Logfile of random's system information tool 1.06 (written by random/random)
Run by ludek at 2010-11-11 15:33:58
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 136 GB (45%) free of 305 GB
Total RAM: 3071 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:34:20, on 11.11.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Cognex\In-Sight\In-Sight OPC Server 4.4.0\OpcInSightService.exe
C:\WINDOWS\system32\lkcitdl.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\lkads.exe
C:\WINDOWS\system32\lktsrv.exe
C:\Program Files\System Control Manager\MSIService.exe
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Microsoft SQL Server\MSSQL$WINCCFLEXIBLE\Binn\sqlservr.exe
C:\Program Files\National Instruments\MAX\nimxs.exe
C:\WINDOWS\system32\nipalsm.exe
C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
C:\WINDOWS\system32\nipalsm.exe
C:\WINDOWS\system32\nisvcloc.exe
C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe
C:\Program Files\Common Files\OPC Foundation\OPCENUM.EXE
C:\Program Files\Siemens\Step7\S7BIN\s7asysvx.exe
C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
C:\WINDOWS\system32\nipalsm.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\System Control Manager\MGSysCtrl.exe
C:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiES.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\Program Files\National Instruments\NI-DAQ\HWConfig\nidevmon.exe
C:\Program Files\Common Files\Hornet\MntrHrnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Bret Taylor\Stickies\Stickies.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\TC UP\TC UP.exe
C:\Program Files\TC UP\totalcmd.exe
C:\Program Files\Common Files\Siemens\SWS\almsrv\almsrvbubblex.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Common Files\Siemens\Sqlany\dbsrv9.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Free IP Switcher\IpSwitch.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Moje_Ludek\QIP Infium JadrisPack_2\qip.exe
C:\Program Files\TC UP\tcmatch.exe
C:\Program Files\AVG\AVG9\avgui.exe
C:\Program Files\TC UP\PLUGINS\Media\SystemExplorer\SystemExplorer.exe
C:\Program Files\Siemens\Step7\S7BIN\S7tgtopx.exe
C:\WINDOWS\system32\S7OTBXSX.EXE
C:\Program Files\Siemens\Step7\s7bin\s7acmgrx.exe
C:\Program Files\Siemens\Step7\S7SKA\S7KAFAPX.EXE
C:\Program Files\TC UP\PLUGINS\Media\Notepad++\notepad++.exe
C:\Program Files\Siemens\Step7\S7XUT\S7XUDIAX.EXE
C:\Program Files\Seznam.cz\postak.exe
C:\Moje_Ludek\RSIT.exe
C:\Program Files\trend micro\ludek.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.3.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [WinCC flexible Smart Start] "C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe" /startup
O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe
O4 - HKLM\..\Run: [S7UB Start] "C:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe" -StartDB
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [pdfFactory Dispatcher v2] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
O4 - HKLM\..\Run: [niDevMon] C:\Program Files\National Instruments\NI-DAQ\HWConfig\nidevmon.exe
O4 - HKLM\..\Run: [HornetMonitor] C:\Program Files\Common Files\Hornet\MntrHrnt.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files\OSCAR Editor\OscarEditor.exe" Minimum
O4 - HKCU\..\Run: [Stickies] C:\Program Files\Bret Taylor\Stickies\Stickies.exe
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\postak.exe" -s
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: TC UP.lnk = C:\Program Files\TC UP\TC UP.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\program files\national instruments\shared\mdns responder\nimdnsnsp.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = automa.intra
O17 - HKLM\Software\..\Telephony: DomainName = automa.intra
O17 - HKLM\System\CCS\Services\Tcpip\..\{0F59D9C9-FF3D-4A0A-ADCC-AC3DB90AEBAB}: NameServer = 192.168.1.101,215.65.242.210
O17 - HKLM\System\CCS\Services\Tcpip\..\{BC902F51-6E79-4DF2-8777-A3CD3DADA8C7}: NameServer = 192.168.1.101,215.65.242.210
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = automa.intra
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = automa.intra
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Konfigurační služba Atheros (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Automation License Manager Service (almservice) - SIEMENS AG - C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Cognex OPC Server (Cognex.InSight.OpcServer) - Cognex Corporation - C:\Program Files\Cognex\In-Sight\In-Sight OPC Server 4.4.0\OpcInSightService.exe
O23 - Service: Harmony - Rockwell Software Inc. - C:\PROGRA~1\ROCKWE~1\RSCOMMON\RSOBSERV.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\WINDOWS\system32\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments Corporation - C:\WINDOWS\system32\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments Corporation - C:\WINDOWS\system32\lktsrv.exe
O23 - Service: Micro Star SCM - Unknown owner - C:\Program Files\System Control Manager\MSIService.exe
O23 - Service: NI Configuration Manager (mxssvr) - National Instruments Corporation - C:\Program Files\National Instruments\MAX\nimxs.exe
O23 - Service: NI-488.2 Enumeration Service (ni488enumsvc) - National Instruments Corporation - C:\WINDOWS\system32\nipalsm.exe
O23 - Service: NI Device Loader (nidevldu) - National Instruments Corporation - C:\WINDOWS\system32\nipalsm.exe
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments Corporation - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NILM License Manager - Macrovision Corporation - C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe
O23 - Service: National Instruments LXI Discovery Service (niLXIDiscovery) - National Instruments Corporation - C:\Program Files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe
O23 - Service: NI-Motion Device Manager (nimcdldu) - National Instruments Corporation - C:\WINDOWS\system32\nipalsm.exe
O23 - Service: National Instruments mDNS Responder Service (nimDNSResponder) - National Instruments Corporation - C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
O23 - Service: NI PXI Resource Manager (nipxirmu) - National Instruments Corporation - C:\WINDOWS\system32\nipalsm.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corporation - C:\WINDOWS\system32\nisvcloc.exe
O23 - Service: National Instruments Variable Engine (NITaggerService) - National Instruments Corporation - C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe
O23 - Service: OPCEnum (OpcEnum) - Unknown owner - C:\Program Files\Common Files\OPC Foundation\OPCENUM.EXE
O23 - Service: RSLinx - Rockwell Software, Inc. - C:\PROGRA~1\ROCKWE~1\RSLINX\RSLINX.EXE
O23 - Service: S7 Global Services (s7asysvx) - SIEMENS AG - C:\Program Files\Siemens\Step7\S7BIN\s7asysvx.exe
O23 - Service: SIMATIC IEPG Help Service (s7oiehsx) - SIEMENS AG - C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
O23 - Service: S7TraceServiceX - SIEMENS AG - C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
--
End of file - 12641 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2911593314-502746017-3710573361-1134Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2911593314-502746017-3710573361-1134UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-10-26 1623392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Program Files\Seznam.cz\core.3.dll [2010-10-06 1164568]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-08-19 16850944]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-01 61440]
"WinCC flexible Smart Start"=C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe [2010-04-20 118784]
"MGSysCtrl"=C:\Program Files\System Control Manager\MGSysCtrl.exe [2008-08-26 684032]
"S7UB Start"=C:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe [2009-03-09 102453]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-11-09 2069856]
"pdfFactory Dispatcher v2"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe [2004-04-12 425984]
"niDevMon"=C:\Program Files\National Instruments\NI-DAQ\HWConfig\nidevmon.exe [2008-06-18 106576]
"HornetMonitor"=C:\Program Files\Common Files\Hornet\MntrHrnt.exe [2006-05-29 135168]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"OscarEditor"=C:\Program Files\OSCAR Editor\OscarEditor.exe [2009-04-27 3330048]
"Stickies"=C:\Program Files\Bret Taylor\Stickies\Stickies.exe [2007-03-14 335872]
"Seznam Postak"=C:\Program Files\Seznam.cz\postak.exe [2010-10-06 488728]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Documents and Settings\ludek.AUTOMA\Nabídka Start\Programy\Po spuštění
TC UP.lnk - C:\Program Files\TC UP\TC UP.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-08-20 143360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-07-21 12536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\WINDOWS\system32\psqlpwd.dll [2008-04-29 96008]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
psqlpwd
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"disablecad"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoInternetIcon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Common Files\Siemens\SQLANY\dbsrv9.exe"="C:\Program Files\Common Files\Siemens\SQLANY\dbsrv9.exe:*:Enabled:Adaptive Server Anywhere Network Server"
"C:\Program Files\Siemens\Step7\S7BIN\S7tgtopx.exe"="C:\Program Files\Siemens\Step7\S7BIN\S7tgtopx.exe:*:Enabled:SIEMENS STEP7 SIMATIC Manager"
"C:\Program Files\Siemens\Step7\S7INF\S7usiapx.exe"="C:\Program Files\Siemens\Step7\S7INF\S7usiapx.exe:*:Enabled:SIEMENS STEP7 S7InfoBox"
