http://www.gmer.net/ stiahni mbr.exe spust a jeho log vloz
+
kedze PC bolo hodne zasvinene prescanuj este s AVPTool
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o pomoc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o pomoc
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o pomoc
tu je log z MBR.exe:
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ST3250410AS rev.3.AAA -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ST3250410AS rev.3.AAA -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
Re: Prosím o pomoc
toto je z AVP tool:
Automatická kontrola: dokončeno před 3 min. (události: 34, objekty: 1766145, čas: 06:54:28)
13. 5. 2011 18:04:04 Úloha byla spuštěna
13. 5. 2011 18:41:27 Zjištěno: Trojan.Java.Agent.am C:\Documents and Settings\laci\Data
aplikací\Sun\Java\Deployment\cache\6.0\29\76600b1d-1fd43b5b/bpac/b.class
13. 5. 2011 18:41:29 Odstraněno: Trojan.Java.Agent.am C:\Documents and Settings\laci\Data
aplikací\Sun\Java\Deployment\cache\6.0\29\76600b1d-1fd43b5b/bpac/b.class
13. 5. 2011 23:30:43 Zjištěno: Backdoor.Win32.Poison.casq C:\Program Files\VPSS\vpss.exe
13. 5. 2011 23:32:24 Odstraněno: Backdoor.Win32.Poison.casq C:\Program Files\VPSS\vpss.exe
13. 5. 2011 23:34:23 Zjištěno: Trojan-Dropper.Win32.Delf.ipn C:\Program Files\Yahoo! Games\Myth Match\main.exe
13. 5. 2011 23:34:34 Odstraněno: Trojan-Dropper.Win32.Delf.ipn C:\Program Files\Yahoo! Games\Myth Match\main.ex
13. 5. 2011 23:42:46 Zjištěno: Trojan.Win32.Genome.bcks C:\QooBox\Quarantine\C\Program
Files\MediaVideoCodec\MediaVideoCodec.ocx.vir
13. 5. 2011 23:43:12 Odstraněno: Trojan.Win32.Genome.bcks C:\QooBox\Quarantine\C\Program
Files\MediaVideoCodec\MediaVideoCodec.ocx.vir
13. 5. 2011 23:44:53 Zjištěno: Trojan-Dropper.Win32.Delf.ipn C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP476\A0156670.exe
13. 5. 2011 23:45:26 Odstraněno: Trojan-Dropper.Win32.Delf.ipn C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP476\A0156670.exe
13. 5. 2011 23:56:12 Zjištěno: Trojan.Win32.Agent.djeb C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP482\A0172992.exe
13. 5. 2011 23:56:33 Odstraněno: Trojan.Win32.Agent.djeb C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP482\A0172992.exe
14. 5. 2011 0:05:11 Zjištěno: Trojan.Win32.VB.aitq C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP482\A0174560.exe/PE_Patch/UPack
14. 5. 2011 0:05:23 Odstraněno: Trojan.Win32.VB.aitq C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP482\A0174560.exe
14. 5. 2011 0:09:04 Zjištěno: not-a-virus:AdWare.Win32.TMAagent.w C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP486\A0176086.dll/data0001.res/PE_Patch/ASProtect14
14. 5. 2011 0:09:55 Odstraněno: not-a-virus:AdWare.Win32.TMAagent.w C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP486\A0176086.dll
14. 5. 2011 0:10:14 Zjištěno: not-a-virus:AdWare.Win32.TMAagent.cl C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP487\A0176191.exe/data0010/content/extension.js
14. 5. 2011 0:10:36 Zjištěno: not-a-virus:AdWare.Win32.TMAagent.ck C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP487\A0176191.exe/data0014/PE-Crypt.XorPE
14. 5. 2011 0:10:42 Odstraněno: not-a-virus:AdWare.Win32.TMAagent.ck C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP487\A0176191.exe
14. 5. 2011 0:23:26 Zjištěno: not-a-virus:AdWare.Win32.TMAagent.u C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP510\A0195343.exe/data0013/data0001.res/PE_Patch/ASProte
ct14
14. 5. 2011 0:26:18 Zjištěno: not-a-virus:AdWare.Win32.TMAagent.u C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP510\A0195343.exe/data0015/data0001.res/PE_Patch/ASProte
ct14
14. 5. 2011 0:26:21 Zjištěno: not-a-virus:AdWare.Win32.TMAagent.w C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP510\A0195343.exe/data0020/data0001.res/PE_Patch/ASProte
ct14
