management Service; C:\WINDOWS\system32\IFXSPMGT.exe [2006-04-24 516096]
S2 IFXTCS;Trusted Platform Core Service; C:\WINDOWS\system32\IFXTCS.exe [2006-04-07 745472]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-07-20 127043]
S2 PCA;PC Angel; C:\WINDOWS\SMINST\PCAngel.exe [2006-06-13 364544]
S2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2006-07-14 534040]
S2 PersonalSecureDriveService;Personal Secure Drive Service; C:\Program Files\ProtectTools\Embedded Security Software\PSDsrvc.EXE [2006-04-07 94208]
S2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
S2 TunngleService;TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [2010-07-06 716024]
S2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2010-06-23 2435592]
S2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 gupdate1ca0add293f1772;Služba Google Update (gupdate1ca0add293f1772); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-22 133104]
S4 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-22 190448]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-07-26 153376]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
- Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: exe súbory nefungujú a počítač sa nechce reštartovať
Ještě poprosím o log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:

e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: exe súbory nefungujú a počítač sa nechce reštartovať
ComboFix 10-10-14.04 - Administrator . 10. 2010 22:13:51.1.2 - x86 NETWORK
Running from: c:\documents and settings\Administrator\Plocha\ComboFix.exe
FW: Sunbelt Kerio Personal Firewall *enabled* {E659E0EE-10E6-49B7-8696-60F38D0EB174}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Administrator\Dokumenty\cc_20100917_145429.reg
.
((((((((((((((((((((((((( Files Created from 2010-09-15 to 2010-10-15 )))))))))))))))))))))))))))))))
.
2010-10-15 18:08 . 2010-10-15 18:08 0 ----a-w- c:\documents and settings\Administrator\ntuser.tmp
2010-10-13 06:15 . 2010-09-18 06:53 974848 ------w- c:\windows\system32\dllcache\mfc42.dll
2010-10-13 06:15 . 2010-09-18 06:53 954368 ------w- c:\windows\system32\dllcache\mfc40.dll
2010-10-13 06:15 . 2010-09-18 06:53 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll
2010-10-13 06:15 . 2010-08-23 16:12 617472 ------w- c:\windows\system32\dllcache\comctl32.dll
2010-10-09 09:55 . 2010-10-09 09:55 -------- d-----w- c:\program files\Common Files\Skype
2010-10-09 09:55 . 2010-10-09 09:55 -------- d-----r- c:\program files\Skype
2010-10-07 04:55 . 2010-10-07 04:55 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-10-06 09:10 . 2010-10-06 09:10 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2010-10-04 11:26 . 2010-10-04 11:26 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\storage
2010-10-01 11:41 . 2010-10-01 11:41 -------- d-sh--w- c:\documents and settings\Administrator\IECompatCache
2010-09-27 09:27 . 2010-09-29 06:39 -------- d-----w- c:\program files\Steam
2010-09-27 09:10 . 2010-09-27 09:10 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Oblivion
2010-09-22 16:54 . 2010-09-22 16:58 -------- d-----w- c:\program files\All Ten Fingers
2010-09-22 16:10 . 2010-09-22 16:10 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2010-09-22 16:10 . 2010-09-22 16:10 103864 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2010-09-19 07:15 . 2010-09-20 09:49 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\Scene Sound
2010-09-19 07:14 . 2010-09-19 07:14 -------- d-----w- c:\program files\Scene Sound
2010-09-18 13:50 . 2010-09-18 13:50 -------- d-----w- C:\ATF
2010-09-18 13:03 . 2010-09-18 13:03 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-09-18 11:36 . 2010-09-18 11:38 -------- dc-h--w- c:\windows\ie8
2010-09-18 11:33 . 2010-06-18 11:39 16896 ------w- c:\windows\system32\dllcache\iecompat.dll
2010-09-18 11:33 . 2010-09-10 05:52 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2010-09-18 11:33 . 2010-09-10 05:52 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll
2010-09-18 11:33 . 2010-09-10 05:52 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll
2010-09-17 12:59 . 2010-09-17 12:59 -------- d-----w- C:\rsit
2010-09-17 12:50 . 2010-09-17 12:50 -------- d-----w- c:\program files\CCleaner