"C:\WINDOWS\system32\s7otbxsx.exe"="C:\WINDOWS\system32\s7otbxsx.exe:*:Enabled:SIEMENS STEP7 Block Administration"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiES.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiES.exe:*:Enabled:SIMATIC WinCC flexible 2008 Application"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\TraceServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\TraceServer.exe:*:Enabled:SIMATIC WinCC flexible 2008 Trace Server"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\MiniWeb.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\MiniWeb.exe:*:Disabled:WinCC flexible RT Module MiniWeb"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\SmartServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\SmartServer.exe:*:Disabled:WinCC flexible RT Module SmartServer"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\HmiLoad.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\HmiLoad.exe:*:Enabled:WinCC flexible RT Module HmiLoad"
"C:\Program Files\Common Files\Siemens\SQLANY\dbeng9.exe"="C:\Program Files\Common Files\Siemens\SQLANY\dbeng9.exe:*:Enabled:Adaptive Server Anywhere Database Engine"
"C:\Program Files\AVG\AVG9\avgam.exe"="C:\Program Files\AVG\AVG9\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG9\avgdiagex.exe"="C:\Program Files\AVG\AVG9\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\EPLAN\Electric P8\1.9.10\BIN\W3u.exe"="C:\Program Files\EPLAN\Electric P8\1.9.10\BIN\W3u.exe:*:Enabled:EPLAN W3"
"C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe"="C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe:*:Enabled:Bonjour"
"C:\Moje_Ludek\CS\Counter-Strike Source\hl2.exe"="C:\Moje_Ludek\CS\Counter-Strike Source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Cognex\In-Sight\In-Sight Explorer 4.4.0\In-Sight Explorer.exe"="C:\Program Files\Cognex\In-Sight\In-Sight Explorer 4.4.0\In-Sight Explorer.exe:*:Disabled:Cognex In-Sight Explorer"
"C:\Program Files\Cognex\DataMan\Setup Tool v3.5.0\SetupTool.exe"="C:\Program Files\Cognex\DataMan\Setup Tool v3.5.0\SetupTool.exe:*:Enabled:DataMan Setup Tool"
"C:\LabVIEW\Builds\18008_140\p140\p140.exe"="C:\LabVIEW\Builds\18008_140\p140\p140.exe:*:Enabled:p140"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Common Files\Siemens\SQLANY\dbsrv9.exe"="C:\Program Files\Common Files\Siemens\SQLANY\dbsrv9.exe:*:Enabled:Adaptive Server Anywhere Network Server"
"C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\TraceServer.exe"="C:\Program Files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\TraceServer.exe:*:Enabled:WinCC flexible - Trace Server"
"C:\Program Files\Siemens\CA01_INT_ENG\catalog\config\SPICE\program\JAVA15\bin\java.exe"="C:\Program Files\Siemens\CA01_INT_ENG\catalog\config\SPICE\program\JAVA15\bin\java.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\Program Files\Cognex\DataMan\Setup Tool v3.5.0\SetupTool.exe"="C:\Program Files\Cognex\DataMan\Setup Tool v3.5.0\SetupTool.exe:*:Enabled:DataMan Setup Tool"
"C:\Program Files\EPLAN\Electric P8\1.9.11\BIN\W3u.exe"="C:\Program Files\EPLAN\Electric P8\1.9.11\BIN\W3u.exe:*:Enabled:EPLAN W3"
"C:\Program Files\EPLAN\Electric P8\1.9.10\BIN\W3u.exe"="C:\Program Files\EPLAN\Electric P8\1.9.10\BIN\W3u.exe:*:Enabled:EPLAN W3"
"C:\Program Files\SICK\SOPAS ET\SopasET.exe"="C:\Program Files\SICK\SOPAS ET\SopasET.exe:*:Enabled:SOPAS Engineering Tool"
"C:\Program Files\Cognex\In-Sight\In-Sight Explorer 4.4.0\Emulator\In-Sight.exe"="C:\Program Files\Cognex\In-Sight\In-Sight Explorer 4.4.0\Emulator\In-Sight.exe:*:Enabled:In-Sight"
"C:\Program Files\Cognex\In-Sight\In-Sight Explorer 4.4.0\In-Sight Explorer.exe"="C:\Program Files\Cognex\In-Sight\In-Sight Explorer 4.4.0\In-Sight Explorer.exe:*:Enabled:Cognex In-Sight Explorer"
"C:\Documents and Settings\ludek.AUTOMA\Local Settings\Data aplikací\SICK\SOPAS\02.22\softsensors\InspectorI10_V1.0.0_2665_SoftSensor_V1.2.0.0\softsensor\device\Inspector I10.exe"="C:\Documents and Settings\ludek.AUTOMA\Local Settings\Data aplikací\SICK\SOPAS\02.22\softsensors\InspectorI10_V1.0.0_2665_SoftSensor_V1.2.0.0\softsensor\device\Inspector I10.exe:*:Enabled:Inspector I10"
"C:\Documents and Settings\ludek.AUTOMA\Local Settings\Data aplikací\SICK\SOPAS\02.22\softsensors\InspectorI20_V1.0.0_2665_SoftSensor_V1.1.0.0\softsensor\device\Inspector I20.exe"="C:\Documents and Settings\ludek.AUTOMA\Local Settings\Data aplikací\SICK\SOPAS\02.22\softsensors\InspectorI20_V1.0.0_2665_SoftSensor_V1.1.0.0\softsensor\device\Inspector I20.exe:*:Enabled:Inspector I20"
"C:\Program Files\Sony Ericsson\Update Service\Update Service.exe"="C:\Program Files\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a439532d-dffc-11df-a92d-0022433ac1e7}]
shell\AutoRun\command - wyskq6lt.exe
shell\open\command - wyskq6lt.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b5b7689a-c6e8-11df-a902-0022433ac1e7}]
shell\AutoRun\command - E:\wyskq6lt.exe
shell\open\command - E:\wyskq6lt.exe
======File associations======
.inf - open - "C:\Program Files\TC UP\PLUGINS\Media\Notepad++\notepad++.exe" "%1"
.inf - install -
.ini - open - "C:\Program Files\TC UP\PLUGINS\Media\Notepad++\notepad++.exe" "%1"
.js - edit -
.js - open -
.scr - open - "C:\Program Files\TC UP\PLUGINS\Media\XnView\xnview.exe" "%1"
.scr - install -
.scr - config -
.txt - open -
.vbs - edit -
.vbs - open - "C:\Program Files\TC UP\PLUGINS\Media\Notepad++\notepad++.exe" "%1"
======List of files/folders created in the last 1 months======
2010-11-11 13:09:34 ----D---- C:\Program Files\trend micro
2010-11-11 13:09:33 ----D---- C:\rsit
2010-11-09 06:55:54 ----D---- C:\LabVIEW
2010-11-04 07:08:02 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2010-11-04 07:07:55 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$
2010-11-03 09:12:36 ----A---- C:\WINDOWS\system32\WdfCoInstaller01007.dll
2010-11-03 09:12:16 ----D---- C:\Program Files\Sony Ericsson
2010-10-25 16:06:35 ----D---- C:\Documents and Settings\ludek.AUTOMA\Data aplikací\GHISLER
2010-10-25 11:02:33 ----A---- C:\WINDOWS\ModemLog_Agere Systems HDA Modem.txt
2010-10-21 10:03:59 ----RA---- C:\WINDOWS\system32\FTDIUNIN.exe
2010-10-21 10:03:59 ----RA---- C:\WINDOWS\system32\FTD2XXUN.ini
2010-10-21 09:55:37 ----RA---- C:\WINDOWS\system32\FTD2XX.dll
2010-10-21 09:55:37 ----A---- C:\WINDOWS\system32\PCSU1000D.dll
2010-10-21 09:55:37 ----A---- C:\WINDOWS\system32\PCGU1000Link.dll
2010-10-21 09:55:37 ----A---- C:\WINDOWS\system32\FGULINK.dll
2010-10-21 09:55:37 ----A---- C:\WINDOWS\system32\FASTTime32.dll
2010-10-21 09:55:37 ----A---- C:\WINDOWS\system32\DSOLink.dll
2010-10-21 09:55:37 ----A---- C:\WINDOWS\system32\DLPORTIO.DLL
2010-10-21 09:55:37 ----A---- C:\WINDOWS\system32\CP210x.dll
2010-10-21 09:55:35 ----D---- C:\Program Files\Velleman
2010-10-21 09:54:54 ----D---- C:\WINDOWS\system32\Silabs
2010-10-21 09:54:39 ----D---- C:\Program Files\SiLabs
2010-10-15 16:39:23 ----A---- C:\WINDOWS\WirelessFTP.INI
2010-10-14 06:57:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2010-10-14 06:57:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2279986$
2010-10-14 06:57:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2010-10-14 06:56:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2010-10-14 06:56:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2010-10-14 06:56:48 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2010-10-14 06:56:20 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2010-10-14 06:52:56 ----HDC---- C:\WINDOWS\$NtUninstallKB981957$
2010-10-14 06:51:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
======List of files/folders modified in the last 1 months======
2010-11-11 15:34:01 ----D---- C:\WINDOWS\Temp
2010-11-11 15:13:30 ----D---- C:\S7_300_data
2010-11-11 15:02:19 ----D---- C:\WINDOWS\Prefetch
2010-11-11 13:09:34 ----RD---- C:\Program Files
2010-11-11 11:29:48 ----D---- C:\WINDOWS
2010-11-11 10:56:38 ----A---- C:\WINDOWS\Microwin.ini
2010-11-11 10:13:33 ----D---- C:\WINDOWS\security
2010-11-11 08:21:41 ----SHD---- C:\WINDOWS\Installer
2010-11-11 08:21:41 ----SHD---- C:\Config.Msi
2010-11-11 08:19:05 ----A---- C:\WINDOWS\system32\MRT.exe
2010-11-10 22:16:12 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-11-10 10:31:13 ----SHD---- C:\WINDOWS\CSC
2010-11-10 08:15:36 ----D---- C:\WINDOWS\Help
2010-11-09 15:18:35 ----D---- C:\WINDOWS\system32\CatRoot2
2010-11-08 10:39:05 ----D---- C:\WINDOWS\Minidump
2010-11-08 07:15:30 ----D---- C:\WINDOWS\system32\config
2010-11-07 14:48:38 ----D---- C:\Program Files\Mozilla Firefox
2010-11-05 20:43:54 ----D---- C:\Moje_Ludek
2010-11-05 06:58:21 ----D---- C:\Program Files\TC UP
2010-11-04 07:08:10 ----D---- C:\WINDOWS\system32\drivers
2010-11-04 07:08:07 ----HD---- C:\WINDOWS\inf
2010-11-04 07:08:02 ----D---- C:\WINDOWS\system32
2010-11-03 09:53:55 ----A---- C:\WINDOWS\HmiSRT.ini
2010-11-03 09:14:25 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-11-03 09:12:50 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-11-01 13:03:42 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-10-29 06:01:52 ----D---- C:\Program Files\Mozilla Thunderbird
2010-10-21 09:57:37 ----HD---- C:\Program Files\InstallShield Installation Information
2010-10-21 09:53:20 ----D---- C:\Instalace
2010-10-21 06:02:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\NOS
2010-10-15 16:33:28 ----D---- C:\Sdilena data
2010-10-14 06:57:18 ----A---- C:\WINDOWS\imsins.BAK
2010-10-14 06:57:12 ----HD---- C:\WINDOWS\$hf_mig$
2010-10-14 06:56:59 ----D---- C:\WINDOWS\WinSxS
2010-10-14 06:56:12 ----D---- C:\Program Files\Internet Explorer
2010-10-14 06:54:37 ----D---- C:\Program Files\MyPhoneExplorer
2010-10-13 13:16:12 ----D---- C:\Program Files\Common Files\Adobe
2010-10-13 13:16:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-10-13 13:16:01 ----D---- C:\Program Files\Adobe
2010-10-13 10:36:31 ----D---- C:\_ELEKTRO_SYNCH