14. 5. 2011 0:26:23 Zjištěno: not-a-virus:AdWare.Win32.TMAagent.w C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP510\A0195343.exe/data0021/data0001.res/PE_Patch/ASProte
ct14
14. 5. 2011 0:26:25 Zjištěno: not-a-virus:AdWare.Win32.TMAagent.cl C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP510\A0195343.exe/data0025/PE-Crypt.XorPE/data0010/conte
nt/extension.js
14. 5. 2011 0:26:26 Odstraněno: not-a-virus:AdWare.Win32.TMAagent.cl C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP510\A0195343.exe
14. 5. 2011 0:26:27 Zjištěno: Trojan-Dropper.Win32.Delf.ipn C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP510\A0195355.exe
14. 5. 2011 0:26:32 Zjištěno: Backdoor.Win32.Poison.casq C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP510\A0195357.exe
14. 5. 2011 0:26:35 Zjištěno: Trojan-Dropper.Win32.Delf.ipn C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP510\A0195358.exe
14. 5. 2011 0:26:46 Odstraněno: Trojan-Dropper.Win32.Delf.ipn C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP510\A0195355.exe
14. 5. 2011 0:26:47 Odstraněno: Backdoor.Win32.Poison.casq C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP510\A0195357.exe
14. 5. 2011 0:26:48 Odstraněno: Trojan-Dropper.Win32.Delf.ipn C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP510\A0195358.exe
14. 5. 2011 0:27:39 Zjištěno: Packed.Win32.PePatch.dk C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP510\A0195356.EXE/data0062
14. 5. 2011 0:58:32 Úloha byla dokončena
Automatická kontrola: dokončeno před 3 min. (události: 34, objekty: 1766145, čas: 06:54:28)
13. 5. 2011 18:04:04 Úloha byla spuštěna
13. 5. 2011 18:41:27 Zjištěno: Trojan.Java.Agent.am C:\Documents and Settings\laci\Data
aplikací\Sun\Java\Deployment\cache\6.0\29\76600b1d-1fd43b5b/bpac/b.class
13. 5. 2011 18:41:29 Odstraněno: Trojan.Java.Agent.am C:\Documents and Settings\laci\Data
aplikací\Sun\Java\Deployment\cache\6.0\29\76600b1d-1fd43b5b/bpac/b.class
13. 5. 2011 23:30:43 Zjištěno: Backdoor.Win32.Poison.casq C:\Program Files\VPSS\vpss.exe
13. 5. 2011 23:32:24 Odstraněno: Backdoor.Win32.Poison.casq C:\Program Files\VPSS\vpss.exe
13. 5. 2011 23:34:23 Zjištěno: Trojan-Dropper.Win32.Delf.ipn C:\Program Files\Yahoo! Games\Myth Match\main.exe
13. 5. 2011 23:34:34 Odstraněno: Trojan-Dropper.Win32.Delf.ipn C:\Program Files\Yahoo! Games\Myth Match\main.ex
13. 5. 2011 23:42:46 Zjištěno: Trojan.Win32.Genome.bcks C:\QooBox\Quarantine\C\Program
Files\MediaVideoCodec\MediaVideoCodec.ocx.vir
13. 5. 2011 23:43:12 Odstraněno: Trojan.Win32.Genome.bcks C:\QooBox\Quarantine\C\Program
Files\MediaVideoCodec\MediaVideoCodec.ocx.vir
13. 5. 2011 23:44:53 Zjištěno: Trojan-Dropper.Win32.Delf.ipn C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP476\A0156670.exe
13. 5. 2011 23:45:26 Odstraněno: Trojan-Dropper.Win32.Delf.ipn C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP476\A0156670.exe
13. 5. 2011 23:56:12 Zjištěno: Trojan.Win32.Agent.djeb C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP482\A0172992.exe
13. 5. 2011 23:56:33 Odstraněno: Trojan.Win32.Agent.djeb C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP482\A0172992.exe
14. 5. 2011 0:05:11 Zjištěno: Trojan.Win32.VB.aitq C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP482\A0174560.exe/PE_Patch/UPack
14. 5. 2011 0:05:23 Odstraněno: Trojan.Win32.VB.aitq C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP482\A0174560.exe
14. 5. 2011 0:09:04 Zjištěno: not-a-virus:AdWare.Win32.TMAagent.w C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP486\A0176086.dll/data0001.res/PE_Patch/ASProtect14
14. 5. 2011 0:09:55 Odstraněno: not-a-virus:AdWare.Win32.TMAagent.w C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP486\A0176086.dll
14. 5. 2011 0:10:14 Zjištěno: not-a-virus:AdWare.Win32.TMAagent.cl C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP487\A0176191.exe/data0010/content/extension.js
