Logfile of random's system information tool 1.08 (written by random/random)
Run by Peter at 2011-03-16 17:30:54
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 30 GB (58%) free of 51 GB
Total RAM: 1023 MB (43% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:31:00, on 16.3.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Soluto\soluto.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Soluto\SolutoService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Peter\Desktop\RSIT.exe
C:\Program Files\trend micro\Peter.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://iws.asksearch.com/?cfg=2-347-0-...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: GamePlayLabsBHO - {984A9162-8891-4D19-8CFE-17648BB4E1EC} - C:\Documents and Settings\Peter\Local Settings\Application Data\Browser Plugin\BHO.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {09E90109-A9AA-4980-BCEF-76F8D924E902} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {09E90109-A9AA-4980-BCEF-76F8D924E902} - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.sk/OnlineScanner.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 3855522859
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://212.80.66.25/activex/AxisCamControl.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crl ... crlocx.ocx
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol ... _en_dl.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\MSI\BToes Bluetooth Software\bin\btwdins.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe
--
End of file - 6856 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2000478354-1364589140-839522115-1004.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2000478354-1364589140-839522115-1004.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{5424BEA9-A10A-4D48-AC65-CB94681185C6}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2011-01-30 64928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{984A9162-8891-4D19-8CFE-17648BB4E1EC}]
GamePlayLabsBHO Class - C:\Documents and Settings\Peter\Local Settings\Application Data\Browser Plugin\BHO.dll [2011-02-21 433152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-02 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-01-07 13880424]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-01-12 2219184]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-01-30 35736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2005-08-06 61440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [2008-06-24 132392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
bthprops.cpl,,BluetoothAuthenticationAgent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-09-16 1164584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Peter\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MultiScreen]
C:\Program Files\MultiScreen\MultiScreen.exe [2008-06-30 114688]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-06-19 570664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2011-01-07 111208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM_Monitor]
C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe [2006-05-16 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\Program Files\OO Software\Defrag\oodtray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe -atboottime []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSTray]
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
C:\WINDOWS\SOUNDMAN.EXE [2011-02-27 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Real\RealPlayer\update\realsched.exe -osboot []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WIAWizardMenu]
C:\WINDOWS\system32\sti_ci.dll [2008-04-14 136704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ATI CATALYST System Tray.lnk]
C:\PROGRA~1\ATITEC~1\ATI.ACE\CLI.exe [2005-08-06 61440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\MSI\BTOESB~1\BTTray.exe [2005-05-31 577597]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2005-05-11 282624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
C:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"lanmanworkstation"=2
"W32Time"=2
"upnphost"=3
"LmHosts"=2
"lanmanserver"=2
"seclogon"=2
"WmdmPmSN"=3
"CiSvc"=3
"PolicyAgent"=2
"FastUserSwitchingCompatibility"=3
"TrkWks"=2
"Browser"=2
"ClipSrv"=3
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SolutoService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Disabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Windows Media Player\wmplayer.exe"="C:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ"
"C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe:*:Enabled:Nero ControlCenter"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Disabled:Google Earth"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Bywifi\bywifi.exe"="C:\Program Files\Bywifi\bywifi.exe:*:Enabled:Bywifi: Video Streaming Accelerator"
"D:\NAJ\LFS\LFS.exe"="D:\NAJ\LFS\LFS.exe:*:Enabled:LFS"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\Documents and Settings\Peter\Desktop\solutoinstaller.exe"="C:\Documents and Settings\Peter\Desktop\solutoinstaller.exe:*:Enabled:SolutoInstaller"
"C:\Program Files\Soluto\Soluto.exe"="C:\Program Files\Soluto\Soluto.exe:*:Enabled:Soluto Tray"
"C:\Program Files\Soluto\SolutoService.exe"="C:\Program Files\Soluto\SolutoService.exe:*:Enabled:Soluto Service"
"C:\Program Files\Soluto\SolutoConsole.exe"="C:\Program Files\Soluto\SolutoConsole.exe:*:Enabled:Soluto Console"
"C:\Program Files\Soluto\SolutoUpdateService.exe"="C:\Program Files\Soluto\SolutoUpdateService.exe:*:Enabled:Soluto Update Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2011-03-16 17:30:54 ----D---- C:\rsit
2011-03-09 15:19:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$
2011-03-09 15:17:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$
2011-03-06 01:01:24 ----D---- C:\Program Files\SpeedFan
2011-03-06 00:51:04 ----D---- C:\Program Files\SIW
2011-03-03 14:43:10 ----D---- C:\Users
2011-03-03 10:36:43 ----D---- C:\Program Files\ESET
2011-02-27 00:28:51 ----D---- C:\Program Files\Realtek Sound Manager
2011-02-27 00:28:51 ----A---- C:\WINDOWS\avrack.ini
2011-02-27 00:28:49 ----D---- C:\Program Files\Realtek AC97
2011-02-26 23:25:41 ----D---- C:\Program Files\trend micro
2011-02-26 17:03:44 ----A---- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
2011-02-26 17:01:59 ----A---- C:\WINDOWS\system32\drivers\Soluto.sys
2011-02-26 17:01:53 ----D---- C:\Program Files\Soluto
2011-02-26 17:00:49 ----D---- C:\Documents and Settings\All Users\Application Data\Soluto
2011-02-23 21:24:58 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$
2011-02-21 14:56:53 ----A---- C:\WINDOWS\system32\SET26CC.tmp
2011-02-21 14:56:41 ----A---- C:\WINDOWS\soundman.exe
2011-02-21 12:15:29 ----D---- C:\Documents and Settings\Peter\Application Data\Hamachi
2011-02-21 12:14:57 ----A---- C:\WINDOWS\system32\drivers\hamachi.sys
2011-02-20 23:30:00 ----D---- C:\Program Files\Mozilla Firefox
2011-02-19 19:19:09 ----D---- C:\Program Files\Any Audio Converter
======List of files/folders modified in the last 1 months======
2011-03-16 17:31:06 ----D---- C:\WINDOWS\temp
2011-03-16 17:31:03 ----D---- C:\WINDOWS\Prefetch
2011-03-16 17:27:37 ----D---- C:\WINDOWS\system32\ias
2011-03-16 16:27:34 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-03-16 16:05:53 ----A---- C:\WINDOWS\wincmd.ini
2011-03-16 16:00:19 ----SHD---- C:\WINDOWS\Installer
2011-03-16 15:57:30 ----A---- C:\WINDOWS\wcx_ftp.ini
2011-03-16 15:51:55 ----D---- C:\WINDOWS
2011-03-16 15:51:53 ----D---- C:\WINDOWS\system32\CatRoot2
2011-03-14 11:47:09 ----D---- C:\Documents and Settings\Peter\Application Data\Winamp
2011-03-13 15:17:43 ----D---- C:\Program Files\CCleaner
2011-03-13 15:16:32 ----D---- C:\WINDOWS\Debug
2011-03-09 15:19:37 ----HD---- C:\WINDOWS\inf
2011-03-09 15:19:36 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-03-09 15:19:36 ----D---- C:\WINDOWS\system32
2011-03-09 15:17:39 ----A---- C:\WINDOWS\system32\MRT.exe
2011-03-09 15:17:36 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2011-03-09 15:17:26 ----D---- C:\WINDOWS\system32\CatRoot
2011-03-09 15:15:46 ----HD---- C:\WINDOWS\$hf_mig$
2011-03-09 15:12:32 ----RASH---- C:\boot.ini
2011-03-09 15:12:31 ----A---- C:\WINDOWS\win.ini
2011-03-09 15:12:31 ----A---- C:\WINDOWS\system.ini
2011-03-08 22:00:20 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2011-03-08 17:49:41 ----SD---- C:\Documents and Settings\Peter\Application Data\Microsoft
2011-03-08 17:49:41 ----D---- C:\Documents and Settings\Peter\Application Data\Adobe
2011-03-07 22:36:03 ----D---- C:\Program Files
2011-03-07 18:58:29 ----D---- C:\Program Files\Common Files\Adobe
2011-03-07 18:58:15 ----D---- C:\Program Files\Adobe
2011-03-03 10:37:17 ----D---- C:\WINDOWS\system32\drivers
2011-03-03 10:36:43 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2011-02-27 00:40:30 ----A---- C:\WINDOWS\RtlRack.ini
2011-02-27 00:28:51 ----D---- C:\Program Files\AvRack
2011-02-27 00:27:20 ----A---- C:\WINDOWS\system32\RTLCPL.exe
2011-02-27 00:27:19 ----A---- C:\WINDOWS\system32\RtlCPAPI.dll
2011-02-27 00:27:16 ----A---- C:\WINDOWS\system32\ChCfg.exe
2011-02-27 00:27:15 ----A---- C:\WINDOWS\alcupd.exe
2011-02-27 00:27:15 ----A---- C:\WINDOWS\alcrmv.exe
2011-02-26 17:03:32 ----RSD---- C:\WINDOWS\assembly
2011-02-26 17:01:59 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-02-25 10:34:00 ----SD---- C:\WINDOWS\Tasks
2011-02-24 10:02:00 ----D---- C:\Program Files\Common Files
2011-02-22 01:54:15 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-02-22 01:21:23 ----A---- C:\WINDOWS\system32\everest_cpl.ini
2011-02-21 14:36:30 ----SD---- C:\WINDOWS\Web
2011-02-21 14:36:30 ----D---- C:\Program Files\ATI Technologies
2011-02-21 14:36:26 ----A---- C:\WINDOWS\wininit.ini
2011-02-21 14:33:56 ----HD---- C:\Program Files\InstallShield Installation Information
2011-02-21 14:30:33 ----D---- C:\Documents and Settings\Peter\Application Data\Real
2011-02-21 14:30:24 ----D---- C:\Documents and Settings\All Users\Application Data\Real
2011-02-21 12:36:32 ----D---- C:\Program Files\Common Files\ACD Systems
2011-02-20 23:28:26 ----D---- C:\Program Files\Bywifi
2011-02-20 18:13:21 ----D---- C:\Program Files\Common Files\Java
2011-02-20 18:13:07 ----D---- C:\Program Files\Java
2011-02-18 23:35:39 ----D---- C:\Documents and Settings\Peter\Application Data\Skype
2011-02-18 21:20:16 ----D---- C:\Documents and Settings\Peter\Application Data\skypePM
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 MMRTKRNL;MMRTKRNL; C:\WINDOWS\system32\drivers\mmrtkrnl.sys [2005-01-11 92672]
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2005-05-17 92800]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 Soluto;Soluto; C:\WINDOWS\system32\DRIVERS\Soluto.sys [2011-02-09 51144]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2006-09-24 5248]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-05-22 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 AmdPPM;AMD HwPState Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2008-07-17 33408]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2010-08-03 55256]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1997-12-23 23936]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-12-21 141264]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2010-12-21 134000]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2011-02-27 2324480]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2005-05-31 1341466]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2010-12-21 33120]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2011-02-21 25280]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-01-08 9888672]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-08-01 54784]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2010-11-12 100456]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-08-01 22016]
R3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2007-12-13 47360]
S0 TfFsMon;TfFsMon; C:\WINDOWS\system32\drivers\TfFsMon.sys []
S0 TfSysMon;TfSysMon; C:\WINDOWS\system32\drivers\TfSysMon.sys []
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []
S2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS\system32\drivers\btslbcsp.sys []
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2005-05-31 401152]
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2005-05-31 30363]
S3 BthEnum;Bluetooth Request Block Driver; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Bluetooth Serial Communications Driver; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-13 272128]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2005-05-31 148040]
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys []
S3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2005-05-31 30189]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2005-05-31 56648]
S3 cpuz132;cpuz132; \??\C:\DOCUME~1\Peter\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
S3 n558;N558 Bluetooth USB Filter Driver; C:\WINDOWS\System32\Drivers\n558.sys [2007-08-15 9600]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys []
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys []
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys []
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys []
S3 OlyCamComm;OLYMPUS USB Communication Device; C:\WINDOWS\system32\DRIVERS\OlyCamComm.sys [2009-09-10 21648]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 s125bus;Sony Ericsson Device 125 driver (WDM); C:\WINDOWS\system32\DRIVERS\s125bus.sys [2007-04-24 83336]
S3 SE2Ebus;Sony Ericsson Device 046 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE2Ebus.sys [2006-05-01 61600]
S3 SE2Emdfl;Sony Ericsson Device 046 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE2Emdfl.sys [2006-05-01 9360]
S3 SE2Emdm;Sony Ericsson Device 046 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE2Emdm.sys [2006-05-01 97184]
S3 SE2Emgmt;Sony Ericsson Device 046 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE2Emgmt.sys [2006-05-01 88688]
S3 se2End5;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (NDIS); C:\WINDOWS\system32\DRIVERS\se2End5.sys [2006-05-01 18704]
S3 se2Eunic;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (WDM); C:\WINDOWS\system32\DRIVERS\se2Eunic.sys [2006-05-01 90800]
S3 SRS_SSCFilter;SRS Labs Audio Sandbox (WDM); C:\WINDOWS\system32\drivers\srs_sscfilter_i386.sys [2007-07-26 39808]
S3 TfNetMon;TfNetMon; \??\C:\WINDOWS\system32\drivers\TfNetMon.sys []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys []
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys []
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 WS2IFSL;Prostredie podpory poskytovateľa služby Windows Socket 2.0 Non-IFS Service; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2011-01-12 810144]
R2 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
R2 SolutoService;Soluto PCGenome Core Service; C:\Program Files\Soluto\SolutoService.exe [2011-02-09 311328]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 btwdins;Bluetooth Service; C:\Program Files\MSI\BToes Bluetooth Software\bin\btwdins.exe [2005-05-31 258103]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2011-01-12 33584]
S3 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-15 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2011-01-07 156776]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
S3 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-01-30 107832]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-09-29 616448]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S4 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe []
S4 ForcewareWebInterface;Forceware Web Interface; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe -k runservice []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe []
S4 nSvcLog;ForceWare user log service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe []
S4 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Zdravim
No mas to zavirenu.