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-07-21 98304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-07-21 86016]
"Persistence"="c:\windows\system32\igfxpers.exe" [2006-07-21 81920]
"CognizanceTS"="c:\progra~1\HPQ\IAM\Bin\AsTsVcc.dll" [2003-12-22 17920]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440]
"RTHDCPL"="RTHDCPL.EXE" [2010-06-08 19552872]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2010-06-23 1043968]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2007-10-11 29984]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2007-10-11 46368]
"PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2009-02-10 745472]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2007-10-30 77824]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Administrator\Nabˇdka Start\Programy\Po spuçtŘnˇ\AutorunsDisabled
Lingea Update Center.lnk - c:\program files\Common Files\Lingea Shared\luc.exe [2010-3-28 167936]
c:\documents and settings\Administrator\Nabˇdka Start\Programy\Po spuçtŘnˇ\AutorunsDisabled
Lingea Update Center.lnk - c:\program files\Common Files\Lingea Shared\luc.exe [2010-3-28 167936]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IfxWlxEN]
2006-04-07 04:00 434176 ----a-w- c:\windows\system32\IfxWlxEN.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2009-09-28 18:34 87352 ----a-w- c:\windows\system32\LMIinit.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]
2006-06-07 19:26 40448 ----a-w- c:\program files\HPQ\IAM\Bin\AsWlnPkg.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\wbsys.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /M:a78a50c0b6aa
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"SpybotSD TeaTimer"=c:\program files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Opera\\Opera.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\Administrator\\Local Settings\\Data aplikací\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Miranda IM\\miranda32.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"f:\\inštalačky\\Half-life 2\\hl2.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Tunngle\\tnglctrl.exe"=
"c:\\Program Files\\Tunngle\\tunngle.exe"=
"f:\\Dark Crusade\\Dawn of War - Dark Crusade\\DarkCrusade.exe"=
"c:\\Program Files\\Counter-Strike 1.6\\hl.exe"=
"c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=
"f:\\StarCraft II\\Versions\\Base15405\\SC2.exe"=
"f:\\War\\lancraft.exe"=
"f:\\War\\Warcraft III.exe"=
"f:\\DoD\\Day of Defeat\\hl.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"7649:TCP"= 7649:TCP:BitComet 7649 TCP
"7649:UDP"= 7649:UDP:BitComet 7649 UDP
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"4719:TCP"= 4719:TCP:4719
"6112:TCP"= 6112:TCP:wclan
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundTimestampRequest"= 1 (0x1)
"AllowInboundMaskRequest"= 1 (0x1)
"AllowInboundRouterRequest"= 1 (0x1)
"AllowOutboundDestinationUnreachable"= 1 (0x1)
"AllowOutboundSourceQuench"= 1 (0x1)
"AllowOutboundParameterProblem"= 1 (0x1)
"AllowOutboundTimeExceeded"= 1 (0x1)
"AllowRedirect"= 1 (0x1)
"AllowOutboundPacketTooBig"= 1 (0x1)
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [17. 8. 2007 10:05 697328]
R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [7. 4. 2006 6:46 31104]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17. 2. 2010 20:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10. 5. 2010 20:41 67656]
R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [2. 3. 2006 4:00 14336]
R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [27. 5. 2007 9:17 534040]
R2 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [1. 4. 2010 14:25 716024]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [27. 5. 2007 18:05 36608]
R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\drivers\lgbtport.sys [29. 9. 2009 8:11 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\drivers\lgbtbus.sys [29. 9. 2009 8:11 10496]
R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\drivers\lgvmodem.sys [29. 9. 2009 8:11 12928]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\drivers\tap0901t.sys [1. 4. 2010 14:25 27136]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\x86\RaInfo.sys --> c:\program files\LogMeIn\x86\RaInfo.sys [?]
