Dobrý den, chtěla bych poprosit o radu. Mám Windows 7, 64 bit. Prakticky z ničeho nic se mi PC zasekne vždy při načítání plochy. Po spuštění PC se propracuji k přihlašovací obrazovce, po kliknutí na svůj účet se objeví „Vítejte“ a po dost dlouhé době (cca 30-60s) se načte plocha a tím to skončí. PC se sekne a nereaguje vůbec na nic. Nouzový režim funguje.
Můj problém se velmi podobá problému jiného uživatele : /viewtopic.php?f=13&t=110379
Posílám log z RSIT a předem děkuji za pomoc
Logfile of random's system information tool 1.08 (written by random/random)
Run by Romana at 2011-04-29 16:49:03
Microsoft Windows 7 Home Premium
System drive C: has 293 GB (63%) free of 465 GB
Total RAM: 4095 MB (80% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:49:38, on 29.4.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16766)
Boot mode: Safe mode with network support
Running processes:
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\trend micro\Romana.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll (file missing)
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files (x86)\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Get a FREE audiobook!.lnk = C:\Users\Romana\AppData\Local\Temp\Get a FREE audiobook!.exe
O4 - Startup: Lingea Update Center.lnk = C:\Program Files (x86)\Common Files\Lingea Shared\luc.exe
O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files (x86)\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: HP Chytrý výběr - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.com/s/v/66.35/uploader2.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.cz/s/v/55.16/uploader2.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Creative Centrale Media Server (CTUPnPSv) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 15563 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
ctfmon.exe
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:1940 CREDAT:79873
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE"
"C:\Users\Romana\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HPCeeScheduleForRomana.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2011-03-03 400560]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg64.dll [2011-03-03 335928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.2.8.7.dll [2008-08-11 656696]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-03-03 298160]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll [2011-03-03 848952]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll []
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2011-03-03 400560]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll []
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-03-03 298160]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CTCheck"=C:\Program Files\Creative\ZEN Media Explorer\CTCheck.exe [2007-11-06 397312]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-06-11 178712]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-11-16 2716216]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTSyncU.exe"=C:\Program Files (x86)\Creative\Sync Manager Unicode\CTSyncU.exe [2007-07-17 868352]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2009-07-14 163328]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-08-20 39408]
"OEXPRESS"= []
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"TomTomHOME.exe"=C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2011-03-09 247728]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Photo Downloader"=C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe [2007-09-11 67488]
"ccApp"=C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe [2008-10-17 51048]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"HP Health Check Scheduler"=c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-02 75008]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-03-13 81920]
"hpsysdrv"=c:\hp\support\hpsysdrv.exe [2007-04-18 65536]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2008-11-20 290088]
"KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]
"OsdMaestro"=c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe [2007-02-15 119296]
"RoxWatchTray"=C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2008-06-08 236016]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-03-17 421888]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\Romana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Get a FREE audiobook!.lnk - C:\Users\Romana\AppData\Local\Temp\Get a FREE audiobook!.exe
Lingea Update Center.lnk - C:\Program Files (x86)\Common Files\Lingea Shared\luc.exe
Picture Motion Browser Media Check Tool.lnk - C:\Program Files (x86)\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"legalnoticetext"=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2011-04-29 16:49:03 ----D---- C:\rsit
2011-04-29 16:49:03 ----D---- C:\Program Files\trend micro
2011-04-29 15:51:38 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2011-04-29 15:09:42 ----A---- C:\Windows\ntbtlog.txt
2011-04-28 20:03:50 ----D---- C:\Windows\Minidump
2011-04-15 19:45:13 ----A---- C:\Windows\SYSWOW64\javaws.exe
2011-04-15 19:45:13 ----A---- C:\Windows\SYSWOW64\javaw.exe
2011-04-15 19:45:13 ----A---- C:\Windows\SYSWOW64\java.exe
2011-04-15 06:58:34 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2011-04-15 06:58:34 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-04-15 06:58:33 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-04-15 06:58:33 ----A---- C:\Windows\system32\vbscript.dll
2011-04-15 06:58:33 ----A---- C:\Windows\system32\jscript.dll
2011-04-15 06:58:32 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2011-04-15 06:58:32 ----A---- C:\Windows\system32\win32k.sys
2011-04-15 06:58:31 ----A---- C:\Windows\system32\mfc42u.dll
2011-04-15 06:58:31 ----A---- C:\Windows\system32\mfc42.dll
2011-04-15 06:58:30 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2011-04-15 06:58:30 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2011-04-15 06:58:30 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-04-15 06:58:29 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-04-15 06:58:29 ----A---- C:\Windows\system32\drivers\srv.sys
2011-04-15 06:58:28 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2011-04-15 06:58:28 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2011-04-15 06:58:28 ----A---- C:\Windows\system32\atmlib.dll
2011-04-15 06:58:28 ----A---- C:\Windows\system32\atmfd.dll
2011-04-15 06:58:27 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-04-15 06:58:27 ----A---- C:\Windows\system32\mshtml.dll
2011-04-15 06:58:26 ----A---- C:\Windows\system32\ieframe.dll
2011-04-15 06:58:22 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-04-15 06:58:18 ----A---- C:\Windows\system32\wininet.dll
2011-04-15 06:58:18 ----A---- C:\Windows\system32\urlmon.dll
2011-04-15 06:58:17 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-04-15 06:58:16 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-04-15 06:58:15 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-04-15 06:58:15 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-04-15 06:58:15 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-04-15 06:58:15 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-04-15 06:58:15 ----A---- C:\Windows\system32\mstime.dll
2011-04-15 06:58:15 ----A---- C:\Windows\system32\msfeeds.dll
2011-04-15 06:58:15 ----A---- C:\Windows\system32\ieui.dll
2011-04-15 06:58:15 ----A---- C:\Windows\system32\iertutil.dll
2011-04-15 06:58:15 ----A---- C:\Windows\system32\iepeers.dll
2011-04-15 06:58:15 ----A---- C:\Windows\system32\iedkcs32.dll
2011-04-15 06:58:14 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-04-15 06:58:14 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-04-15 06:58:14 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-04-15 06:58:14 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-04-15 06:58:14 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-04-15 06:58:14 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-04-15 06:58:14 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-04-15 06:58:14 ----A---- C:\Windows\system32\mshtmled.dll
2011-04-15 06:58:14 ----A---- C:\Windows\system32\msfeedssync.exe
2011-04-15 06:58:14 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-04-15 06:58:14 ----A---- C:\Windows\system32\licmgr10.dll
2011-04-15 06:58:14 ----A---- C:\Windows\system32\jsproxy.dll
2011-04-15 06:58:01 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2011-04-15 06:58:01 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2011-04-15 06:58:01 ----A---- C:\Windows\system32\inetcomm.dll
2011-04-15 06:58:01 ----A---- C:\Windows\system32\dnsrslvr.dll
2011-04-15 06:58:01 ----A---- C:\Windows\system32\dnscacheugc.exe
2011-04-15 06:58:01 ----A---- C:\Windows\system32\dnsapi.dll
2011-04-15 06:58:00 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2011-04-15 06:57:59 ----A---- C:\Windows\system32\winresume.exe
2011-04-15 06:57:59 ----A---- C:\Windows\system32\winload.exe
2011-04-15 06:57:59 ----A---- C:\Windows\system32\kdusb.dll
2011-04-15 06:57:59 ----A---- C:\Windows\system32\kdcom.dll
2011-04-15 06:57:59 ----A---- C:\Windows\system32\kd1394.dll
2011-04-15 06:57:59 ----A---- C:\Windows\system32\FXSCOVER.exe
2011-04-15 06:57:58 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-04-15 06:57:58 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-04-15 06:57:58 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-04-15 06:57:58 ----A---- C:\Windows\system32\drivers\bowser.sys
2011-04-03 11:06:13 ----D---- C:\ProgramData\McAfee
======List of files/folders modified in the last 1 months======
2011-04-29 16:49:04 ----D---- C:\Windows\Temp
2011-04-29 16:49:03 ----RD---- C:\Program Files
2011-04-29 15:51:38 ----D---- C:\Windows\SysWOW64
2011-04-29 15:51:38 ----D---- C:\Windows\inf
2011-04-29 15:47:34 ----SHD---- C:\System Volume Information
2011-04-29 15:47:30 ----D---- C:\Windows\winsxs
2011-04-29 15:47:30 ----D---- C:\Windows\Tasks
2011-04-29 15:47:30 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-04-29 15:47:30 ----D---- C:\Windows\system32\wfp
2011-04-29 15:47:30 ----D---- C:\Windows\system32\DriverStore
2011-04-29 15:47:30 ----D---- C:\Windows\system32\drivers
2011-04-29 15:47:30 ----D---- C:\Windows\system32\cs-CZ
2011-04-29 15:47:30 ----D---- C:\Windows\system32\catroot2
2011-04-29 15:47:30 ----D---- C:\Windows\AppPatch
2011-04-29 15:47:28 ----D---- C:\Windows\system32\Tasks
2011-04-29 15:47:28 ----D---- C:\Windows\system32\CodeIntegrity
2011-04-29 15:47:26 ----D---- C:\Windows\AppCompat
2011-04-29 15:47:24 ----D---- C:\ProgramData\HP Product Assistant
2011-04-29 15:47:24 ----D---- C:\ProgramData\HP
2011-04-29 15:47:21 ----D---- C:\Windows\registration
2011-04-29 15:47:11 ----D---- C:\Windows\system32\catroot
2011-04-29 15:26:01 ----D---- C:\Windows\System32
2011-04-29 15:26:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-04-29 15:16:22 ----D---- C:\Windows\system32\config
2011-04-29 15:15:54 ----D---- C:\Windows
2011-04-29 15:15:00 ----RD---- C:\Program Files (x86)
2011-04-29 15:15:00 ----HD---- C:\ProgramData
2011-04-28 21:00:03 ----D---- C:\Windows\system32\wbem
2011-04-28 20:34:43 ----D---- C:\Windows\system32\LogFiles
2011-04-27 18:26:16 ----D---- C:\Windows\Prefetch
2011-04-15 19:45:24 ----SHD---- C:\Windows\Installer
2011-04-15 19:45:12 ----D---- C:\Program Files (x86)\Java
2011-04-15 18:55:01 ----D---- C:\Windows\Microsoft.NET
2011-04-15 18:55:00 ----RSD---- C:\Windows\assembly
2011-04-15 17:46:41 ----D---- C:\Windows\SYSWOW64\migration
2011-04-15 17:46:41 ----D---- C:\Windows\system32\migration
2011-04-15 17:46:41 ----D---- C:\Program Files\Internet Explorer
2011-04-15 17:46:41 ----D---- C:\Program Files (x86)\Internet Explorer
2011-04-15 17:46:39 ----D---- C:\Windows\system32\Boot
2011-04-15 07:31:29 ----D---- C:\ProgramData\Microsoft Help
2011-04-15 07:27:12 ----A---- C:\Windows\system32\MRT.exe
2011-04-05 18:16:46 ----D---- C:\Windows\Downloaded Program Files
2011-04-03 11:10:44 ----D---- C:\ProgramData\Adobe
2011-04-03 11:08:30 ----D---- C:\Program Files (x86)\Adobe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-06-11 395800]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2009-01-04 52856]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-06-19 33608]
R3 netr28x;Ralink 802.11n – bezdrátový ovladač pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr28x.sys [2009-06-10 620544]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2008-02-14 160768]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-01-17 834544]
S1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-11-16 136584]
S1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2009-02-19 28720]
S2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-11-16 145336]
S2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-11-16 169080]
S2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-11-16 44944]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 19968]
S3 HCW85BDA;Hauppauge WinTV 885 Video Capture; C:\Windows\system32\drivers\HCW85BDA.sys [2009-06-10 1192448]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2008-07-03 1477272]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2007-05-31 27520]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6; C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-09-11 124832]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
S2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2008-08-29 238888]
S2 ccEvtMgr;Symantec Event Manager; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
S2 ccProxy;Symantec Network Proxy; C:\Program Files (x86)\Common Files\Symantec Shared\ccProxy.exe [2008-02-18 214888]
S2 ccSetMgr;Symantec Settings Manager; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 CTDevice_Srv;CT Device Query service; C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe [2007-04-02 61440]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2009-11-16 735960]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-02 135664]
S2 HP Health Check Service;HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-06-02 94208]
S2 HPBtnSrv;HP Chasis Button Service; c:\hp\HPEZBTN\HPBtnSrv.exe [2007-05-29 198240]
S2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\syswow64\svchost.exe [2009-07-14 20992]
S2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-06-11 354840]
S2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-07-14 383008]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 Roxio Upnp Server 9;Roxio Upnp Server 9; C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUpnpService9.exe [2007-12-06 362992]
S2 RoxLiveShare9;LiveShare P2P Server 9; C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [2008-06-08 313840]
S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2008-06-08 170480]
S2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2011-03-09 92592]
S2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 CTUPnPSv;Creative Centrale Media Server; C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-11-16 23296]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-01-04 654848]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-20 182768]
S3 hpqcxs08;hpqcxs08; C:\Windows\syswow64\svchost.exe [2009-07-14 20992]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 iPod Service;iPod Service; C:\Program Files (x86)\iPod\bin\iPodService.exe [2008-11-20 536872]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe [2007-12-06 88560]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2008-06-08 1108464]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-02 1255736]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zamrznutí PC při načítání plochy
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Zamrznutí PC při načítání plochy
Dobrý večer 
Obnovu systému jste nezkoušel? Odkdy pc zamrzá, neinstaloval jste něco nového?