PROSIM CITAJTE POZORNE NAVOD!!!,
Použij ComboFix podle tohoto návodu: http://www.bleepingcomputer.com/combofi ... t-combofix
Log znej vloz sem.
No mas to zavirenu.
PROSIM CITAJTE POZORNE NAVOD!!!,
Použij ComboFix podle tohoto návodu: http://www.bleepingcomputer.com/combofi ... t-combofix
Log znej vloz sem.
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Re: Prosím o kontrolu
ComboFix 11-03-16.01 - Peter 16.03.2011 22:02:48.20.1 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.1023.506 [GMT 1:00]
Running from: c:\documents and settings\Peter\Desktop\ComboFix.exe
AV: ESET Smart Security 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Created a new restore point
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Peter\Local Settings\Application Data\Browser Plugin\BHO.dll
c:\documents and settings\Peter\My Documents\Internet Explorer.lnk
.
.
((((((((((((((((((((((((( Files Created from 2011-02-16 to 2011-03-16 )))))))))))))))))))))))))))))))
.
.
2011-03-16 16:30 . 2011-03-16 16:31 -------- d-----w- C:\rsit
2011-03-09 15:19 . 2011-03-16 21:08 -------- d-----w- c:\documents and settings\Peter\Local Settings\Application Data\Browser Plugin
2011-03-06 00:01 . 2011-03-12 23:23 -------- d-----w- c:\program files\SpeedFan
2011-03-05 23:51 . 2011-03-05 23:51 -------- d-----w- c:\program files\SIW
2011-03-03 13:43 . 2011-03-03 13:43 -------- d-----w- C:\Users
2011-03-03 09:36 . 2011-03-03 09:36 -------- d-----w- c:\program files\ESET
2011-02-26 23:28 . 2011-02-26 23:28 -------- d-----w- c:\program files\Realtek Sound Manager
2011-02-26 23:28 . 2011-02-26 23:28 -------- d-----w- c:\program files\Realtek AC97
2011-02-26 22:25 . 2011-03-16 16:30 -------- d-----w- c:\program files\trend micro
2011-02-26 16:01 . 2011-02-09 18:10 51144 ----a-w- c:\windows\system32\drivers\Soluto.sys
2011-02-26 16:01 . 2011-02-26 16:02 -------- d-----w- c:\program files\Soluto
2011-02-26 16:00 . 2011-02-26 16:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Soluto
2011-02-21 13:56 . 2005-06-20 20:39 9410048 ----a-w- c:\windows\system32\SET26CC.tmp
2011-02-21 13:56 . 2011-02-26 23:27 77824 ----a-w- c:\windows\soundman.exe
2011-02-21 13:56 . 2011-02-26 23:27 18751488 ----a-w- c:\windows\system32\alsndmgr.cpl
2011-02-21 11:15 . 2011-03-09 17:57 -------- d-----w- c:\documents and settings\Peter\Application Data\Hamachi
2011-02-21 11:14 . 2011-02-21 11:14 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2011-02-19 18:19 . 2011-02-19 18:19 -------- d-----w- c:\program files\Any Audio Converter
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-12 17:43 . 2007-01-29 20:36 60416 ----a-w- c:\windows\ALCFDRTM.VER
2011-02-26 23:27 . 2010-11-11 17:50 9410048 ----a-w- c:\windows\system32\RTLCPL.exe
2011-02-26 23:27 . 2010-11-11 17:50 156672 ----a-w- c:\windows\system32\RtlCPAPI.dll
2011-02-26 23:27 . 2010-11-11 17:50 2324480 ----a-w- c:\windows\system32\drivers\alcxwdm.sys
2011-02-26 23:27 . 2010-11-11 17:50 40960 ----a-w- c:\windows\system32\ChCfg.exe
2011-02-26 23:27 . 2010-11-11 17:48 294912 ----a-w- c:\windows\alcupd.exe
2011-02-26 23:27 . 2010-11-11 17:48 200704 ----a-w- c:\windows\alcrmv.exe
2011-02-09 13:53 . 2004-08-04 12:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2004-08-04 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-03 10:57 . 2003-02-21 03:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-02-03 10:57 . 2007-01-27 16:43 499712 ----a-w- c:\windows\system32\msvcp71.dll
2011-02-02 20:40 . 2010-07-19 10:45 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-02 18:19 . 2010-07-19 10:45 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-02-02 07:58 . 2007-01-27 15:04 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2007-01-27 15:04 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44 . 2004-08-04 12:00 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-08 03:27 . 2011-01-19 21:32 941160 ----a-w- c:\windows\system32\nvdispco322090.dll
2011-01-08 03:27 . 2011-01-19 21:32 837736 ----a-w- c:\windows\system32\nvgenco322040.dll
2011-01-08 03:27 . 2010-07-10 04:38 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-01-08 03:27 . 2010-07-10 04:38 4980736 ----a-w- c:\windows\system32\nvcuda.dll
2011-01-08 03:27 . 2010-07-10 04:38 2916968 ----a-w- c:\windows\system32\nvcuvid.dll
2011-01-08 03:27 . 2010-07-10 04:38 2251368 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-01-08 03:27 . 2010-07-10 04:38 1958400 ----a-w- c:\windows\system32\nvapi.dll
2011-01-08 03:27 . 2010-07-10 04:38 14671872 ----a-w- c:\windows\system32\nvoglnt.dll
2011-01-08 03:27 . 2010-07-10 04:38 13004800 ----a-w- c:\windows\system32\nvcompiler.dll
2011-01-08 03:27 . 2007-11-07 10:49 9888672 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2011-01-08 03:27 . 2007-11-07 10:49 6397824 ----a-w- c:\windows\system32\nv4_disp.dll
2011-01-07 18:56 . 2011-01-07 18:56 81920 ----a-w- c:\windows\system32\nvwddi.dll
2011-01-07 18:56 . 2011-01-07 18:56 580200 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll
2011-01-07 18:56 . 2011-01-07 18:56 277608 ----a-w- c:\windows\system32\nvmccs.dll
2011-01-07 18:56 . 2011-01-07 18:56 156776 ----a-w- c:\windows\system32\nvsvc32.exe
2011-01-07 18:56 . 2011-01-07 18:56 145000 ----a-w- c:\windows\system32\nvcolor.exe
2011-01-07 18:56 . 2011-01-07 18:56 13880424 ----a-w- c:\windows\system32\nvcpl.dll
2011-01-07 18:56 . 2011-01-07 18:56 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-01-07 14:09 . 2004-08-04 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:10 . 2004-08-04 12:00 1854976 ----a-w- c:\windows\system32\win32k.sys
2010-12-24 08:15 . 2010-12-24 08:15 86016 ----a-w- c:\windows\system32\frapsvid.dll
2010-12-22 22:24 . 2006-10-25 18:09 131072 ----a-w- C:\clicapi.dll
2010-12-22 12:34 . 2004-08-04 12:00 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-21 14:04 . 2010-12-21 14:04 141264 ----a-w- c:\windows\system32\drivers\eamon.sys
2010-12-21 14:04 . 2010-12-21 14:04 115008 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2010-12-21 12:47 . 2010-12-21 12:47 33120 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2010-12-21 12:47 . 2010-12-21 12:47 134000 ----a-w- c:\windows\system32\drivers\epfw.sys
2010-12-20 23:59 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 23:59 . 2004-08-04 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-12-20 23:59 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-12-20 17:26 . 2004-08-04 12:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 12:55 . 2004-08-04 12:00 385024 ----a-w- c:\windows\system32\html.iec
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-07 13880424]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-01-12 2219184]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ATI CATALYST System Tray.lnk]
backup=c:\windows\pss\ATI CATALYST System Tray.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-11-15 20:02 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-30 15:45 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
2005-08-06 00:07 61440 ----a-w- c:\program files\ATI Technologies\ATI.ACE\CLI.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2008-06-24 14:05 132392 ----a-w- c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2008-04-14 00:12 110592 ----a-w- c:\windows\system32\bthprops.cpl
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 00:12 15360 ------w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-09-16 20:04 1164584 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2008-06-24 14:06 1840424 ----a-w- c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MultiScreen]
2008-06-30 09:41 114688 ----a-w- c:\program files\MultiScreen\MultiScreen.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
2008-06-08 07:31 2221352 ----a-w- c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2008-06-19 07:53 570664 ----a-w- c:\program files\Common Files\Nero\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2011-01-07 18:56 111208 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM_Monitor]
2006-05-16 16:51 57344 ----a-w- c:\program files\OLYMPUS\OLYMPUS Master\Monitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2011-02-26 23:27 77824 ----a-w- c:\windows\soundman.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-10-29 13:49 249064 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WIAWizardMenu]
2008-04-14 00:12 136704 ----a-w- c:\windows\system32\sti_ci.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"lanmanworkstation"=2 (0x2)
"W32Time"=2 (0x2)
"upnphost"=3 (0x3)
"LmHosts"=2 (0x2)
"lanmanserver"=2 (0x2)
"seclogon"=2 (0x2)
"WmdmPmSN"=3 (0x3)
"CiSvc"=3 (0x3)
"PolicyAgent"=2 (0x2)
"FastUserSwitchingCompatibility"=3 (0x3)
"TrkWks"=2 (0x2)
"Browser"=2 (0x2)
"ClipSrv"=3 (0x3)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Common Files\\Nero\\Nero Web\\SetupX.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Bywifi\\bywifi.exe"=
"d:\\NAJ\\LFS\\LFS.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Soluto\\Soluto.exe"=
"c:\\Program Files\\Soluto\\SolutoService.exe"=
"c:\\Program Files\\Soluto\\SolutoConsole.exe"=
"c:\\Program Files\\Soluto\\SolutoUpdateService.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
R0 Soluto;Soluto;c:\windows\system32\drivers\Soluto.sys [26.2.2011 17:01 51144]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [8.7.2008 13:29 691696]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [21.12.2010 15:04 115008]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [12.1.2011 16:41 810144]
R2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [9.2.2011 19:30 311328]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [30.12.2010 17:20 100456]
S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys --> c:\windows\system32\drivers\TfFsMon.sys [?]
S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys --> c:\windows\system32\drivers\TfSysMon.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 12:16 130384]
S3 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [15.12.2010 14:50 136176]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys --> c:\windows\system32\drivers\nmwcdnsu.sys [?]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys --> c:\windows\system32\drivers\nmwcdnsuc.sys [?]
S3 OlyCamComm;OLYMPUS USB Communication Device;c:\windows\system32\drivers\OlyCamComm.sys [31.7.2010 11:31 21648]
S3 TfNetMon;TfNetMon;\??\c:\windows\system32\drivers\TfNetMon.sys --> c:\windows\system32\drivers\TfNetMon.sys [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [4.8.2004 13:00 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 12:16 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Contents of the 'Scheduled Tasks' folder
.
2011-03-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-15 13:50]
.
2011-03-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-15 13:50]
.
2011-03-16 c:\windows\Tasks\User_Feed_Synchronization-{5424BEA9-A10A-4D48-AC65-CB94681185C6}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 03:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://iws.asksearch.com/?cfg=2-347-0-...