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-07-21 216400]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-07-21 29584]
R1 AvgTdiX;AVG Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-07-21 243024]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 Tosrfcom;Bluetooth RFCOMM; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2007-05-24 64000]
R1 VD_FileDisk;VD_FileDisk; C:\WINDOWS\system32\drivers\VD_FileDisk.sys [2006-01-13 15872]
R1 VirtualBackplane;A-B Virtual Backplane; C:\WINDOWS\System32\Drivers\VirtualBackplane.sys [2002-02-27 63508]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 cvintdrv;cvintdrv; C:\WINDOWS\system32\drivers\cvintdrv.sys [2008-09-26 4096]
R2 dpmconv;dpmconv; C:\WINDOWS\System32\Drivers\dpmconv.sys [2009-03-10 266752]
R2 Dpmtrcdd;Dpmtrcdd; C:\WINDOWS\System32\DRIVERS\dpmtrcdd.sys [2009-03-10 28363]
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 niarbk;niarbk; C:\WINDOWS\system32\drivers\niarbk.dll [2007-04-16 37376]
R2 nibffrk;nibffrk; C:\WINDOWS\system32\drivers\nibffrk.dll [2007-04-16 21504]
R2 Nidaq32k;Nidaq32k; C:\WINDOWS\system32\drivers\Nidaq32k.sys [2007-04-16 674304]
R2 nidmmk;NI DMM and Data Logger Kernel Driver; C:\WINDOWS\system32\drivers\nidmmk.dll [2007-04-16 50688]
R2 nimdsk;nimdsk; C:\WINDOWS\system32\drivers\nimdsk.dll [2007-04-16 30208]
R2 nipxirmk;nipxirmk; \??\C:\WINDOWS\system32\drivers\nipxirmkl.sys []
R2 nistck;nistck; C:\WINDOWS\system32\drivers\nistck.dll [2007-04-16 111616]
R2 NiViPxiK;NI-VISA PXI Driver; C:\WINDOWS\System32\drivers\NiViPxiKl.sys [2008-06-20 11360]
R2 PCID32;PCID32; \??\C:\WINDOWS\system32\drivers\pcid32.sys []
R2 s7odpx2x;SIMATIC MPI/PROFIBUS DPX2 Driver; C:\WINDOWS\System32\Drivers\S7odpx2x.sys [2010-03-02 77312]
R2 S7opcsrtx;PROFINET IO RT-Protocol (LLDP); C:\WINDOWS\system32\DRIVERS\s7opcsrtx.sys [2010-03-01 31232]
R2 s7otranx;s7otranx; C:\WINDOWS\System32\Drivers\s7otranx.sys [2010-03-02 508416]
R2 s7otsadx;s7otsadx; C:\WINDOWS\System32\Drivers\s7otsadx.sys [2010-03-02 171008]
R2 s7snsrtx;PROFINET IO RT-Protocol; C:\WINDOWS\system32\DRIVERS\s7snsrtx.sys [2009-02-24 73088]
R2 SNTIE;SIMATIC Industrial Ethernet (ISO); C:\WINDOWS\system32\DRIVERS\sntie.sys [2009-06-05 311424]
R2 vsnl2ada;SIMATIC MPI/PROFIBUS FDL Transport Driver; C:\WINDOWS\System32\Drivers\vsnl2ada.sys [2009-02-03 115654]
R2 XHASP;XHASP; \??\c:\windows\system32\drivers\XHASP.sys []
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2008-03-21 1203776]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2008-06-27 1315776]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-08-20 3299840]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-07-02 89600]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 enecir;ENE CIR Receiver; C:\WINDOWS\system32\DRIVERS\enecir.sys [2008-04-28 54784]
R3 enecirhid;ENE CIR HID Receiver; C:\WINDOWS\system32\DRIVERS\enecirhid.sys [2008-04-28 11264]
R3 enecirhidma;ENE CIR HIDmini Filter; C:\WINDOWS\system32\DRIVERS\enecirhidma.sys [2008-04-25 5632]
R3 fwkbdrtm;fwkbdrtm; C:\WINDOWS\system32\drivers\fwkbdrtm.sys [2010-04-08 12112]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-08-20 4751872]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]
R3 nidimk;nidimk; \??\C:\WINDOWS\system32\drivers\nidimkl.sys []
R3 nimdbgk;nimdbgk; \??\C:\WINDOWS\system32\drivers\nimdbgkl.sys []
R3 nimru2k;nimru2k; \??\C:\WINDOWS\system32\drivers\nimru2kl.sys []
R3 nimstsk;nimstsk; \??\C:\WINDOWS\system32\drivers\nimstskl.sys []
R3 nimxdfk;nimxdfk; \??\C:\WINDOWS\system32\drivers\nimxdfkl.sys []
R3 niorbk;niorbk; \??\C:\WINDOWS\system32\drivers\niorbkl.sys []
R3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RTS5121.sys [2008-08-26 157696]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-08-07 111360]
R3 S7oppilx;S7oppilx; C:\WINDOWS\System32\Drivers\S7oppilx.sys [2010-03-02 129536]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2010-11-03 27632]
R3 TcUsb;TC USB Kernel Driver; C:\WINDOWS\System32\Drivers\tcusb.sys [2008-01-30 50576]
R3 tosporte;Bluetooth COM Port; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2008-02-08 57408]
S2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys []
S2 SE0CLPT;SE0CLPT; \??\C:\WINDOWS\system32\SE0CLPT.SYS []
S3 ABKTCX;Rockwell Software 1784-KTC(X) Driver; C:\WINDOWS\System32\Drivers\ABKTCX.sys [2002-02-27 71448]
S3 ahdtvogk;ahdtvogk; C:\WINDOWS\system32\drivers\ahdtvogk.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 dpmcslv;dpmcslv; C:\WINDOWS\system32\drivers\dpmcslv.sys [2005-07-04 68280]
S3 FTD2XX;FTD2XX.SYS FT8U2XX device driver; C:\WINDOWS\System32\Drivers\FTD2XX.sys [2005-10-18 29292]
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2010-11-03 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2010-11-03 25512]
S3 lvalarmk;lvalarmk; \??\C:\WINDOWS\system32\drivers\lvalarmk.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 ni1006k;NI PXI-1006 Chassis Pilot; \??\C:\WINDOWS\system32\drivers\ni1006k.sys []
S3 ni1045k;NI PXI-1045 Chassis Pilot; \??\C:\WINDOWS\system32\drivers\ni1045kl.sys []
S3 ni1065k;NI PXIe-1065 Chassis Pilot; \??\C:\WINDOWS\system32\drivers\ni1065k.sys []
S3 ni488lock;NI-488.2 Locking Service; \??\C:\WINDOWS\system32\drivers\ni488lock.sys []
S3 nicdrk;nicdrk; \??\C:\WINDOWS\system32\drivers\nicdrkl.sys []
S3 nicsrk;nicsrk; \??\C:\WINDOWS\system32\drivers\nicsrkl.sys []
S3 nidmxfk;nidmxfk; \??\C:\WINDOWS\system32\drivers\nidmxfkl.sys []
S3 nidsark;nidsark; \??\C:\WINDOWS\system32\drivers\nidsarkl.sys []
S3 nidwgk;nidwgk; \??\C:\WINDOWS\system32\drivers\nidwgkl.sys []
S3 niemrk;niemrk; \??\C:\WINDOWS\system32\drivers\niemrkl.sys []
S3 niesrk;niesrk; \??\C:\WINDOWS\system32\drivers\niesrkl.sys []
S3 nifslk;nifslk; \??\C:\WINDOWS\system32\drivers\nifslkl.sys []
S3 nigplk;nigplk; \??\C:\WINDOWS\system32\drivers\nigplkl.sys []
S3 nihsdrk;nihsdrk; \??\C:\WINDOWS\system32\drivers\nihsdrkl.sys []
S3 niimaqk;NI-IMAQ Driver; C:\WINDOWS\system32\drivers\niimaqk.sys []
S3 nimcdfxk;nimcdfxk; \??\C:\WINDOWS\system32\drivers\nimcdfxkl.sys []
S3 nimsdrk;nimsdrk; \??\C:\WINDOWS\system32\drivers\nimsdrkl.sys []
S3 nimslk;nimslk; \??\C:\WINDOWS\system32\drivers\nimslk.dll []
S3 nimsrlk;nimsrlk; \??\C:\WINDOWS\system32\drivers\nimsrlk.dll []
S3 nimxpk;nimxpk; \??\C:\WINDOWS\system32\drivers\nimxpkl.sys []
S3 ninshsdk;ninshsdk; \??\C:\WINDOWS\system32\drivers\ninshsdkl.sys []
S3 nipalfwedl;nipalfwedl; C:\WINDOWS\System32\drivers\nipalfwedl.sys [2008-06-13 11904]
S3 nipalusbedl;nipalusbedl; C:\WINDOWS\System32\drivers\nipalusbedl.sys [2008-06-13 11896]
S3 nipsdk;nipsdk; \??\C:\WINDOWS\system32\drivers\nipsdkl.sys []
S3 nipxigpk;NI PXI Generic Chassis Pilot; \??\C:\WINDOWS\system32\drivers\nipxigpk.sys []
S3 nirfsa2k;nirfsa2k; \??\C:\WINDOWS\system32\drivers\nirfsa2kl.sys []
S3 niscdk;niscdk; \??\C:\WINDOWS\system32\drivers\niscdkl.sys []
S3 nisdigk;nisdigk; \??\C:\WINDOWS\system32\drivers\nisdigkl.sys []
S3 nisftk;nisftk; \??\C:\WINDOWS\system32\drivers\nisftkl.sys []
S3 nisldk;nisldk; \??\C:\WINDOWS\system32\drivers\nisldkl.sys []
S3 nispdk;nispdk; \??\C:\WINDOWS\system32\drivers\nispdkl.sys []
S3 nisrcdk;nisrcdk; \??\C:\WINDOWS\system32\drivers\nisrcdkl.sys []
S3 nissrk;nissrk; \??\C:\WINDOWS\system32\drivers\nissrkl.sys []
S3 nistc2k;nistc2k; \??\C:\WINDOWS\system32\drivers\nistc2kl.sys []
S3 nistcrk;nistcrk; \??\C:\WINDOWS\system32\drivers\nistcrkl.sys []
S3 niswdk;niswdk; \??\C:\WINDOWS\system32\drivers\niswdkl.sys []
S3 nitiork;nitiork; \??\C:\WINDOWS\system32\drivers\nitiorkl.sys []
S3 nitnr2k;nitnr2k; \??\C:\WINDOWS\system32\drivers\nitnr2kl.sys []
S3 niufurk;niufurk; \??\C:\WINDOWS\system32\drivers\niufurkl.sys []
S3 NiViFWK;NI-VISA FireWire Driver; C:\WINDOWS\System32\drivers\NiViFWKl.sys [2008-06-20 11384]
S3 NiViPciK;NI-VISA PCI Driver; C:\WINDOWS\System32\drivers\NiViPciKl.sys [2008-06-20 11360]
S3 niwfrk;niwfrk; \??\C:\WINDOWS\system32\drivers\niwfrkl.sys []
S3 nixsrk;nixsrk; \??\C:\WINDOWS\system32\drivers\nixsrkl.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2008-04-14 5888]
S3 RS_SS_NT;RSLinx S-S SD/SD2 Device Driver; C:\WINDOWS\SYSTEM32\RS_SS_NT.SYS [2002-02-27 142592]
S3 RsiKtControl;RsiKtControl; C:\WINDOWS\system32\RSIKT.SYS [2002-02-27 31413]
S3 RSSERIAL;RSLinx Serial Driver; C:\WINDOWS\SYSTEM32\RSSERIAL.SYS [2002-02-27 155440]
S3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtHDMI.sys [2008-04-14 3688064]
S3 Rts516xIR;Realtek IR Driver; C:\WINDOWS\system32\DRIVERS\Rts516xIR.sys []
S3 S7o5512x;SIMATIC CP 5512; C:\WINDOWS\system32\DRIVERS\S7o5512x.sys [2010-03-02 216064]
S3 s7oefs_x;SIMATIC MPI/EFS Driver; C:\WINDOWS\System32\drivers\s7oefs_x.sys [2002-10-18 30512]
S3 s7oppitx;s7oppitx; C:\WINDOWS\System32\Drivers\S7oppitx.sys [2010-03-02 95232]
S3 Ser2pl;Prolific Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2004-06-28 42752]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2008-06-09 1748352]
S3 softctrl;Software Flow Control Driver; C:\WINDOWS\system32\DRIVERS\softctrl.sys [2006-09-11 10112]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 tosrfbd;Bluetooth RFBUS; C:\WINDOWS\system32\DRIVERS\tosrfbd.sys [2007-04-24 113920]
S3 tosrfbnp;Bluetooth RFBNEP; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2007-03-01 73728]
S3 tosrfnds;Bluetooth Personal Area Network; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio; C:\WINDOWS\system32\drivers\tosrfsnd.sys [2007-01-22 53376]
S3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\system32\DRIVERS\tosrfusb.sys [2007-06-11 41856]
S3 usb6xxxk;usb6xxxk; \??\C:\WINDOWS\system32\drivers\usb6xxxkl.sys []
S3 USBCCID;Realtek Smartcard Reader Driver; C:\WINDOWS\system32\DRIVERS\Rts5161ccid.sys []