Tento program znáte, musí se spouštět při startu?
C:\Users\Romana\AppData\Local\Temp\Get a FREE audiobook!.exe
Obnovu systému jste nezkoušel? Odkdy pc zamrzá, neinstaloval jste něco nového?
Tento program znáte, musí se spouštět při startu?
C:\Users\Romana\AppData\Local\Temp\Get a FREE audiobook!.exe
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Zamrznutí PC při načítání plochy
Nic nového jsem na PC neinstalovala a obnovu systému jsem zkoušela a nepomohlo to.
Teď jsem podle Vaší rady vypnula programy spouštějící se zbytečně po startu, restartovala PC a nyní píšu ze standardně spuštěného PC.
Moc Vám oběma děkuji za pomoc, vypadá to, že je vše ok. Ještě použiji CCleaner a bude snad po starostech.
Ještě jednou děkuji
Narges
Teď jsem podle Vaší rady vypnula programy spouštějící se zbytečně po startu, restartovala PC a nyní píšu ze standardně spuštěného PC.
Moc Vám oběma děkuji za pomoc, vypadá to, že je vše ok. Ještě použiji CCleaner a bude snad po starostech.
Ještě jednou děkuji
Narges
Re: Zamrznutí PC při načítání plochy
Dobře, kdyby něco, tak se ozvěte. Jinak ten program, na který jsem se ptala, znáte?
A i za kolegu není zač
A i za kolegu není zač
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Zamrznutí PC při načítání plochy
Tak jsem zde zpět, opět v nouzovém režimu. PC se při práci spontánně restartovalo a situace se opakovala, přihlašovací obrazovka, "vítejte" cca 40 sekund, načtení plochy a ztuhnutí. Pak následovala černá obrazovka. Vypnula jsem natvrdo a spustila v NR. Pro jistotu znovu RSIT, log přikládám. Program na který jste se ptala vůbec neznám a netuším, kde se v počítači vzal.
Předem díky za pomoc
Logfile of random's system information tool 1.08 (written by random/random)
Run by Romana at 2011-04-29 20:00:15
Microsoft Windows 7 Home Premium
System drive C: has 294 GB (63%) free of 465 GB
Total RAM: 4095 MB (76% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:00:19, on 29.4.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16766)
Boot mode: Safe mode with network support
Running processes:
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\trend micro\Romana.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll (file missing)
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [OsdMaestro] c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: HP Chytrý výběr - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.com/s/v/66.35/uploader2.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.cz/s/v/55.16/uploader2.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Creative Centrale Media Server (CTUPnPSv) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14154 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
ctfmon.exe
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:1776 CREDAT:79873
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:1776 CREDAT:145411
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Users\Romana\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HPCeeScheduleForRomana.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2011-03-03 400560]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg64.dll [2011-03-03 335928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.2.8.7.dll [2008-08-11 656696]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-03-03 298160]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll [2011-03-03 848952]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll []
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2011-03-03 400560]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll []
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-03-03 298160]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CTCheck"=C:\Program Files\Creative\ZEN Media Explorer\CTCheck.exe [2007-11-06 397312]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-06-11 178712]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-11-16 2716216]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2009-07-14 163328]
"OEXPRESS"= []
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-08-20 39408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe [2007-09-11 67488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe [2008-10-17 51048]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSyncU.exe]
C:\Program Files (x86)\Creative\Sync Manager Unicode\CTSyncU.exe [2007-07-17 868352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-02 75008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2008-11-20 290088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2010-03-17 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-08-20 39408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2011-03-09 247728]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-03-13 81920]
"hpsysdrv"=c:\hp\support\hpsysdrv.exe [2007-04-18 65536]
"OsdMaestro"=c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe [2007-02-15 119296]
"RoxWatchTray"=C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2008-06-08 236016]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"legalnoticetext"=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2011-04-29 16:49:03 ----D---- C:\rsit
2011-04-29 16:49:03 ----D---- C:\Program Files\trend micro
2011-04-29 15:51:38 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2011-04-29 15:09:42 ----A---- C:\Windows\ntbtlog.txt
2011-04-28 20:03:50 ----D---- C:\Windows\Minidump
2011-04-15 19:45:13 ----A---- C:\Windows\SYSWOW64\javaws.exe
2011-04-15 19:45:13 ----A---- C:\Windows\SYSWOW64\javaw.exe
2011-04-15 19:45:13 ----A---- C:\Windows\SYSWOW64\java.exe
2011-04-15 06:58:34 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2011-04-15 06:58:34 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-04-15 06:58:33 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-04-15 06:58:33 ----A---- C:\Windows\system32\vbscript.dll
2011-04-15 06:58:33 ----A---- C:\Windows\system32\jscript.dll
2011-04-15 06:58:32 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2011-04-15 06:58:32 ----A---- C:\Windows\system32\win32k.sys
2011-04-15 06:58:31 ----A---- C:\Windows\system32\mfc42u.dll
2011-04-15 06:58:31 ----A---- C:\Windows\system32\mfc42.dll
2011-04-15 06:58:30 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2011-04-15 06:58:30 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2011-04-15 06:58:30 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-04-15 06:58:29 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-04-15 06:58:29 ----A---- C:\Windows\system32\drivers\srv.sys
2011-04-15 06:58:28 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2011-04-15 06:58:28 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2011-04-15 06:58:28 ----A---- C:\Windows\system32\atmlib.dll
2011-04-15 06:58:28 ----A---- C:\Windows\system32\atmfd.dll
2011-04-15 06:58:27 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-04-15 06:58:27 ----A---- C:\Windows\system32\mshtml.dll
2011-04-15 06:58:26 ----A---- C:\Windows\system32\ieframe.dll
2011-04-15 06:58:22 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-04-15 06:58:18 ----A---- C:\Windows\system32\wininet.dll
2011-04-15 06:58:18 ----A---- C:\Windows\system32\urlmon.dll
2011-04-15 06:58:17 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-04-15 06:58:16 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-04-15 06:58:15 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-04-15 06:58:15 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-04-15 06:58:15 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-04-15 06:58:15 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-04-15 06:58:15 ----A---- C:\Windows\system32\mstime.dll
2011-04-15 06:58:15 ----A---- C:\Windows\system32\msfeeds.dll
2011-04-15 06:58:15 ----A---- C:\Windows\system32\ieui.dll
2011-04-15 06:58:15 ----A---- C:\Windows\system32\iertutil.dll
2011-04-15 06:58:15 ----A---- C:\Windows\system32\iepeers.dll
2011-04-15 06:58:15 ----A---- C:\Windows\system32\iedkcs32.dll
2011-04-15 06:58:14 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-04-15 06:58:14 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-04-15 06:58:14 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-04-15 06:58:14 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-04-15 06:58:14 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-04-15 06:58:14 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-04-15 06:58:14 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-04-15 06:58:14 ----A---- C:\Windows\system32\mshtmled.dll
2011-04-15 06:58:14 ----A---- C:\Windows\system32\msfeedssync.exe
2011-04-15 06:58:14 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-04-15 06:58:14 ----A---- C:\Windows\system32\licmgr10.dll
2011-04-15 06:58:14 ----A---- C:\Windows\system32\jsproxy.dll
2011-04-15 06:58:01 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2011-04-15 06:58:01 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2011-04-15 06:58:01 ----A---- C:\Windows\system32\inetcomm.dll
2011-04-15 06:58:01 ----A---- C:\Windows\system32\dnsrslvr.dll
2011-04-15 06:58:01 ----A---- C:\Windows\system32\dnscacheugc.exe
2011-04-15 06:58:01 ----A---- C:\Windows\system32\dnsapi.dll
2011-04-15 06:58:00 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2011-04-15 06:57:59 ----A---- C:\Windows\system32\winresume.exe
2011-04-15 06:57:59 ----A---- C:\Windows\system32\winload.exe
2011-04-15 06:57:59 ----A---- C:\Windows\system32\kdusb.dll
2011-04-15 06:57:59 ----A---- C:\Windows\system32\kdcom.dll
2011-04-15 06:57:59 ----A---- C:\Windows\system32\kd1394.dll
2011-04-15 06:57:59 ----A---- C:\Windows\system32\FXSCOVER.exe
2011-04-15 06:57:58 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-04-15 06:57:58 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-04-15 06:57:58 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-04-15 06:57:58 ----A---- C:\Windows\system32\drivers\bowser.sys
2011-04-03 11:06:13 ----D---- C:\ProgramData\McAfee
======List of files/folders modified in the last 1 months======
2011-04-29 19:58:10 ----D---- C:\Windows\Temp
2011-04-29 19:57:21 ----D---- C:\Windows
2011-04-29 19:42:35 ----SHD---- C:\System Volume Information
2011-04-29 19:42:08 ----D---- C:\Windows\system32\catroot
2011-04-29 19:41:58 ----D---- C:\Windows\System32
2011-04-29 19:41:58 ----D---- C:\Windows\inf
2011-04-29 19:41:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-04-29 19:41:36 ----D---- C:\Windows\system32\catroot2
2011-04-29 19:41:14 ----D---- C:\Windows\winsxs
2011-04-29 19:37:22 ----D---- C:\Windows\system32\config
2011-04-29 16:49:03 ----RD---- C:\Program Files
2011-04-29 15:51:38 ----D---- C:\Windows\SysWOW64
2011-04-29 15:47:30 ----D---- C:\Windows\Tasks
2011-04-29 15:47:30 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-04-29 15:47:30 ----D---- C:\Windows\system32\wfp
2011-04-29 15:47:30 ----D---- C:\Windows\system32\DriverStore
2011-04-29 15:47:30 ----D---- C:\Windows\system32\drivers
2011-04-29 15:47:30 ----D---- C:\Windows\system32\cs-CZ
2011-04-29 15:47:30 ----D---- C:\Windows\AppPatch
2011-04-29 15:47:28 ----D---- C:\Windows\system32\Tasks
2011-04-29 15:47:28 ----D---- C:\Windows\system32\CodeIntegrity
2011-04-29 15:47:26 ----D---- C:\Windows\AppCompat
2011-04-29 15:47:24 ----D---- C:\ProgramData\HP Product Assistant
2011-04-29 15:47:24 ----D---- C:\ProgramData\HP
2011-04-29 15:47:21 ----D---- C:\Windows\registration
2011-04-29 15:15:00 ----RD---- C:\Program Files (x86)
2011-04-29 15:15:00 ----HD---- C:\ProgramData
2011-04-28 21:00:03 ----D---- C:\Windows\system32\wbem
2011-04-28 20:34:43 ----D---- C:\Windows\system32\LogFiles
2011-04-27 18:26:16 ----D---- C:\Windows\Prefetch
2011-04-15 19:45:24 ----SHD---- C:\Windows\Installer
2011-04-15 19:45:12 ----D---- C:\Program Files (x86)\Java
2011-04-15 18:55:01 ----D---- C:\Windows\Microsoft.NET
2011-04-15 18:55:00 ----RSD---- C:\Windows\assembly
2011-04-15 17:46:41 ----D---- C:\Windows\SYSWOW64\migration
2011-04-15 17:46:41 ----D---- C:\Windows\system32\migration
2011-04-15 17:46:41 ----D---- C:\Program Files\Internet Explorer
2011-04-15 17:46:41 ----D---- C:\Program Files (x86)\Internet Explorer
2011-04-15 17:46:39 ----D---- C:\Windows\system32\Boot
2011-04-15 07:31:29 ----D---- C:\ProgramData\Microsoft Help
2011-04-15 07:27:12 ----A---- C:\Windows\system32\MRT.exe
2011-04-05 18:16:46 ----D---- C:\Windows\Downloaded Program Files
2011-04-03 11:10:44 ----D---- C:\ProgramData\Adobe
2011-04-03 11:08:30 ----D---- C:\Program Files (x86)\Adobe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-06-11 395800]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2009-01-04 52856]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-06-19 33608]
R3 netr28x;Ralink 802.11n – bezdrátový ovladač pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr28x.sys [2009-06-10 620544]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2008-02-14 160768]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-01-17 834544]
S1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-11-16 136584]
S1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2009-02-19 28720]
S2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-11-16 145336]
S2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-11-16 169080]
S2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-11-16 44944]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 19968]
S3 HCW85BDA;Hauppauge WinTV 885 Video Capture; C:\Windows\system32\drivers\HCW85BDA.sys [2009-06-10 1192448]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2008-07-03 1477272]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2007-05-31 27520]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6; C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-09-11 124832]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
S2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2008-08-29 238888]
S2 ccEvtMgr;Symantec Event Manager; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
S2 ccProxy;Symantec Network Proxy; C:\Program Files (x86)\Common Files\Symantec Shared\ccProxy.exe [2008-02-18 214888]
S2 ccSetMgr;Symantec Settings Manager; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 CTDevice_Srv;CT Device Query service; C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe [2007-04-02 61440]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2009-11-16 735960]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-02 135664]
S2 HP Health Check Service;HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-06-02 94208]
S2 HPBtnSrv;HP Chasis Button Service; c:\hp\HPEZBTN\HPBtnSrv.exe [2007-05-29 198240]
S2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\syswow64\svchost.exe [2009-07-14 20992]
S2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-06-11 354840]
S2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-07-14 383008]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 Roxio Upnp Server 9;Roxio Upnp Server 9; C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUpnpService9.exe [2007-12-06 362992]
S2 RoxLiveShare9;LiveShare P2P Server 9; C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [2008-06-08 313840]
S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2008-06-08 170480]
S2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2011-03-09 92592]
S2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 CTUPnPSv;Creative Centrale Media Server; C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-11-16 23296]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-01-04 654848]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-20 182768]
S3 hpqcxs08;hpqcxs08; C:\Windows\syswow64\svchost.exe [2009-07-14 20992]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 iPod Service;iPod Service; C:\Program Files (x86)\iPod\bin\iPodService.exe [2008-11-20 536872]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe [2007-12-06 88560]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2008-06-08 1108464]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-02 1255736]