14. 5. 2011 0:10:36 Zjištěno: not-a-virus:AdWare.Win32.TMAagent.ck C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP487\A0176191.exe/data0014/PE-Crypt.XorPE
14. 5. 2011 0:10:42 Odstraněno: not-a-virus:AdWare.Win32.TMAagent.ck C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP487\A0176191.exe
14. 5. 2011 0:23:26 Zjištěno: not-a-virus:AdWare.Win32.TMAagent.u C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP510\A0195343.exe/data0013/data0001.res/PE_Patch/ASProte
ct14
14. 5. 2011 0:26:18 Zjištěno: not-a-virus:AdWare.Win32.TMAagent.u C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP510\A0195343.exe/data0015/data0001.res/PE_Patch/ASProte
ct14
14. 5. 2011 0:26:21 Zjištěno: not-a-virus:AdWare.Win32.TMAagent.w C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP510\A0195343.exe/data0020/data0001.res/PE_Patch/ASProte
ct14
14. 5. 2011 0:26:23 Zjištěno: not-a-virus:AdWare.Win32.TMAagent.w C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP510\A0195343.exe/data0021/data0001.res/PE_Patch/ASProte
ct14
14. 5. 2011 0:26:25 Zjištěno: not-a-virus:AdWare.Win32.TMAagent.cl C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP510\A0195343.exe/data0025/PE-Crypt.XorPE/data0010/conte
nt/extension.js
14. 5. 2011 0:26:26 Odstraněno: not-a-virus:AdWare.Win32.TMAagent.cl C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP510\A0195343.exe
14. 5. 2011 0:26:27 Zjištěno: Trojan-Dropper.Win32.Delf.ipn C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP510\A0195355.exe
14. 5. 2011 0:26:32 Zjištěno: Backdoor.Win32.Poison.casq C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP510\A0195357.exe
14. 5. 2011 0:26:35 Zjištěno: Trojan-Dropper.Win32.Delf.ipn C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP510\A0195358.exe
14. 5. 2011 0:26:46 Odstraněno: Trojan-Dropper.Win32.Delf.ipn C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP510\A0195355.exe
14. 5. 2011 0:26:47 Odstraněno: Backdoor.Win32.Poison.casq C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP510\A0195357.exe
14. 5. 2011 0:26:48 Odstraněno: Trojan-Dropper.Win32.Delf.ipn C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP510\A0195358.exe
14. 5. 2011 0:27:39 Zjištěno: Packed.Win32.PePatch.dk C:\System Volume
Information\_restore{1DFADC32-C945-426A-A40B-83269BC79E41}\RP510\A0195356.EXE/data0062
14. 5. 2011 0:58:32 Úloha byla dokončena
Re: Prosím o pomoc
Fajn, Mbr by měl být čistý, ještě koukneme na ten 63. sekotr. Normálně ho myší označte a dejte ctrl +C a pak do poznámkového bloku Ctrl +V, mělo by se Vám to zkopírovat. Zajímá mě, kde máte napsáno Ntfs nebo Ntdlr, u kterého sektoru, jestli 63 nebo až 64.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Prosím o pomoc
Dobrý večer vkladám sem oba sektory:
63.
ëR.NTFS ..........ř..?.˙.?.......€.€.€...............hŔŃ.....ö........ľo¸.p¸Ľ....ú3ŔŽĐĽ.|ű¸Ŕ.ŽŘč..¸..ŽŔ3ŰĆ....čS.h..hj.ËŠ.$.´.Í.s.ą˙˙Šńf.¶Ć@f.¶Ń€â?÷â†ÍŔí.Af.·Éf÷áfŁ .Ă´A»ŞUŠ.$.Í.r..űUŞu.öÁ.t.ţ...Ăf`..fˇ..f....f;. ..‚:..fj.fP.Sfh....€>....…..čł˙€>....„a.´BŠ.$...‹ôÍ.fX[.fXfX.ë-f3Ňf.·...f÷ńţŠĘf‹ĐfÁę.÷6..†ÖŠ.$.ŠčŔä..̸..Í..‚..ŚŔ. .ŽŔf˙...˙....…o˙..faĂ ř.č.. ű.č..űëţ´.‹đ¬<.t.´.»..Í.ëňĂ..Chyba źtenˇ disku...NTLDR nenalezen...NTLDR komprimov n....Restartujte stisknutˇm kl ves Ctrl+Alt+Del...............—©ľ..UŞ
64.
..N.T.L.D.R...$.I.3.0..ŕ...0..........................................................ë...................ŚČŽŘÁŕ.ú‹ŕűč.ţf.·...f.¶...f÷ăfŁN.f‹.@.€ů..Ź..öŮf¸....fÓŕë..fˇN.f÷áfŁR.f.·...f3Ňf÷ófŁV.čq.f‹.J.f‰.".f..R.f‰.&.f..R.f‰.*.f..R.f‰.:.f..R.f‰.B.f¸....f‹.".č_.f.Ŕ.„WţfŁ..f¸ ...f‹.&.čF.fŁ2.f¸°...f‹.*.č4.fŁ6.fˇ..f.Ŕ.„$ţg€x...….ţgfŤP.g.B.gf.¶H.f‰.b.gf‹H.f‰.^.fˇ^.f.·...f3Ňf÷ńfŁf.fˇB.f..^.fŁF.f.>2...„..f.>6...„Čýf‹.6...f‹>F.fˇ*.čĽ.f.·...f¸....čţ.f.Ŕ.„¨.gf‹...f‹>:.č1.fˇ:.f» ...fą....fş....čÖ.f…Ŕ.…#.fˇ:.f»€...fą....
Vlastne teraz neviem či potrebujete vidieť tú ľavú časť tabuľky,alebo toto čo som vložil?