S3 CnxEtP;Conexant AccessRunner USB ADSL WAN Adapter Filter Driver;c:\windows\system32\drivers\CnxEtP.sys [25. 6. 2007 14:27 60288]
S3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver;c:\windows\system32\drivers\CnxEtU.sys [25. 6. 2007 14:27 646400]
S3 CnxTgN;Conexant AccessRunner USB ADSL WAN Adapter Driver;c:\windows\system32\drivers\CnxTgN.sys [25. 6. 2007 14:27 108771]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\drivers\s1039bus.sys [19. 11. 2009 13:06 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\drivers\s1039mdfl.sys [19. 11. 2009 13:06 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\drivers\s1039mdm.sys [19. 11. 2009 13:06 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1039mgmt.sys [19. 11. 2009 13:06 117872]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\drivers\s1039obex.sys [19. 11. 2009 13:06 113904]
S3 s816bus;Sony Ericsson Device 816 driver (WDM);c:\windows\system32\drivers\s816bus.sys [29. 6. 2008 11:43 81832]
S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter;c:\windows\system32\drivers\s816mdfl.sys [29. 6. 2008 11:43 13864]
S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver;c:\windows\system32\drivers\s816mdm.sys [29. 6. 2008 11:43 107304]
S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface;c:\windows\system32\drivers\s816obex.sys [29. 6. 2008 11:43 97320]
S4 gupdate1ca0add293f1772;Služba Google Update (gupdate1ca0add293f1772);c:\program files\Google\Update\GoogleUpdate.exe [22. 7. 2009 17:00 133104]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Cognizance REG_MULTI_SZ ASChannel
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://start.icq.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
mWindow Title = Microsoft Internet Explorer
uInternet Connection Wizard,ShellNext = hxxp://www.hp.com/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Free YouTube to Mp3 Converter - c:\documents and settings\Administrator\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
FF - ProfilePath - c:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\om1io1li.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxps://login.uniba.sk/?cosign-filter-ais2.uniba.sk&https://ais2.uniba.sk/ais/login.do;jses ... 4.server12
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npracplug.dll
FF - plugin: c:\program files\Real\RealArcade\Plugins\Mozilla\npracplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.
- - - - ORPHANS REMOVED - - - -
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
Notify-AutorunsDisabled - c:\program files\Stardock\Object Desktop\ThemeManager\fastload.dll
AddRemove-WinImage - c:\docume~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.953\winimage.exe
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-2412019507-36399043-1441610642-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,aa,27,1c,d7,f4,6a,71,43,97,ae,41,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,aa,27,1c,d7,f4,6a,71,43,97,ae,41,\
[HKEY_USERS\S-1-5-21-2412019507-36399043-1441610642-500\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
@SACL=
[HKEY_USERS\S-1-5-21-2412019507-36399043-1441610642-500\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:9a,a2,5c,b2,34,2c,76,cf,73,c5,12,68,b0,b6,68,9f,d9,ae,d4,71,b5,48,9d,
10,5b,b0,ab,ba,9b,60,c1,fc,48,d8,1a,7f,86,0c,de,dc,7d,a1,6b,0e,4c,84,b5,07,\
"??"=hex:b2,f2,ba,7c,d5,1a,d0,d0,5a,47,4f,7b,1b,01,73,5f
[HKEY_USERS\S-1-5-21-2412019507-36399043-1441610642-500\Software\SecuROM\License information*]
"datasecu"=hex:a5,d6,56,c8,d4,6d,d2,48,9f,0a,dd,9c,af,83,af,a8,d5,6c,c5,65,68,
0a,6d,fd,a7,84,e8,08,a6,1a,0f,a3,2a,69,89,1a,75,05,22,f6,c5,7a,0a,b5,96,a9,\
"rkeysecu"=hex:39,8e,b4,03,43,b1,cb,7f,cd,57,48,f4,e3,f0,30,67
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(948)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\LMIinit.dll
c:\program files\HPQ\IAM\Bin\AsWlnPkg.dll
c:\windows\system32\LMIRfsClientNP.dll
c:\windows\system32\IfxWlxEN.dll
- - - - - - - > 'explorer.exe'(3824)
c:\program files\HPQ\IAM\Bin\SFSShell.dll
c:\program files\HPQ\IAM\bin\ItMsg.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
c:\windows\system32\LMIRfsClientNP.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\HPQ\IAM\bin\asghost.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\IFXSPMGT.exe
c:\windows\system32\IFXTCS.exe
c:\program files\ProtectTools\Embedded Security Software\PSDsrvc.EXE
c:\program files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\system32\wscntfy.exe
c:\program files\ProtectTools\Embedded Security Software\PSDrt.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\windows\RTHDCPL.EXE
c:\program files\Brother\Brmfcmon\BrMfcmon.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Completion time: 2010-10-15 22:31:57 - machine was rebooted
ComboFix-quarantined-files.txt 2010-10-15 20:31
Pre-Run: Volných bajtů: 19 868 962 816
Post-Run: Volných bajtů: 18 812 084 224
- - End Of File - - FBF89DC8A16F1712973087BB730699CC
Running from: c:\documents and settings\Administrator\Plocha\ComboFix.exe
FW: Sunbelt Kerio Personal Firewall *enabled* {E659E0EE-10E6-49B7-8696-60F38D0EB174}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Administrator\Dokumenty\cc_20100917_145429.reg
.