-----------------EOF-----------------
Předem díky za pomoc
Logfile of random's system information tool 1.08 (written by random/random)
Run by Romana at 2011-04-29 20:00:15
Microsoft Windows 7 Home Premium
System drive C: has 294 GB (63%) free of 465 GB
Total RAM: 4095 MB (76% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:00:19, on 29.4.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16766)
Boot mode: Safe mode with network support
Running processes:
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\trend micro\Romana.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cndt
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll (file missing)
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [OsdMaestro] c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: HP Chytrý výběr - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.com/s/v/66.35/uploader2.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.cz/s/v/55.16/uploader2.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Creative Centrale Media Server (CTUPnPSv) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14154 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
ctfmon.exe
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:1776 CREDAT:79873
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:1776 CREDAT:145411
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Users\Romana\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HPCeeScheduleForRomana.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2011-03-03 400560]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg64.dll [2011-03-03 335928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.2.8.7.dll [2008-08-11 656696]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-03-03 298160]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll [2011-03-03 848952]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll []
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2011-03-03 400560]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll []
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-03-03 298160]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CTCheck"=C:\Program Files\Creative\ZEN Media Explorer\CTCheck.exe [2007-11-06 397312]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-06-11 178712]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-11-16 2716216]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2009-07-14 163328]
"OEXPRESS"= []
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-08-20 39408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe [2007-09-11 67488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe [2008-10-17 51048]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSyncU.exe]
C:\Program Files (x86)\Creative\Sync Manager Unicode\CTSyncU.exe [2007-07-17 868352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-02 75008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2008-11-20 290088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2010-03-17 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-08-20 39408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2011-03-09 247728]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-03-13 81920]
"hpsysdrv"=c:\hp\support\hpsysdrv.exe [2007-04-18 65536]
"OsdMaestro"=c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe [2007-02-15 119296]
"RoxWatchTray"=C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2008-06-08 236016]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"legalnoticetext"=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2011-04-29 16:49:03 ----D---- C:\rsit
2011-04-29 16:49:03 ----D---- C:\Program Files\trend micro
2011-04-29 15:51:38 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2011-04-29 15:09:42 ----A---- C:\Windows\ntbtlog.txt
2011-04-28 20:03:50 ----D---- C:\Windows\Minidump
2011-04-15 19:45:13 ----A---- C:\Windows\SYSWOW64\javaws.exe
2011-04-15 19:45:13 ----A---- C:\Windows\SYSWOW64\javaw.exe
2011-04-15 19:45:13 ----A---- C:\Windows\SYSWOW64\java.exe
2011-04-15 06:58:34 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2011-04-15 06:58:34 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-04-15 06:58:33 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-04-15 06:58:33 ----A---- C:\Windows\system32\vbscript.dll
2011-04-15 06:58:33 ----A---- C:\Windows\system32\jscript.dll
2011-04-15 06:58:32 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2011-04-15 06:58:32 ----A---- C:\Windows\system32\win32k.sys
2011-04-15 06:58:31 ----A---- C:\Windows\system32\mfc42u.dll
2011-04-15 06:58:31 ----A---- C:\Windows\system32\mfc42.dll
2011-04-15 06:58:30 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2011-04-15 06:58:30 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2011-04-15 06:58:30 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-04-15 06:58:29 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-04-15 06:58:29 ----A---- C:\Windows\system32\drivers\srv.sys
2011-04-15 06:58:28 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2011-04-15 06:58:28 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2011-04-15 06:58:28 ----A---- C:\Windows\system32\atmlib.dll
2011-04-15 06:58:28 ----A---- C:\Windows\system32\atmfd.dll
2011-04-15 06:58:27 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-04-15 06:58:27 ----A---- C:\Windows\system32\mshtml.dll
2011-04-15 06:58:26 ----A---- C:\Windows\system32\ieframe.dll
2011-04-15 06:58:22 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-04-15 06:58:18 ----A---- C:\Windows\system32\wininet.dll
2011-04-15 06:58:18 ----A---- C:\Windows\system32\urlmon.dll
2011-04-15 06:58:17 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-04-15 06:58:16 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-04-15 06:58:15 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-04-15 06:58:15 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-04-15 06:58:15 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-04-15 06:58:15 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-04-15 06:58:15 ----A---- C:\Windows\system32\mstime.dll
2011-04-15 06:58:15 ----A---- C:\Windows\system32\msfeeds.dll
2011-04-15 06:58:15 ----A---- C:\Windows\system32\ieui.dll
2011-04-15 06:58:15 ----A---- C:\Windows\system32\iertutil.dll
2011-04-15 06:58:15 ----A---- C:\Windows\system32\iepeers.dll
2011-04-15 06:58:15 ----A---- C:\Windows\system32\iedkcs32.dll
2011-04-15 06:58:14 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-04-15 06:58:14 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-04-15 06:58:14 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-04-15 06:58:14 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-04-15 06:58:14 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-04-15 06:58:14 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-04-15 06:58:14 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-04-15 06:58:14 ----A---- C:\Windows\system32\mshtmled.dll
2011-04-15 06:58:14 ----A---- C:\Windows\system32\msfeedssync.exe
2011-04-15 06:58:14 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-04-15 06:58:14 ----A---- C:\Windows\system32\licmgr10.dll
2011-04-15 06:58:14 ----A---- C:\Windows\system32\jsproxy.dll
2011-04-15 06:58:01 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2011-04-15 06:58:01 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2011-04-15 06:58:01 ----A---- C:\Windows\system32\inetcomm.dll
2011-04-15 06:58:01 ----A---- C:\Windows\system32\dnsrslvr.dll
2011-04-15 06:58:01 ----A---- C:\Windows\system32\dnscacheugc.exe
2011-04-15 06:58:01 ----A---- C:\Windows\system32\dnsapi.dll
2011-04-15 06:58:00 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2011-04-15 06:57:59 ----A---- C:\Windows\system32\winresume.exe
2011-04-15 06:57:59 ----A---- C:\Windows\system32\winload.exe
2011-04-15 06:57:59 ----A---- C:\Windows\system32\kdusb.dll
2011-04-15 06:57:59 ----A---- C:\Windows\system32\kdcom.dll
2011-04-15 06:57:59 ----A---- C:\Windows\system32\kd1394.dll
2011-04-15 06:57:59 ----A---- C:\Windows\system32\FXSCOVER.exe
2011-04-15 06:57:58 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-04-15 06:57:58 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-04-15 06:57:58 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-04-15 06:57:58 ----A---- C:\Windows\system32\drivers\bowser.sys
2011-04-03 11:06:13 ----D---- C:\ProgramData\McAfee
======List of files/folders modified in the last 1 months======
2011-04-29 19:58:10 ----D---- C:\Windows\Temp
2011-04-29 19:57:21 ----D---- C:\Windows
2011-04-29 19:42:35 ----SHD---- C:\System Volume Information
2011-04-29 19:42:08 ----D---- C:\Windows\system32\catroot
2011-04-29 19:41:58 ----D---- C:\Windows\System32
2011-04-29 19:41:58 ----D---- C:\Windows\inf
2011-04-29 19:41:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-04-29 19:41:36 ----D---- C:\Windows\system32\catroot2
2011-04-29 19:41:14 ----D---- C:\Windows\winsxs
2011-04-29 19:37:22 ----D---- C:\Windows\system32\config
2011-04-29 16:49:03 ----RD---- C:\Program Files
2011-04-29 15:51:38 ----D---- C:\Windows\SysWOW64
2011-04-29 15:47:30 ----D---- C:\Windows\Tasks
2011-04-29 15:47:30 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-04-29 15:47:30 ----D---- C:\Windows\system32\wfp
2011-04-29 15:47:30 ----D---- C:\Windows\system32\DriverStore
2011-04-29 15:47:30 ----D---- C:\Windows\system32\drivers
2011-04-29 15:47:30 ----D---- C:\Windows\system32\cs-CZ
2011-04-29 15:47:30 ----D---- C:\Windows\AppPatch
2011-04-29 15:47:28 ----D---- C:\Windows\system32\Tasks
2011-04-29 15:47:28 ----D---- C:\Windows\system32\CodeIntegrity
2011-04-29 15:47:26 ----D---- C:\Windows\AppCompat
2011-04-29 15:47:24 ----D---- C:\ProgramData\HP Product Assistant
2011-04-29 15:47:24 ----D---- C:\ProgramData\HP
2011-04-29 15:47:21 ----D---- C:\Windows\registration
2011-04-29 15:15:00 ----RD---- C:\Program Files (x86)
2011-04-29 15:15:00 ----HD---- C:\ProgramData
2011-04-28 21:00:03 ----D---- C:\Windows\system32\wbem
2011-04-28 20:34:43 ----D---- C:\Windows\system32\LogFiles
2011-04-27 18:26:16 ----D---- C:\Windows\Prefetch
2011-04-15 19:45:24 ----SHD---- C:\Windows\Installer
2011-04-15 19:45:12 ----D---- C:\Program Files (x86)\Java
2011-04-15 18:55:01 ----D---- C:\Windows\Microsoft.NET
2011-04-15 18:55:00 ----RSD---- C:\Windows\assembly
2011-04-15 17:46:41 ----D---- C:\Windows\SYSWOW64\migration
2011-04-15 17:46:41 ----D---- C:\Windows\system32\migration
2011-04-15 17:46:41 ----D---- C:\Program Files\Internet Explorer
2011-04-15 17:46:41 ----D---- C:\Program Files (x86)\Internet Explorer
2011-04-15 17:46:39 ----D---- C:\Windows\system32\Boot
2011-04-15 07:31:29 ----D---- C:\ProgramData\Microsoft Help
2011-04-15 07:27:12 ----A---- C:\Windows\system32\MRT.exe
2011-04-05 18:16:46 ----D---- C:\Windows\Downloaded Program Files
2011-04-03 11:10:44 ----D---- C:\ProgramData\Adobe
2011-04-03 11:08:30 ----D---- C:\Program Files (x86)\Adobe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel RAID Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-06-11 395800]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2009-01-04 52856]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-06-19 33608]
R3 netr28x;Ralink 802.11n – bezdrátový ovladač pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr28x.sys [2009-06-10 620544]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2008-02-14 160768]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-01-17 834544]
S1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-11-16 136584]
S1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2009-02-19 28720]
S2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-11-16 145336]
S2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-11-16 169080]
S2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-11-16 44944]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 19968]
S3 HCW85BDA;Hauppauge WinTV 885 Video Capture; C:\Windows\system32\drivers\HCW85BDA.sys [2009-06-10 1192448]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2008-07-03 1477272]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2007-05-31 27520]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6; C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-09-11 124832]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
S2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2008-08-29 238888]
S2 ccEvtMgr;Symantec Event Manager; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
S2 ccProxy;Symantec Network Proxy; C:\Program Files (x86)\Common Files\Symantec Shared\ccProxy.exe [2008-02-18 214888]
S2 ccSetMgr;Symantec Settings Manager; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 CTDevice_Srv;CT Device Query service; C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe [2007-04-02 61440]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2009-11-16 735960]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-02 135664]
S2 HP Health Check Service;HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-06-02 94208]
S2 HPBtnSrv;HP Chasis Button Service; c:\hp\HPEZBTN\HPBtnSrv.exe [2007-05-29 198240]
S2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\syswow64\svchost.exe [2009-07-14 20992]
S2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-06-11 354840]
S2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-07-14 383008]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 Roxio Upnp Server 9;Roxio Upnp Server 9; C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUpnpService9.exe [2007-12-06 362992]
S2 RoxLiveShare9;LiveShare P2P Server 9; C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [2008-06-08 313840]
S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2008-06-08 170480]
S2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2011-03-09 92592]
S2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 CTUPnPSv;Creative Centrale Media Server; C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-11-16 23296]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-01-04 654848]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-20 182768]
S3 hpqcxs08;hpqcxs08; C:\Windows\syswow64\svchost.exe [2009-07-14 20992]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 iPod Service;iPod Service; C:\Program Files (x86)\iPod\bin\iPodService.exe [2008-11-20 536872]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe [2007-12-06 88560]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2008-06-08 1108464]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-02 1255736]
-----------------EOF-----------------
Re: Zamrznutí PC při načítání plochy
Stahněte MBAM z mého podpisu-Nainstalujte,dejte úplný sken
NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Zamrznutí PC při načítání plochy
Posílám log z MBAM
mbam-log-2011-04-29 (22-06-58).txt
Typ kontroly: Úplný test (C:\|E:\|)
Testované objekty: 435456
Uplynulý čas: 41 minut, 43 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
mbam-log-2011-04-29 (22-06-58).txt
Typ kontroly: Úplný test (C:\|E:\|)
Testované objekty: 435456
Uplynulý čas: 41 minut, 43 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
Re: Zamrznutí PC při načítání plochy
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Zamrznutí PC při načítání plochy
Posilam log z combofix
ComboFix 11-04-29.01 - Romana 29.04.2011 22:40:07.1.4 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.4095.2990 [GMT 2:00]
Spuštěný z: c:\users\Romana\Desktop\ComboFix.exe
AV: ESET Smart Security 4.0 *Enabled/Outdated* {CB0F8167-5331-BA19-698E-64816B6801A5}
FW: ESET personal firewall *Enabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
SP: ESET Smart Security 4.0 *Enabled/Outdated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-28 do 2011-04-29 )))))))))))))))))))))))))))))))
.