63.
ëR.NTFS ..........ř..?.˙.?.......€.€.€...............hŔŃ.....ö........ľo¸.p¸Ľ....ú3ŔŽĐĽ.|ű¸Ŕ.ŽŘč..¸..ŽŔ3ŰĆ....čS.h..hj.ËŠ.$.´.Í.s.ą˙˙Šńf.¶Ć@f.¶Ń€â?÷â†ÍŔí.Af.·Éf÷áfŁ .Ă´A»ŞUŠ.$.Í.r..űUŞu.öÁ.t.ţ...Ăf`..fˇ..f....f;. ..‚:..fj.fP.Sfh....€>....…..čł˙€>....„a.´BŠ.$...‹ôÍ.fX[.fXfX.ë-f3Ňf.·...f÷ńţŠĘf‹ĐfÁę.÷6..†ÖŠ.$.ŠčŔä..̸..Í..‚..ŚŔ. .ŽŔf˙...˙....…o˙..faĂ ř.č.. ű.č..űëţ´.‹đ¬<.t.´.»..Í.ëňĂ..Chyba źtenˇ disku...NTLDR nenalezen...NTLDR komprimov n....Restartujte stisknutˇm kl ves Ctrl+Alt+Del...............—©ľ..UŞ
64.
..N.T.L.D.R...$.I.3.0..ŕ...0..........................................................ë...................ŚČŽŘÁŕ.ú‹ŕűč.ţf.·...f.¶...f÷ăfŁN.f‹.@.€ů..Ź..öŮf¸....fÓŕë..fˇN.f÷áfŁR.f.·...f3Ňf÷ófŁV.čq.f‹.J.f‰.".f..R.f‰.&.f..R.f‰.*.f..R.f‰.:.f..R.f‰.B.f¸....f‹.".č_.f.Ŕ.„WţfŁ..f¸ ...f‹.&.čF.fŁ2.f¸°...f‹.*.č4.fŁ6.fˇ..f.Ŕ.„$ţg€x...….ţgfŤP.g.B.gf.¶H.f‰.b.gf‹H.f‰.^.fˇ^.f.·...f3Ňf÷ńfŁf.fˇB.f..^.fŁF.f.>2...„..f.>6...„Čýf‹.6...f‹>F.fˇ*.čĽ.f.·...f¸....čţ.f.Ŕ.„¨.gf‹...f‹>:.č1.fˇ:.f» ...fą....fş....čÖ.f…Ŕ.…#.fˇ:.f»€...fą....
Vlastne teraz neviem či potrebujete vidieť tú ľavú časť tabuľky,alebo toto čo som vložil?
Re: Prosím o pomoc
Tohle mi stačí. Tak opravovat už nic nebudeme, mohla bych Vám zrušit pc 
, ten 63. sektor je důležitý.
Pc by mělo být v pořádku. AVPtool i HxD odinstalujte a poprosím o závěrečný log ze rsitu
, ten 63. sektor je důležitý. Pc by mělo být v pořádku. AVPtool i HxD odinstalujte a poprosím o závěrečný log ze rsitu
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Prosím o pomoc
Vkladam log z RSIT:
Logfile of random's system information tool 1.08 (written by random/random)
Run by laci at 2011-05-14 23:14:01
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 23 GB (10%) free of 238 GB
Total RAM: 1023 MB (32% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:14:16, on 14. 5. 2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\DUMETE~1\DUMeter.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\DU Meter\DUMeterSvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\laci\Dokumenty\Preberanie\RSIT.exe
C:\Program Files\trend micro\laci.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/webhp?hl=sk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\PROGRA~1\FlashGet\getflash.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open Link Target in Firefox - file://C:\Documents and Settings\laci\Data aplikací\Mozilla\Firefox\Profiles\gbjgda6e.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewlink.html
O8 - Extra context menu item: Otvorit tento odkaz vo Firefoxe - file://C:\Documents and Settings\laci\Data aplikací\Mozilla\Firefox\Profiles\u3rc1elu.LACIprofil\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewlink.html
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O8 - Extra context menu item: Stáhnout pomocí FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: Stáhnout vše pomocí FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: View This Page in Firefox - file://C:\Documents and Settings\laci\Data aplikací\Mozilla\Firefox\Profiles\gbjgda6e.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewpage.html
O8 - Extra context menu item: Zobrazit túto stránku vo Firefoxe - file://C:\Documents and Settings\laci\Data aplikací\Mozilla\Firefox\Profiles\u3rc1elu.LACIprofil\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewpage.html
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Righteous%20Kill/Images/stg_drm.ocx
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd. - C:\Program Files\DU Meter\DUMeterSvc.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Helper Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
--
End of file - 10504 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2011-03-30 520192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
IeCatch5 Class - C:\PROGRA~1\FlashGet\jccatch.dll [2006-05-16 81920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-03 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-02-03 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
gFlash Class - C:\PROGRA~1\FlashGet\getflash.dll [2006-09-12 126976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2011-03-30 520192]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} - FlashGet Bar - C:\PROGRA~1\FlashGet\fgiebar.dll [2005-06-07 86016]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-05-07 16862208]
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-05-10 3459712]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2011-05-08 2216960]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DU Meter"=C:\Program Files\DU Meter\DUMeter.exe [2011-05-04 2942856]
"WEBTRAN"= []
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEXPRESS]
C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE [2011-03-30 26624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2010-07-12 74752]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^laci^Nabídka Start^Programy^Po spuštění^FreeRapid 0.83u1.lnk]
[]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-11-29 90112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\Program Files\DAP\DAP.exe"="C:\Program Files\DAP\DAP.exe:*:Enabled:Download Accelerator Plus (DAP)"