S3 usbser;USB Modem Driver; C:\WINDOWS\System32\Drivers\usbser.sys [2006-05-29 25600]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACS;Konfigurační služba Atheros; C:\WINDOWS\system32\acs.exe [2008-07-07 467029]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\WINDOWS\system32\agrsmsvc.exe [2008-03-18 13312]
R2 almservice;Automation License Manager Service; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe [2009-01-22 1200128]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-08-20 573440]
R2 avg9emc;AVG E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-07-21 921952]
R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-07-21 308136]
R2 Cognex.InSight.OpcServer;Cognex OPC Server; C:\Program Files\Cognex\In-Sight\In-Sight OPC Server 4.4.0\OpcInSightService.exe [2010-02-09 28672]
R2 LkCitadelServer;Lookout Citadel Server; C:\WINDOWS\system32\lkcitdl.exe [2008-06-17 695136]
R2 lkClassAds;National Instruments PSP Server Locator; C:\WINDOWS\system32\lkads.exe [2008-06-17 40488]
R2 lkTimeSync;National Instruments Time Synchronization; C:\WINDOWS\system32\lktsrv.exe [2008-06-17 50736]
R2 Micro Star SCM;Micro Star SCM; C:\Program Files\System Control Manager\MSIService.exe [2008-08-26 159744]
R2 MSSQL$WINCCFLEXEXPRESS;SQL Server (WINCCFLEXEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680]
R2 MSSQL$WINCCFLEXIBLE;MSSQL$WINCCFLEXIBLE; C:\Program Files\Microsoft SQL Server\MSSQL$WINCCFLEXIBLE\Binn\sqlservr.exe [2008-12-18 9158656]
R2 mxssvr;NI Configuration Manager; C:\Program Files\National Instruments\MAX\nimxs.exe [2008-04-02 12696]
R2 ni488enumsvc;NI-488.2 Enumeration Service; C:\WINDOWS\system32\nipalsm.exe [2007-02-16 12696]
R2 nidevldu;NI Device Loader; C:\WINDOWS\system32\nipalsm.exe [2007-02-16 12696]
R2 NIDomainService;National Instruments Domain Service; C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe [2008-06-17 213552]
R2 niLXIDiscovery;National Instruments LXI Discovery Service; C:\Program Files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe [2008-06-20 129144]
R2 nimcdldu;NI-Motion Device Manager; C:\WINDOWS\system32\nipalsm.exe [2007-02-16 12696]
R2 nimDNSResponder;National Instruments mDNS Responder Service; C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [2008-06-18 192112]
R2 nipxirmu;NI PXI Resource Manager; C:\WINDOWS\system32\nipalsm.exe [2007-02-16 12696]
R2 niSvcLoc;NI Service Locator; C:\WINDOWS\system32\nisvcloc.exe [2007-11-06 8656]
R2 NITaggerService;National Instruments Variable Engine; C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe [2008-06-20 607848]
R2 OpcEnum;OPCEnum; C:\Program Files\Common Files\OPC Foundation\OPCENUM.EXE [1998-10-02 60416]
R2 s7asysvx;S7 Global Services; C:\Program Files\Siemens\Step7\S7BIN\s7asysvx.exe [2009-03-09 69685]
R2 s7oiehsx;SIMATIC IEPG Help Service; C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe [2010-03-02 1576072]
R2 S7TraceServiceX;S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe [2010-03-02 240776]
R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 125048]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 Harmony;Harmony; C:\PROGRA~1\ROCKWE~1\RSCOMMON\RSOBSERV.EXE [2001-10-31 118784]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]
S3 NILM License Manager;NILM License Manager; C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe [2008-06-24 1007616]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 RSLinx;RSLinx; C:\PROGRA~1\ROCKWE~1\RSLINX\RSLINX.EXE [2002-02-27 1470736]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
S3 SQLAgent$WINCCFLEXIBLE;SQLAgent$WINCCFLEXIBLE; C:\Program Files\Microsoft SQL Server\MSSQL$WINCCFLEXIBLE\Binn\sqlagent.EXE [2005-05-03 323584]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2010-07-19 306432]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu, AVG vyhodilo nejake viry. Dekuji
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119426
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu, AVG vyhodilo nejake viry. Dekuji
Dejte log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu, AVG vyhodilo nejake viry. Dekuji
ComboFix 10-11-11.01 - ludek 12.11.2010 8:19.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3071.2168 [GMT 1:00]
Spuštěný z: c:\documents and settings\ludek.AUTOMA\Plocha\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\TEMP\Cognex.Cnx.2.3.26.1\Cognex.Cnx.Internal.dll
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-10-12 do 2010-11-12 )))))))))))))))))))))))))))))))
.
2010-11-11 12:09 . 2010-11-11 14:54 -------- d-----w- c:\program files\trend micro
2010-11-11 12:09 . 2010-11-11 12:15 -------- d-----w- C:\rsit
2010-11-09 05:55 . 2010-11-09 05:57 -------- d-----w- C:\LabVIEW
2010-11-04 06:08 . 2008-03-21 12:57 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2010-11-03 08:12 . 2010-11-03 08:12 27632 ----a-w- c:\windows\system32\drivers\seehcri.sys
2010-11-03 08:12 . 2010-11-03 08:12 25512 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2010-11-03 08:12 . 2010-11-03 08:12 13224 ----a-w- c:\windows\system32\drivers\ggflt.sys
2010-11-03 08:12 . 2010-11-03 08:12 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2010-11-03 08:12 . 2010-11-03 08:12 -------- d-----w- c:\program files\Sony Ericsson
2010-10-25 15:06 . 2010-10-25 15:06 -------- d-----w- c:\documents and settings\ludek.AUTOMA\Data aplikací\GHISLER
2010-10-25 15:06 . 2010-07-07 05:55 545 ----a-w- c:\windows\UC.PIF
2010-10-25 15:06 . 2010-07-07 05:55 545 ----a-w- c:\windows\RAR.PIF
2010-10-25 15:06 . 2010-07-07 05:55 545 ----a-w- c:\windows\PKZIP.PIF
2010-10-25 15:06 . 2010-07-07 05:55 545 ----a-w- c:\windows\PKUNZIP.PIF
2010-10-25 15:06 . 2010-07-07 05:55 545 ----a-w- c:\windows\NOCLOSE.PIF
2010-10-25 15:06 . 2010-07-07 05:55 545 ----a-w- c:\windows\LHA.PIF
2010-10-25 15:06 . 2010-07-07 05:55 545 ----a-w- c:\windows\ARJ.PIF
2010-10-21 09:03 . 2005-10-18 06:41 421376 ----a-r- c:\windows\system32\FTDIUNIN.exe
2010-10-21 09:03 . 2005-10-18 06:41 29292 ----a-r- c:\windows\system32\drivers\FTD2XX.sys
2010-10-21 08:55 . 2009-03-09 18:03 94208 ----a-w- c:\windows\system32\CP210x.dll
2010-10-21 08:55 . 2008-11-23 19:30 38400 ----a-w- c:\windows\system32\FGULINK.dll
2010-10-21 08:55 . 2007-04-23 17:11 37888 ----a-w- c:\windows\system32\PCGU1000Link.dll
2010-10-21 08:55 . 2007-02-21 05:14 54272 ----a-w- c:\windows\system32\PCSU1000D.dll
2010-10-21 08:55 . 2005-10-18 06:40 81920 ----a-r- c:\windows\system32\FTD2XX.dll
2010-10-21 08:55 . 2005-03-30 17:42 37376 ----a-w- c:\windows\system32\DSOLink.dll
2010-10-21 08:55 . 1999-01-10 09:00 3584 ----a-w- c:\windows\system32\DLPORTIO.SYS
2010-10-21 08:55 . 1999-01-10 09:00 34816 ----a-w- c:\windows\system32\DLPORTIO.DLL
2010-10-21 08:55 . 1998-08-22 13:40 16384 ----a-w- c:\windows\system32\FASTTime32.dll
2010-10-21 08:55 . 2010-10-21 09:01 -------- d-----w- c:\program files\Velleman
2010-10-21 08:54 . 2010-10-21 08:55 -------- d-----w- c:\windows\system32\Silabs
2010-10-21 08:54 . 2010-10-21 08:57 -------- d-----w- c:\program files\SiLabs
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-05 15:09 . 2010-07-21 12:29 4856 ----a-w- c:\windows\system32\drivers\AE5510D6.bin
2010-09-27 14:54 . 2010-09-27 14:54 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2010-09-27 14:54 . 2010-09-27 14:54 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2010-09-18 10:23 . 2008-04-14 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2008-04-14 12:00 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2008-04-14 12:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2008-04-14 12:00 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-10 05:52 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:52 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:52 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-09-02 09:56 . 2010-07-14 07:09 102400 ----a-w- c:\windows\DUMP69e5.tmp
2010-09-01 11:52 . 2008-04-14 12:00 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-09-01 07:57 . 2008-04-14 12:00 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:03 . 2008-04-14 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:54 . 2008-04-14 12:00 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-27 01:43 . 2008-05-05 05:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-26 13:39 . 2008-04-14 12:00 357248 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-23 16:12 . 2008-04-14 12:00 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-17 13:17 . 2008-04-14 12:00 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-16 08:45 . 2008-04-14 12:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
1998-04-27 17:15 . 2010-07-21 12:53 570128 ------w- c:\program files\Common Files\dao350.dll
2004-03-15 15:51 . 2004-03-15 15:51 114688 ----a-w- c:\program files\internet explorer\plugins\LV71ActiveXControl.dll
2003-05-01 07:36 . 2003-05-01 07:36 114688 ----a-w- c:\program files\internet explorer\plugins\LV7ActiveXControl.dll
2006-01-23 08:32 . 2006-01-23 08:32 131072 ----a-w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll
2007-02-08 08:48 . 2007-02-08 08:48 133920 ----a-w- c:\program files\internet explorer\plugins\LV82ActiveXControl.dll
2007-07-24 16:03 . 2007-07-24 16:03 118784 ----a-w- c:\program files\internet explorer\plugins\LV85ActiveXControl.dll
2008-06-25 20:51 . 2008-06-25 20:51 118784 ----a-w- c:\program files\internet explorer\plugins\LV86ActiveXControl.dll
2001-12-13 19:56 . 2001-12-13 19:56 98304 ----a-w- c:\program files\internet explorer\plugins\LVActiveXControl.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2008-04-29 16:55 4232968 ----a-w- c:\program files\Protector Suite QL\farchns.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2008-04-29 16:55 4232968 ----a-w- c:\program files\Protector Suite QL\farchns.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OscarEditor"="c:\program files\OSCAR Editor\OscarEditor.exe" [2009-04-27 3330048]