.
2011-04-29 20:47 . 2011-04-29 20:47 -------- d-----w- c:\users\TEREZA\AppData\Local\temp
2011-04-29 20:47 . 2011-04-29 20:47 -------- d-----w- c:\users\KAREL\AppData\Local\temp
2011-04-29 20:47 . 2011-04-29 20:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-04-29 18:25 . 2011-04-29 18:25 -------- d-----w- c:\users\Romana\AppData\Roaming\Malwarebytes
2011-04-29 18:25 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-04-29 18:25 . 2011-04-29 18:25 -------- d-----w- c:\programdata\Malwarebytes
2011-04-29 18:25 . 2011-04-29 18:25 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-04-29 18:25 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-29 17:42 . 2011-04-11 08:21 8802128 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{969FB4A9-795C-456F-9420-134A95DA5AA6}\mpengine.dll
2011-04-29 14:49 . 2011-04-29 18:00 -------- d-----w- c:\program files\trend micro
2011-04-29 14:49 . 2011-04-29 14:49 -------- d-----w- C:\rsit
2011-04-15 04:57 . 2011-02-12 06:14 267776 ----a-w- c:\windows\system32\FXSCOVER.exe
2011-04-15 04:57 . 2011-02-05 12:41 556928 ----a-w- c:\windows\system32\winresume.efi
2011-04-15 04:57 . 2011-02-05 12:41 640896 ----a-w- c:\windows\system32\winload.efi
2011-04-15 04:57 . 2011-02-05 12:41 20352 ----a-w- c:\windows\system32\kdusb.dll
2011-04-15 04:57 . 2011-02-05 12:41 19328 ----a-w- c:\windows\system32\kd1394.dll
2011-04-15 04:57 . 2011-02-05 12:41 17792 ----a-w- c:\windows\system32\kdcom.dll
2011-04-15 04:57 . 2011-02-05 12:39 603976 ----a-w- c:\windows\system32\winload.exe
2011-04-15 04:57 . 2011-02-05 12:39 518160 ----a-w- c:\windows\system32\winresume.exe
2011-04-15 04:57 . 2011-02-23 05:15 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-15 04:57 . 2011-02-23 05:15 286720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-15 04:57 . 2011-02-23 05:15 126464 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-15 04:57 . 2011-02-23 05:15 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-04-03 09:06 . 2011-04-03 09:06 -------- d-----w- c:\programdata\McAfee
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-19 06:37 . 2011-03-09 16:24 1135104 ----a-w- c:\windows\system32\FntCache.dll
2011-02-19 06:37 . 2011-03-09 16:24 1540608 ----a-w- c:\windows\system32\DWrite.dll
2011-02-19 06:36 . 2011-03-09 16:24 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-02-19 05:32 . 2011-03-09 16:24 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-02-19 05:32 . 2011-03-09 16:24 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-02-02 19:40 . 2010-07-18 08:37 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-02-02 16:11 . 2009-10-03 08:20 270720 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2009-07-14 163328]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-20 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe" [2007-02-15 119296]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2008-06-08 236016]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-12-20 443728]
.
c:\users\KAREL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Lingea Update Center.lnk - c:\program files (x86)\Common Files\Lingea Shared\luc.exe [2008-9-30 275736]
.
c:\users\TEREZA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.0.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2009-1-15 393216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
R1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2009-11-16 735960]
R2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-02 135664]
R2 HPBtnSrv;HP Chasis Button Service;c:\hp\HPEZBTN\HPBtnSrv.exe [2007-05-29 198240]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2011-03-09 92592]
R3 CTUPnPSv;Creative Centrale Media Server;c:\program files (x86)\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S3 netr28x;Ralink 802.11n – bezdrátový ovladač pro systém Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - eeCtrl
*Deregistered* - EraserUtilRebootDrv
*Deregistered* - IDSvia64
*Deregistered* - SYMTDI
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2011-04-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-02 18:13]
.
2011-04-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-02 18:13]
.
2011-04-09 c:\windows\Tasks\HPCeeScheduleForRomana.job
- c:\program files (x86)\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2008-09-19 18:03]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTCheck"="c:\program files\Creative\ZEN Media Explorer\CTCheck.exe" [2007-11-06 397312]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-06-11 178712]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-11-16 2716216]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Stáhnout odkaz s použitím BitCometu - c:\program files (x86)\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechna videa s použitím BitCometu - c:\program files (x86)\BitComet\BitComet.exe/AddVideo.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files (x86)\BitComet\BitComet.exe/AddAllLink.htm
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} -
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} -
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} -
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} -
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-OEXPRESS - (no file)
Wow6432Node-HKLM-RunOnce-<NO NAME> - (no file)
WebBrowser-{2BA760EE-6C34-415B-BDBB-041CF2A4609F} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Symantec\Common Client\ccService\Channels]
@Denied: (C D) (Everyone)
"ccSvcHst_ccAppPlgMgr_516"="{485811A6-1A91-4318-BE61-6335AB409832}"
"ccSvcHst_ccAppPlgMgr_5780"="{CD408336-1F37-41FE-8F96-4C07A29F7297}"
"ccSvcHst_ccAppPlgMgr_8572"="{CB1963BA-115E-4109-8B4B-CEE8BCCF006E}"
"ToasterNotify\\SessionID_4"="{D0CD57A8-09E2-4D1C-8BCF-6DE8594F8494}"
"{436E95FE-192E-469f-8F34-5038FBA89BF4}4"="{D0CD57A8-09E2-4D1C-8BCF-6DE8594F8494}"
"ccSvcHst_ccAppPlgMgr_8432"="{133E815C-EE67-40AF-93AA-5CD2AED4E7E6}"
"ToasterNotify\\SessionID_5"="{133E815C-EE67-40AF-93AA-5CD2AED4E7E6}"
"{436E95FE-192E-469f-8F34-5038FBA89BF4}5"="{133E815C-EE67-40AF-93AA-5CD2AED4E7E6}"
"ToasterNotify\\SessionID_6"="{4C96365E-8126-46FC-A26F-61504719FD30}"
"{436E95FE-192E-469f-8F34-5038FBA89BF4}6"="{4C96365E-8126-46FC-A26F-61504719FD30}"
"ccSvcHst_ccAppPlgMgr_5924"="{DFCCCB17-B70A-4A90-A0C5-9B702C3743C8}"
"ccSvcHst_ccAppPlgMgr_6864"="{D40E64A7-BB57-4A8C-8DF9-D9D764328CC5}"
"ccSvcHst_ccAppPlgMgr_868"="{24B24CCF-B8A3-46BE-B8AD-F20BB7CE59DF}"
"ToasterNotify\\SessionID_1"="{D7DB91C9-3DDB-4F41-86B8-629E136B063A}"
"{436E95FE-192E-469f-8F34-5038FBA89BF4}1"="{D7DB91C9-3DDB-4F41-86B8-629E136B063A}"
"ccSvcHst_ccAppPlgMgr_4560"="{859B59FA-DA52-4F69-9A89-4966A4AA7C01}"
"ccSvcHst_ccAppPlgMgr_4644"="{42C5ECB7-9475-496F-BF69-CA7523E79F85}"
"ccSvcHst_ccAppPlgMgr_6124"="{6EEDB90D-F750-4C97-B2DC-E7989FDD4117}"
"ccSvcHst_ccAppPlgMgr_7648"="{831DF18B-71A1-4685-8423-9D422C7C47CC}"
"ccSvcHst_ccAppPlgMgr_4100"="{4657E9E3-AEF1-4CA9-B879-EB58600CD765}"
"ccSvcHst_ccAppPlgMgr_672"="{84F7C5CA-B1AB-459D-AA0A-7D64EC2D74B8}"
"ccSvcHst_ccAppPlgMgr_1800"="{72E4AF6C-8A4C-4A92-B7B1-40F6B3FC1202}"
"ccSvcHst_ccAppPlgMgr_3888"="{874A9016-A358-4E39-B56B-D4F648899171}"
"ccSvcHst_ccAppPlgMgr_1240"="{C07280B7-4999-45DD-8409-5F05B1A71AF4}"
"ccSvcHst_ccAppPlgMgr_1512"="{78D00C6E-3D97-47FB-ADF6-99FEF7B5D6F4}"
"ccSvcHst_ccAppPlgMgr_1300"="{F13CF224-00F2-4CF6-9E7C-458BC64825FD}"
"ccSvcHst_ccAppPlgMgr_5124"="{B473643F-1340-4639-B378-B25E5A0090D7}"
"ccSvcHst_ccAppPlgMgr_2760"="{2D26AF6B-E54F-4051-A80B-553AE49D03D9}"
"ccSvcHst_ccAppPlgMgr_3388"="{C0D20E06-C10E-4133-A83D-89AA434A1AD5}"
"ccSvcHst_ccAppPlgMgr_6176"="{C7B26836-6C68-417A-B412-11D441D65BF2}"
"ccSvcHst_ccAppPlgMgr_6328"="{CA2F91A9-C846-420D-9718-19C0CB1B1B17}"
"ccSvcHst_ccAppPlgMgr_6936"="{15CFCC07-6851-486A-B759-C438D89CD543}"
"ccSvcHst_ccAppPlgMgr_6964"="{6852864D-837F-473D-9C23-86AF84BFE8BB}"
"ccSvcHst_ccAppPlgMgr_2400"="{33E9206E-C606-4CED-B972-ACC6FA7C933E}"
"ccSvcHst_ccAppPlgMgr_6924"="{91ADF4DA-D0C2-4F47-9883-C2DFC7DB76C9}"
"ccSvcHst_ccAppPlgMgr_4868"="{B4361419-393A-466A-AD36-9797F074E869}"
"ccSvcHst_ccAppPlgMgr_4696"="{3A1E5BC5-4D21-4DC2-88D3-C888C3839643}"