"C:\Program Files\Windows Media Player\wmplayer.exe"="C:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\sdc206\StrongDC.exe"="C:\Program Files\sdc206\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\Microsoft Games\Zoo Tycoon 2\zt.exe"="C:\Program Files\Microsoft Games\Zoo Tycoon 2\zt.exe:*:Enabled:Zoo Tycoon 2 Executable"
"C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Enabled:Veoh Client"
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"="C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player "
"C:\Program Files\Microsoft Games\Age of Empires III\age3x.exe"="C:\Program Files\Microsoft Games\Age of Empires III\age3x.exe:*:Enabled:Age of Empires III - The WarChiefs"
"C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe"="C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe:*:Enabled:Age of Empires III - The Asian Dynasties"
"C:\Program Files\Mozilla Thunderbird\thunderbird.exe"="C:\Program Files\Mozilla Thunderbird\thunderbird.exe:*:Enabled:Mozilla Thunderbird"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2011-05-14 23:14:01 ----D---- C:\rsit
2011-05-11 19:23:47 ----D---- C:\WINDOWS\CSC
2011-05-11 00:14:35 ----RA---- C:\WINDOWS\system32\drivers\SbFw.sys
2011-05-11 00:14:35 ----A---- C:\WINDOWS\system32\drivers\SbFwIm.sys
2011-05-11 00:06:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2011-05-11 00:06:16 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2011-05-11 00:06:00 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2011-05-10 22:25:13 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2011-05-10 22:24:55 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2011-05-10 20:59:09 ----D---- C:\WINDOWS\SxsCaPendDel
2011-05-10 20:40:16 ----D---- C:\WINDOWS\Prefetch
2011-05-10 20:31:01 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2011-05-10 20:29:58 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2011-05-10 20:28:50 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2011-05-10 20:27:48 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2011-05-10 20:26:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2011-05-10 20:25:47 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2011-05-10 20:24:40 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2011-05-10 20:23:39 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2011-05-10 20:22:31 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2011-05-10 20:21:23 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2011-05-10 20:19:51 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2011-05-10 20:15:13 ----N---- C:\WINDOWS\system32\rwnh.dll
2011-05-10 20:15:12 ----N---- C:\WINDOWS\system32\smtpapi.dll
2011-05-10 20:13:50 ----A---- C:\WINDOWS\000001_.tmp
2011-05-10 18:10:51 ----D---- C:\Program Files\Yamicsoft
2011-05-08 19:26:40 ----A---- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2011-05-08 19:26:39 ----D---- C:\Documents and Settings\laci\Data aplikací\Spyware Terminator
2011-05-08 19:26:32 ----D---- C:\Program Files\Spyware Terminator
2011-05-08 19:26:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2011-05-08 18:38:59 ----D---- C:\Program Files\Lavalys
2011-05-08 17:31:42 ----D---- C:\Documents and Settings\laci\Data aplikací\TMAgency
2011-05-08 17:15:26 ----SHD---- C:\RECYCLER
2011-05-07 18:47:13 ----D---- C:\Documents and Settings\laci\Data aplikací\Malwarebytes
2011-05-07 18:46:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-05-07 18:46:44 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-05-06 17:28:20 ----D---- C:\Program Files\CCleaner
2011-05-05 22:17:08 ----D---- C:\Program Files\trend micro
2011-05-03 18:12:32 ----D---- C:\Documents and Settings\laci\Data aplikací\Super-Cow
2011-04-23 00:06:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
2011-04-23 00:06:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2506223$
2011-04-23 00:02:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2412687$
2011-04-22 23:55:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2508272$
2011-04-22 23:54:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2503658$
2011-04-22 23:52:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2507618$
2011-04-22 23:51:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2011-04-22 23:51:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2511455$
2011-04-22 23:49:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2011-04-22 23:36:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2011-04-17 21:26:18 ----D---- C:\Documents and Settings\laci\Data aplikací\Špidla Data Processing, s.r.o
2011-04-17 21:26:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Špidla Data Processing, s.r.o
2011-04-17 21:25:39 ----D---- C:\Program Files\Šachy Grand Master Chess
======List of files/folders modified in the last 1 months======
2011-05-14 23:09:15 ----D---- C:\WINDOWS\Temp
2011-05-14 22:53:09 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-05-14 22:51:56 ----D---- C:\WINDOWS\system32\drivers
2011-05-14 22:31:05 ----D---- C:\WINDOWS\system32
2011-05-14 22:31:04 ----D---- C:\WINDOWS
2011-05-14 21:10:34 ----A---- C:\WINDOWS\MAILTRAN.INI
2011-05-14 20:05:29 ----SHD---- C:\System Volume Information
2011-05-14 01:25:43 ----D---- C:\WINDOWS\system32\CatRoot2
2011-05-14 01:24:09 ----SHD---- C:\WINDOWS\Installer
2011-05-14 01:24:09 ----D---- C:\Config.Msi
2011-05-14 01:24:08 ----D---- C:\WINDOWS\WinSxS