"Stickies"="c:\program files\Bret Taylor\Stickies\Stickies.exe" [2007-03-14 335872]
"Seznam Postak"="c:\program files\Seznam.cz\postak.exe" [2010-10-06 488728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-08-19 16850944]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-01 61440]
"WinCC flexible Smart Start"="c:\program files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe" [2010-04-20 118784]
"MGSysCtrl"="c:\program files\System Control Manager\MGSysCtrl.exe" [2008-08-26 684032]
"S7UB Start"="c:\program files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe" [2009-03-09 102453]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-11-09 2069856]
"pdfFactory Dispatcher v2"="c:\windows\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" [2004-04-12 425984]
"niDevMon"="c:\program files\National Instruments\NI-DAQ\HWConfig\nidevmon.exe" [2008-06-18 106576]
"HornetMonitor"="c:\program files\Common Files\Hornet\MntrHrnt.exe" [2006-05-29 135168]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\ludek.AUTOMA\Nabˇdka Start\Programy\Po spuçtŘnˇ\
TC UP.lnk - c:\program files\TC UP\TC UP.exe [2010-5-26 885760]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
Service Manager.lnk - c:\program files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2005-5-3 81920]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"disablecad"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-07-21 12:25 12536 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2008-04-29 16:43 96008 ----a-w- c:\windows\system32\psqlpwd.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"SystemExplorerAutoStart"="c:\program files\TC UP\PLUGINS\Media\SystemExplorer\SystemExplorer.exe" /TRAY
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\Siemens\\SQLANY\\dbsrv9.exe"=
"c:\\Program Files\\Siemens\\Step7\\S7BIN\\S7tgtopx.exe"=
"c:\\Program Files\\Siemens\\Step7\\S7INF\\S7usiapx.exe"=
"c:\\WINDOWS\\system32\\s7otbxsx.exe"=
"c:\\Program Files\\Siemens\\SIMATIC WinCC flexible\\WinCC flexible 2008\\HmiES.exe"=
"c:\\Program Files\\Siemens\\SIMATIC WinCC flexible\\WinCC flexible 2008\\TraceServer.exe"=
"c:\\Program Files\\Siemens\\SIMATIC WinCC flexible\\WinCC flexible 2008 Runtime\\MiniWeb.exe"=
"c:\\Program Files\\Siemens\\SIMATIC WinCC flexible\\WinCC flexible 2008 Runtime\\SmartServer.exe"=
"c:\\Program Files\\Siemens\\SIMATIC WinCC flexible\\WinCC flexible 2008 Runtime\\HmiLoad.exe"=
"c:\\Program Files\\Common Files\\Siemens\\SQLANY\\dbeng9.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\EPLAN\\Electric P8\\1.9.10\\BIN\\W3u.exe"=
"c:\\Program Files\\National Instruments\\Shared\\mDNS Responder\\nimdnsResponder.exe"=
"c:\\Moje_Ludek\\CS\\Counter-Strike Source\\hl2.exe"=
"c:\\Program Files\\Cognex\\In-Sight\\In-Sight Explorer 4.4.0\\In-Sight Explorer.exe"=
"c:\\Program Files\\Cognex\\DataMan\\Setup Tool v3.5.0\\SetupTool.exe"=
"c:\\LabVIEW\\Builds\\18008_140\\p140\\p140.exe"=
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [19.7.2010 16:12 52872]
R0 nipbcfk;National Instruments Class Upper Filter Driver;c:\windows\system32\drivers\nipbcfk.sys [10.7.2007 19:08 15448]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [19.7.2010 15:59 691696]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [19.7.2010 16:12 216400]
R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [19.7.2010 16:12 243024]
R1 VD_FileDisk;VD_FileDisk;c:\windows\system32\drivers\vd_filedisk.sys [13.1.2006 14:00 15872]
R1 VirtualBackplane;A-B Virtual Backplane;c:\windows\system32\drivers\virtualbackplane.sys [27.2.2002 14:18 63508]
R2 almservice;Automation License Manager Service;c:\program files\Common Files\Siemens\SWS\almsrv\almsrvx.exe [22.1.2009 0:19 1200128]
R2 avg9emc;AVG E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [21.7.2010 13:25 921952]
R2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [21.7.2010 13:25 308136]
R2 Cognex.InSight.OpcServer;Cognex OPC Server;c:\program files\Cognex\In-Sight\In-Sight OPC Server 4.4.0\OpcInSightService.exe [9.2.2010 22:19 28672]
R2 dpmconv;dpmconv;c:\windows\system32\drivers\dpmconv.sys [10.3.2009 19:55 266752]
R2 Dpmtrcdd;Dpmtrcdd;c:\windows\system32\drivers\dpmtrcdd.sys [10.3.2009 19:57 28363]
R2 Micro Star SCM;Micro Star SCM;c:\program files\System Control Manager\MSIService.exe [18.7.2010 15:17 159744]
R2 MSSQL$WINCCFLEXEXPRESS;SQL Server (WINCCFLEXEXPRESS);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [27.5.2009 2:27 29262680]
R2 MSSQL$WINCCFLEXIBLE;MSSQL$WINCCFLEXIBLE;c:\program files\Microsoft SQL Server\MSSQL$WINCCFLEXIBLE\Binn\sqlservr.exe [3.5.2005 23:04 9158656]
R2 ni488enumsvc;NI-488.2 Enumeration Service;c:\windows\system32\nipalsm.exe [16.2.2007 10:21 12696]
R2 niarbk;niarbk;c:\windows\system32\drivers\niarbk.dll [16.4.2007 14:40 37376]
R2 nibffrk;nibffrk;c:\windows\system32\drivers\nibffrk.dll [16.4.2007 14:40 21504]
R2 Nidaq32k;Nidaq32k;c:\windows\system32\drivers\nidaq32k.sys [16.4.2007 16:04 674304]
R2 nidevldu;NI Device Loader;c:\windows\system32\nipalsm.exe [16.2.2007 10:21 12696]
R2 nidmmk;NI DMM and Data Logger Kernel Driver;c:\windows\system32\drivers\nidmmk.dll [16.4.2007 16:06 50688]
R2 niLXIDiscovery;National Instruments LXI Discovery Service;c:\program files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe [20.6.2008 15:53 129144]
R2 nimDNSResponder;National Instruments mDNS Responder Service;c:\program files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [18.6.2008 15:57 192112]
R2 nimdsk;nimdsk;c:\windows\system32\drivers\nimdsk.dll [16.4.2007 14:41 30208]
R2 nipxirmk;nipxirmk;c:\windows\system32\drivers\nipxirmkl.sys [24.6.2008 16:20 11344]
R2 nistck;nistck;c:\windows\system32\drivers\niSTCk.dll [16.4.2007 14:42 111616]
R2 NiViPxiK;NI-VISA PXI Driver;c:\windows\system32\drivers\NiViPxiKl.sys [20.6.2008 20:27 11360]
R2 PCID32;PCID32;c:\windows\system32\drivers\pcid32.sys [22.7.2010 8:45 7271]
R2 s7asysvx;S7 Global Services;c:\program files\Siemens\Step7\S7BIN\s7asysvx.exe [9.3.2009 22:46 69685]
R2 s7odpx2x;SIMATIC MPI/PROFIBUS DPX2 Driver;c:\windows\system32\drivers\s7odpx2x.sys [2.3.2010 7:37 77312]
R2 s7oiehsx;SIMATIC IEPG Help Service;c:\program files\Common Files\Siemens\S7IEPG\s7oiehsx.exe [2.3.2010 7:47 1576072]
R2 S7opcsrtx;PROFINET IO RT-Protocol (LLDP);c:\windows\system32\drivers\s7opcsrtx.sys [1.3.2010 15:51 31232]
R2 s7otsadx;s7otsadx;c:\windows\system32\drivers\s7otsadx.sys [2.3.2010 7:42 171008]
R2 s7snsrtx;PROFINET IO RT-Protocol;c:\windows\system32\drivers\s7snsrtx.sys [24.2.2009 16:39 73088]
R2 S7TraceServiceX;S7TraceServiceX;c:\program files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe [2.3.2010 7:47 240776]
R2 vsnl2ada;SIMATIC MPI/PROFIBUS FDL Transport Driver;c:\windows\system32\drivers\vsnl2ada.sys [3.2.2009 16:43 115654]
R2 XHASP;XHASP;c:\windows\system32\drivers\XHASP.sys [21.7.2010 13:28 259584]
R3 enecir;ENE CIR Receiver;c:\windows\system32\drivers\enecir.sys [15.7.2010 6:21 54784]
R3 enecirhid;ENE CIR HID Receiver;c:\windows\system32\drivers\enecirhid.sys [15.7.2010 6:22 11264]
R3 enecirhidma;ENE CIR HIDmini Filter;c:\windows\system32\drivers\enecirhidma.sys [15.7.2010 6:22 5632]
R3 fwkbdrtm;fwkbdrtm;c:\windows\system32\drivers\fwkbdrtm.sys [8.4.2010 10:15 12112]
R3 nidimk;nidimk;c:\windows\system32\drivers\nidimkl.sys [13.6.2008 14:51 11360]
R3 nimru2k;nimru2k;c:\windows\system32\drivers\nimru2kl.sys [13.6.2008 14:51 11360]
R3 nimstsk;nimstsk;c:\windows\system32\drivers\nimstskl.sys [18.12.2007 18:14 11360]
R3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RTS5121.sys [15.7.2010 6:20 157696]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [3.11.2010 9:12 27632]
S2 SE0CLPT;SE0CLPT;c:\windows\system32\SE0CLPT.SYS [21.7.2010 13:52 54488]
S3 ABKTCX;Rockwell Software 1784-KTC(X) Driver;c:\windows\system32\drivers\abktcx.sys [27.2.2002 14:18 71448]
S3 dpmcslv;dpmcslv;c:\windows\system32\drivers\dpmcslv.sys [4.7.2005 15:04 68280]
S3 FTD2XX;FTD2XX.SYS FT8U2XX device driver;c:\windows\system32\drivers\FTD2XX.sys [21.10.2010 10:03 29292]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [3.11.2010 9:12 13224]
S3 lvalarmk;lvalarmk;c:\windows\system32\drivers\lvalarmk.sys [20.12.2007 8:37 20056]
S3 ni1006k;NI PXI-1006 Chassis Pilot;c:\windows\system32\drivers\ni1006k.sys [25.6.2008 13:16 26192]
S3 ni1045k;NI PXI-1045 Chassis Pilot;c:\windows\system32\drivers\ni1045kl.sys [25.6.2008 13:22 11344]
S3 ni1065k;NI PXIe-1065 Chassis Pilot;c:\windows\system32\drivers\ni1065k.sys [25.6.2008 13:24 22608]
S3 ni488lock;NI-488.2 Locking Service;c:\windows\system32\drivers\ni488lock.sys [4.9.2008 17:04 16456]
S3 nicdrk;nicdrk;c:\windows\system32\drivers\nicdrkl.sys [26.12.2007 10:53 11352]
S3 nicsrk;nicsrk;c:\windows\system32\drivers\nicsrkl.sys [22.2.2008 10:25 11336]
S3 nidmxfk;nidmxfk;c:\windows\system32\drivers\nidmxfkl.sys [18.12.2007 18:20 11336]
S3 nidsark;nidsark;c:\windows\system32\drivers\nidsarkl.sys [29.2.2008 14:02 11344]
S3 nidwgk;nidwgk;c:\windows\system32\drivers\nidwgkl.sys [26.8.2008 17:45 11360]
S3 niemrk;niemrk;c:\windows\system32\drivers\niemrkl.sys [22.2.2008 10:25 11336]
S3 niesrk;niesrk;c:\windows\system32\drivers\niesrkl.sys [22.2.2008 10:25 11336]
S3 nifslk;nifslk;c:\windows\system32\drivers\nifslkl.sys [26.12.2007 10:18 11352]
S3 nigplk;nigplk;c:\windows\system32\drivers\nigplkl.sys [16.6.2008 14:21 11640]
S3 nihsdrk;nihsdrk;c:\windows\system32\drivers\nihsdrkl.sys [15.6.2008 13:01 11352]
S3 niimaqk;NI-IMAQ Driver;c:\windows\system32\drivers\niimaqk.sys --> c:\windows\system32\drivers\niimaqk.sys [?]