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: Send To &Bluetooth - c:\program files\MSI\BToes Bluetooth Software\btsendto_ie_ctx.htm
IE: {{09E90109-A9AA-4980-BCEF-76F8D924E902}
FF - ProfilePath - c:\documents and settings\Peter\Application Data\Mozilla\Firefox\Profiles\mhah0ywi.default\
FF - prefs.js: browser.startup.homepage - www.google.sk
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: GamePlayLabs Plugin: plugin@gameplaylabs.com - %profile%\extensions\plugin@gameplaylabs.com
.
- - - - ORPHANS REMOVED - - - -
.
Notify-AtiExtEvent - (no file)
MSConfigStartUp-Google Update - c:\documents and settings\Peter\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
MSConfigStartUp-nwiz - nwiz.exe
MSConfigStartUp-OODefragTray - c:\program files\OO Software\Defrag\oodtray.exe
MSConfigStartUp-QuickTime Task - c:\program files\QuickTime\QTTask.exe
MSConfigStartUp-SMSTray - c:\program files\Samsung\Samsung Media Studio 5\SMSTray.exe
MSConfigStartUp-TkBellExe - c:\program files\Real\RealPlayer\update\realsched.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-16 22:09
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2000478354-1364589140-839522115-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2000478354-1364589140-839522115-1004\Software\SecuROM\License information*]
"datasecu"=hex:f2,31,62,31,1f,93,b7,e2,41,46,ea,aa,4b,cb,1f,b8,98,8d,fb,2e,c6,
8d,17,92,8a,2a,ae,8d,2a,b8,8e,ef,90,81,45,ce,55,18,25,0e,95,37,5c,90,81,f7,\
"rkeysecu"=hex:d9,e0,75,ab,5d,b5,0e,d4,42,22,b6,51,ac,89,d4,3e
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG10.00.00.01WORKSTATION"="17DB12C71B85235D2D6147ED8FD1A4E144F0D209CA23A39B3F184B886CDE1E8E21A6DB2B6BF438547DB8921A579F98968B1ABF4A2C61CCD8BB77E031B1E83C9A635EA4C6F0AF353FF88CF461B7F5FDCB5B9116D2258F7EF42E3FD86055F474F946E954058BB2BD501FF8B50A771BA7A36BC8FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933FEBC9E127BECC74C9DB7CE019D40AA5C9DB7CE019D40AA5C4CC5F754BC4E3E29FEA336704F9B858FCD214B3B508BB02DD790A237DFB199C3ECC77A7FA81FEB31DCADA6832D622E4CD19FE189B4D0DF9B44ABAF0A40259E4DF40E505B8D6C66117E0A44A3B241D6B1F30D5CA741D813098B23DC5EFE5FA74061B9315CA823855DC4B9AE8C4E14902893E5E2B5B28D35563010FCD74AF41691F6A2BACD3923C6405270EA4DEE26902ED75806AACB4855F578404870556D7548BB52EB4F82C34AF60F93E34A8ABCB1D5294BB6CC4F5826EF6E365AF757C56F837B0729D1CCCCD5D22A4066BB980BF047B356CBBA0A01005F6126310F89ECD47045B3BB9EE27B533810C5232D17BCF03AE9470064C7F8DAF161F931AA2CC819D56C7FD0CE1580CC22F728B0FD056FF67E001DF00E5B6C576DC4CF229580AFD48A884476513680F41CD79E07E2E8B46DF5EF0CA15219783927A7F8ADECCD6D42F97310A3691F1621486C9305E1CA136297757DF71CDA31658BE6F9E5A35EC2C227CC272F2D2ACCC85C3627EAD7B60508EB148E3F2D809E6898A40E3C7D81E359A3F87ED48838268A20F92EDEF4BDF7B2148E8EA41A693AF063472208950AF8AF1A1D4037B82D97A6F2BEAEE93D744D5E3F6F83BBCBFAF25091795606DACD9C8FC4A64CD8D1EE88004450E47A86735C273504A4FAFD202D005FA882D40CA6E0E9F4C1B4A3BAEA59A21AC04060FE57EE50CF5C5E3B42C63F191C06AE77C175C8530EE4BF622D8F573A0EE26452A441413E7E4F51BBFEDE73DAAA891856659BCB010AC4E8463951C9174DCE2868CBD5087CC1F353A06ADE8928826DB0BBB27F5752735DDDE3BF28E8AE18E018A11DBC673832A86B6E12423508AE2E1FD73D0D4A456BEE80B3F80E6299C5B8F2DC1224FA43F70ED68E57831CA54E0FBB3D6A32F87DA67A68116F83D615BDBB2CE2FDBA4F13520A85D16E27DA4F1616946474E0AA436C49DFBD020DDA027D916CDA8137E6C192C59C6960B07EF7CA8DE929688F1D031964655D62B177E517260ED19550380EA0ADF5EA0AAA8C38C98333C8A7BA7F4D9E1D2C79997CAAE72FA9213B86442C5AF4739AD29CA2794882C999E7E9DFF554FE05987C007EE4D5FE10696B72D222AA9F8B4EFD1C2BB188F5F6780FB6819870D37347B846CA8AA15512DC1BCF41EBA9C1AF04AFE058147C3DE4E3276D2772"
"OODEFRAG08.00.00.01WORKSTATION"="7B25A8EF5C5A36912B3AA0E5532E62A5F731987EC5E89ECC10562E57777B5CD5A1C02B5E42E67E8A7C7527E7DF56638A8212F850036148FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933FEBC9E127BECC74C9DB7CE019D40AA5C9DB7CE019D40AA5CB943DEF6045B1732FED8F3AD8FE0D0BD4E3880CD858FF0CB06661E9C57390B7FA60E38FA019846C72CF93C50B36C1EB07C4B5954FD55211ADB8E4BA2161C49ADFD1C3E20A8AF63AD194AB5AC3D810812186914A926AF1B74511820CE077968CA4E622DCE618BC8F6AB323F48BD95D7A28291CF90D9B53A67DC389D416BAD7452C9EB87A375ECD2AB703479DD27EC5D14BDDAF0FED2D05F739D37874DE8E57F314755116E13E9E3C595614CD9D2A0EA11F1EA1E1FB140ED0F53F365F908A81D4B3ED254B3CD6AE1346C6160DD7A9FD6356CFE43D0FB184D21E1DE848238CCE5F4CF2A1EAD9A2AB5DAEDEF253FBDABFA0F9B670DA41ABDE88954FC7358487D76783A357EC6D3BCCC90B45CCC09A0D9B8A39409F1E3D7ECB09656E7081D6E3BEF94E6E14CA0B984991F7E894CF70A146F6C0FDAA68665B3180FB94DD8A8C5D977FADD341F906CBA12C6AF6F5EFB451988D16569A63C57F4172BF16DC387490134514CC0D41DF3EB2FBACD1801BC02F8EB3719D6336726672919191FE7785CACD3B106328E04397A6E2105237792D31B8BEE4E554C1FAE16CE786B4A296E432B86AA00C7B1368C19D19623C4C50BB1385742CB2DBA2CB0DF0A5EC96CB092A6A1813FD3D267579FD2DEA71B4438E8F6DEC6EBFD3C0A8ED1F6E3D3BA96693F16087C6240B89C400882205A06FB5B2064EFD51C74F089799863E657E46F8304812AB501267582FCC0D822A29B5B02DB9BA1807763D04BD0F27EA358952EF424BE276B770C968DCE285CF5ED3CE6437725FD4B16A2F326323077AC3CBF2374980773E4181CBEF72A01E4B3996BB3F7066BE23D832F86B6EA85D11B5D752C7D0BF755E92A24243E38709E7179CEEE3FCC3F02603F2749DBFB8AE38A86F1BFD15D92E9466615112254828AD0D4B25679C5D261C23FCE0FB71EBCD719F910E875A03C214B7B85E2A70FA47EEF6605BECE1E3D59F6698F42323BFBACEA6D52422F9DBFBE4D8AB08C19AC29A177DCD78E28B67B19941CF25D76F08B37A9885D7F8C4F48D8252AF1940427C7720F5B64C1B426EB22B6242BEF7392161A7DE8F9E35CE568DDAF654D95382A19C0647904E666B4524A7A480A21DBA6A654991F944A3444968B4D38673CCB161D312AC1B52072E0553A833F892828E72EB2AF313E1E6B822A7663960A4D1700B43D16341DA7545B81F17736C4CF92C40057F6972CE21EEB628559E4A49C38AFA73160C20046480BC44182CBF9799ADED5B92C4037"
"OODEFRAG11.00.00.01WORKSTATION"="ECA0B56A1CC63E9A0E60D2B7B9289982FAFB6E59B0082374DE0131EDE7719240D4FDCCC245B0E5C1E58E5E359B2C5F47CEF2A11B58C46608A53F6B458AC52E2B4111800EB4EA2BDC745C3076786F5E769EC7CA560135ECB484915E984FF2897DFE11478BCBF62B37763D113D2BFC18ACB144A9EE228E3B096DBC5C0C6BF3CED7CDDC293F1CBAD5A199445F0FC443E00D43568F09EA67AA18C927CF05CBAAFDDEE4F346F2ED7E6E72FDAC0DB38993623B81FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79338EDD5E5BE2F6E6675D575E7D6A3B9808FEBC9E127BECC74CA2C352430A5DCCDD0FFA6E1759B857EE993AD0C0C4B89B375C0708D3CBB7038841FA23F50063CFB1112F0EC75D420B4809E77E94268FF2C60996F8DADDDD077BCB29571CC1961D3E32AAE886E2BB06869C3629E4470647BED9B070E79AC960761BE44E356F329DDD0358E34F964606103F824F4BFC43C93132492F519FC64EDC2CD72EF311C6C45E3BB522540655CB408041BA957CBF2BA799683F22EC731682A0BCDE410E378601B4D50D7822B29EE4917AF244E1CAA29DBBA9E818E7427E303DE78AB7B3BBDA7D6CDCD1D4C3FBC6434AC7C68D2D04EB8269BEBDA556795224E93DA32635603F7B848762B6A3A01311A5DA49DAC1E2C33A95EA0FF2E6B4E20EB3B5DC11A605B49CC324729C61E6D47843F4504A66B0ED1ED88674D8A9628294CCDE2F3081DBBEEE92127C3EFD65E01A64EDF42C478BB179EE7EC9E512C5894E885AD6EEA3EDE5FA7FCABC01E00B9109F13196077365D90D38512EDDF975D34A61DD53ECCD9739B9BC573503D39744CA74BE56145D83338A371683B61D5B400973B168FB2708C519A0552B94069E5B5B1DA79B405EFE119C94F2F21A1A38337F7EB21FA63643237CA3F726B90A8B3CAABD160F2F30C6CADE9D2565E7789C93176954C3266AA0E7B8658574AB541ACF194D432033731C3B5FBF7C0CB11F70CDAB3C99E5EA154BB297A5D728D641D9838065FE0158A915BF2411DD583E5A6DD010241D5A186A44A258CCDD935B0FB04A2AC7AC275B3C9A3CA548408287DA249008F08A380585DEDC2C6398D38EDE5799565543CC2EF56C964D40B186BDB4F5844C19255C3EE1430A39961FC1F7B8DAE9B6954FEFF5871A3A7D7B51A1C1609B290A34416782E2EC5798B91C8254861B3A7333ED538B818A94099C53D7AB3A1C7D630048BCC4CBAA745A42CDF815154E8B26FD547CFCDCF79939EA7F70C404D905ECDC3705AD48A11700C906CDDD197B63DF6749B58C746EBF4953B4760BDF0748AF50A0AB9864C876FD8EAAEF87A7804C2286A78DAE89D10168E4DFB832572851278228619512ECD0BF7236109EBB0ED264175ED58DBC56DCBBD388CA21571BB1"
"OODEFRAG14.00.00.01PROFESSIONAL"="3C8F51F6A0F5EB2BAF9614A1C9EFC2DE5FEB3ACB4A6F31E1A8E00AF4B5145A42FC5E900ED02EE0E2D8FBE449B8DD89108C242F6F4F3FACA3554E844D7DAC02B2C3C298AD448A2ED7767234601A25ABFBA35906DDA0A37B416C7DBD651E80AE718B6EF842549C368148DA7D8E9EDA09A1473FC915E1511AE31611ED33CD069BEDFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98089DB7CE019D40AA5CBA7FD869164D6794A9C6AECB7A5D14075EB2E083D6B0CDCB1ABA3D3221E6B595C0172997E3620786140DAF06D8EF02FBB794D7254BF325D8C58806D9D42C7B3CB7F42544787E284125E6A24778D450D1C25840268C0C4D8BC0A3292CDFF331AEF48AE267E4DD9C24CC4A0AF5F23A628B9B4ADBDD35467A63AFC69678704CC9363D23226A0F7135DF97B40EB4039283E23236E1C7F53696C106B0B132CA096CFCAD8E12DAEE6B758BE327CF487612B576CD6EFD8111B1BFEF8EA35472C8C17395B2A0D86713C51320E725DD1C31322C4805484ECF5E52471AE6E6C8F355506C728FB08F671CBCFC7A29B7413C282F513FC61DE517C876B14E0145D01771551BED5C9A43D1BF4FCFDC846CF1DB658BBF25D1CCCC6450403AFEA18C9DE030327542833E7345C741606B2A525ED0870C4829BB367D6586164D85E48E5AF6BB10A592427F97028F1CB5301D0069144239EF5D6C4066ED15220C9CB524A1A74ED78B612DC4176B8A2C8B98B48B68C45ADF6F39A2546B7435D04D63D7A68260B9BA38972A7B4F8C3C80D1769E94A5A32992B2946DE063933757985D5FF40337E0AA7201749190913FEDAB7E58B95F979F265AB0B156988AFDA9AEF138721B633E5FB44F997BA14B3F0D70CAB61FC6A9BD33BBAD29AACA3C80837D6C9E04343FDB542E957EB1B9AE00382C5762EF82889B17DE93E0D82DAFCBE02D7CA516B04DDAC741CC58AE085454909D87D4572D06E1F37F4B38DBE50FFC0616B5B116E3AFEFBD05513271AB7927FAB820E005D218CE2D8F2564B8912A48F7458E7C77962F637CC1E36A7F3AFEF49F26C827AF78D7B6EBB2526E723EF2F401FD63153183371010782935DF3C6A4F69BF91228E91837E9E41E8B213ED81DD3034745DBC5B5768C6DA28181D3063DB89156A1CDE097D9FF6C7E26329981173561362091AC144EE344FCDEEC88537D2F26AA835613D4BA9E708A004C62AFDB78975B7A3CACF55BC2F70EB6775A1D7025F3786605A7F963EACF463EC00804E4225EEDC0BD59086FDD30C35053ADE584BC92720E691962F94C0B8D24B6FEEA6BE47C52470C505F8720125431D33097323F21A78E3553C83F466AEF62132BC53ECD0F03ED8A91F6EEFD8F291DC80E084935FA273C6761F2C3F23673FC1EAA4411F699FC49E134950DC436080"
.