2011-05-14 01:06:42 ----RD---- C:\Downloads
2011-05-13 23:32:24 ----D---- C:\Program Files\VPSS
2011-05-13 18:00:10 ----HD---- C:\WINDOWS\inf
2011-05-13 17:58:11 ----D---- C:\Documents and Settings\laci\Data aplikací\uTorrent
2011-05-13 17:56:43 ----D---- C:\WINDOWS\Debug
2011-05-13 17:56:42 ----D---- C:\WINDOWS\Minidump
2011-05-12 22:33:49 ----A---- C:\WINDOWS\TRNCOM.INI
2011-05-12 18:26:51 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-05-11 01:37:15 ----D---- C:\WINDOWS\system32\CatRoot
2011-05-11 01:10:16 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-05-11 01:10:16 ----D---- C:\Program Files\Internet Explorer
2011-05-11 01:10:12 ----D---- C:\WINDOWS\ie8updates
2011-05-11 01:08:57 ----HD---- C:\WINDOWS\$hf_mig$
2011-05-11 01:07:44 ----D---- C:\WINDOWS\system32\cs-cz
2011-05-11 00:40:16 ----D---- C:\Program Files\Mozilla Thunderbird
2011-05-10 23:49:41 ----D---- C:\Program Files\Mozilla Firefox
2011-05-10 23:46:56 ----RD---- C:\WINDOWS\Web
2011-05-10 23:46:56 ----RD---- C:\Program Files
2011-05-10 23:43:31 ----AC---- C:\WINDOWS\ODBCINST.INI
2011-05-10 23:37:34 ----D---- C:\WINDOWS\system32\ias
2011-05-10 23:37:12 ----ASH---- C:\WINDOWS\fonts\desktop.ini
2011-05-10 22:37:49 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-05-10 22:32:59 ----D---- C:\WINDOWS\Microsoft.NET
2011-05-10 22:27:36 ----A---- C:\WINDOWS\system32\MRT.exe
2011-05-10 22:15:05 ----D---- C:\WINDOWS\system32\XPSViewer
2011-05-10 22:15:04 ----RSD---- C:\WINDOWS\Fonts
2011-05-10 22:13:28 ----RSD---- C:\WINDOWS\assembly
2011-05-10 20:22:54 ----D---- C:\WINDOWS\security
2011-05-10 20:21:33 ----D---- C:\Program Files\Messenger
2011-05-10 20:15:12 ----D---- C:\WINDOWS\system32\inetsrv
2011-05-10 20:15:12 ----D---- C:\WINDOWS\Help
2011-05-10 20:15:06 ----D---- C:\WINDOWS\system32\oobe
2011-05-10 20:13:49 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-05-10 20:13:27 ----D---- C:\WINDOWS\ehome
2011-05-10 14:10:55 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-05-08 18:06:52 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
2011-05-08 18:05:18 ----D---- C:\Program Files\Common Files
2011-05-08 17:24:12 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-05-08 17:19:04 ----SD---- C:\WINDOWS\Tasks
2011-05-08 17:04:34 ----D---- C:\Documents and Settings\laci\Data aplikací\Orbit
2011-05-08 15:22:32 ----A---- C:\WINDOWS\system.ini
2011-05-08 15:13:07 ----D---- C:\WINDOWS\AppPatch
2011-05-08 14:28:17 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_1$
2011-05-08 10:50:29 ----D---- C:\VueScan
2011-05-08 10:34:37 ----D---- C:\Program Files\Bob Came in Pieces
2011-05-08 10:32:14 ----D---- C:\Program Files\Pat & Mat
2011-05-06 20:33:48 ----D---- C:\Program Files\Unlocker
2011-05-06 17:37:59 ----D---- C:\WINDOWS\pss
2011-05-06 17:37:07 ----D---- C:\Documents and Settings\laci\Data aplikací\Winamp
2011-05-06 17:37:06 ----D---- C:\Documents and Settings\laci\Data aplikací\Media Player Classic
2011-05-05 21:39:10 ----D---- C:\WINDOWS\system32\drivers\etc
2011-05-05 21:36:46 ----D---- C:\WINDOWS\system32\config
2011-05-05 20:28:56 ----D---- C:\Program Files\7 Lands
2011-05-05 20:00:31 ----D---- C:\Documents and Settings\laci\Data aplikací\dvdcss
2011-05-05 20:00:30 ----D---- C:\Program Files\DU Meter
2011-05-04 21:34:22 ----A---- C:\WINDOWS\system32\svchost.exe
2011-05-04 18:38:24 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2011-05-03 21:40:48 ----D---- C:\Documents and Settings\laci\Data aplikací\Vso
2011-04-23 14:41:59 ----D---- C:\Program Files\Microsoft Silverlight
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-06-10 45648]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-05-10 30808]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2006-10-19 12664]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-05-10 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-05-10 441176]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-05-10 307928]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-05-10 49240]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-01-20 33292]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-12-24 5632]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 acedrv11;acedrv11; \??\C:\WINDOWS\system32\drivers\acedrv11.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-05-10 19544]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-05-10 102616]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2007-12-31 278728]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2007-12-31 25416]
R2 regi;regi; \??\C:\WINDOWS\system32\drivers\regi.sys []
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2006-10-31 35840]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-11-29 2830336]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-05-07 4739072]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-01-17 47360]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2010-11-12 27632]
R3 taphss;Anchorfree HSS Adapter; C:\WINDOWS\system32\DRIVERS\taphss.sys [2009-10-02 32768]
R3 tapvpn;TAP VPN Adapter; C:\WINDOWS\system32\DRIVERS\tapvpn.sys [2008-01-23 27136]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\NSDriver.sys []
S3 Ad-Watch Real-Time Scanner;AW Real-Time Scanner; C:\WINDOWS\system32\drivers\Ad-Watch Real-Time Scanner.sys []