((((((((((((((((((((((((( Files Created from 2010-09-15 to 2010-10-15 )))))))))))))))))))))))))))))))
.
2010-10-15 18:08 . 2010-10-15 18:08 0 ----a-w- c:\documents and settings\Administrator\ntuser.tmp
2010-10-13 06:15 . 2010-09-18 06:53 974848 ------w- c:\windows\system32\dllcache\mfc42.dll
2010-10-13 06:15 . 2010-09-18 06:53 954368 ------w- c:\windows\system32\dllcache\mfc40.dll
2010-10-13 06:15 . 2010-09-18 06:53 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll
2010-10-13 06:15 . 2010-08-23 16:12 617472 ------w- c:\windows\system32\dllcache\comctl32.dll
2010-10-09 09:55 . 2010-10-09 09:55 -------- d-----w- c:\program files\Common Files\Skype
2010-10-09 09:55 . 2010-10-09 09:55 -------- d-----r- c:\program files\Skype
2010-10-07 04:55 . 2010-10-07 04:55 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-10-06 09:10 . 2010-10-06 09:10 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2010-10-04 11:26 . 2010-10-04 11:26 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\storage
2010-10-01 11:41 . 2010-10-01 11:41 -------- d-sh--w- c:\documents and settings\Administrator\IECompatCache
2010-09-27 09:27 . 2010-09-29 06:39 -------- d-----w- c:\program files\Steam
2010-09-27 09:10 . 2010-09-27 09:10 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Oblivion
2010-09-22 16:54 . 2010-09-22 16:58 -------- d-----w- c:\program files\All Ten Fingers
2010-09-22 16:10 . 2010-09-22 16:10 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2010-09-22 16:10 . 2010-09-22 16:10 103864 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2010-09-19 07:15 . 2010-09-20 09:49 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\Scene Sound
2010-09-19 07:14 . 2010-09-19 07:14 -------- d-----w- c:\program files\Scene Sound
2010-09-18 13:50 . 2010-09-18 13:50 -------- d-----w- C:\ATF
2010-09-18 13:03 . 2010-09-18 13:03 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-09-18 11:36 . 2010-09-18 11:38 -------- dc-h--w- c:\windows\ie8
2010-09-18 11:33 . 2010-06-18 11:39 16896 ------w- c:\windows\system32\dllcache\iecompat.dll
2010-09-18 11:33 . 2010-09-10 05:52 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2010-09-18 11:33 . 2010-09-10 05:52 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll
2010-09-18 11:33 . 2010-09-10 05:52 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll
2010-09-17 12:59 . 2010-09-17 12:59 -------- d-----w- C:\rsit
2010-09-17 12:50 . 2010-09-17 12:50 -------- d-----w- c:\program files\CCleaner
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-07-21 98304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-07-21 86016]
"Persistence"="c:\windows\system32\igfxpers.exe" [2006-07-21 81920]
"CognizanceTS"="c:\progra~1\HPQ\IAM\Bin\AsTsVcc.dll" [2003-12-22 17920]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440]
"RTHDCPL"="RTHDCPL.EXE" [2010-06-08 19552872]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2010-06-23 1043968]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2007-10-11 29984]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2007-10-11 46368]
"PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2009-02-10 745472]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2007-10-30 77824]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Administrator\Nabˇdka Start\Programy\Po spuçtŘnˇ\AutorunsDisabled
Lingea Update Center.lnk - c:\program files\Common Files\Lingea Shared\luc.exe [2010-3-28 167936]
c:\documents and settings\Administrator\Nabˇdka Start\Programy\Po spuçtŘnˇ\AutorunsDisabled
Lingea Update Center.lnk - c:\program files\Common Files\Lingea Shared\luc.exe [2010-3-28 167936]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IfxWlxEN]
2006-04-07 04:00 434176 ----a-w- c:\windows\system32\IfxWlxEN.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2009-09-28 18:34 87352 ----a-w- c:\windows\system32\LMIinit.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]
2006-06-07 19:26 40448 ----a-w- c:\program files\HPQ\IAM\Bin\AsWlnPkg.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\wbsys.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /M:a78a50c0b6aa
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"SpybotSD TeaTimer"=c:\program files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Opera\\Opera.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\Administrator\\Local Settings\\Data aplikací\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Miranda IM\\miranda32.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"f:\\inštalačky\\Half-life 2\\hl2.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Tunngle\\tnglctrl.exe"=