S3 nimsdrk;nimsdrk;c:\windows\system32\drivers\nimsdrkl.sys [11.1.2008 16:08 11392]
S3 nimslk;nimslk;c:\windows\system32\drivers\nimslk.dll [24.6.2007 23:08 14464]
S3 nimsrlk;nimsrlk;c:\windows\system32\drivers\nimsrlk.dll [24.6.2007 23:08 151683]
S3 nimxpk;nimxpk;c:\windows\system32\drivers\nimxpkl.sys [18.12.2007 17:14 11368]
S3 ninshsdk;ninshsdk;c:\windows\system32\drivers\ninshsdkl.sys [27.12.2007 8:45 11360]
S3 nipalfwedl;nipalfwedl;c:\windows\system32\drivers\nipalfwedl.sys [13.6.2008 8:27 11904]
S3 nipalusbedl;nipalusbedl;c:\windows\system32\drivers\nipalusbedl.sys [13.6.2008 8:27 11896]
S3 nipsdk;nipsdk;c:\windows\system32\drivers\nipsdkl.sys [2.6.2008 13:39 11392]
S3 nipxigpk;NI PXI Generic Chassis Pilot;c:\windows\system32\drivers\nipxigpk.sys [24.6.2008 16:25 20568]
S3 nirfsa2k;nirfsa2k;c:\windows\system32\drivers\niRFSA2kl.sys [27.5.2008 22:14 11328]
S3 niscdk;niscdk;c:\windows\system32\drivers\niscdkl.sys [7.1.2008 23:38 11376]
S3 nisdigk;nisdigk;c:\windows\system32\drivers\nisdigkl.sys [7.1.2008 23:21 11352]
S3 nisftk;nisftk;c:\windows\system32\drivers\nisftkl.sys [20.12.2007 14:54 11344]
S3 nisldk;nisldk;c:\windows\system32\drivers\nisldkl.sys [2.6.2008 17:56 11344]
S3 nispdk;nispdk;c:\windows\system32\drivers\nispdkl.sys [7.1.2008 23:38 11376]
S3 nisrcdk;nisrcdk;c:\windows\system32\drivers\nisrcdkl.sys [27.5.2008 16:58 11352]
S3 nissrk;nissrk;c:\windows\system32\drivers\nissrkl.sys [22.2.2008 10:25 11336]
S3 nistc2k;nistc2k;c:\windows\system32\drivers\nistc2kl.sys [7.1.2008 23:35 11312]
S3 nistcrk;nistcrk;c:\windows\system32\drivers\nistcrkl.sys [14.2.2008 19:58 11360]
S3 niswdk;niswdk;c:\windows\system32\drivers\niswdkl.sys [2.1.2008 12:14 11336]
S3 nitiork;nitiork;c:\windows\system32\drivers\nitiorkl.sys [19.2.2008 22:56 11360]
S3 nitnr2k;nitnr2k;c:\windows\system32\drivers\nitnr2kl.sys [1.12.2007 17:01 11328]
S3 niufurk;niufurk;c:\windows\system32\drivers\niufurkl.sys [22.2.2008 10:25 11368]
S3 NiViFWK;NI-VISA FireWire Driver;c:\windows\system32\drivers\NiViFWKl.sys [20.6.2008 20:28 11384]
S3 NiViPciK;NI-VISA PCI Driver;c:\windows\system32\drivers\NiViPciKl.sys [20.6.2008 20:27 11360]
S3 niwfrk;niwfrk;c:\windows\system32\drivers\niwfrkl.sys [22.2.2008 10:25 11336]
S3 nixsrk;nixsrk;c:\windows\system32\drivers\nixsrkl.sys [22.2.2008 10:25 11336]
S3 RS_SS_NT;RSLinx S-S SD/SD2 Device Driver;c:\windows\system32\RS_SS_NT.SYS [27.2.2002 14:18 142592]
S3 RsiKtControl;RsiKtControl;c:\windows\system32\RSIKT.SYS [27.2.2002 14:18 31413]
S3 RSSERIAL;RSLinx Serial Driver;c:\windows\system32\rsserial.sys [27.2.2002 14:18 155440]
S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys --> c:\windows\system32\DRIVERS\Rts516xIR.sys [?]
S3 S7o5512x;SIMATIC CP 5512;c:\windows\system32\drivers\S7o5512x.sys [2.3.2010 7:36 216064]
S3 s7oefs_x;SIMATIC MPI/EFS Driver;c:\windows\system32\drivers\s7oefs_x.sys [18.10.2002 0:34 30512]
S3 softctrl;Software Flow Control Driver;c:\windows\system32\drivers\softctrl.sys [11.9.2006 10:56 10112]
S3 SQLAgent$WINCCFLEXIBLE;SQLAgent$WINCCFLEXIBLE;c:\program files\Microsoft SQL Server\MSSQL$WINCCFLEXIBLE\Binn\sqlagent.EXE [3.5.2005 20:42 323584]
S3 usb6xxxk;usb6xxxk;\??\c:\windows\system32\drivers\usb6xxxkl.sys --> c:\windows\system32\drivers\usb6xxxkl.sys [?]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
2010-10-29 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClick.exe [2008-01-08 13:02]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: {0F59D9C9-FF3D-4A0A-ADCC-AC3DB90AEBAB} = 192.168.1.101,215.65.242.210
TCP: {BC902F51-6E79-4DF2-8777-A3CD3DADA8C7} = 192.168.1.101,215.65.242.210
FF - ProfilePath - c:\documents and settings\ludek.AUTOMA\Data aplikací\Mozilla\Firefox\Profiles\2z9ydc1p.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPLV80Win32.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPLV82Win32.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\nplv85win32.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\nplv86win32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
.
------- Asociace souborů -------
.
.scr=scr
.txt=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-PCGUCOMM&10CF&1010 - c:\windows\system32\Silabs\DriverUninstaller.exe VCP CP210x Cardinal\PCGUCOMM&10CF&1010
AddRemove-SLABCOMM&10C4&EA60 - c:\windows\system32\Silabs\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-12 08:27
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1032)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\psqlpwd.dll
c:\program files\Protector Suite QL\homefus2.dll
c:\program files\Protector Suite QL\infql2.dll
c:\program files\Protector Suite QL\homepass.dll
c:\program files\Protector Suite QL\bio.dll
c:\program files\Protector Suite QL\qlbase.dll
- - - - - - - > 'explorer.exe'(1436)
c:\program files\Protector Suite QL\farchns.dll
c:\program files\Protector Suite QL\infql2.dll
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\windows\system32\acs.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\COMMON FILES\SIEMENS\ALMPANELPLUGIN\ALMPANELPLUGIN.EXE
c:\program files\AVG\AVG9\avgam.exe
c:\windows\system32\lkcitdl.exe
c:\program files\AVG\AVG9\avgnsx.exe
c:\windows\system32\lkads.exe
c:\windows\system32\lktsrv.exe
c:\program files\National Instruments\MAX\nimxs.exe
c:\program files\National Instruments\Shared\Security\nidmsrv.exe
c:\windows\system32\nisvcloc.exe
c:\program files\National Instruments\Shared\Tagger\tagsrv.exe
c:\program files\Common Files\OPC Foundation\OPCENUM.EXE
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\windows\RTHDCPL.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiES.exe
c:\program files\Common Files\Siemens\SWS\almsrv\almsrvbubblex.exe
c:\program files\Common Files\Siemens\Sqlany\dbsrv9.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Celkový čas: 2010-11-12 08:33:11 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-11-12 07:33
Před spuštěním: Volných bajtů: 142 711 648 256
Po spuštění: Volných bajtů: 143 796 920 320
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
- - End Of File - - 3621CBCF7C9F999DFE6A9E9AFC3CE69B
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3071.2168 [GMT 1:00]
Spuštěný z: c:\documents and settings\ludek.AUTOMA\Plocha\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\TEMP\Cognex.Cnx.2.3.26.1\Cognex.Cnx.Internal.dll
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-10-12 do 2010-11-12 )))))))))))))))))))))))))))))))
.
2010-11-11 12:09 . 2010-11-11 14:54 -------- d-----w- c:\program files\trend micro
2010-11-11 12:09 . 2010-11-11 12:15 -------- d-----w- C:\rsit
2010-11-09 05:55 . 2010-11-09 05:57 -------- d-----w- C:\LabVIEW
2010-11-04 06:08 . 2008-03-21 12:57 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2010-11-03 08:12 . 2010-11-03 08:12 27632 ----a-w- c:\windows\system32\drivers\seehcri.sys
2010-11-03 08:12 . 2010-11-03 08:12 25512 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2010-11-03 08:12 . 2010-11-03 08:12 13224 ----a-w- c:\windows\system32\drivers\ggflt.sys
2010-11-03 08:12 . 2010-11-03 08:12 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2010-11-03 08:12 . 2010-11-03 08:12 -------- d-----w- c:\program files\Sony Ericsson
2010-10-25 15:06 . 2010-10-25 15:06 -------- d-----w- c:\documents and settings\ludek.AUTOMA\Data aplikací\GHISLER
2010-10-25 15:06 . 2010-07-07 05:55 545 ----a-w- c:\windows\UC.PIF
2010-10-25 15:06 . 2010-07-07 05:55 545 ----a-w- c:\windows\RAR.PIF
2010-10-25 15:06 . 2010-07-07 05:55 545 ----a-w- c:\windows\PKZIP.PIF
2010-10-25 15:06 . 2010-07-07 05:55 545 ----a-w- c:\windows\PKUNZIP.PIF
2010-10-25 15:06 . 2010-07-07 05:55 545 ----a-w- c:\windows\NOCLOSE.PIF
2010-10-25 15:06 . 2010-07-07 05:55 545 ----a-w- c:\windows\LHA.PIF
2010-10-25 15:06 . 2010-07-07 05:55 545 ----a-w- c:\windows\ARJ.PIF
2010-10-21 09:03 . 2005-10-18 06:41 421376 ----a-r- c:\windows\system32\FTDIUNIN.exe
2010-10-21 09:03 . 2005-10-18 06:41 29292 ----a-r- c:\windows\system32\drivers\FTD2XX.sys
2010-10-21 08:55 . 2009-03-09 18:03 94208 ----a-w- c:\windows\system32\CP210x.dll
2010-10-21 08:55 . 2008-11-23 19:30 38400 ----a-w- c:\windows\system32\FGULINK.dll
2010-10-21 08:55 . 2007-04-23 17:11 37888 ----a-w- c:\windows\system32\PCGU1000Link.dll
2010-10-21 08:55 . 2007-02-21 05:14 54272 ----a-w- c:\windows\system32\PCSU1000D.dll
2010-10-21 08:55 . 2005-10-18 06:40 81920 ----a-r- c:\windows\system32\FTD2XX.dll
2010-10-21 08:55 . 2005-03-30 17:42 37376 ----a-w- c:\windows\system32\DSOLink.dll
2010-10-21 08:55 . 1999-01-10 09:00 3584 ----a-w- c:\windows\system32\DLPORTIO.SYS
2010-10-21 08:55 . 1999-01-10 09:00 34816 ----a-w- c:\windows\system32\DLPORTIO.DLL
2010-10-21 08:55 . 1998-08-22 13:40 16384 ----a-w- c:\windows\system32\FASTTime32.dll
2010-10-21 08:55 . 2010-10-21 09:01 -------- d-----w- c:\program files\Velleman
2010-10-21 08:54 . 2010-10-21 08:55 -------- d-----w- c:\windows\system32\Silabs
2010-10-21 08:54 . 2010-10-21 08:57 -------- d-----w- c:\program files\SiLabs
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-05 15:09 . 2010-07-21 12:29 4856 ----a-w- c:\windows\system32\drivers\AE5510D6.bin