S3 Ad-Watch Registry Filter;Ad-Watch Registry Kernel Filter; \??\C:\WINDOWS\AWRTRD.sys []
S3 AR2425;AzureWave AR5006 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\aw5006.sys [2006-12-18 556832]
S3 Bridge;Most MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 BridgeMP;Miniport mostu MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 DUMeterDrv;Hagel Technologies DU Meter traffic accounting driver; \??\C:\Program Files\DU Meter\DUM_XP32.SYS []
S3 FreshIO;FreshIO; C:\WINDOWS\system32\drivers\FreshIO.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2010-03-09 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2010-03-09 25512]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-10-21 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-12 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-21 21568]
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2008-04-13 22016]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-07-30 18048]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-07-30 23040]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2010-07-26 137600]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 SNTNLUSB;SafeNet USB SuperPro/UltraPro/HardwareKey; C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS [2007-04-27 35328]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2007-05-02 83592]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704]
S3 STIrUsb;SigmaTel USB-IrDA Dongle; C:\WINDOWS\system32\DRIVERS\irstusb.sys [2001-08-17 26624]
S3 StMp3Rec;Player Recovery Device Control Driver; C:\WINDOWS\System32\Drivers\StMp3Rec.sys [2005-08-16 38422]
S3 tap0901;TAP-Win32 Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2009-07-22 28592]
S3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-07-30 8192]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-07-30 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-11-29 430080]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-05-10 42184]
R2 DUMeterSvc;DU Meter Service; C:\Program Files\DU Meter\DUMeterSvc.exe [2011-05-04 1412488]
R2 HotspotShieldService;Hotspot Shield Service; C:\Program Files\Hotspot Shield\bin\openvpnas.exe [2009-11-18 224816]
R2 HssSrv;Hotspot Shield Helper Service; C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe [2009-11-12 331824]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2011-05-04 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-02-02 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2011-05-08 496128]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2011-05-04 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-11-28 520192]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 HssTrayService;Hotspot Shield Tray Service; C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE [2009-11-18 57640]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Logfile of random's system information tool 1.08 (written by random/random)
Run by laci at 2011-05-14 23:14:01
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 23 GB (10%) free of 238 GB
Total RAM: 1023 MB (32% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:14:16, on 14. 5. 2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\DUMETE~1\DUMeter.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\DU Meter\DUMeterSvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\laci\Dokumenty\Preberanie\RSIT.exe
C:\Program Files\trend micro\laci.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/webhp?hl=sk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\PROGRA~1\FlashGet\getflash.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open Link Target in Firefox - file://C:\Documents and Settings\laci\Data aplikací\Mozilla\Firefox\Profiles\gbjgda6e.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewlink.html
O8 - Extra context menu item: Otvorit tento odkaz vo Firefoxe - file://C:\Documents and Settings\laci\Data aplikací\Mozilla\Firefox\Profiles\u3rc1elu.LACIprofil\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewlink.html
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O8 - Extra context menu item: Stáhnout pomocí FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: Stáhnout vše pomocí FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: View This Page in Firefox - file://C:\Documents and Settings\laci\Data aplikací\Mozilla\Firefox\Profiles\gbjgda6e.default\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewpage.html
O8 - Extra context menu item: Zobrazit túto stránku vo Firefoxe - file://C:\Documents and Settings\laci\Data aplikací\Mozilla\Firefox\Profiles\u3rc1elu.LACIprofil\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewpage.html
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Righteous%20Kill/Images/stg_drm.ocx
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd. - C:\Program Files\DU Meter\DUMeterSvc.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Helper Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
--
End of file - 10504 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2011-03-30 520192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
IeCatch5 Class - C:\PROGRA~1\FlashGet\jccatch.dll [2006-05-16 81920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-03 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-02-03 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