Completion time: 2011-03-16 22:12:19
ComboFix-quarantined-files.txt 2011-03-16 21:12
.
Pre-Run: 30 821 629 952 bytes free
Post-Run: 31 040 241 664 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
.
- - End Of File - - CA54E3AE2C3F70E51DE2FF20A2D328EC
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.1023.506 [GMT 1:00]
Running from: c:\documents and settings\Peter\Desktop\ComboFix.exe
AV: ESET Smart Security 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Created a new restore point
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Peter\Local Settings\Application Data\Browser Plugin\BHO.dll
c:\documents and settings\Peter\My Documents\Internet Explorer.lnk
.
.
((((((((((((((((((((((((( Files Created from 2011-02-16 to 2011-03-16 )))))))))))))))))))))))))))))))
.
.
2011-03-16 16:30 . 2011-03-16 16:31 -------- d-----w- C:\rsit
2011-03-09 15:19 . 2011-03-16 21:08 -------- d-----w- c:\documents and settings\Peter\Local Settings\Application Data\Browser Plugin
2011-03-06 00:01 . 2011-03-12 23:23 -------- d-----w- c:\program files\SpeedFan
2011-03-05 23:51 . 2011-03-05 23:51 -------- d-----w- c:\program files\SIW
2011-03-03 13:43 . 2011-03-03 13:43 -------- d-----w- C:\Users
2011-03-03 09:36 . 2011-03-03 09:36 -------- d-----w- c:\program files\ESET
2011-02-26 23:28 . 2011-02-26 23:28 -------- d-----w- c:\program files\Realtek Sound Manager
2011-02-26 23:28 . 2011-02-26 23:28 -------- d-----w- c:\program files\Realtek AC97
2011-02-26 22:25 . 2011-03-16 16:30 -------- d-----w- c:\program files\trend micro
2011-02-26 16:01 . 2011-02-09 18:10 51144 ----a-w- c:\windows\system32\drivers\Soluto.sys
2011-02-26 16:01 . 2011-02-26 16:02 -------- d-----w- c:\program files\Soluto
2011-02-26 16:00 . 2011-02-26 16:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Soluto
2011-02-21 13:56 . 2005-06-20 20:39 9410048 ----a-w- c:\windows\system32\SET26CC.tmp
2011-02-21 13:56 . 2011-02-26 23:27 77824 ----a-w- c:\windows\soundman.exe
2011-02-21 13:56 . 2011-02-26 23:27 18751488 ----a-w- c:\windows\system32\alsndmgr.cpl
2011-02-21 11:15 . 2011-03-09 17:57 -------- d-----w- c:\documents and settings\Peter\Application Data\Hamachi
2011-02-21 11:14 . 2011-02-21 11:14 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2011-02-19 18:19 . 2011-02-19 18:19 -------- d-----w- c:\program files\Any Audio Converter
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-12 17:43 . 2007-01-29 20:36 60416 ----a-w- c:\windows\ALCFDRTM.VER
2011-02-26 23:27 . 2010-11-11 17:50 9410048 ----a-w- c:\windows\system32\RTLCPL.exe
2011-02-26 23:27 . 2010-11-11 17:50 156672 ----a-w- c:\windows\system32\RtlCPAPI.dll
2011-02-26 23:27 . 2010-11-11 17:50 2324480 ----a-w- c:\windows\system32\drivers\alcxwdm.sys
2011-02-26 23:27 . 2010-11-11 17:50 40960 ----a-w- c:\windows\system32\ChCfg.exe
2011-02-26 23:27 . 2010-11-11 17:48 294912 ----a-w- c:\windows\alcupd.exe
2011-02-26 23:27 . 2010-11-11 17:48 200704 ----a-w- c:\windows\alcrmv.exe
2011-02-09 13:53 . 2004-08-04 12:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2004-08-04 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-03 10:57 . 2003-02-21 03:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-02-03 10:57 . 2007-01-27 16:43 499712 ----a-w- c:\windows\system32\msvcp71.dll
2011-02-02 20:40 . 2010-07-19 10:45 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-02 18:19 . 2010-07-19 10:45 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-02-02 07:58 . 2007-01-27 15:04 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2007-01-27 15:04 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44 . 2004-08-04 12:00 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-08 03:27 . 2011-01-19 21:32 941160 ----a-w- c:\windows\system32\nvdispco322090.dll
2011-01-08 03:27 . 2011-01-19 21:32 837736 ----a-w- c:\windows\system32\nvgenco322040.dll
2011-01-08 03:27 . 2010-07-10 04:38 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-01-08 03:27 . 2010-07-10 04:38 4980736 ----a-w- c:\windows\system32\nvcuda.dll
2011-01-08 03:27 . 2010-07-10 04:38 2916968 ----a-w- c:\windows\system32\nvcuvid.dll
2011-01-08 03:27 . 2010-07-10 04:38 2251368 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-01-08 03:27 . 2010-07-10 04:38 1958400 ----a-w- c:\windows\system32\nvapi.dll
2011-01-08 03:27 . 2010-07-10 04:38 14671872 ----a-w- c:\windows\system32\nvoglnt.dll
2011-01-08 03:27 . 2010-07-10 04:38 13004800 ----a-w- c:\windows\system32\nvcompiler.dll
2011-01-08 03:27 . 2007-11-07 10:49 9888672 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2011-01-08 03:27 . 2007-11-07 10:49 6397824 ----a-w- c:\windows\system32\nv4_disp.dll
2011-01-07 18:56 . 2011-01-07 18:56 81920 ----a-w- c:\windows\system32\nvwddi.dll
2011-01-07 18:56 . 2011-01-07 18:56 580200 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll
2011-01-07 18:56 . 2011-01-07 18:56 277608 ----a-w- c:\windows\system32\nvmccs.dll
2011-01-07 18:56 . 2011-01-07 18:56 156776 ----a-w- c:\windows\system32\nvsvc32.exe
2011-01-07 18:56 . 2011-01-07 18:56 145000 ----a-w- c:\windows\system32\nvcolor.exe
2011-01-07 18:56 . 2011-01-07 18:56 13880424 ----a-w- c:\windows\system32\nvcpl.dll
2011-01-07 18:56 . 2011-01-07 18:56 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-01-07 14:09 . 2004-08-04 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:10 . 2004-08-04 12:00 1854976 ----a-w- c:\windows\system32\win32k.sys
2010-12-24 08:15 . 2010-12-24 08:15 86016 ----a-w- c:\windows\system32\frapsvid.dll
2010-12-22 22:24 . 2006-10-25 18:09 131072 ----a-w- C:\clicapi.dll
2010-12-22 12:34 . 2004-08-04 12:00 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-21 14:04 . 2010-12-21 14:04 141264 ----a-w- c:\windows\system32\drivers\eamon.sys
2010-12-21 14:04 . 2010-12-21 14:04 115008 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2010-12-21 12:47 . 2010-12-21 12:47 33120 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2010-12-21 12:47 . 2010-12-21 12:47 134000 ----a-w- c:\windows\system32\drivers\epfw.sys
2010-12-20 23:59 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 23:59 . 2004-08-04 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-12-20 23:59 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-12-20 17:26 . 2004-08-04 12:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 12:55 . 2004-08-04 12:00 385024 ----a-w- c:\windows\system32\html.iec
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-07 13880424]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-01-12 2219184]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ATI CATALYST System Tray.lnk]
backup=c:\windows\pss\ATI CATALYST System Tray.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-11-15 20:02 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-30 15:45 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
2005-08-06 00:07 61440 ----a-w- c:\program files\ATI Technologies\ATI.ACE\CLI.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2008-06-24 14:05 132392 ----a-w- c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2008-04-14 00:12 110592 ----a-w- c:\windows\system32\bthprops.cpl
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 00:12 15360 ------w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-09-16 20:04 1164584 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2008-06-24 14:06 1840424 ----a-w- c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MultiScreen]
2008-06-30 09:41 114688 ----a-w- c:\program files\MultiScreen\MultiScreen.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
2008-06-08 07:31 2221352 ----a-w- c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2008-06-19 07:53 570664 ----a-w- c:\program files\Common Files\Nero\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2011-01-07 18:56 111208 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM_Monitor]
2006-05-16 16:51 57344 ----a-w- c:\program files\OLYMPUS\OLYMPUS Master\Monitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2011-02-26 23:27 77824 ----a-w- c:\windows\soundman.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-10-29 13:49 249064 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WIAWizardMenu]
2008-04-14 00:12 136704 ----a-w- c:\windows\system32\sti_ci.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"lanmanworkstation"=2 (0x2)
"W32Time"=2 (0x2)
"upnphost"=3 (0x3)
"LmHosts"=2 (0x2)
"lanmanserver"=2 (0x2)
"seclogon"=2 (0x2)
"WmdmPmSN"=3 (0x3)
"CiSvc"=3 (0x3)
"PolicyAgent"=2 (0x2)
"FastUserSwitchingCompatibility"=3 (0x3)
"TrkWks"=2 (0x2)
"Browser"=2 (0x2)
"ClipSrv"=3 (0x3)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Common Files\\Nero\\Nero Web\\SetupX.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Bywifi\\bywifi.exe"=
"d:\\NAJ\\LFS\\LFS.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Soluto\\Soluto.exe"=
"c:\\Program Files\\Soluto\\SolutoService.exe"=
"c:\\Program Files\\Soluto\\SolutoConsole.exe"=
"c:\\Program Files\\Soluto\\SolutoUpdateService.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
R0 Soluto;Soluto;c:\windows\system32\drivers\Soluto.sys [26.2.2011 17:01 51144]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [8.7.2008 13:29 691696]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [21.12.2010 15:04 115008]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [12.1.2011 16:41 810144]
R2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [9.2.2011 19:30 311328]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [30.12.2010 17:20 100456]
S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys --> c:\windows\system32\drivers\TfFsMon.sys [?]