"ccSvcHst_ccAppPlgMgr_5748"="{CAC4D4AF-0F2A-435C-9805-7770B020E303}"
"ccSvcHst_ccAppPlgMgr_5164"="{EC773DFA-6FEC-484A-9F00-5BCA6A5D3068}"
"ccSvcHst_ccAppPlgMgr_2116"="{B5CF4061-9E2F-48C2-AC08-8AB42D8376D5}"
"ccSvcHst_ccAppPlgMgr_700"="{A4E777CB-63D2-4FAE-AE73-4F98D0A5C7C4}"
"ccSvcHst_ccAppPlgMgr_3280"="{7757936C-D950-41F8-A279-C19D825A6AA6}"
"ccSvcHst_ccAppPlgMgr_4984"="{3736EBA5-28BD-45EC-A9BD-B6EE3D21B717}"
"ccSvcHst_ccAppPlgMgr_2460"="{D0D97AD1-C988-47B9-A019-CBF38A1C9756}"
"ccSvcHst_ccAppPlgMgr_2692"="{F645137C-98E7-4B39-858E-DE98EFCD219F}"
"ccSvcHst_ccAppPlgMgr_4872"="{ABF2E417-BA46-4003-AEF7-3BF3DB91959F}"
"ccSvcHst_ccAppPlgMgr_5224"="{C5CC68F7-7B91-4527-AB3B-2034E6EDB1BD}"
"ccSvcHst_ccAppPlgMgr_3132"="{8A0F7607-A5A3-4B5D-B3CA-82444CA0C1EB}"
"ccSvcHst_ccAppPlgMgr_3764"="{75DB73F3-F87E-4F46-8D3F-48686C0FA67D}"
"ccSvcHst_ccAppPlgMgr_4956"="{73502489-B337-4021-B4D2-CF69850A0B4C}"
"ccSvcHst_ccAppPlgMgr_1768"="{C056ED11-EC67-496A-AEBA-27950F179901}"
"ccSvcHst_ccAppPlgMgr_2200"="{A778EE8D-F245-4829-A5B7-92824F90936F}"
"ccSvcHst_ccAppPlgMgr_1560"="{5E2D6381-BC6C-430D-9CFD-C5476FF37050}"
"ccSvcHst_ccAppPlgMgr_4292"="{1B8C8AE8-67D4-460D-83BF-1B54A0A1E660}"
"ccSvcHst_ccAppPlgMgr_3324"="{36190D6F-092C-4337-9B55-3D2737CBAB16}"
"ccSvcHst_ccAppPlgMgr_4480"="{55CEDA7E-4EC6-427D-A2C2-89B5B10927BD}"
"ccSvcHst_ccAppPlgMgr_2880"="{70900780-D6C6-4B3B-BF43-08740B732BEB}"
"ccSvcHst_ccAppPlgMgr_3196"="{1178BFCE-B8E3-46A2-95BE-E696C8868ED2}"
"ccSvcHst_ccAppPlgMgr_3816"="{A8483126-67A6-4A97-8770-7342C2D3E00C}"
"ccSvcHst_ccAppPlgMgr_1152"="{09AA9816-F3DC-4CD5-82A6-6C3ABD10FAA9}"
"ccSvcHst_ccAppPlgMgr_2860"="{E505ABD4-4372-40DA-A985-2C35E4642920}"
"ccSvcHst_ccAppPlgMgr_3756"="{F611ECFD-7F74-4E46-90DC-07F4B37B6F05}"
"ccSvcHst_ccAppPlgMgr_4840"="{D4F65CA6-F681-4C04-BE44-3F7627314605}"
"ccSvcHst_ccAppPlgMgr_2836"="{1DDAD13A-6BF8-4760-8F1D-B08FE3E7C856}"
"ccSvcHst_ccAppPlgMgr_2124"="{5C29E067-E896-4686-9E75-AF8DF3C7369B}"
"ccSvcHst_ccAppPlgMgr_2656"="{C9146125-9608-4D1F-8B83-4D3973288708}"
"ccSvcHst_ccAppPlgMgr_1116"="{EE72ED7B-ED94-4DC9-8AD7-077E79D8980E}"
"ccSvcHst_ccAppPlgMgr_3936"="{5A7B10DD-1D03-435E-A527-8BCBD96427D8}"
"ccSvcHst_ccAppPlgMgr_3016"="{EBD6A7F3-E17B-4225-B29D-02B6B268567E}"
"ccSvcHst_ccAppPlgMgr_1312"="{97B4DDF1-1252-4636-B143-81C2D36943A5}"
"ccSvcHst_ccAppPlgMgr_2308"="{D4B8242E-2028-4EAA-B16D-5E56EC5970C5}"
"ccSvcHst_ccAppPlgMgr_3188"="{0555E003-C94E-470E-B91F-8634A5E679D6}"
"ccSvcHst_ccAppPlgMgr_4316"="{A11FC9EA-71C7-427B-9EA8-C5A8FEA70D8A}"
"ccSvcHst_ccAppPlgMgr_4404"="{7CF438F1-E7C1-4B10-BF11-051EE13092F5}"
"ccSvcHst_ccAppPlgMgr_5324"="{75D97489-1E81-4EDB-9B61-D02BCA94CB9C}"
"ccSvcHst_ccAppPlgMgr_3296"="{E3C81E84-08A3-4B7C-8ABA-438D0F965CFC}"
"ccSvcHst_ccAppPlgMgr_1256"="{26DDB60B-B4B6-42BE-8632-A8C63ECFA5B8}"
"ccSvcHst_ccAppPlgMgr_3680"="{B05220F2-924A-4613-98B2-EB58E34C0A64}"
"ccSvcHst_ccAppPlgMgr_3088"="{92D5AF4F-2E3A-4F27-8CE3-7AA76629F808}"
"ccSvcHst_ccAppPlgMgr_4044"="{22B67C75-86DA-4334-B5CD-219FE06CEB88}"
"ccSvcHst_ccAppPlgMgr_1140"="{6EE07192-9175-46C8-805F-3D885B9859FB}"
"ccSvcHst_ccAppPlgMgr_3216"="{8CC95875-8D47-4E14-BA56-577E2EEA7DD6}"
"ccSvcHst_ccAppPlgMgr_1020"="{3B0EBF29-214F-4470-A6AC-FD0AA43E0C32}"
"ccSvcHst_ccAppPlgMgr_2736"="{A28128A5-7373-48F3-9FB7-5CAFD32A9A20}"
"ccSvcHst_ccAppPlgMgr_3600"="{BD63E78D-781A-432E-9C29-4D8E908E6257}"
"ccSvcHst_ccAppPlgMgr_5640"="{415E52C9-1583-4226-81BC-C6E4463A7203}"
"ccSvcHst_ccAppPlgMgr_3896"="{E7395D46-4990-4D6D-A7FB-2E454B11F0E5}"
"ccSvcHst_ccAppPlgMgr_2652"="{0ED03C9D-2F8D-44DC-A490-080315E4B0AB}"
"ccSvcHst_ccAppPlgMgr_4124"="{34F8A061-45ED-4C49-86C3-81F54EAADEDC}"
"ccSvcHst_ccAppPlgMgr_5468"="{5F4851DB-1726-4F13-94B2-C840E3B21049}"
"ccSvcHst_ccAppPlgMgr_3340"="{D8CE6DEC-CA07-4749-B13C-7D78D12B34F3}"
"ccSvcHst_ccAppPlgMgr_5332"="{F98D2141-EC25-4793-812F-4D51CF3BEEDE}"
"ccSvcHst_ccAppPlgMgr_2508"="{F8D2D8F0-FC9A-4152-9FA7-321A7E61B190}"
"ccSvcHst_ccAppPlgMgr_5588"="{EA49BFE4-3754-4B1B-926B-7D297CF8F6B5}"
"ccSvcHst_ccAppPlgMgr_2712"="{3220238F-51E2-45DF-BEA0-724158A55B24}"
"ccSvcHst_ccAppPlgMgr_1424"="{7A588BB8-D0AA-4FE0-95E3-E66C8251D359}"
"ccSvcHst_ccAppPlgMgr_5364"="{3B3409F0-12D3-4719-BD7D-613F62E12057}"
"ccSvcHst_ccAppPlgMgr_1900"="{2AD101AA-898D-477F-BD2B-FD9B9757F5C3}"
"ccSvcHst_ccAppPlgMgr_3712"="{466DF9F3-B4D0-4DA4-A92E-2BF3F61E7483}"
"ccSvcHst_ccAppPlgMgr_5756"="{83AFDD1F-03F7-4F53-A12F-11EC2338AFFD}"
"ccSvcHst_ccAppPlgMgr_2640"="{EB4E0F8A-EB1F-4853-8534-D4F3E5A401DD}"
"ccSvcHst_ccAppPlgMgr_3480"="{296B8EF3-47D2-45B2-8214-A258D0897A0B}"
"ccSvcHst_ccAppPlgMgr_1500"="{C7CF3107-71C7-428C-BDA9-18D30EED79EA}"
"ccSvcHst_ccAppPlgMgr_5136"="{FC6674EC-901C-456D-96F1-900A2278EB6C}"
"ccSvcHst_ccAppPlgMgr_2956"="{BE7ECA88-EBBE-49E2-AB35-2E379CB1859D}"
"ccSvcHst_ccAppPlgMgr_3548"="{A766790B-1CAE-4023-A7F2-1F7209E760C9}"
"ccSvcHst_ccAppPlgMgr_5932"="{B984B1D0-4D7A-482D-8460-BBCDCF50FEE6}"
"ccSvcHst_ccAppPlgMgr_3864"="{F1E8CB3C-FB99-44AF-8728-69120ACB3EF9}"
"ccSvcHst_ccAppPlgMgr_4944"="{0967F055-1752-4761-9E0A-03C8464F7E75}"
"ccSvcHst_ccAppPlgMgr_4784"="{7552AF6E-5D29-4207-BBFA-DD32DF723CFA}"
"ccSvcHst_ccAppPlgMgr_2404"="{8A51072A-2D9C-4318-A956-B12593C16EE4}"
"ccSvcHst_ccAppPlgMgr_3456"="{2B90D278-9DF4-4099-A96E-B3844C851BF7}"
"ccSvcHst_ccAppPlgMgr_5348"="{FAAE6BF8-62FB-4601-A884-2F620633A402}"
"ccSvcHst_ccAppPlgMgr_3576"="{EF62F45A-56F6-4DE9-AB45-600AC4E551B4}"
"ccSvcHst_ccAppPlgMgr_5352"="{752FFF50-A25B-4F86-B583-CBC95D588D58}"
"ccSvcHst_ccAppPlgMgr_5452"="{B6DB46BA-715E-416D-974A-1A2BDFB20E85}"
"ccSvcHst_ccAppPlgMgr_1384"="{36508634-25A8-4F78-90E2-5BD20271734F}"
"ccSvcHst_ccAppPlgMgr_2648"="{A9CBF4DA-A4D3-4C99-A7E0-C868EFCF7B59}"
"ccSvcHst_ccAppPlgMgr_5244"="{7D4B6786-550A-497A-889A-C0EDA71A8A48}"
"ccSvcHst_ccAppPlgMgr_5080"="{7CABC647-C342-4A99-8F76-902194334C85}"
"ccSvcHst_ccAppPlgMgr_5944"="{1AD7A932-FD6F-4118-9E64-EFD3D6269B5C}"
"ccSvcHst_ccAppPlgMgr_5572"="{A66A9B57-8689-4359-B143-CA79F7547614}"
"ccSvcHst_ccAppPlgMgr_3856"="{20FF413F-242A-442C-8811-FD8FBDFDC503}"
"ccSvcHst_ccAppPlgMgr_3772"="{DB3B282F-79CC-4978-A13A-4E8008559347}"
"ccSvcHst_ccAppPlgMgr_3900"="{326D3670-017D-4FE3-BD58-ADDCB6793155}"
"ccSvcHst_ccAppPlgMgr_5800"="{5A3EF450-4318-4709-B9E7-A38F4C21C44F}"
"ccSvcHst_ccAppPlgMgr_6580"="{94BE6C29-E0A1-442A-8A14-1F430E9686AA}"
"ccSvcHst_ccAppPlgMgr_2544"="{4E3192E1-B33E-4AAF-99C4-28A52467E5C7}"
"ccSvcHst_ccAppPlgMgr_4320"="{477EDE89-D7F3-4DED-9FBF-D7DE50F74B91}"
"ccSvcHst_ccAppPlgMgr_2296"="{B5CE6B45-10EF-4C66-9ED9-DD16971E4B30}"
"ccSvcHst_ccAppPlgMgr_3508"="{D97B3A2B-9D1D-4A76-B2C9-2A9EE694C36B}"
"ccSvcHst_ccAppPlgMgr_3488"="{334EA516-E241-41B1-BC49-C1E525869E98}"
"ccSvcHst_ccAppPlgMgr_3652"="{43F9D70A-5C87-4AE5-A4DC-9358E532B67B}"
"ccSvcHst_ccAppPlgMgr_3628"="{961F1CC3-DC53-4351-B87E-05D2BC231431}"
"ccSvcHst_ccAppPlgMgr_5132"="{C74DB8C8-9B0E-4C9C-927D-2D3726A9FF4B}"
"ccSvcHst_ccAppPlgMgr_3144"="{A17FE48E-BC48-4AF5-92F9-52CFA0D0DE7C}"
"ccSvcHst_ccAppPlgMgr_2068"="{3A040B04-9B61-45AF-A919-07ADBAAB2C55}"
"ccSvcHst_ccAppPlgMgr_2420"="{3FDC3427-6388-4C16-9797-070F7F842521}"
"ccSvcHst_ccAppPlgMgr_3552"="{FD97813F-909B-43AB-BCF6-DA13633B0318}"
"ccSvcHst_ccAppPlgMgr_3824"="{C09BB54E-BBD1-4587-8A3D-534AB69E7919}"
"ccSvcHst_ccAppPlgMgr_1108"="{C9EB178D-D75E-4F88-99C0-D0726AD08D96}"
"ccSvcHst_ccAppPlgMgr_3524"="{CAF7B989-2519-47A7-A8A5-47926318BBC3}"
"ccSvcHst_ccAppPlgMgr_4032"="{CBBBD5DB-F281-4682-93A2-113B8590E427}"
"ccSvcHst_ccSetMgr"="{FE0B8D25-DEF3-4258-A3C8-8515CDBED841}"
"ccSettingsService"="{FE0B8D25-DEF3-4258-A3C8-8515CDBED841}"
"{3F11C6A7-CEA8-40c9-88EE-E5461341AE97}_ccSubmissionEngineIPC"="{FE0B8D25-DEF3-4258-A3C8-8515CDBED841}"
"{3F11C6A7-CEA8-40c9-88EE-E5461341AE97}_ccSubmissionEngineCallbackIPC"="{FE0B8D25-DEF3-4258-A3C8-8515CDBED841}"
"ccSvcHst_ccEvtMgr"="{FE0B8D25-DEF3-4258-A3C8-8515CDBED841}"
"ccEvtCli"="{FE0B8D25-DEF3-4258-A3C8-8515CDBED841}"
"ccSvcHst_ccAppPlgMgr_3572"="{F4B5EE7A-3786-49DC-95BA-76FB10D5A9B9}"
"ccSvcHst_ccAppPlgMgr_2752"="{242E9865-6E8F-417A-8956-918CF2CDA0FE}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-04-29 22:52:55
ComboFix-quarantined-files.txt 2011-04-29 20:52
.