2010-09-27 14:54 . 2010-09-27 14:54 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2010-09-27 14:54 . 2010-09-27 14:54 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2010-09-18 10:23 . 2008-04-14 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2008-04-14 12:00 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2008-04-14 12:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2008-04-14 12:00 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-10 05:52 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:52 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:52 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-09-02 09:56 . 2010-07-14 07:09 102400 ----a-w- c:\windows\DUMP69e5.tmp
2010-09-01 11:52 . 2008-04-14 12:00 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-09-01 07:57 . 2008-04-14 12:00 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:03 . 2008-04-14 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:54 . 2008-04-14 12:00 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-27 01:43 . 2008-05-05 05:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-26 13:39 . 2008-04-14 12:00 357248 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-23 16:12 . 2008-04-14 12:00 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-17 13:17 . 2008-04-14 12:00 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-16 08:45 . 2008-04-14 12:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
1998-04-27 17:15 . 2010-07-21 12:53 570128 ------w- c:\program files\Common Files\dao350.dll
2004-03-15 15:51 . 2004-03-15 15:51 114688 ----a-w- c:\program files\internet explorer\plugins\LV71ActiveXControl.dll
2003-05-01 07:36 . 2003-05-01 07:36 114688 ----a-w- c:\program files\internet explorer\plugins\LV7ActiveXControl.dll
2006-01-23 08:32 . 2006-01-23 08:32 131072 ----a-w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll
2007-02-08 08:48 . 2007-02-08 08:48 133920 ----a-w- c:\program files\internet explorer\plugins\LV82ActiveXControl.dll
2007-07-24 16:03 . 2007-07-24 16:03 118784 ----a-w- c:\program files\internet explorer\plugins\LV85ActiveXControl.dll
2008-06-25 20:51 . 2008-06-25 20:51 118784 ----a-w- c:\program files\internet explorer\plugins\LV86ActiveXControl.dll
2001-12-13 19:56 . 2001-12-13 19:56 98304 ----a-w- c:\program files\internet explorer\plugins\LVActiveXControl.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2008-04-29 16:55 4232968 ----a-w- c:\program files\Protector Suite QL\farchns.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2008-04-29 16:55 4232968 ----a-w- c:\program files\Protector Suite QL\farchns.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OscarEditor"="c:\program files\OSCAR Editor\OscarEditor.exe" [2009-04-27 3330048]
"Stickies"="c:\program files\Bret Taylor\Stickies\Stickies.exe" [2007-03-14 335872]
"Seznam Postak"="c:\program files\Seznam.cz\postak.exe" [2010-10-06 488728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-08-19 16850944]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-01 61440]
"WinCC flexible Smart Start"="c:\program files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe" [2010-04-20 118784]
"MGSysCtrl"="c:\program files\System Control Manager\MGSysCtrl.exe" [2008-08-26 684032]
"S7UB Start"="c:\program files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe" [2009-03-09 102453]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-11-09 2069856]
"pdfFactory Dispatcher v2"="c:\windows\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" [2004-04-12 425984]
"niDevMon"="c:\program files\National Instruments\NI-DAQ\HWConfig\nidevmon.exe" [2008-06-18 106576]
"HornetMonitor"="c:\program files\Common Files\Hornet\MntrHrnt.exe" [2006-05-29 135168]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\ludek.AUTOMA\Nabˇdka Start\Programy\Po spuçtŘnˇ\
TC UP.lnk - c:\program files\TC UP\TC UP.exe [2010-5-26 885760]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
Service Manager.lnk - c:\program files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2005-5-3 81920]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"disablecad"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-07-21 12:25 12536 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2008-04-29 16:43 96008 ----a-w- c:\windows\system32\psqlpwd.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"SystemExplorerAutoStart"="c:\program files\TC UP\PLUGINS\Media\SystemExplorer\SystemExplorer.exe" /TRAY
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\Siemens\\SQLANY\\dbsrv9.exe"=
"c:\\Program Files\\Siemens\\Step7\\S7BIN\\S7tgtopx.exe"=
"c:\\Program Files\\Siemens\\Step7\\S7INF\\S7usiapx.exe"=
"c:\\WINDOWS\\system32\\s7otbxsx.exe"=
"c:\\Program Files\\Siemens\\SIMATIC WinCC flexible\\WinCC flexible 2008\\HmiES.exe"=
"c:\\Program Files\\Siemens\\SIMATIC WinCC flexible\\WinCC flexible 2008\\TraceServer.exe"=
"c:\\Program Files\\Siemens\\SIMATIC WinCC flexible\\WinCC flexible 2008 Runtime\\MiniWeb.exe"=
"c:\\Program Files\\Siemens\\SIMATIC WinCC flexible\\WinCC flexible 2008 Runtime\\SmartServer.exe"=
"c:\\Program Files\\Siemens\\SIMATIC WinCC flexible\\WinCC flexible 2008 Runtime\\HmiLoad.exe"=
"c:\\Program Files\\Common Files\\Siemens\\SQLANY\\dbeng9.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\EPLAN\\Electric P8\\1.9.10\\BIN\\W3u.exe"=
"c:\\Program Files\\National Instruments\\Shared\\mDNS Responder\\nimdnsResponder.exe"=
"c:\\Moje_Ludek\\CS\\Counter-Strike Source\\hl2.exe"=
"c:\\Program Files\\Cognex\\In-Sight\\In-Sight Explorer 4.4.0\\In-Sight Explorer.exe"=
"c:\\Program Files\\Cognex\\DataMan\\Setup Tool v3.5.0\\SetupTool.exe"=
"c:\\LabVIEW\\Builds\\18008_140\\p140\\p140.exe"=
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [19.7.2010 16:12 52872]
R0 nipbcfk;National Instruments Class Upper Filter Driver;c:\windows\system32\drivers\nipbcfk.sys [10.7.2007 19:08 15448]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [19.7.2010 15:59 691696]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [19.7.2010 16:12 216400]
R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [19.7.2010 16:12 243024]
R1 VD_FileDisk;VD_FileDisk;c:\windows\system32\drivers\vd_filedisk.sys [13.1.2006 14:00 15872]
R1 VirtualBackplane;A-B Virtual Backplane;c:\windows\system32\drivers\virtualbackplane.sys [27.2.2002 14:18 63508]
R2 almservice;Automation License Manager Service;c:\program files\Common Files\Siemens\SWS\almsrv\almsrvx.exe [22.1.2009 0:19 1200128]
R2 avg9emc;AVG E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [21.7.2010 13:25 921952]
R2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [21.7.2010 13:25 308136]
R2 Cognex.InSight.OpcServer;Cognex OPC Server;c:\program files\Cognex\In-Sight\In-Sight OPC Server 4.4.0\OpcInSightService.exe [9.2.2010 22:19 28672]
R2 dpmconv;dpmconv;c:\windows\system32\drivers\dpmconv.sys [10.3.2009 19:55 266752]
R2 Dpmtrcdd;Dpmtrcdd;c:\windows\system32\drivers\dpmtrcdd.sys [10.3.2009 19:57 28363]
R2 Micro Star SCM;Micro Star SCM;c:\program files\System Control Manager\MSIService.exe [18.7.2010 15:17 159744]
R2 MSSQL$WINCCFLEXEXPRESS;SQL Server (WINCCFLEXEXPRESS);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [27.5.2009 2:27 29262680]
R2 MSSQL$WINCCFLEXIBLE;MSSQL$WINCCFLEXIBLE;c:\program files\Microsoft SQL Server\MSSQL$WINCCFLEXIBLE\Binn\sqlservr.exe [3.5.2005 23:04 9158656]
R2 ni488enumsvc;NI-488.2 Enumeration Service;c:\windows\system32\nipalsm.exe [16.2.2007 10:21 12696]
R2 niarbk;niarbk;c:\windows\system32\drivers\niarbk.dll [16.4.2007 14:40 37376]
R2 nibffrk;nibffrk;c:\windows\system32\drivers\nibffrk.dll [16.4.2007 14:40 21504]
R2 Nidaq32k;Nidaq32k;c:\windows\system32\drivers\nidaq32k.sys [16.4.2007 16:04 674304]
R2 nidevldu;NI Device Loader;c:\windows\system32\nipalsm.exe [16.2.2007 10:21 12696]
R2 nidmmk;NI DMM and Data Logger Kernel Driver;c:\windows\system32\drivers\nidmmk.dll [16.4.2007 16:06 50688]
R2 niLXIDiscovery;National Instruments LXI Discovery Service;c:\program files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe [20.6.2008 15:53 129144]
R2 nimDNSResponder;National Instruments mDNS Responder Service;c:\program files\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [18.6.2008 15:57 192112]
R2 nimdsk;nimdsk;c:\windows\system32\drivers\nimdsk.dll [16.4.2007 14:41 30208]
R2 nipxirmk;nipxirmk;c:\windows\system32\drivers\nipxirmkl.sys [24.6.2008 16:20 11344]
R2 nistck;nistck;c:\windows\system32\drivers\niSTCk.dll [16.4.2007 14:42 111616]
R2 NiViPxiK;NI-VISA PXI Driver;c:\windows\system32\drivers\NiViPxiKl.sys [20.6.2008 20:27 11360]
R2 PCID32;PCID32;c:\windows\system32\drivers\pcid32.sys [22.7.2010 8:45 7271]
R2 s7asysvx;S7 Global Services;c:\program files\Siemens\Step7\S7BIN\s7asysvx.exe [9.3.2009 22:46 69685]
R2 s7odpx2x;SIMATIC MPI/PROFIBUS DPX2 Driver;c:\windows\system32\drivers\s7odpx2x.sys [2.3.2010 7:37 77312]
R2 s7oiehsx;SIMATIC IEPG Help Service;c:\program files\Common Files\Siemens\S7IEPG\s7oiehsx.exe [2.3.2010 7:47 1576072]
R2 S7opcsrtx;PROFINET IO RT-Protocol (LLDP);c:\windows\system32\drivers\s7opcsrtx.sys [1.3.2010 15:51 31232]
R2 s7otsadx;s7otsadx;c:\windows\system32\drivers\s7otsadx.sys [2.3.2010 7:42 171008]
R2 s7snsrtx;PROFINET IO RT-Protocol;c:\windows\system32\drivers\s7snsrtx.sys [24.2.2009 16:39 73088]
R2 S7TraceServiceX;S7TraceServiceX;c:\program files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe [2.3.2010 7:47 240776]