S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys --> c:\windows\system32\drivers\TfSysMon.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 12:16 130384]
S3 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [15.12.2010 14:50 136176]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys --> c:\windows\system32\drivers\nmwcdnsu.sys [?]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys --> c:\windows\system32\drivers\nmwcdnsuc.sys [?]
S3 OlyCamComm;OLYMPUS USB Communication Device;c:\windows\system32\drivers\OlyCamComm.sys [31.7.2010 11:31 21648]
S3 TfNetMon;TfNetMon;\??\c:\windows\system32\drivers\TfNetMon.sys --> c:\windows\system32\drivers\TfNetMon.sys [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [4.8.2004 13:00 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 12:16 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Contents of the 'Scheduled Tasks' folder
.
2011-03-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-15 13:50]
.
2011-03-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-15 13:50]
.
2011-03-16 c:\windows\Tasks\User_Feed_Synchronization-{5424BEA9-A10A-4D48-AC65-CB94681185C6}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 03:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://iws.asksearch.com/?cfg=2-347-0-...
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: Send To &Bluetooth - c:\program files\MSI\BToes Bluetooth Software\btsendto_ie_ctx.htm
IE: {{09E90109-A9AA-4980-BCEF-76F8D924E902}
FF - ProfilePath - c:\documents and settings\Peter\Application Data\Mozilla\Firefox\Profiles\mhah0ywi.default\
FF - prefs.js: browser.startup.homepage - www.google.sk
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: GamePlayLabs Plugin: plugin@gameplaylabs.com - %profile%\extensions\plugin@gameplaylabs.com
.
- - - - ORPHANS REMOVED - - - -
.
Notify-AtiExtEvent - (no file)
MSConfigStartUp-Google Update - c:\documents and settings\Peter\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
MSConfigStartUp-nwiz - nwiz.exe
MSConfigStartUp-OODefragTray - c:\program files\OO Software\Defrag\oodtray.exe
MSConfigStartUp-QuickTime Task - c:\program files\QuickTime\QTTask.exe
MSConfigStartUp-SMSTray - c:\program files\Samsung\Samsung Media Studio 5\SMSTray.exe
MSConfigStartUp-TkBellExe - c:\program files\Real\RealPlayer\update\realsched.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-16 22:09
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2000478354-1364589140-839522115-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2000478354-1364589140-839522115-1004\Software\SecuROM\License information*]
"datasecu"=hex:f2,31,62,31,1f,93,b7,e2,41,46,ea,aa,4b,cb,1f,b8,98,8d,fb,2e,c6,
8d,17,92,8a,2a,ae,8d,2a,b8,8e,ef,90,81,45,ce,55,18,25,0e,95,37,5c,90,81,f7,\
"rkeysecu"=hex:d9,e0,75,ab,5d,b5,0e,d4,42,22,b6,51,ac,89,d4,3e
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG10.00.00.01WORKSTATION"="17DB12C71B85235D2D6147ED8FD1A4E144F0D209CA23A39B3F184B886CDE1E8E21A6DB2B6BF438547DB8921A579F98968B1ABF4A2C61CCD8BB77E031B1E83C9A635EA4C6F0AF353FF88CF461B7F5FDCB5B9116D2258F7EF42E3FD86055F474F946E954058BB2BD501FF8B50A771BA7A36BC8FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933FEBC9E127BECC74C9DB7CE019D40AA5C9DB7CE019D40AA5C4CC5F754BC4E3E29FEA336704F9B858FCD214B3B508BB02DD790A237DFB199C3ECC77A7FA81FEB31DCADA6832D622E4CD19FE189B4D0DF9B44ABAF0A40259E4DF40E505B8D6C66117E0A44A3B241D6B1F30D5CA741D813098B23DC5EFE5FA74061B9315CA823855DC4B9AE8C4E14902893E5E2B5B28D35563010FCD74AF41691F6A2BACD3923C6405270EA4DEE26902ED75806AACB4855F578404870556D7548BB52EB4F82C34AF60F93E34A8ABCB1D5294BB6CC4F5826EF6E365AF757C56F837B0729D1CCCCD5D22A4066BB980BF047B356CBBA0A01005F6126310F89ECD47045B3BB9EE27B533810C5232D17BCF03AE9470064C7F8DAF161F931AA2CC819D56C7FD0CE1580CC22F728B0FD056FF67E001DF00E5B6C576DC4CF229580AFD48A884476513680F41CD79E07E2E8B46DF5EF0CA15219783927A7F8ADECCD6D42F97310A3691F1621486C9305E1CA136297757DF71CDA31658BE6F9E5A35EC2C227CC272F2D2ACCC85C3627EAD7B60508EB148E3F2D809E6898A40E3C7D81E359A3F87ED48838268A20F92EDEF4BDF7B2148E8EA41A693AF063472208950AF8AF1A1D4037B82D97A6F2BEAEE93D744D5E3F6F83BBCBFAF25091795606DACD9C8FC4A64CD8D1EE88004450E47A86735C273504A4FAFD202D005FA882D40CA6E0E9F4C1B4A3BAEA59A21AC04060FE57EE50CF5C5E3B42C63F191C06AE77C175C8530EE4BF622D8F573A0EE26452A441413E7E4F51BBFEDE73DAAA891856659BCB010AC4E8463951C9174DCE2868CBD5087CC1F353A06ADE8928826DB0BBB27F5752735DDDE3BF28E8AE18E018A11DBC673832A86B6E12423508AE2E1FD73D0D4A456BEE80B3F80E6299C5B8F2DC1224FA43F70ED68E57831CA54E0FBB3D6A32F87DA67A68116F83D615BDBB2CE2FDBA4F13520A85D16E27DA4F1616946474E0AA436C49DFBD020DDA027D916CDA8137E6C192C59C6960B07EF7CA8DE929688F1D031964655D62B177E517260ED19550380EA0ADF5EA0AAA8C38C98333C8A7BA7F4D9E1D2C79997CAAE72FA9213B86442C5AF4739AD29CA2794882C999E7E9DFF554FE05987C007EE4D5FE10696B72D222AA9F8B4EFD1C2BB188F5F6780FB6819870D37347B846CA8AA15512DC1BCF41EBA9C1AF04AFE058147C3DE4E3276D2772"
"OODEFRAG08.00.00.01WORKSTATION"="7B25A8EF5C5A36912B3AA0E5532E62A5F731987EC5E89ECC10562E57777B5CD5A1C02B5E42E67E8A7C7527E7DF56638A8212F850036148FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933FEBC9E127BECC74C9DB7CE019D40AA5C9DB7CE019D40AA5CB943DEF6045B1732FED8F3AD8FE0D0BD4E3880CD858FF0CB06661E9C57390B7FA60E38FA019846C72CF93C50B36C1EB07C4B5954FD55211ADB8E4BA2161C49ADFD1C3E20A8AF63AD194AB5AC3D810812186914A926AF1B74511820CE077968CA4E622DCE618BC8F6AB323F48BD95D7A28291CF90D9B53A67DC389D416BAD7452C9EB87A375ECD2AB703479DD27EC5D14BDDAF0FED2D05F739D37874DE8E57F314755116E13E9E3C595614CD9D2A0EA11F1EA1E1FB140ED0F53F365F908A81D4B3ED254B3CD6AE1346C6160DD7A9FD6356CFE43D0FB184D21E1DE848238CCE5F4CF2A1EAD9A2AB5DAEDEF253FBDABFA0F9B670DA41ABDE88954FC7358487D76783A357EC6D3BCCC90B45CCC09A0D9B8A39409F1E3D7ECB09656E7081D6E3BEF94E6E14CA0B984991F7E894CF70A146F6C0FDAA68665B3180FB94DD8A8C5D977FADD341F906CBA12C6AF6F5EFB451988D16569A63C57F4172BF16DC387490134514CC0D41DF3EB2FBACD1801BC02F8EB3719D6336726672919191FE7785CACD3B106328E04397A6E2105237792D31B8BEE4E554C1FAE16CE786B4A296E432B86AA00C7B1368C19D19623C4C50BB1385742CB2DBA2CB0DF0A5EC96CB092A6A1813FD3D267579FD2DEA71B4438E8F6DEC6EBFD3C0A8ED1F6E3D3BA96693F16087C6240B89C400882205A06FB5B2064EFD51C74F089799863E657E46F8304812AB501267582FCC0D822A29B5B02DB9BA1807763D04BD0F27EA358952EF424BE276B770C968DCE285CF5ED3CE6437725FD4B16A2F326323077AC3CBF2374980773E4181CBEF72A01E4B3996BB3F7066BE23D832F86B6EA85D11B5D752C7D0BF755E92A24243E38709E7179CEEE3FCC3F02603F2749DBFB8AE38A86F1BFD15D92E9466615112254828AD0D4B25679C5D261C23FCE0FB71EBCD719F910E875A03C214B7B85E2A70FA47EEF6605BECE1E3D59F6698F42323BFBACEA6D52422F9DBFBE4D8AB08C19AC29A177DCD78E28B67B19941CF25D76F08B37A9885D7F8C4F48D8252AF1940427C7720F5B64C1B426EB22B6242BEF7392161A7DE8F9E35CE568DDAF654D95382A19C0647904E666B4524A7A480A21DBA6A654991F944A3444968B4D38673CCB161D312AC1B52072E0553A833F892828E72EB2AF313E1E6B822A7663960A4D1700B43D16341DA7545B81F17736C4CF92C40057F6972CE21EEB628559E4A49C38AFA73160C20046480BC44182CBF9799ADED5B92C4037"
"OODEFRAG11.00.00.01WORKSTATION"="ECA0B56A1CC63E9A0E60D2B7B9289982FAFB6E59B0082374DE0131EDE7719240D4FDCCC245B0E5C1E58E5E359B2C5F47CEF2A11B58C46608A53F6B458AC52E2B4111800EB4EA2BDC745C3076786F5E769EC7CA560135ECB484915E984FF2897DFE11478BCBF62B37763D113D2BFC18ACB144A9EE228E3B096DBC5C0C6BF3CED7CDDC293F1CBAD5A199445F0FC443E00D43568F09EA67AA18C927CF05CBAAFDDEE4F346F2ED7E6E72FDAC0DB38993623B81FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79338EDD5E5BE2F6E6675D575E7D6A3B9808FEBC9E127BECC74CA2C352430A5DCCDD0FFA6E1759B857EE993AD0C0C4B89B375C0708D3CBB7038841FA23F50063CFB1112F0EC75D420B4809E77E94268FF2C60996F8DADDDD077BCB29571CC1961D3E32AAE886E2BB06869C3629E4470647BED9B070E79AC960761BE44E356F329DDD0358E34F964606103F824F4BFC43C93132492F519FC64EDC2CD72EF311C6C45E3BB522540655CB408041BA957CBF2BA799683F22EC731682A0BCDE410E378601B4D50D7822B29EE4917AF244E1CAA29DBBA9E818E7427E303DE78AB7B3BBDA7D6CDCD1D4C3FBC6434AC7C68D2D04EB8269BEBDA556795224E93DA32635603F7B848762B6A3A01311A5DA49DAC1E2C33A95EA0FF2E6B4E20EB3B5DC11A605B49CC324729C61E6D47843F4504A66B0ED1ED88674D8A9628294CCDE2F3081DBBEEE92127C3EFD65E01A64EDF42C478BB179EE7EC9E512C5894E885AD6EEA3EDE5FA7FCABC01E00B9109F13196077365D90D38512EDDF975D34A61DD53ECCD9739B9BC573503D39744CA74BE56145D83338A371683B61D5B400973B168FB2708C519A0552B94069E5B5B1DA79B405EFE119C94F2F21A1A38337F7EB21FA63643237CA3F726B90A8B3CAABD160F2F30C6CADE9D2565E7789C93176954C3266AA0E7B8658574AB541ACF194D432033731C3B5FBF7C0CB11F70CDAB3C99E5EA154BB297A5D728D641D9838065FE0158A915BF2411DD583E5A6DD010241D5A186A44A258CCDD935B0FB04A2AC7AC275B3C9A3CA548408287DA249008F08A380585DEDC2C6398D38EDE5799565543CC2EF56C964D40B186BDB4F5844C19255C3EE1430A39961FC1F7B8DAE9B6954FEFF5871A3A7D7B51A1C1609B290A34416782E2EC5798B91C8254861B3A7333ED538B818A94099C53D7AB3A1C7D630048BCC4CBAA745A42CDF815154E8B26FD547CFCDCF79939EA7F70C404D905ECDC3705AD48A11700C906CDDD197B63DF6749B58C746EBF4953B4760BDF0748AF50A0AB9864C876FD8EAAEF87A7804C2286A78DAE89D10168E4DFB832572851278228619512ECD0BF7236109EBB0ED264175ED58DBC56DCBBD388CA21571BB1"
"OODEFRAG14.00.00.01PROFESSIONAL"="3C8F51F6A0F5EB2BAF9614A1C9EFC2DE5FEB3ACB4A6F31E1A8E00AF4B5145A42FC5E900ED02EE0E2D8FBE449B8DD89108C242F6F4F3FACA3554E844D7DAC02B2C3C298AD448A2ED7767234601A25ABFBA35906DDA0A37B416C7DBD651E80AE718B6EF842549C368148DA7D8E9EDA09A1473FC915E1511AE31611ED33CD069BEDFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98089DB7CE019D40AA5CBA7FD869164D6794A9C6AECB7A5D14075EB2E083D6B0CDCB1ABA3D3221E6B595C0172997E3620786140DAF06D8EF02FBB794D7254BF325D8C58806D9D42C7B3CB7F42544787E284125E6A24778D450D1C25840268C0C4D8BC0A3292CDFF331AEF48AE267E4DD9C24CC4A0AF5F23A628B9B4ADBDD35467A63AFC69678704CC9363D23226A0F7135DF97B40EB4039283E23236E1C7F53696C106B0B132CA096CFCAD8E12DAEE6B758BE327CF487612B576CD6EFD8111B1BFEF8EA35472C8C17395B2A0D86713C51320E725DD1C31322C4805484ECF5E52471AE6E6C8F355506C728FB08F671CBCFC7A29B7413C282F513FC61DE517C876B14E0145D01771551BED5C9A43D1BF4FCFDC846CF1DB658BBF25D1CCCC6450403AFEA18C9DE030327542833E7345C741606B2A525ED0870C4829BB367D6586164D85E48E5AF6BB10A592427F97028F1CB5301D0069144239EF5D6C4066ED15220C9CB524A1A74ED78B612DC4176B8A2C8B98B48B68C45ADF6F39A2546B7435D04D63D7A68260B9BA38972A7B4F8C3C80D1769E94A5A32992B2946DE063933757985D5FF40337E0AA7201749190913FEDAB7E58B95F979F265AB0B156988AFDA9AEF138721B633E5FB44F997BA14B3F0D70CAB61FC6A9BD33BBAD29AACA3C80837D6C9E04343FDB542E957EB1B9AE00382C5762EF82889B17DE93E0D82DAFCBE02D7CA516B04DDAC741CC58AE085454909D87D4572D06E1F37F4B38DBE50FFC0616B5B116E3AFEFBD05513271AB7927FAB820E005D218CE2D8F2564B8912A48F7458E7C77962F637CC1E36A7F3AFEF49F26C827AF78D7B6EBB2526E723EF2F401FD63153183371010782935DF3C6A4F69BF91228E91837E9E41E8B213ED81DD3034745DBC5B5768C6DA28181D3063DB89156A1CDE097D9FF6C7E26329981173561362091AC144EE344FCDEEC88537D2F26AA835613D4BA9E708A004C62AFDB78975B7A3CACF55BC2F70EB6775A1D7025F3786605A7F963EACF463EC00804E4225EEDC0BD59086FDD30C35053ADE584BC92720E691962F94C0B8D24B6FEEA6BE47C52470C505F8720125431D33097323F21A78E3553C83F466AEF62132BC53ECD0F03ED8A91F6EEFD8F291DC80E084935FA273C6761F2C3F23673FC1EAA4411F699FC49E134950DC436080"
.