Před spuštěním: Volných bajtů: 315 329 839 104
Po spuštění: Volných bajtů: 317 819 338 752
.
- - End Of File - - 37A35977A620E7EA16D59A4345587AFF
ComboFix 11-04-29.01 - Romana 29.04.2011 22:40:07.1.4 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.4095.2990 [GMT 2:00]
Spuštěný z: c:\users\Romana\Desktop\ComboFix.exe
AV: ESET Smart Security 4.0 *Enabled/Outdated* {CB0F8167-5331-BA19-698E-64816B6801A5}
FW: ESET personal firewall *Enabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
SP: ESET Smart Security 4.0 *Enabled/Outdated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-28 do 2011-04-29 )))))))))))))))))))))))))))))))
.
.
2011-04-29 20:47 . 2011-04-29 20:47 -------- d-----w- c:\users\TEREZA\AppData\Local\temp
2011-04-29 20:47 . 2011-04-29 20:47 -------- d-----w- c:\users\KAREL\AppData\Local\temp
2011-04-29 20:47 . 2011-04-29 20:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-04-29 18:25 . 2011-04-29 18:25 -------- d-----w- c:\users\Romana\AppData\Roaming\Malwarebytes
2011-04-29 18:25 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-04-29 18:25 . 2011-04-29 18:25 -------- d-----w- c:\programdata\Malwarebytes
2011-04-29 18:25 . 2011-04-29 18:25 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-04-29 18:25 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-29 17:42 . 2011-04-11 08:21 8802128 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{969FB4A9-795C-456F-9420-134A95DA5AA6}\mpengine.dll
2011-04-29 14:49 . 2011-04-29 18:00 -------- d-----w- c:\program files\trend micro
2011-04-29 14:49 . 2011-04-29 14:49 -------- d-----w- C:\rsit
2011-04-15 04:57 . 2011-02-12 06:14 267776 ----a-w- c:\windows\system32\FXSCOVER.exe
2011-04-15 04:57 . 2011-02-05 12:41 556928 ----a-w- c:\windows\system32\winresume.efi
2011-04-15 04:57 . 2011-02-05 12:41 640896 ----a-w- c:\windows\system32\winload.efi
2011-04-15 04:57 . 2011-02-05 12:41 20352 ----a-w- c:\windows\system32\kdusb.dll
2011-04-15 04:57 . 2011-02-05 12:41 19328 ----a-w- c:\windows\system32\kd1394.dll
2011-04-15 04:57 . 2011-02-05 12:41 17792 ----a-w- c:\windows\system32\kdcom.dll
2011-04-15 04:57 . 2011-02-05 12:39 603976 ----a-w- c:\windows\system32\winload.exe
2011-04-15 04:57 . 2011-02-05 12:39 518160 ----a-w- c:\windows\system32\winresume.exe
2011-04-15 04:57 . 2011-02-23 05:15 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-15 04:57 . 2011-02-23 05:15 286720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-15 04:57 . 2011-02-23 05:15 126464 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-15 04:57 . 2011-02-23 05:15 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-04-03 09:06 . 2011-04-03 09:06 -------- d-----w- c:\programdata\McAfee
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-19 06:37 . 2011-03-09 16:24 1135104 ----a-w- c:\windows\system32\FntCache.dll
2011-02-19 06:37 . 2011-03-09 16:24 1540608 ----a-w- c:\windows\system32\DWrite.dll
2011-02-19 06:36 . 2011-03-09 16:24 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-02-19 05:32 . 2011-03-09 16:24 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-02-19 05:32 . 2011-03-09 16:24 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-02-02 19:40 . 2010-07-18 08:37 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-02-02 16:11 . 2009-10-03 08:20 270720 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2009-07-14 163328]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-20 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe" [2007-02-15 119296]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2008-06-08 236016]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-12-20 443728]
.
c:\users\KAREL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Lingea Update Center.lnk - c:\program files (x86)\Common Files\Lingea Shared\luc.exe [2008-9-30 275736]
.
c:\users\TEREZA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.0.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2009-1-15 393216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
R1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2009-11-16 735960]
R2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-02 135664]
R2 HPBtnSrv;HP Chasis Button Service;c:\hp\HPEZBTN\HPBtnSrv.exe [2007-05-29 198240]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2011-03-09 92592]
R3 CTUPnPSv;Creative Centrale Media Server;c:\program files (x86)\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S3 netr28x;Ralink 802.11n – bezdrátový ovladač pro systém Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - eeCtrl
*Deregistered* - EraserUtilRebootDrv
*Deregistered* - IDSvia64
*Deregistered* - SYMTDI
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2011-04-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-02 18:13]
.
2011-04-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-02 18:13]
.
2011-04-09 c:\windows\Tasks\HPCeeScheduleForRomana.job
- c:\program files (x86)\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2008-09-19 18:03]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTCheck"="c:\program files\Creative\ZEN Media Explorer\CTCheck.exe" [2007-11-06 397312]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-06-11 178712]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-11-16 2716216]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Stáhnout odkaz s použitím BitCometu - c:\program files (x86)\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechna videa s použitím BitCometu - c:\program files (x86)\BitComet\BitComet.exe/AddVideo.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files (x86)\BitComet\BitComet.exe/AddAllLink.htm
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} -
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} -
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} -
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} -
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-OEXPRESS - (no file)
Wow6432Node-HKLM-RunOnce-<NO NAME> - (no file)
WebBrowser-{2BA760EE-6C34-415B-BDBB-041CF2A4609F} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Symantec\Common Client\ccService\Channels]
@Denied: (C D) (Everyone)
"ccSvcHst_ccAppPlgMgr_516"="{485811A6-1A91-4318-BE61-6335AB409832}"
"ccSvcHst_ccAppPlgMgr_5780"="{CD408336-1F37-41FE-8F96-4C07A29F7297}"
"ccSvcHst_ccAppPlgMgr_8572"="{CB1963BA-115E-4109-8B4B-CEE8BCCF006E}"
"ToasterNotify\\SessionID_4"="{D0CD57A8-09E2-4D1C-8BCF-6DE8594F8494}"
"{436E95FE-192E-469f-8F34-5038FBA89BF4}4"="{D0CD57A8-09E2-4D1C-8BCF-6DE8594F8494}"
"ccSvcHst_ccAppPlgMgr_8432"="{133E815C-EE67-40AF-93AA-5CD2AED4E7E6}"
"ToasterNotify\\SessionID_5"="{133E815C-EE67-40AF-93AA-5CD2AED4E7E6}"
"{436E95FE-192E-469f-8F34-5038FBA89BF4}5"="{133E815C-EE67-40AF-93AA-5CD2AED4E7E6}"
"ToasterNotify\\SessionID_6"="{4C96365E-8126-46FC-A26F-61504719FD30}"
"{436E95FE-192E-469f-8F34-5038FBA89BF4}6"="{4C96365E-8126-46FC-A26F-61504719FD30}"
"ccSvcHst_ccAppPlgMgr_5924"="{DFCCCB17-B70A-4A90-A0C5-9B702C3743C8}"
"ccSvcHst_ccAppPlgMgr_6864"="{D40E64A7-BB57-4A8C-8DF9-D9D764328CC5}"
"ccSvcHst_ccAppPlgMgr_868"="{24B24CCF-B8A3-46BE-B8AD-F20BB7CE59DF}"
"ToasterNotify\\SessionID_1"="{D7DB91C9-3DDB-4F41-86B8-629E136B063A}"
"{436E95FE-192E-469f-8F34-5038FBA89BF4}1"="{D7DB91C9-3DDB-4F41-86B8-629E136B063A}"
"ccSvcHst_ccAppPlgMgr_4560"="{859B59FA-DA52-4F69-9A89-4966A4AA7C01}"
"ccSvcHst_ccAppPlgMgr_4644"="{42C5ECB7-9475-496F-BF69-CA7523E79F85}"
"ccSvcHst_ccAppPlgMgr_6124"="{6EEDB90D-F750-4C97-B2DC-E7989FDD4117}"
"ccSvcHst_ccAppPlgMgr_7648"="{831DF18B-71A1-4685-8423-9D422C7C47CC}"
"ccSvcHst_ccAppPlgMgr_4100"="{4657E9E3-AEF1-4CA9-B879-EB58600CD765}"
"ccSvcHst_ccAppPlgMgr_672"="{84F7C5CA-B1AB-459D-AA0A-7D64EC2D74B8}"
"ccSvcHst_ccAppPlgMgr_1800"="{72E4AF6C-8A4C-4A92-B7B1-40F6B3FC1202}"
"ccSvcHst_ccAppPlgMgr_3888"="{874A9016-A358-4E39-B56B-D4F648899171}"
"ccSvcHst_ccAppPlgMgr_1240"="{C07280B7-4999-45DD-8409-5F05B1A71AF4}"
"ccSvcHst_ccAppPlgMgr_1512"="{78D00C6E-3D97-47FB-ADF6-99FEF7B5D6F4}"
"ccSvcHst_ccAppPlgMgr_1300"="{F13CF224-00F2-4CF6-9E7C-458BC64825FD}"
"ccSvcHst_ccAppPlgMgr_5124"="{B473643F-1340-4639-B378-B25E5A0090D7}"
"ccSvcHst_ccAppPlgMgr_2760"="{2D26AF6B-E54F-4051-A80B-553AE49D03D9}"
"ccSvcHst_ccAppPlgMgr_3388"="{C0D20E06-C10E-4133-A83D-89AA434A1AD5}"
"ccSvcHst_ccAppPlgMgr_6176"="{C7B26836-6C68-417A-B412-11D441D65BF2}"
"ccSvcHst_ccAppPlgMgr_6328"="{CA2F91A9-C846-420D-9718-19C0CB1B1B17}"
"ccSvcHst_ccAppPlgMgr_6936"="{15CFCC07-6851-486A-B759-C438D89CD543}"