R2 vsnl2ada;SIMATIC MPI/PROFIBUS FDL Transport Driver;c:\windows\system32\drivers\vsnl2ada.sys [3.2.2009 16:43 115654]
R2 XHASP;XHASP;c:\windows\system32\drivers\XHASP.sys [21.7.2010 13:28 259584]
R3 enecir;ENE CIR Receiver;c:\windows\system32\drivers\enecir.sys [15.7.2010 6:21 54784]
R3 enecirhid;ENE CIR HID Receiver;c:\windows\system32\drivers\enecirhid.sys [15.7.2010 6:22 11264]
R3 enecirhidma;ENE CIR HIDmini Filter;c:\windows\system32\drivers\enecirhidma.sys [15.7.2010 6:22 5632]
R3 fwkbdrtm;fwkbdrtm;c:\windows\system32\drivers\fwkbdrtm.sys [8.4.2010 10:15 12112]
R3 nidimk;nidimk;c:\windows\system32\drivers\nidimkl.sys [13.6.2008 14:51 11360]
R3 nimru2k;nimru2k;c:\windows\system32\drivers\nimru2kl.sys [13.6.2008 14:51 11360]
R3 nimstsk;nimstsk;c:\windows\system32\drivers\nimstskl.sys [18.12.2007 18:14 11360]
R3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RTS5121.sys [15.7.2010 6:20 157696]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [3.11.2010 9:12 27632]
S2 SE0CLPT;SE0CLPT;c:\windows\system32\SE0CLPT.SYS [21.7.2010 13:52 54488]
S3 ABKTCX;Rockwell Software 1784-KTC(X) Driver;c:\windows\system32\drivers\abktcx.sys [27.2.2002 14:18 71448]
S3 dpmcslv;dpmcslv;c:\windows\system32\drivers\dpmcslv.sys [4.7.2005 15:04 68280]
S3 FTD2XX;FTD2XX.SYS FT8U2XX device driver;c:\windows\system32\drivers\FTD2XX.sys [21.10.2010 10:03 29292]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [3.11.2010 9:12 13224]
S3 lvalarmk;lvalarmk;c:\windows\system32\drivers\lvalarmk.sys [20.12.2007 8:37 20056]
S3 ni1006k;NI PXI-1006 Chassis Pilot;c:\windows\system32\drivers\ni1006k.sys [25.6.2008 13:16 26192]
S3 ni1045k;NI PXI-1045 Chassis Pilot;c:\windows\system32\drivers\ni1045kl.sys [25.6.2008 13:22 11344]
S3 ni1065k;NI PXIe-1065 Chassis Pilot;c:\windows\system32\drivers\ni1065k.sys [25.6.2008 13:24 22608]
S3 ni488lock;NI-488.2 Locking Service;c:\windows\system32\drivers\ni488lock.sys [4.9.2008 17:04 16456]
S3 nicdrk;nicdrk;c:\windows\system32\drivers\nicdrkl.sys [26.12.2007 10:53 11352]
S3 nicsrk;nicsrk;c:\windows\system32\drivers\nicsrkl.sys [22.2.2008 10:25 11336]
S3 nidmxfk;nidmxfk;c:\windows\system32\drivers\nidmxfkl.sys [18.12.2007 18:20 11336]
S3 nidsark;nidsark;c:\windows\system32\drivers\nidsarkl.sys [29.2.2008 14:02 11344]
S3 nidwgk;nidwgk;c:\windows\system32\drivers\nidwgkl.sys [26.8.2008 17:45 11360]
S3 niemrk;niemrk;c:\windows\system32\drivers\niemrkl.sys [22.2.2008 10:25 11336]
S3 niesrk;niesrk;c:\windows\system32\drivers\niesrkl.sys [22.2.2008 10:25 11336]
S3 nifslk;nifslk;c:\windows\system32\drivers\nifslkl.sys [26.12.2007 10:18 11352]
S3 nigplk;nigplk;c:\windows\system32\drivers\nigplkl.sys [16.6.2008 14:21 11640]
S3 nihsdrk;nihsdrk;c:\windows\system32\drivers\nihsdrkl.sys [15.6.2008 13:01 11352]
S3 niimaqk;NI-IMAQ Driver;c:\windows\system32\drivers\niimaqk.sys --> c:\windows\system32\drivers\niimaqk.sys [?]
S3 nimsdrk;nimsdrk;c:\windows\system32\drivers\nimsdrkl.sys [11.1.2008 16:08 11392]
S3 nimslk;nimslk;c:\windows\system32\drivers\nimslk.dll [24.6.2007 23:08 14464]
S3 nimsrlk;nimsrlk;c:\windows\system32\drivers\nimsrlk.dll [24.6.2007 23:08 151683]
S3 nimxpk;nimxpk;c:\windows\system32\drivers\nimxpkl.sys [18.12.2007 17:14 11368]
S3 ninshsdk;ninshsdk;c:\windows\system32\drivers\ninshsdkl.sys [27.12.2007 8:45 11360]
S3 nipalfwedl;nipalfwedl;c:\windows\system32\drivers\nipalfwedl.sys [13.6.2008 8:27 11904]
S3 nipalusbedl;nipalusbedl;c:\windows\system32\drivers\nipalusbedl.sys [13.6.2008 8:27 11896]
S3 nipsdk;nipsdk;c:\windows\system32\drivers\nipsdkl.sys [2.6.2008 13:39 11392]
S3 nipxigpk;NI PXI Generic Chassis Pilot;c:\windows\system32\drivers\nipxigpk.sys [24.6.2008 16:25 20568]
S3 nirfsa2k;nirfsa2k;c:\windows\system32\drivers\niRFSA2kl.sys [27.5.2008 22:14 11328]
S3 niscdk;niscdk;c:\windows\system32\drivers\niscdkl.sys [7.1.2008 23:38 11376]
S3 nisdigk;nisdigk;c:\windows\system32\drivers\nisdigkl.sys [7.1.2008 23:21 11352]
S3 nisftk;nisftk;c:\windows\system32\drivers\nisftkl.sys [20.12.2007 14:54 11344]
S3 nisldk;nisldk;c:\windows\system32\drivers\nisldkl.sys [2.6.2008 17:56 11344]
S3 nispdk;nispdk;c:\windows\system32\drivers\nispdkl.sys [7.1.2008 23:38 11376]
S3 nisrcdk;nisrcdk;c:\windows\system32\drivers\nisrcdkl.sys [27.5.2008 16:58 11352]
S3 nissrk;nissrk;c:\windows\system32\drivers\nissrkl.sys [22.2.2008 10:25 11336]
S3 nistc2k;nistc2k;c:\windows\system32\drivers\nistc2kl.sys [7.1.2008 23:35 11312]
S3 nistcrk;nistcrk;c:\windows\system32\drivers\nistcrkl.sys [14.2.2008 19:58 11360]
S3 niswdk;niswdk;c:\windows\system32\drivers\niswdkl.sys [2.1.2008 12:14 11336]
S3 nitiork;nitiork;c:\windows\system32\drivers\nitiorkl.sys [19.2.2008 22:56 11360]
S3 nitnr2k;nitnr2k;c:\windows\system32\drivers\nitnr2kl.sys [1.12.2007 17:01 11328]
S3 niufurk;niufurk;c:\windows\system32\drivers\niufurkl.sys [22.2.2008 10:25 11368]
S3 NiViFWK;NI-VISA FireWire Driver;c:\windows\system32\drivers\NiViFWKl.sys [20.6.2008 20:28 11384]
S3 NiViPciK;NI-VISA PCI Driver;c:\windows\system32\drivers\NiViPciKl.sys [20.6.2008 20:27 11360]
S3 niwfrk;niwfrk;c:\windows\system32\drivers\niwfrkl.sys [22.2.2008 10:25 11336]
S3 nixsrk;nixsrk;c:\windows\system32\drivers\nixsrkl.sys [22.2.2008 10:25 11336]
S3 RS_SS_NT;RSLinx S-S SD/SD2 Device Driver;c:\windows\system32\RS_SS_NT.SYS [27.2.2002 14:18 142592]
S3 RsiKtControl;RsiKtControl;c:\windows\system32\RSIKT.SYS [27.2.2002 14:18 31413]
S3 RSSERIAL;RSLinx Serial Driver;c:\windows\system32\rsserial.sys [27.2.2002 14:18 155440]
S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys --> c:\windows\system32\DRIVERS\Rts516xIR.sys [?]
S3 S7o5512x;SIMATIC CP 5512;c:\windows\system32\drivers\S7o5512x.sys [2.3.2010 7:36 216064]
S3 s7oefs_x;SIMATIC MPI/EFS Driver;c:\windows\system32\drivers\s7oefs_x.sys [18.10.2002 0:34 30512]
S3 softctrl;Software Flow Control Driver;c:\windows\system32\drivers\softctrl.sys [11.9.2006 10:56 10112]
S3 SQLAgent$WINCCFLEXIBLE;SQLAgent$WINCCFLEXIBLE;c:\program files\Microsoft SQL Server\MSSQL$WINCCFLEXIBLE\Binn\sqlagent.EXE [3.5.2005 20:42 323584]
S3 usb6xxxk;usb6xxxk;\??\c:\windows\system32\drivers\usb6xxxkl.sys --> c:\windows\system32\drivers\usb6xxxkl.sys [?]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
2010-10-29 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClick.exe [2008-01-08 13:02]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: {0F59D9C9-FF3D-4A0A-ADCC-AC3DB90AEBAB} = 192.168.1.101,215.65.242.210
TCP: {BC902F51-6E79-4DF2-8777-A3CD3DADA8C7} = 192.168.1.101,215.65.242.210
FF - ProfilePath - c:\documents and settings\ludek.AUTOMA\Data aplikací\Mozilla\Firefox\Profiles\2z9ydc1p.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPLV80Win32.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPLV82Win32.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\nplv85win32.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\nplv86win32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
.
------- Asociace souborů -------
.
.scr=scr
.txt=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-PCGUCOMM&10CF&1010 - c:\windows\system32\Silabs\DriverUninstaller.exe VCP CP210x Cardinal\PCGUCOMM&10CF&1010
AddRemove-SLABCOMM&10C4&EA60 - c:\windows\system32\Silabs\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-12 08:27
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1032)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\psqlpwd.dll
c:\program files\Protector Suite QL\homefus2.dll
c:\program files\Protector Suite QL\infql2.dll
c:\program files\Protector Suite QL\homepass.dll
c:\program files\Protector Suite QL\bio.dll
c:\program files\Protector Suite QL\qlbase.dll
- - - - - - - > 'explorer.exe'(1436)
c:\program files\Protector Suite QL\farchns.dll
c:\program files\Protector Suite QL\infql2.dll
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\windows\system32\acs.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\COMMON FILES\SIEMENS\ALMPANELPLUGIN\ALMPANELPLUGIN.EXE
c:\program files\AVG\AVG9\avgam.exe
c:\windows\system32\lkcitdl.exe
c:\program files\AVG\AVG9\avgnsx.exe
c:\windows\system32\lkads.exe
c:\windows\system32\lktsrv.exe
c:\program files\National Instruments\MAX\nimxs.exe
c:\program files\National Instruments\Shared\Security\nidmsrv.exe
c:\windows\system32\nisvcloc.exe
c:\program files\National Instruments\Shared\Tagger\tagsrv.exe
c:\program files\Common Files\OPC Foundation\OPCENUM.EXE
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\windows\RTHDCPL.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiES.exe
c:\program files\Common Files\Siemens\SWS\almsrv\almsrvbubblex.exe
c:\program files\Common Files\Siemens\Sqlany\dbsrv9.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Celkový čas: 2010-11-12 08:33:11 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-11-12 07:33
Před spuštěním: Volných bajtů: 142 711 648 256
Po spuštění: Volných bajtů: 143 796 920 320
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
- - End Of File - - 3621CBCF7C9F999DFE6A9E9AFC3CE69B
-
Rudy
- Site Admin
- Příspěvky: 119426
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu, AVG vyhodilo nejake viry. Dekuji
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.Collect::
c:\windows\system32\drivers\usb6xxxkl.sys
Driver::
usb6xxxkl
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?