Completion time: 2011-03-16 22:12:19
ComboFix-quarantined-files.txt 2011-03-16 21:12
.
Pre-Run: 30 821 629 952 bytes free
Post-Run: 31 040 241 664 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
.
- - End Of File - - CA54E3AE2C3F70E51DE2FF20A2D328EC
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Prosím o kontrolu
To co za program?
C:\Program Files\Soluto
Otestuj na www.virustotal.com
C:\WINDOWS\system32\drivers\Soluto.sys
link vloz sem
C:\Program Files\Soluto
Otestuj na www.virustotal.com
C:\WINDOWS\system32\drivers\Soluto.sys
link vloz sem
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Prosím o kontrolu
ok, soluto 
Mas este problem s pc?/
Ak nie odinstaluj combofix, premenuj ikonu combofixu na uninstall.exe a spust.
Ak vsetko slape, tak ako ma, tot vse.
Mas este problem s pc?/
Ak nie odinstaluj combofix, premenuj ikonu combofixu na uninstall.exe a spust.
Ak vsetko slape, tak ako ma, tot vse.
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Re: Prosím o kontrolu
Ak ešte môžem, tak dám ešte pre istotu log:
Logfile of random's system information tool 1.08 (written by random/random)
Run by Peter at 2011-03-17 21:48:20
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 33 GB (65%) free of 51 GB
Total RAM: 1023 MB (27% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:48:28, on 17.3.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Soluto\soluto.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Soluto\SolutoService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Peter\Desktop\RSIT.exe
C:\Program Files\trend micro\Peter.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://iws.asksearch.com/?cfg=2-347-0-...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {09E90109-A9AA-4980-BCEF-76F8D924E902} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {09E90109-A9AA-4980-BCEF-76F8D924E902} - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.sk/OnlineScanner.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 3855522859
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://212.80.66.25/activex/AxisCamControl.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crl ... crlocx.ocx
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol ... _en_dl.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\MSI\BToes Bluetooth Software\bin\btwdins.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe
--
End of file - 6604 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{5424BEA9-A10A-4D48-AC65-CB94681185C6}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2011-01-30 64928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-02 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-01-07 13880424]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-01-12 2219184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-01-30 35736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2005-08-06 61440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [2008-06-24 132392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
bthprops.cpl,,BluetoothAuthenticationAgent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-09-16 1164584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MultiScreen]
C:\Program Files\MultiScreen\MultiScreen.exe [2008-06-30 114688]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-06-19 570664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2011-01-07 111208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM_Monitor]
C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe [2006-05-16 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
C:\WINDOWS\SOUNDMAN.EXE [2011-02-27 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WIAWizardMenu]
C:\WINDOWS\system32\sti_ci.dll [2008-04-14 136704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ATI CATALYST System Tray.lnk]
C:\PROGRA~1\ATITEC~1\ATI.ACE\CLI.exe [2005-08-06 61440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\MSI\BTOESB~1\BTTray.exe [2005-05-31 577597]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2005-05-11 282624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
C:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"lanmanworkstation"=2
"W32Time"=2
"upnphost"=3
"LmHosts"=2
"lanmanserver"=2
"seclogon"=2
"WmdmPmSN"=3
"CiSvc"=3
"PolicyAgent"=2
"FastUserSwitchingCompatibility"=3
"TrkWks"=2
"Browser"=2
"ClipSrv"=3
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SolutoService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Disabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Windows Media Player\wmplayer.exe"="C:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ"
"C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe:*:Enabled:Nero ControlCenter"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Disabled:Google Earth"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Bywifi\bywifi.exe"="C:\Program Files\Bywifi\bywifi.exe:*:Enabled:Bywifi: Video Streaming Accelerator"
"D:\NAJ\LFS\LFS.exe"="D:\NAJ\LFS\LFS.exe:*:Enabled:LFS"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Soluto\Soluto.exe"="C:\Program Files\Soluto\Soluto.exe:*:Enabled:Soluto Tray"
"C:\Program Files\Soluto\SolutoService.exe"="C:\Program Files\Soluto\SolutoService.exe:*:Enabled:Soluto Service"
"C:\Program Files\Soluto\SolutoConsole.exe"="C:\Program Files\Soluto\SolutoConsole.exe:*:Enabled:Soluto Console"
"C:\Program Files\Soluto\SolutoUpdateService.exe"="C:\Program Files\Soluto\SolutoUpdateService.exe:*:Enabled:Soluto Update Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2011-03-17 09:25:31 ----SHD---- C:\RECYCLER
2011-03-16 22:18:36 ----SD---- C:\ComboFix
2011-03-16 22:12:21 ----D---- C:\WINDOWS\temp
2011-03-16 22:12:20 ----A---- C:\ComboFix.txt
2011-03-16 21:58:21 ----D---- C:\WINDOWS\ERDNT
2011-03-16 17:30:54 ----D---- C:\rsit
2011-03-09 15:19:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$
2011-03-09 15:17:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$
2011-03-06 01:01:24 ----D---- C:\Program Files\SpeedFan
2011-03-06 00:51:04 ----D---- C:\Program Files\SIW
2011-03-03 14:43:10 ----D---- C:\Users
2011-03-03 10:36:43 ----D---- C:\Program Files\ESET
2011-02-27 00:28:51 ----D---- C:\Program Files\Realtek Sound Manager
2011-02-27 00:28:51 ----A---- C:\WINDOWS\avrack.ini
2011-02-27 00:28:49 ----D---- C:\Program Files\Realtek AC97
2011-02-26 23:25:41 ----D---- C:\Program Files\trend micro
2011-02-26 17:03:44 ----A---- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
2011-02-26 17:01:59 ----A---- C:\WINDOWS\system32\drivers\Soluto.sys
2011-02-26 17:01:53 ----D---- C:\Program Files\Soluto
2011-02-26 17:00:49 ----D---- C:\Documents and Settings\All Users\Application Data\Soluto
2011-02-23 21:24:58 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$
2011-02-21 14:56:53 ----A---- C:\WINDOWS\system32\SET26CC.tmp
2011-02-21 14:56:41 ----A---- C:\WINDOWS\soundman.exe
2011-02-21 12:15:29 ----D---- C:\Documents and Settings\Peter\Application Data\Hamachi
2011-02-21 12:14:57 ----A---- C:\WINDOWS\system32\drivers\hamachi.sys
2011-02-20 23:30:00 ----D---- C:\Program Files\Mozilla Firefox
2011-02-19 19:19:09 ----D---- C:\Program Files\Any Audio Converter
======List of files/folders modified in the last 1 months======
2011-03-17 21:46:35 ----D---- C:\WINDOWS\system32\ias
2011-03-17 20:58:31 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-03-17 18:46:01 ----D---- C:\WINDOWS\Prefetch
2011-03-16 22:19:05 ----D---- C:\WINDOWS\system32\Restore
2011-03-16 22:18:46 ----D---- C:\WINDOWS
2011-03-16 22:11:11 ----SD---- C:\WINDOWS\Tasks
2011-03-16 22:09:08 ----A---- C:\WINDOWS\system.ini
2011-03-16 22:08:53 ----D---- C:\WINDOWS\system32\drivers\etc
2011-03-16 22:05:44 ----D---- C:\WINDOWS\system32\drivers
2011-03-16 22:05:44 ----D---- C:\WINDOWS\system32
2011-03-16 22:05:44 ----D---- C:\WINDOWS\AppPatch
2011-03-16 22:05:43 ----D---- C:\Program Files\Common Files
2011-03-16 21:58:46 ----D---- C:\WINDOWS\system32\CatRoot2
2011-03-16 19:15:30 ----D---- C:\Documents and Settings\Peter\Application Data\ICQ
2011-03-16 16:05:53 ----A---- C:\WINDOWS\wincmd.ini
2011-03-16 16:00:19 ----SHD---- C:\WINDOWS\Installer
2011-03-16 15:57:30 ----A---- C:\WINDOWS\wcx_ftp.ini
2011-03-14 11:47:09 ----D---- C:\Documents and Settings\Peter\Application Data\Winamp
2011-03-13 15:17:43 ----D---- C:\Program Files\CCleaner
2011-03-13 15:16:32 ----D---- C:\WINDOWS\Debug
2011-03-09 15:19:37 ----HD---- C:\WINDOWS\inf
2011-03-09 15:19:36 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-03-09 15:17:39 ----A---- C:\WINDOWS\system32\MRT.exe
2011-03-09 15:17:36 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2011-03-09 15:17:26 ----D---- C:\WINDOWS\system32\CatRoot
2011-03-09 15:15:46 ----HD---- C:\WINDOWS\$hf_mig$
2011-03-09 15:12:32 ----RASH---- C:\boot.ini
2011-03-09 15:12:31 ----A---- C:\WINDOWS\win.ini
2011-03-08 22:00:20 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2011-03-08 17:49:41 ----SD---- C:\Documents and Settings\Peter\Application Data\Microsoft
2011-03-08 17:49:41 ----D---- C:\Documents and Settings\Peter\Application Data\Adobe
2011-03-07 22:36:03 ----D---- C:\Program Files
2011-03-07 18:58:29 ----D---- C:\Program Files\Common Files\Adobe
2011-03-07 18:58:15 ----D---- C:\Program Files\Adobe
2011-03-03 10:36:43 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2011-02-27 00:40:30 ----A---- C:\WINDOWS\RtlRack.ini
2011-02-27 00:28:51 ----D---- C:\Program Files\AvRack
2011-02-27 00:27:20 ----A---- C:\WINDOWS\system32\RTLCPL.exe
2011-02-27 00:27:19 ----A---- C:\WINDOWS\system32\RtlCPAPI.dll
2011-02-27 00:27:16 ----A---- C:\WINDOWS\system32\ChCfg.exe
2011-02-27 00:27:15 ----A---- C:\WINDOWS\alcupd.exe
2011-02-27 00:27:15 ----A---- C:\WINDOWS\alcrmv.exe
2011-02-26 17:03:32 ----RSD---- C:\WINDOWS\assembly
2011-02-26 17:01:59 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-02-22 01:54:15 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-02-22 01:21:23 ----A---- C:\WINDOWS\system32\everest_cpl.ini
2011-02-21 14:36:30 ----SD---- C:\WINDOWS\Web
2011-02-21 14:36:30 ----D---- C:\Program Files\ATI Technologies
2011-02-21 14:36:26 ----A---- C:\WINDOWS\wininit.ini
2011-02-21 14:33:56 ----HD---- C:\Program Files\InstallShield Installation Information
2011-02-21 14:30:33 ----D---- C:\Documents and Settings\Peter\Application Data\Real
2011-02-21 14:30:24 ----D---- C:\Documents and Settings\All Users\Application Data\Real
2011-02-21 12:36:32 ----D---- C:\Program Files\Common Files\ACD Systems
2011-02-20 23:28:26 ----D---- C:\Program Files\Bywifi
2011-02-20 18:13:21 ----D---- C:\Program Files\Common Files\Java
2011-02-20 18:13:07 ----D---- C:\Program Files\Java
2011-02-18 23:35:39 ----D---- C:\Documents and Settings\Peter\Application Data\Skype
2011-02-18 21:20:16 ----D---- C:\Documents and Settings\Peter\Application Data\skypePM
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 MMRTKRNL;MMRTKRNL; C:\WINDOWS\system32\drivers\mmrtkrnl.sys [2005-01-11 92672]
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2005-05-17 92800]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 Soluto;Soluto; C:\WINDOWS\system32\DRIVERS\Soluto.sys [2011-02-09 51144]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2006-09-24 5248]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-05-22 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 AmdPPM;AMD HwPState Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2008-07-17 33408]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2010-08-03 55256]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1997-12-23 23936]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-12-21 141264]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2010-12-21 134000]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2011-02-27 2324480]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2005-05-31 1341466]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2010-12-21 33120]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2011-02-21 25280]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-01-08 9888672]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-08-01 54784]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2010-11-12 100456]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-08-01 22016]