"ccSvcHst_ccAppPlgMgr_6964"="{6852864D-837F-473D-9C23-86AF84BFE8BB}"
"ccSvcHst_ccAppPlgMgr_2400"="{33E9206E-C606-4CED-B972-ACC6FA7C933E}"
"ccSvcHst_ccAppPlgMgr_6924"="{91ADF4DA-D0C2-4F47-9883-C2DFC7DB76C9}"
"ccSvcHst_ccAppPlgMgr_4868"="{B4361419-393A-466A-AD36-9797F074E869}"
"ccSvcHst_ccAppPlgMgr_4696"="{3A1E5BC5-4D21-4DC2-88D3-C888C3839643}"
"ccSvcHst_ccAppPlgMgr_5748"="{CAC4D4AF-0F2A-435C-9805-7770B020E303}"
"ccSvcHst_ccAppPlgMgr_5164"="{EC773DFA-6FEC-484A-9F00-5BCA6A5D3068}"
"ccSvcHst_ccAppPlgMgr_2116"="{B5CF4061-9E2F-48C2-AC08-8AB42D8376D5}"
"ccSvcHst_ccAppPlgMgr_700"="{A4E777CB-63D2-4FAE-AE73-4F98D0A5C7C4}"
"ccSvcHst_ccAppPlgMgr_3280"="{7757936C-D950-41F8-A279-C19D825A6AA6}"
"ccSvcHst_ccAppPlgMgr_4984"="{3736EBA5-28BD-45EC-A9BD-B6EE3D21B717}"
"ccSvcHst_ccAppPlgMgr_2460"="{D0D97AD1-C988-47B9-A019-CBF38A1C9756}"
"ccSvcHst_ccAppPlgMgr_2692"="{F645137C-98E7-4B39-858E-DE98EFCD219F}"
"ccSvcHst_ccAppPlgMgr_4872"="{ABF2E417-BA46-4003-AEF7-3BF3DB91959F}"
"ccSvcHst_ccAppPlgMgr_5224"="{C5CC68F7-7B91-4527-AB3B-2034E6EDB1BD}"
"ccSvcHst_ccAppPlgMgr_3132"="{8A0F7607-A5A3-4B5D-B3CA-82444CA0C1EB}"
"ccSvcHst_ccAppPlgMgr_3764"="{75DB73F3-F87E-4F46-8D3F-48686C0FA67D}"
"ccSvcHst_ccAppPlgMgr_4956"="{73502489-B337-4021-B4D2-CF69850A0B4C}"
"ccSvcHst_ccAppPlgMgr_1768"="{C056ED11-EC67-496A-AEBA-27950F179901}"
"ccSvcHst_ccAppPlgMgr_2200"="{A778EE8D-F245-4829-A5B7-92824F90936F}"
"ccSvcHst_ccAppPlgMgr_1560"="{5E2D6381-BC6C-430D-9CFD-C5476FF37050}"
"ccSvcHst_ccAppPlgMgr_4292"="{1B8C8AE8-67D4-460D-83BF-1B54A0A1E660}"
"ccSvcHst_ccAppPlgMgr_3324"="{36190D6F-092C-4337-9B55-3D2737CBAB16}"
"ccSvcHst_ccAppPlgMgr_4480"="{55CEDA7E-4EC6-427D-A2C2-89B5B10927BD}"
"ccSvcHst_ccAppPlgMgr_2880"="{70900780-D6C6-4B3B-BF43-08740B732BEB}"
"ccSvcHst_ccAppPlgMgr_3196"="{1178BFCE-B8E3-46A2-95BE-E696C8868ED2}"
"ccSvcHst_ccAppPlgMgr_3816"="{A8483126-67A6-4A97-8770-7342C2D3E00C}"
"ccSvcHst_ccAppPlgMgr_1152"="{09AA9816-F3DC-4CD5-82A6-6C3ABD10FAA9}"
"ccSvcHst_ccAppPlgMgr_2860"="{E505ABD4-4372-40DA-A985-2C35E4642920}"
"ccSvcHst_ccAppPlgMgr_3756"="{F611ECFD-7F74-4E46-90DC-07F4B37B6F05}"
"ccSvcHst_ccAppPlgMgr_4840"="{D4F65CA6-F681-4C04-BE44-3F7627314605}"
"ccSvcHst_ccAppPlgMgr_2836"="{1DDAD13A-6BF8-4760-8F1D-B08FE3E7C856}"
"ccSvcHst_ccAppPlgMgr_2124"="{5C29E067-E896-4686-9E75-AF8DF3C7369B}"
"ccSvcHst_ccAppPlgMgr_2656"="{C9146125-9608-4D1F-8B83-4D3973288708}"
"ccSvcHst_ccAppPlgMgr_1116"="{EE72ED7B-ED94-4DC9-8AD7-077E79D8980E}"
"ccSvcHst_ccAppPlgMgr_3936"="{5A7B10DD-1D03-435E-A527-8BCBD96427D8}"
"ccSvcHst_ccAppPlgMgr_3016"="{EBD6A7F3-E17B-4225-B29D-02B6B268567E}"
"ccSvcHst_ccAppPlgMgr_1312"="{97B4DDF1-1252-4636-B143-81C2D36943A5}"
"ccSvcHst_ccAppPlgMgr_2308"="{D4B8242E-2028-4EAA-B16D-5E56EC5970C5}"
"ccSvcHst_ccAppPlgMgr_3188"="{0555E003-C94E-470E-B91F-8634A5E679D6}"
"ccSvcHst_ccAppPlgMgr_4316"="{A11FC9EA-71C7-427B-9EA8-C5A8FEA70D8A}"
"ccSvcHst_ccAppPlgMgr_4404"="{7CF438F1-E7C1-4B10-BF11-051EE13092F5}"
"ccSvcHst_ccAppPlgMgr_5324"="{75D97489-1E81-4EDB-9B61-D02BCA94CB9C}"
"ccSvcHst_ccAppPlgMgr_3296"="{E3C81E84-08A3-4B7C-8ABA-438D0F965CFC}"
"ccSvcHst_ccAppPlgMgr_1256"="{26DDB60B-B4B6-42BE-8632-A8C63ECFA5B8}"
"ccSvcHst_ccAppPlgMgr_3680"="{B05220F2-924A-4613-98B2-EB58E34C0A64}"
"ccSvcHst_ccAppPlgMgr_3088"="{92D5AF4F-2E3A-4F27-8CE3-7AA76629F808}"
"ccSvcHst_ccAppPlgMgr_4044"="{22B67C75-86DA-4334-B5CD-219FE06CEB88}"
"ccSvcHst_ccAppPlgMgr_1140"="{6EE07192-9175-46C8-805F-3D885B9859FB}"
"ccSvcHst_ccAppPlgMgr_3216"="{8CC95875-8D47-4E14-BA56-577E2EEA7DD6}"
"ccSvcHst_ccAppPlgMgr_1020"="{3B0EBF29-214F-4470-A6AC-FD0AA43E0C32}"
"ccSvcHst_ccAppPlgMgr_2736"="{A28128A5-7373-48F3-9FB7-5CAFD32A9A20}"
"ccSvcHst_ccAppPlgMgr_3600"="{BD63E78D-781A-432E-9C29-4D8E908E6257}"
"ccSvcHst_ccAppPlgMgr_5640"="{415E52C9-1583-4226-81BC-C6E4463A7203}"
"ccSvcHst_ccAppPlgMgr_3896"="{E7395D46-4990-4D6D-A7FB-2E454B11F0E5}"
"ccSvcHst_ccAppPlgMgr_2652"="{0ED03C9D-2F8D-44DC-A490-080315E4B0AB}"
"ccSvcHst_ccAppPlgMgr_4124"="{34F8A061-45ED-4C49-86C3-81F54EAADEDC}"
"ccSvcHst_ccAppPlgMgr_5468"="{5F4851DB-1726-4F13-94B2-C840E3B21049}"
"ccSvcHst_ccAppPlgMgr_3340"="{D8CE6DEC-CA07-4749-B13C-7D78D12B34F3}"
"ccSvcHst_ccAppPlgMgr_5332"="{F98D2141-EC25-4793-812F-4D51CF3BEEDE}"
"ccSvcHst_ccAppPlgMgr_2508"="{F8D2D8F0-FC9A-4152-9FA7-321A7E61B190}"
"ccSvcHst_ccAppPlgMgr_5588"="{EA49BFE4-3754-4B1B-926B-7D297CF8F6B5}"
"ccSvcHst_ccAppPlgMgr_2712"="{3220238F-51E2-45DF-BEA0-724158A55B24}"
"ccSvcHst_ccAppPlgMgr_1424"="{7A588BB8-D0AA-4FE0-95E3-E66C8251D359}"
"ccSvcHst_ccAppPlgMgr_5364"="{3B3409F0-12D3-4719-BD7D-613F62E12057}"
"ccSvcHst_ccAppPlgMgr_1900"="{2AD101AA-898D-477F-BD2B-FD9B9757F5C3}"
"ccSvcHst_ccAppPlgMgr_3712"="{466DF9F3-B4D0-4DA4-A92E-2BF3F61E7483}"
"ccSvcHst_ccAppPlgMgr_5756"="{83AFDD1F-03F7-4F53-A12F-11EC2338AFFD}"
"ccSvcHst_ccAppPlgMgr_2640"="{EB4E0F8A-EB1F-4853-8534-D4F3E5A401DD}"
"ccSvcHst_ccAppPlgMgr_3480"="{296B8EF3-47D2-45B2-8214-A258D0897A0B}"
"ccSvcHst_ccAppPlgMgr_1500"="{C7CF3107-71C7-428C-BDA9-18D30EED79EA}"
"ccSvcHst_ccAppPlgMgr_5136"="{FC6674EC-901C-456D-96F1-900A2278EB6C}"
"ccSvcHst_ccAppPlgMgr_2956"="{BE7ECA88-EBBE-49E2-AB35-2E379CB1859D}"
"ccSvcHst_ccAppPlgMgr_3548"="{A766790B-1CAE-4023-A7F2-1F7209E760C9}"
"ccSvcHst_ccAppPlgMgr_5932"="{B984B1D0-4D7A-482D-8460-BBCDCF50FEE6}"
"ccSvcHst_ccAppPlgMgr_3864"="{F1E8CB3C-FB99-44AF-8728-69120ACB3EF9}"
"ccSvcHst_ccAppPlgMgr_4944"="{0967F055-1752-4761-9E0A-03C8464F7E75}"
"ccSvcHst_ccAppPlgMgr_4784"="{7552AF6E-5D29-4207-BBFA-DD32DF723CFA}"
"ccSvcHst_ccAppPlgMgr_2404"="{8A51072A-2D9C-4318-A956-B12593C16EE4}"
"ccSvcHst_ccAppPlgMgr_3456"="{2B90D278-9DF4-4099-A96E-B3844C851BF7}"
"ccSvcHst_ccAppPlgMgr_5348"="{FAAE6BF8-62FB-4601-A884-2F620633A402}"
"ccSvcHst_ccAppPlgMgr_3576"="{EF62F45A-56F6-4DE9-AB45-600AC4E551B4}"
"ccSvcHst_ccAppPlgMgr_5352"="{752FFF50-A25B-4F86-B583-CBC95D588D58}"
"ccSvcHst_ccAppPlgMgr_5452"="{B6DB46BA-715E-416D-974A-1A2BDFB20E85}"
"ccSvcHst_ccAppPlgMgr_1384"="{36508634-25A8-4F78-90E2-5BD20271734F}"
"ccSvcHst_ccAppPlgMgr_2648"="{A9CBF4DA-A4D3-4C99-A7E0-C868EFCF7B59}"
"ccSvcHst_ccAppPlgMgr_5244"="{7D4B6786-550A-497A-889A-C0EDA71A8A48}"
"ccSvcHst_ccAppPlgMgr_5080"="{7CABC647-C342-4A99-8F76-902194334C85}"
"ccSvcHst_ccAppPlgMgr_5944"="{1AD7A932-FD6F-4118-9E64-EFD3D6269B5C}"
"ccSvcHst_ccAppPlgMgr_5572"="{A66A9B57-8689-4359-B143-CA79F7547614}"
"ccSvcHst_ccAppPlgMgr_3856"="{20FF413F-242A-442C-8811-FD8FBDFDC503}"
"ccSvcHst_ccAppPlgMgr_3772"="{DB3B282F-79CC-4978-A13A-4E8008559347}"
"ccSvcHst_ccAppPlgMgr_3900"="{326D3670-017D-4FE3-BD58-ADDCB6793155}"
"ccSvcHst_ccAppPlgMgr_5800"="{5A3EF450-4318-4709-B9E7-A38F4C21C44F}"
"ccSvcHst_ccAppPlgMgr_6580"="{94BE6C29-E0A1-442A-8A14-1F430E9686AA}"
"ccSvcHst_ccAppPlgMgr_2544"="{4E3192E1-B33E-4AAF-99C4-28A52467E5C7}"
"ccSvcHst_ccAppPlgMgr_4320"="{477EDE89-D7F3-4DED-9FBF-D7DE50F74B91}"
"ccSvcHst_ccAppPlgMgr_2296"="{B5CE6B45-10EF-4C66-9ED9-DD16971E4B30}"
"ccSvcHst_ccAppPlgMgr_3508"="{D97B3A2B-9D1D-4A76-B2C9-2A9EE694C36B}"
"ccSvcHst_ccAppPlgMgr_3488"="{334EA516-E241-41B1-BC49-C1E525869E98}"
"ccSvcHst_ccAppPlgMgr_3652"="{43F9D70A-5C87-4AE5-A4DC-9358E532B67B}"
"ccSvcHst_ccAppPlgMgr_3628"="{961F1CC3-DC53-4351-B87E-05D2BC231431}"
"ccSvcHst_ccAppPlgMgr_5132"="{C74DB8C8-9B0E-4C9C-927D-2D3726A9FF4B}"
"ccSvcHst_ccAppPlgMgr_3144"="{A17FE48E-BC48-4AF5-92F9-52CFA0D0DE7C}"
"ccSvcHst_ccAppPlgMgr_2068"="{3A040B04-9B61-45AF-A919-07ADBAAB2C55}"
"ccSvcHst_ccAppPlgMgr_2420"="{3FDC3427-6388-4C16-9797-070F7F842521}"
"ccSvcHst_ccAppPlgMgr_3552"="{FD97813F-909B-43AB-BCF6-DA13633B0318}"
"ccSvcHst_ccAppPlgMgr_3824"="{C09BB54E-BBD1-4587-8A3D-534AB69E7919}"
"ccSvcHst_ccAppPlgMgr_1108"="{C9EB178D-D75E-4F88-99C0-D0726AD08D96}"
"ccSvcHst_ccAppPlgMgr_3524"="{CAF7B989-2519-47A7-A8A5-47926318BBC3}"
"ccSvcHst_ccAppPlgMgr_4032"="{CBBBD5DB-F281-4682-93A2-113B8590E427}"
"ccSvcHst_ccSetMgr"="{FE0B8D25-DEF3-4258-A3C8-8515CDBED841}"
"ccSettingsService"="{FE0B8D25-DEF3-4258-A3C8-8515CDBED841}"
"{3F11C6A7-CEA8-40c9-88EE-E5461341AE97}_ccSubmissionEngineIPC"="{FE0B8D25-DEF3-4258-A3C8-8515CDBED841}"
"{3F11C6A7-CEA8-40c9-88EE-E5461341AE97}_ccSubmissionEngineCallbackIPC"="{FE0B8D25-DEF3-4258-A3C8-8515CDBED841}"
"ccSvcHst_ccEvtMgr"="{FE0B8D25-DEF3-4258-A3C8-8515CDBED841}"
"ccEvtCli"="{FE0B8D25-DEF3-4258-A3C8-8515CDBED841}"
"ccSvcHst_ccAppPlgMgr_3572"="{F4B5EE7A-3786-49DC-95BA-76FB10D5A9B9}"
"ccSvcHst_ccAppPlgMgr_2752"="{242E9865-6E8F-417A-8956-918CF2CDA0FE}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-04-29 22:52:55
ComboFix-quarantined-files.txt 2011-04-29 20:52
.