"c:\\Program Files\\Tunngle\\tunngle.exe"=
"f:\\Dark Crusade\\Dawn of War - Dark Crusade\\DarkCrusade.exe"=
"c:\\Program Files\\Counter-Strike 1.6\\hl.exe"=
"c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=
"f:\\StarCraft II\\Versions\\Base15405\\SC2.exe"=
"f:\\War\\lancraft.exe"=
"f:\\War\\Warcraft III.exe"=
"f:\\DoD\\Day of Defeat\\hl.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"7649:TCP"= 7649:TCP:BitComet 7649 TCP
"7649:UDP"= 7649:UDP:BitComet 7649 UDP
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"4719:TCP"= 4719:TCP:4719
"6112:TCP"= 6112:TCP:wclan
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundTimestampRequest"= 1 (0x1)
"AllowInboundMaskRequest"= 1 (0x1)
"AllowInboundRouterRequest"= 1 (0x1)
"AllowOutboundDestinationUnreachable"= 1 (0x1)
"AllowOutboundSourceQuench"= 1 (0x1)
"AllowOutboundParameterProblem"= 1 (0x1)
"AllowOutboundTimeExceeded"= 1 (0x1)
"AllowRedirect"= 1 (0x1)
"AllowOutboundPacketTooBig"= 1 (0x1)
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [17. 8. 2007 10:05 697328]
R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [7. 4. 2006 6:46 31104]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17. 2. 2010 20:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10. 5. 2010 20:41 67656]
R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [2. 3. 2006 4:00 14336]
R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [27. 5. 2007 9:17 534040]
R2 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [1. 4. 2010 14:25 716024]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [27. 5. 2007 18:05 36608]
R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\drivers\lgbtport.sys [29. 9. 2009 8:11 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\drivers\lgbtbus.sys [29. 9. 2009 8:11 10496]
R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\drivers\lgvmodem.sys [29. 9. 2009 8:11 12928]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\drivers\tap0901t.sys [1. 4. 2010 14:25 27136]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\x86\RaInfo.sys --> c:\program files\LogMeIn\x86\RaInfo.sys [?]
S3 CnxEtP;Conexant AccessRunner USB ADSL WAN Adapter Filter Driver;c:\windows\system32\drivers\CnxEtP.sys [25. 6. 2007 14:27 60288]
S3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver;c:\windows\system32\drivers\CnxEtU.sys [25. 6. 2007 14:27 646400]
S3 CnxTgN;Conexant AccessRunner USB ADSL WAN Adapter Driver;c:\windows\system32\drivers\CnxTgN.sys [25. 6. 2007 14:27 108771]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\drivers\s1039bus.sys [19. 11. 2009 13:06 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\drivers\s1039mdfl.sys [19. 11. 2009 13:06 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\drivers\s1039mdm.sys [19. 11. 2009 13:06 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1039mgmt.sys [19. 11. 2009 13:06 117872]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\drivers\s1039obex.sys [19. 11. 2009 13:06 113904]
S3 s816bus;Sony Ericsson Device 816 driver (WDM);c:\windows\system32\drivers\s816bus.sys [29. 6. 2008 11:43 81832]
S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter;c:\windows\system32\drivers\s816mdfl.sys [29. 6. 2008 11:43 13864]
S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver;c:\windows\system32\drivers\s816mdm.sys [29. 6. 2008 11:43 107304]
S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface;c:\windows\system32\drivers\s816obex.sys [29. 6. 2008 11:43 97320]
S4 gupdate1ca0add293f1772;Služba Google Update (gupdate1ca0add293f1772);c:\program files\Google\Update\GoogleUpdate.exe [22. 7. 2009 17:00 133104]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Cognizance REG_MULTI_SZ ASChannel
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://start.icq.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
mWindow Title = Microsoft Internet Explorer
uInternet Connection Wizard,ShellNext = hxxp://www.hp.com/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Free YouTube to Mp3 Converter - c:\documents and settings\Administrator\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
FF - ProfilePath - c:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\om1io1li.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxps://login.uniba.sk/?cosign-filter-ais2.uniba.sk&https://ais2.uniba.sk/ais/login.do;jses ... 4.server12
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npracplug.dll
FF - plugin: c:\program files\Real\RealArcade\Plugins\Mozilla\npracplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.