R3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2007-12-13 47360]
S0 TfFsMon;TfFsMon; C:\WINDOWS\system32\drivers\TfFsMon.sys []
S0 TfSysMon;TfSysMon; C:\WINDOWS\system32\drivers\TfSysMon.sys []
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []
S2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS\system32\drivers\btslbcsp.sys []
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2005-05-31 401152]
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2005-05-31 30363]
S3 BthEnum;Bluetooth Request Block Driver; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Bluetooth Serial Communications Driver; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-13 272128]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2005-05-31 148040]
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys []
S3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2005-05-31 30189]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2005-05-31 56648]
S3 catchme;catchme; \??\C:\DOCUME~1\Peter\LOCALS~1\Temp\catchme.sys []
S3 cpuz132;cpuz132; \??\C:\DOCUME~1\Peter\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
S3 n558;N558 Bluetooth USB Filter Driver; C:\WINDOWS\System32\Drivers\n558.sys [2007-08-15 9600]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys []
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys []
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys []
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys []
S3 OlyCamComm;OLYMPUS USB Communication Device; C:\WINDOWS\system32\DRIVERS\OlyCamComm.sys [2009-09-10 21648]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 s125bus;Sony Ericsson Device 125 driver (WDM); C:\WINDOWS\system32\DRIVERS\s125bus.sys [2007-04-24 83336]
S3 SE2Ebus;Sony Ericsson Device 046 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE2Ebus.sys [2006-05-01 61600]
S3 SE2Emdfl;Sony Ericsson Device 046 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE2Emdfl.sys [2006-05-01 9360]
S3 SE2Emdm;Sony Ericsson Device 046 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE2Emdm.sys [2006-05-01 97184]
S3 SE2Emgmt;Sony Ericsson Device 046 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE2Emgmt.sys [2006-05-01 88688]
S3 se2End5;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (NDIS); C:\WINDOWS\system32\DRIVERS\se2End5.sys [2006-05-01 18704]
S3 se2Eunic;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (WDM); C:\WINDOWS\system32\DRIVERS\se2Eunic.sys [2006-05-01 90800]
S3 SRS_SSCFilter;SRS Labs Audio Sandbox (WDM); C:\WINDOWS\system32\drivers\srs_sscfilter_i386.sys [2007-07-26 39808]
S3 TfNetMon;TfNetMon; \??\C:\WINDOWS\system32\drivers\TfNetMon.sys []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys []
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys []
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 WS2IFSL;Prostredie podpory poskytovateľa služby Windows Socket 2.0 Non-IFS Service; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2011-01-12 810144]
R2 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
R2 SolutoService;Soluto PCGenome Core Service; C:\Program Files\Soluto\SolutoService.exe [2011-02-09 311328]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 btwdins;Bluetooth Service; C:\Program Files\MSI\BToes Bluetooth Software\bin\btwdins.exe [2005-05-31 258103]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2011-01-12 33584]
S3 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-15 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2011-01-07 156776]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
S3 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-01-30 107832]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-09-29 616448]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S4 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe []
S4 ForcewareWebInterface;Forceware Web Interface; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe -k runservice []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe []
S4 nSvcLog;ForceWare user log service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe []
S4 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
-----------------EOF-----------------
Logfile of random's system information tool 1.08 (written by random/random)
Run by Peter at 2011-03-17 21:48:20
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 33 GB (65%) free of 51 GB
Total RAM: 1023 MB (27% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:48:28, on 17.3.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Soluto\soluto.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Soluto\SolutoService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Peter\Desktop\RSIT.exe
C:\Program Files\trend micro\Peter.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://iws.asksearch.com/?cfg=2-347-0-...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {09E90109-A9AA-4980-BCEF-76F8D924E902} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {09E90109-A9AA-4980-BCEF-76F8D924E902} - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.sk/OnlineScanner.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 3855522859
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://212.80.66.25/activex/AxisCamControl.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crl ... crlocx.ocx
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol ... _en_dl.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\MSI\BToes Bluetooth Software\bin\btwdins.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe
--
End of file - 6604 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{5424BEA9-A10A-4D48-AC65-CB94681185C6}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2011-01-30 64928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-02 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-01-07 13880424]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-01-12 2219184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-01-30 35736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2005-08-06 61440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [2008-06-24 132392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
bthprops.cpl,,BluetoothAuthenticationAgent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-09-16 1164584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MultiScreen]
C:\Program Files\MultiScreen\MultiScreen.exe [2008-06-30 114688]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-06-19 570664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2011-01-07 111208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM_Monitor]
C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe [2006-05-16 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
C:\WINDOWS\SOUNDMAN.EXE [2011-02-27 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WIAWizardMenu]
C:\WINDOWS\system32\sti_ci.dll [2008-04-14 136704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ATI CATALYST System Tray.lnk]
C:\PROGRA~1\ATITEC~1\ATI.ACE\CLI.exe [2005-08-06 61440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\MSI\BTOESB~1\BTTray.exe [2005-05-31 577597]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2005-05-11 282624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
C:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"lanmanworkstation"=2
"W32Time"=2
"upnphost"=3
"LmHosts"=2
"lanmanserver"=2
"seclogon"=2
"WmdmPmSN"=3
"CiSvc"=3
"PolicyAgent"=2
"FastUserSwitchingCompatibility"=3
"TrkWks"=2
"Browser"=2
"ClipSrv"=3
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SolutoService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Disabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Windows Media Player\wmplayer.exe"="C:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ"
"C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe:*:Enabled:Nero ControlCenter"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Disabled:Google Earth"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Bywifi\bywifi.exe"="C:\Program Files\Bywifi\bywifi.exe:*:Enabled:Bywifi: Video Streaming Accelerator"
"D:\NAJ\LFS\LFS.exe"="D:\NAJ\LFS\LFS.exe:*:Enabled:LFS"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Soluto\Soluto.exe"="C:\Program Files\Soluto\Soluto.exe:*:Enabled:Soluto Tray"
"C:\Program Files\Soluto\SolutoService.exe"="C:\Program Files\Soluto\SolutoService.exe:*:Enabled:Soluto Service"
"C:\Program Files\Soluto\SolutoConsole.exe"="C:\Program Files\Soluto\SolutoConsole.exe:*:Enabled:Soluto Console"
"C:\Program Files\Soluto\SolutoUpdateService.exe"="C:\Program Files\Soluto\SolutoUpdateService.exe:*:Enabled:Soluto Update Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2011-03-17 09:25:31 ----SHD---- C:\RECYCLER
2011-03-16 22:18:36 ----SD---- C:\ComboFix
2011-03-16 22:12:21 ----D---- C:\WINDOWS\temp
2011-03-16 22:12:20 ----A---- C:\ComboFix.txt
2011-03-16 21:58:21 ----D---- C:\WINDOWS\ERDNT
2011-03-16 17:30:54 ----D---- C:\rsit
2011-03-09 15:19:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$
2011-03-09 15:17:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$
2011-03-06 01:01:24 ----D---- C:\Program Files\SpeedFan
2011-03-06 00:51:04 ----D---- C:\Program Files\SIW
2011-03-03 14:43:10 ----D---- C:\Users
2011-03-03 10:36:43 ----D---- C:\Program Files\ESET
2011-02-27 00:28:51 ----D---- C:\Program Files\Realtek Sound Manager
2011-02-27 00:28:51 ----A---- C:\WINDOWS\avrack.ini
2011-02-27 00:28:49 ----D---- C:\Program Files\Realtek AC97
2011-02-26 23:25:41 ----D---- C:\Program Files\trend micro
2011-02-26 17:03:44 ----A---- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
2011-02-26 17:01:59 ----A---- C:\WINDOWS\system32\drivers\Soluto.sys
2011-02-26 17:01:53 ----D---- C:\Program Files\Soluto
2011-02-26 17:00:49 ----D---- C:\Documents and Settings\All Users\Application Data\Soluto
2011-02-23 21:24:58 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$
2011-02-21 14:56:53 ----A---- C:\WINDOWS\system32\SET26CC.tmp
2011-02-21 14:56:41 ----A---- C:\WINDOWS\soundman.exe
2011-02-21 12:15:29 ----D---- C:\Documents and Settings\Peter\Application Data\Hamachi
2011-02-21 12:14:57 ----A---- C:\WINDOWS\system32\drivers\hamachi.sys
2011-02-20 23:30:00 ----D---- C:\Program Files\Mozilla Firefox
2011-02-19 19:19:09 ----D---- C:\Program Files\Any Audio Converter
======List of files/folders modified in the last 1 months======
2011-03-17 21:46:35 ----D---- C:\WINDOWS\system32\ias
2011-03-17 20:58:31 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-03-17 18:46:01 ----D---- C:\WINDOWS\Prefetch
2011-03-16 22:19:05 ----D---- C:\WINDOWS\system32\Restore
2011-03-16 22:18:46 ----D---- C:\WINDOWS
2011-03-16 22:11:11 ----SD---- C:\WINDOWS\Tasks
2011-03-16 22:09:08 ----A---- C:\WINDOWS\system.ini
2011-03-16 22:08:53 ----D---- C:\WINDOWS\system32\drivers\etc
2011-03-16 22:05:44 ----D---- C:\WINDOWS\system32\drivers
2011-03-16 22:05:44 ----D---- C:\WINDOWS\system32
2011-03-16 22:05:44 ----D---- C:\WINDOWS\AppPatch
2011-03-16 22:05:43 ----D---- C:\Program Files\Common Files
2011-03-16 21:58:46 ----D---- C:\WINDOWS\system32\CatRoot2
2011-03-16 19:15:30 ----D---- C:\Documents and Settings\Peter\Application Data\ICQ
2011-03-16 16:05:53 ----A---- C:\WINDOWS\wincmd.ini
2011-03-16 16:00:19 ----SHD---- C:\WINDOWS\Installer
2011-03-16 15:57:30 ----A---- C:\WINDOWS\wcx_ftp.ini
2011-03-14 11:47:09 ----D---- C:\Documents and Settings\Peter\Application Data\Winamp
2011-03-13 15:17:43 ----D---- C:\Program Files\CCleaner
2011-03-13 15:16:32 ----D---- C:\WINDOWS\Debug
2011-03-09 15:19:37 ----HD---- C:\WINDOWS\inf
2011-03-09 15:19:36 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-03-09 15:17:39 ----A---- C:\WINDOWS\system32\MRT.exe
2011-03-09 15:17:36 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2011-03-09 15:17:26 ----D---- C:\WINDOWS\system32\CatRoot
2011-03-09 15:15:46 ----HD---- C:\WINDOWS\$hf_mig$
2011-03-09 15:12:32 ----RASH---- C:\boot.ini
2011-03-09 15:12:31 ----A---- C:\WINDOWS\win.ini
2011-03-08 22:00:20 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2011-03-08 17:49:41 ----SD---- C:\Documents and Settings\Peter\Application Data\Microsoft