Před spuštěním: Volných bajtů: 315 329 839 104
Po spuštění: Volných bajtů: 317 819 338 752
.
- - End Of File - - 37A35977A620E7EA16D59A4345587AFF
Re: Zamrznutí PC při načítání plochy
Jak to ted vypadá s počítačem?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Zamrznutí PC při načítání plochy
Restartovala jsem, propracovala jsem se až k "vítejte". Pak obrazovka zčernala a plocha se ani nenačetla.
Re: Zamrznutí PC při načítání plochy
stáhnětehttp://www.slunecnice.cz/sw/crystaldiskinfo/
- spusťte ho a v nabídce zvolte Kopírovat.
-Data ze schránky sem pak vložte pomocí Ctrl+V
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Zamrznutí PC při načítání plochy
posilam data ze schranky. Trochu se mi rozsypala grafika, nemuze byt problem v graficke karte ?
----------------------------------------------------------------------------
CrystalDiskInfo 3.10.0 (C) 2008-2010 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Home Premium Edition [6.1 Build 7600] (x64)
Date : 2011/04/30 10:36:16
-- Controller Map ----------------------------------------------------------
+ Intel(R) ICH8R/ICH9R/ICH10R SATA RAID Controller [SCSI]
- Hitachi HDP725050GLA360
- TSSTcorp CDDVDW TS-H653Q
- Hitachi HDP725050GLA360
-- Disk List ---------------------------------------------------------------
(1) Hitachi HDP725050GLA360 : 500.1 GB [0-0-0, pd1]
(2) Hitachi HDP725050GLA360 : 500.1 GB [1-0-2, pd1]
----------------------------------------------------------------------------
(1) Hitachi HDP725050GLA360
----------------------------------------------------------------------------
Model : Hitachi HDP725050GLA360
Firmware : GM4OA57A
Serial Number : GEA530RE3P0DGA
Disk Size : 500.1 GB (8.4/137.4/500.1)
Buffer Size : 15118 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300
Power On Hours : 5117 hod.
Power On Count : 3068 krát
Temparature : 31 C (87 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 _94 _16 000000000000 Počet chyb čtení
02 133 100 _54 00000000008A Průchodnost disku
03 117 100 _24 0006014C0143 Čas na roztočení ploten
04 100 100 __0 000000000EEF Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 129 100 _20 00000000001E Čas potřebný na vyhledání
09 100 100 __0 0000000013FD Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 000000000BFC Počet cyklů zapnutí zařízení
C0 _97 _97 __0 000000000EEF Počet vypnutí disku
C1 _97 _97 __0 000000000EEF Počet cyklů načítání/vymazání
C2 193 150 __0 002A0010001F Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 04 5A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 20 47 45 41 35 33 30
020: 52 45 33 50 30 44 47 41 00 03 76 1C 00 38 47 4D
030: 34 4F 41 35 37 41 48 69 74 61 63 68 69 20 48 44
040: 50 37 32 35 30 35 30 47 4C 41 33 36 30 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 40 00 2F 00 40 00 02 00 02 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 17 06 00 00 00 5E 00 44
0A0: 01 FC 00 29 30 69 7E 01 41 63 30 69 BC 01 40 63
0B0: 40 7F 00 00 00 00 00 00 FF FE 00 00 80 FE 00 00
0C0: 00 00 00 00 00 00 00 00 60 30 3A 38 00 00 00 00
0D0: 00 00 00 00 00 00 5A 87 50 00 CC A3 2C F3 D3 D0
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 14
0F0: 40 14 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 0B 00 00 00 00 29 80 0C B1 3C 20 00 01
110: 40 00 04 00 02 40 00 00 00 00 06 02 08 02 06 02
120: 07 03 04 04 04 04 5D FF 44 E5 31 37 80 00 00 00
130: 34 48 43 35 00 00 48 14 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 3D 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 1C 20 00 00 00 00 00 00 00 00 10 1F 00 21
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 01 03 E0 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 18 A5
----------------------------------------------------------------------------
(2) Hitachi HDP725050GLA360
----------------------------------------------------------------------------
Model : Hitachi HDP725050GLA360
Firmware : GM4OA57A
Serial Number : GEA530RE3P0TGA
Disk Size : 500.1 GB (8.4/137.4/500.1)
Buffer Size : 15118 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300
Power On Hours : 5061 hod.
Power On Count : 3067 krát
Temparature : 29 C (84 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 _95 _16 000000000000 Počet chyb čtení
02 132 100 _54 00000000008C Průchodnost disku
03 120 100 _24 0006013A0143 Čas na roztočení ploten
04 _99 _99 __0 000000001C4C Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 131 100 _20 00000000001D Čas potřebný na vyhledání
09 100 100 __0 0000000013C5 Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 000000000BFB Počet cyklů zapnutí zařízení
C0 _94 _94 __0 000000001C57 Počet vypnutí disku
C1 _94 _94 __0 000000001C57 Počet cyklů načítání/vymazání
C2 206 157 __0 00260010001D Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 04 5A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 20 47 45 41 35 33 30
020: 52 45 33 50 30 54 47 41 00 03 76 1C 00 38 47 4D
030: 34 4F 41 35 37 41 48 69 74 61 63 68 69 20 48 44
040: 50 37 32 35 30 35 30 47 4C 41 33 36 30 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 40 00 2F 00 40 00 02 00 02 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 17 06 00 00 00 5E 00 44
0A0: 01 FC 00 29 30 69 7E 01 41 63 30 69 BC 01 40 63
0B0: 40 7F 00 00 00 00 00 00 FF FE 00 00 80 FE 00 00
0C0: 00 00 00 00 00 00 00 00 60 30 3A 38 00 00 00 00
0D0: 00 00 00 00 00 00 5A 87 50 00 CC A3 2C F3 D5 44
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 14
0F0: 40 14 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 0B 00 00 00 00 29 80 0C B1 3C 20 00 01
110: 40 00 04 00 02 40 00 00 00 00 06 03 06 03 06 03
120: 06 03 04 04 04 04 5D FF 44 E5 31 37 80 00 00 00
130: 34 48 43 35 00 00 48 14 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 3D 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 1C 20 00 00 00 00 00 00 00 00 10 1F 00 21
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 01 03 E0 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 92 A5
----------------------------------------------------------------------------
CrystalDiskInfo 3.10.0 (C) 2008-2010 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Home Premium Edition [6.1 Build 7600] (x64)
Date : 2011/04/30 10:36:16
-- Controller Map ----------------------------------------------------------
+ Intel(R) ICH8R/ICH9R/ICH10R SATA RAID Controller [SCSI]
- Hitachi HDP725050GLA360
- TSSTcorp CDDVDW TS-H653Q
- Hitachi HDP725050GLA360
-- Disk List ---------------------------------------------------------------
(1) Hitachi HDP725050GLA360 : 500.1 GB [0-0-0, pd1]
(2) Hitachi HDP725050GLA360 : 500.1 GB [1-0-2, pd1]
----------------------------------------------------------------------------
(1) Hitachi HDP725050GLA360
----------------------------------------------------------------------------
Model : Hitachi HDP725050GLA360
Firmware : GM4OA57A
Serial Number : GEA530RE3P0DGA
Disk Size : 500.1 GB (8.4/137.4/500.1)
Buffer Size : 15118 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300
Power On Hours : 5117 hod.
Power On Count : 3068 krát
Temparature : 31 C (87 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 _94 _16 000000000000 Počet chyb čtení
02 133 100 _54 00000000008A Průchodnost disku
03 117 100 _24 0006014C0143 Čas na roztočení ploten
04 100 100 __0 000000000EEF Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 129 100 _20 00000000001E Čas potřebný na vyhledání
09 100 100 __0 0000000013FD Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 000000000BFC Počet cyklů zapnutí zařízení
C0 _97 _97 __0 000000000EEF Počet vypnutí disku
C1 _97 _97 __0 000000000EEF Počet cyklů načítání/vymazání
C2 193 150 __0 002A0010001F Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 04 5A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 20 47 45 41 35 33 30
020: 52 45 33 50 30 44 47 41 00 03 76 1C 00 38 47 4D
030: 34 4F 41 35 37 41 48 69 74 61 63 68 69 20 48 44
040: 50 37 32 35 30 35 30 47 4C 41 33 36 30 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 40 00 2F 00 40 00 02 00 02 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 17 06 00 00 00 5E 00 44
0A0: 01 FC 00 29 30 69 7E 01 41 63 30 69 BC 01 40 63
0B0: 40 7F 00 00 00 00 00 00 FF FE 00 00 80 FE 00 00
0C0: 00 00 00 00 00 00 00 00 60 30 3A 38 00 00 00 00
0D0: 00 00 00 00 00 00 5A 87 50 00 CC A3 2C F3 D3 D0
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 14
0F0: 40 14 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 0B 00 00 00 00 29 80 0C B1 3C 20 00 01
110: 40 00 04 00 02 40 00 00 00 00 06 02 08 02 06 02
120: 07 03 04 04 04 04 5D FF 44 E5 31 37 80 00 00 00
130: 34 48 43 35 00 00 48 14 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 3D 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 1C 20 00 00 00 00 00 00 00 00 10 1F 00 21
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 01 03 E0 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 18 A5
----------------------------------------------------------------------------
(2) Hitachi HDP725050GLA360
----------------------------------------------------------------------------
Model : Hitachi HDP725050GLA360
Firmware : GM4OA57A
Serial Number : GEA530RE3P0TGA
Disk Size : 500.1 GB (8.4/137.4/500.1)
Buffer Size : 15118 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300
Power On Hours : 5061 hod.
Power On Count : 3067 krát
Temparature : 29 C (84 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 _95 _16 000000000000 Počet chyb čtení
02 132 100 _54 00000000008C Průchodnost disku
03 120 100 _24 0006013A0143 Čas na roztočení ploten
04 _99 _99 __0 000000001C4C Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 131 100 _20 00000000001D Čas potřebný na vyhledání
09 100 100 __0 0000000013C5 Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 000000000BFB Počet cyklů zapnutí zařízení
C0 _94 _94 __0 000000001C57 Počet vypnutí disku
C1 _94 _94 __0 000000001C57 Počet cyklů načítání/vymazání
C2 206 157 __0 00260010001D Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 04 5A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 20 47 45 41 35 33 30
020: 52 45 33 50 30 54 47 41 00 03 76 1C 00 38 47 4D
030: 34 4F 41 35 37 41 48 69 74 61 63 68 69 20 48 44
040: 50 37 32 35 30 35 30 47 4C 41 33 36 30 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 40 00 2F 00 40 00 02 00 02 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 17 06 00 00 00 5E 00 44
0A0: 01 FC 00 29 30 69 7E 01 41 63 30 69 BC 01 40 63
0B0: 40 7F 00 00 00 00 00 00 FF FE 00 00 80 FE 00 00
0C0: 00 00 00 00 00 00 00 00 60 30 3A 38 00 00 00 00
0D0: 00 00 00 00 00 00 5A 87 50 00 CC A3 2C F3 D5 44
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 14
0F0: 40 14 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 0B 00 00 00 00 29 80 0C B1 3C 20 00 01
110: 40 00 04 00 02 40 00 00 00 00 06 03 06 03 06 03
120: 06 03 04 04 04 04 5D FF 44 E5 31 37 80 00 00 00
130: 34 48 43 35 00 00 48 14 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 3D 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 1C 20 00 00 00 00 00 00 00 00 10 1F 00 21
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 01 03 E0 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 92 A5
Re: Zamrznutí PC při načítání plochy
Je to možné . To je notas? Máte pc ještě v záruce? disk je ok, viry nevidím,
. To je notas? Máte pc ještě v záruce? disk je ok, viry nevidím, Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Zamrznutí PC při načítání plochy
Je to stolní PC. Právě po záruce. 
Ale grafickou kartu má samostatnou ne integrovanou. Zkontrolovala jse zapojení a ventilátor a vše je ok. Přeinstalovala ovladač a tím to také nebylo. Zítra bych měla mít zapůjčenou kartu, tak ji vyzkouším. Pokud to bude tím, koupím novou. Pokud ne, přistoupím k přeinstalování windows. A pokud ani to nepomůže, vyhodím ten počítač z okna.
Pokud je něco v mém postupu pitomost, prosím o upozornění.
A díky
Ale grafickou kartu má samostatnou ne integrovanou. Zkontrolovala jse zapojení a ventilátor a vše je ok. Přeinstalovala ovladač a tím to také nebylo. Zítra bych měla mít zapůjčenou kartu, tak ji vyzkouším. Pokud to bude tím, koupím novou. Pokud ne, přistoupím k přeinstalování windows. A pokud ani to nepomůže, vyhodím ten počítač z okna.Pokud je něco v mém postupu pitomost, prosím o upozornění.
A díky
Přispějete na provoz fóra?