- - - - ORPHANS REMOVED - - - -
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
Notify-AutorunsDisabled - c:\program files\Stardock\Object Desktop\ThemeManager\fastload.dll
AddRemove-WinImage - c:\docume~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.953\winimage.exe
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-2412019507-36399043-1441610642-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,aa,27,1c,d7,f4,6a,71,43,97,ae,41,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,aa,27,1c,d7,f4,6a,71,43,97,ae,41,\
[HKEY_USERS\S-1-5-21-2412019507-36399043-1441610642-500\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
@SACL=
[HKEY_USERS\S-1-5-21-2412019507-36399043-1441610642-500\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:9a,a2,5c,b2,34,2c,76,cf,73,c5,12,68,b0,b6,68,9f,d9,ae,d4,71,b5,48,9d,
10,5b,b0,ab,ba,9b,60,c1,fc,48,d8,1a,7f,86,0c,de,dc,7d,a1,6b,0e,4c,84,b5,07,\
"??"=hex:b2,f2,ba,7c,d5,1a,d0,d0,5a,47,4f,7b,1b,01,73,5f
[HKEY_USERS\S-1-5-21-2412019507-36399043-1441610642-500\Software\SecuROM\License information*]
"datasecu"=hex:a5,d6,56,c8,d4,6d,d2,48,9f,0a,dd,9c,af,83,af,a8,d5,6c,c5,65,68,
0a,6d,fd,a7,84,e8,08,a6,1a,0f,a3,2a,69,89,1a,75,05,22,f6,c5,7a,0a,b5,96,a9,\
"rkeysecu"=hex:39,8e,b4,03,43,b1,cb,7f,cd,57,48,f4,e3,f0,30,67
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(948)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\LMIinit.dll
c:\program files\HPQ\IAM\Bin\AsWlnPkg.dll
c:\windows\system32\LMIRfsClientNP.dll
c:\windows\system32\IfxWlxEN.dll
- - - - - - - > 'explorer.exe'(3824)
c:\program files\HPQ\IAM\Bin\SFSShell.dll
c:\program files\HPQ\IAM\bin\ItMsg.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
c:\windows\system32\LMIRfsClientNP.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\HPQ\IAM\bin\asghost.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\IFXSPMGT.exe
c:\windows\system32\IFXTCS.exe
c:\program files\ProtectTools\Embedded Security Software\PSDsrvc.EXE
c:\program files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\system32\wscntfy.exe
c:\program files\ProtectTools\Embedded Security Software\PSDrt.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\windows\RTHDCPL.EXE
c:\program files\Brother\Brmfcmon\BrMfcmon.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Completion time: 2010-10-15 22:31:57 - machine was rebooted
ComboFix-quarantined-files.txt 2010-10-15 20:31
Pre-Run: Volných bajtů: 19 868 962 816
Post-Run: Volných bajtů: 18 812 084 224
- - End Of File - - FBF89DC8A16F1712973087BB730699CC
- Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: exe súbory nefungujú a počítač sa nechce reštartovať
CF něco smazal, zbytek logu vypadá čistý. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:

e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: exe súbory nefungujú a počítač sa nechce reštartovať
No zdá sa, že už je to v poriadku. Inštalovať ide, reštart funguje a programi reagujú.
Ale čo to preboha bolo za potvoru? Ono tu nejak stupňovite prestavalo všetko fungovať, až to chvilu vyzeralo, že sa nedostanem ani na net.
Ale čo to preboha bolo za potvoru? Ono tu nejak stupňovite prestavalo všetko fungovať, až to chvilu vyzeralo, že sa nedostanem ani na net.
- Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: exe súbory nefungujú a počítač sa nechce reštartovať
Nějaký problém v registry. Ze souborů to smazalo jen zálohu CCleaneru. Jinak jsem tam nic nenašel.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:

e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: exe súbory nefungujú a počítač sa nechce reštartovať
díky moc za pomoc Rudy a za čas, zachránil's ma 

- Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: exe súbory nefungujú a počítač sa nechce reštartovať
Rádo se stalo.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:

e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.