2011-03-08 17:49:41 ----D---- C:\Documents and Settings\Peter\Application Data\Adobe
2011-03-07 22:36:03 ----D---- C:\Program Files
2011-03-07 18:58:29 ----D---- C:\Program Files\Common Files\Adobe
2011-03-07 18:58:15 ----D---- C:\Program Files\Adobe
2011-03-03 10:36:43 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2011-02-27 00:40:30 ----A---- C:\WINDOWS\RtlRack.ini
2011-02-27 00:28:51 ----D---- C:\Program Files\AvRack
2011-02-27 00:27:20 ----A---- C:\WINDOWS\system32\RTLCPL.exe
2011-02-27 00:27:19 ----A---- C:\WINDOWS\system32\RtlCPAPI.dll
2011-02-27 00:27:16 ----A---- C:\WINDOWS\system32\ChCfg.exe
2011-02-27 00:27:15 ----A---- C:\WINDOWS\alcupd.exe
2011-02-27 00:27:15 ----A---- C:\WINDOWS\alcrmv.exe
2011-02-26 17:03:32 ----RSD---- C:\WINDOWS\assembly
2011-02-26 17:01:59 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-02-22 01:54:15 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-02-22 01:21:23 ----A---- C:\WINDOWS\system32\everest_cpl.ini
2011-02-21 14:36:30 ----SD---- C:\WINDOWS\Web
2011-02-21 14:36:30 ----D---- C:\Program Files\ATI Technologies
2011-02-21 14:36:26 ----A---- C:\WINDOWS\wininit.ini
2011-02-21 14:33:56 ----HD---- C:\Program Files\InstallShield Installation Information
2011-02-21 14:30:33 ----D---- C:\Documents and Settings\Peter\Application Data\Real
2011-02-21 14:30:24 ----D---- C:\Documents and Settings\All Users\Application Data\Real
2011-02-21 12:36:32 ----D---- C:\Program Files\Common Files\ACD Systems
2011-02-20 23:28:26 ----D---- C:\Program Files\Bywifi
2011-02-20 18:13:21 ----D---- C:\Program Files\Common Files\Java
2011-02-20 18:13:07 ----D---- C:\Program Files\Java
2011-02-18 23:35:39 ----D---- C:\Documents and Settings\Peter\Application Data\Skype
2011-02-18 21:20:16 ----D---- C:\Documents and Settings\Peter\Application Data\skypePM
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 MMRTKRNL;MMRTKRNL; C:\WINDOWS\system32\drivers\mmrtkrnl.sys [2005-01-11 92672]
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2005-05-17 92800]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 Soluto;Soluto; C:\WINDOWS\system32\DRIVERS\Soluto.sys [2011-02-09 51144]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2006-09-24 5248]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-05-22 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 AmdPPM;AMD HwPState Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2008-07-17 33408]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2010-08-03 55256]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1997-12-23 23936]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-12-21 141264]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2010-12-21 134000]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2011-02-27 2324480]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2005-05-31 1341466]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2010-12-21 33120]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2011-02-21 25280]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-01-08 9888672]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-08-01 54784]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2010-11-12 100456]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-08-01 22016]
R3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2007-12-13 47360]
S0 TfFsMon;TfFsMon; C:\WINDOWS\system32\drivers\TfFsMon.sys []
S0 TfSysMon;TfSysMon; C:\WINDOWS\system32\drivers\TfSysMon.sys []
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []
S2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS\system32\drivers\btslbcsp.sys []
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2005-05-31 401152]
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2005-05-31 30363]
S3 BthEnum;Bluetooth Request Block Driver; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Bluetooth Serial Communications Driver; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-13 272128]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2005-05-31 148040]
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys []
S3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2005-05-31 30189]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2005-05-31 56648]
S3 catchme;catchme; \??\C:\DOCUME~1\Peter\LOCALS~1\Temp\catchme.sys []
S3 cpuz132;cpuz132; \??\C:\DOCUME~1\Peter\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
S3 n558;N558 Bluetooth USB Filter Driver; C:\WINDOWS\System32\Drivers\n558.sys [2007-08-15 9600]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys []
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys []
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys []
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys []
S3 OlyCamComm;OLYMPUS USB Communication Device; C:\WINDOWS\system32\DRIVERS\OlyCamComm.sys [2009-09-10 21648]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 s125bus;Sony Ericsson Device 125 driver (WDM); C:\WINDOWS\system32\DRIVERS\s125bus.sys [2007-04-24 83336]
S3 SE2Ebus;Sony Ericsson Device 046 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE2Ebus.sys [2006-05-01 61600]
S3 SE2Emdfl;Sony Ericsson Device 046 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE2Emdfl.sys [2006-05-01 9360]
S3 SE2Emdm;Sony Ericsson Device 046 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE2Emdm.sys [2006-05-01 97184]
S3 SE2Emgmt;Sony Ericsson Device 046 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE2Emgmt.sys [2006-05-01 88688]
S3 se2End5;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (NDIS); C:\WINDOWS\system32\DRIVERS\se2End5.sys [2006-05-01 18704]
S3 se2Eunic;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (WDM); C:\WINDOWS\system32\DRIVERS\se2Eunic.sys [2006-05-01 90800]
S3 SRS_SSCFilter;SRS Labs Audio Sandbox (WDM); C:\WINDOWS\system32\drivers\srs_sscfilter_i386.sys [2007-07-26 39808]
S3 TfNetMon;TfNetMon; \??\C:\WINDOWS\system32\drivers\TfNetMon.sys []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys []
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys []
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 WS2IFSL;Prostredie podpory poskytovateľa služby Windows Socket 2.0 Non-IFS Service; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2011-01-12 810144]
R2 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
R2 SolutoService;Soluto PCGenome Core Service; C:\Program Files\Soluto\SolutoService.exe [2011-02-09 311328]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 btwdins;Bluetooth Service; C:\Program Files\MSI\BToes Bluetooth Software\bin\btwdins.exe [2005-05-31 258103]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2011-01-12 33584]
S3 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-15 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2011-01-07 156776]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
S3 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-01-30 107832]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-09-29 616448]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S4 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe []
S4 ForcewareWebInterface;Forceware Web Interface; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe -k runservice []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe []
S4 nSvcLog;ForceWare user log service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe []
S4 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
-----------------EOF-----------------
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Prosím o kontrolu
No smejda uz nemas, ale mas tam este dajake zbytky z ThreatFire _PCTOOLS,
S0 TfFsMon;TfFsMon; C:\WINDOWS\system32\drivers\TfFsMon.sys []
S0 TfSysMon;TfSysMon; C:\WINDOWS\system32\drivers\TfSysMon.sys []
S0 TfFsMon;TfFsMon; C:\WINDOWS\system32\drivers\TfFsMon.sys []
S0 TfSysMon;TfSysMon; C:\WINDOWS\system32\drivers\TfSysMon.sys []
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Re: Prosím o kontrolu
a čo s tým?
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Pockaj napisem ti dajaky script,
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Stiahnes>>OTMoveIt3 by OldTimer >.podla navodu vloz text a klik-Moveit>>log po restarte vloz sem.
Kód: Vybrat vše
:processes
explorer.exe
:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
ipconfig /flushdns /c
:services
TfFsMon
TfSysMon
:Commands
[CreateRestorePoint]
[emptytemp]
[start explorer]
[Reboot]Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Re: Prosím o kontrolu
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
C:\WINDOWS\system32\SET26CC.tmp moved successfully.
C:\WINDOWS\Installer\MSI17AA.tmp moved successfully.
C:\WINDOWS\Installer\MSI1975.tmp moved successfully.
C:\WINDOWS\Installer\MSI1979.tmp moved successfully.
C:\WINDOWS\Installer\MSI2F7.tmp moved successfully.
C:\WINDOWS\Installer\MSI341.tmp moved successfully.
C:\WINDOWS\Installer\MSI342.tmp moved successfully.
C:\WINDOWS\Installer\MSI343.tmp moved successfully.
C:\WINDOWS\Installer\MSI5C6.tmp moved successfully.
C:\WINDOWS\Installer\MSI751.tmp moved successfully.
< ipconfig /flushdns /c >
Konfigurácia protokolu IP systému Windows
Vyrovnávacia pamäť prekladania DNS sa úspešne vyprázdnila.
C:\Documents and Settings\Peter\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Peter\Desktop\cmd.txt deleted successfully.
========== SERVICES/DRIVERS ==========
Service TfFsMon stopped successfully!
Service TfFsMon deleted successfully!
Service TfSysMon stopped successfully!
Service TfSysMon deleted successfully!
========== COMMANDS ==========
Unable to start service SrService!
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Peter
->Temp folder emptied: 28812 bytes
->Temporary Internet Files folder emptied: 1543929 bytes
->Java cache emptied: 200578 bytes
->FireFox cache emptied: 64015833 bytes
->Flash cache emptied: 11788 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 339991 bytes
Total Files Cleaned = 63,00 mb
OTM by OldTimer - Version 3.1.17.2 log created on 03172011_221733
Files moved on Reboot...
Registry entries deleted on Reboot...
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
C:\WINDOWS\system32\SET26CC.tmp moved successfully.
C:\WINDOWS\Installer\MSI17AA.tmp moved successfully.
C:\WINDOWS\Installer\MSI1975.tmp moved successfully.
C:\WINDOWS\Installer\MSI1979.tmp moved successfully.
C:\WINDOWS\Installer\MSI2F7.tmp moved successfully.
C:\WINDOWS\Installer\MSI341.tmp moved successfully.
C:\WINDOWS\Installer\MSI342.tmp moved successfully.
C:\WINDOWS\Installer\MSI343.tmp moved successfully.
C:\WINDOWS\Installer\MSI5C6.tmp moved successfully.
C:\WINDOWS\Installer\MSI751.tmp moved successfully.
< ipconfig /flushdns /c >
Konfigurácia protokolu IP systému Windows
Vyrovnávacia pamäť prekladania DNS sa úspešne vyprázdnila.
C:\Documents and Settings\Peter\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Peter\Desktop\cmd.txt deleted successfully.
========== SERVICES/DRIVERS ==========
Service TfFsMon stopped successfully!
Service TfFsMon deleted successfully!
Service TfSysMon stopped successfully!
Service TfSysMon deleted successfully!
========== COMMANDS ==========
Unable to start service SrService!
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Peter
->Temp folder emptied: 28812 bytes
->Temporary Internet Files folder emptied: 1543929 bytes
->Java cache emptied: 200578 bytes
->FireFox cache emptied: 64015833 bytes
->Flash cache emptied: 11788 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 339991 bytes
Total Files Cleaned = 63,00 mb
OTM by OldTimer - Version 3.1.17.2 log created on 03172011_221733
Files moved on Reboot...
Registry entries deleted on Reboot...
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Unable to start service SrService!
mas vypnute Obnovu systemu, treba zapnut.
Ak vsetko, tot vse,
mas vypnute Obnovu systemu, treba zapnut.
Ak vsetko, tot vse,
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Re: Prosím o kontrolu
Ďakujem moc!
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Prosím o kontrolu
start>pravy klik na tento pocitac>>vlastnosti>zalozka obnova systemu>>vybrat fajku>vypnut nastroj obnova systemu>>ok>>pouzit.
Nemas zaco
Nemas zaco
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Přispějete na provoz fóra?