gFlash Class - C:\PROGRA~1\FlashGet\getflash.dll [2006-09-12 126976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2011-03-30 520192]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} - FlashGet Bar - C:\PROGRA~1\FlashGet\fgiebar.dll [2005-06-07 86016]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-05-07 16862208]
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-05-10 3459712]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2011-05-08 2216960]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DU Meter"=C:\Program Files\DU Meter\DUMeter.exe [2011-05-04 2942856]
"WEBTRAN"= []
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEXPRESS]
C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE [2011-03-30 26624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2010-07-12 74752]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^laci^Nabídka Start^Programy^Po spuštění^FreeRapid 0.83u1.lnk]
[]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-11-29 90112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\Program Files\DAP\DAP.exe"="C:\Program Files\DAP\DAP.exe:*:Enabled:Download Accelerator Plus (DAP)"
"C:\Program Files\Windows Media Player\wmplayer.exe"="C:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\sdc206\StrongDC.exe"="C:\Program Files\sdc206\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\Microsoft Games\Zoo Tycoon 2\zt.exe"="C:\Program Files\Microsoft Games\Zoo Tycoon 2\zt.exe:*:Enabled:Zoo Tycoon 2 Executable"
"C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Enabled:Veoh Client"
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"="C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player "
"C:\Program Files\Microsoft Games\Age of Empires III\age3x.exe"="C:\Program Files\Microsoft Games\Age of Empires III\age3x.exe:*:Enabled:Age of Empires III - The WarChiefs"
"C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe"="C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe:*:Enabled:Age of Empires III - The Asian Dynasties"
"C:\Program Files\Mozilla Thunderbird\thunderbird.exe"="C:\Program Files\Mozilla Thunderbird\thunderbird.exe:*:Enabled:Mozilla Thunderbird"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2011-05-14 23:14:01 ----D---- C:\rsit
2011-05-11 19:23:47 ----D---- C:\WINDOWS\CSC
2011-05-11 00:14:35 ----RA---- C:\WINDOWS\system32\drivers\SbFw.sys
2011-05-11 00:14:35 ----A---- C:\WINDOWS\system32\drivers\SbFwIm.sys
2011-05-11 00:06:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2011-05-11 00:06:16 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2011-05-11 00:06:00 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2011-05-10 22:25:13 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2011-05-10 22:24:55 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2011-05-10 20:59:09 ----D---- C:\WINDOWS\SxsCaPendDel
2011-05-10 20:40:16 ----D---- C:\WINDOWS\Prefetch
2011-05-10 20:31:01 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2011-05-10 20:29:58 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2011-05-10 20:28:50 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2011-05-10 20:27:48 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2011-05-10 20:26:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2011-05-10 20:25:47 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2011-05-10 20:24:40 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2011-05-10 20:23:39 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2011-05-10 20:22:31 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2011-05-10 20:21:23 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2011-05-10 20:19:51 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2011-05-10 20:15:13 ----N---- C:\WINDOWS\system32\rwnh.dll
2011-05-10 20:15:12 ----N---- C:\WINDOWS\system32\smtpapi.dll
2011-05-10 20:13:50 ----A---- C:\WINDOWS\000001_.tmp
2011-05-10 18:10:51 ----D---- C:\Program Files\Yamicsoft
2011-05-08 19:26:40 ----A---- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2011-05-08 19:26:39 ----D---- C:\Documents and Settings\laci\Data aplikací\Spyware Terminator
2011-05-08 19:26:32 ----D---- C:\Program Files\Spyware Terminator
2011-05-08 19:26:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2011-05-08 18:38:59 ----D---- C:\Program Files\Lavalys
2011-05-08 17:31:42 ----D---- C:\Documents and Settings\laci\Data aplikací\TMAgency
2011-05-08 17:15:26 ----SHD---- C:\RECYCLER
2011-05-07 18:47:13 ----D---- C:\Documents and Settings\laci\Data aplikací\Malwarebytes
2011-05-07 18:46:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-05-07 18:46:44 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-05-06 17:28:20 ----D---- C:\Program Files\CCleaner
2011-05-05 22:17:08 ----D---- C:\Program Files\trend micro
2011-05-03 18:12:32 ----D---- C:\Documents and Settings\laci\Data aplikací\Super-Cow
2011-04-23 00:06:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
2011-04-23 00:06:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2506223$
2011-04-23 00:02:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2412687$
2011-04-22 23:55:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2508272$
2011-04-22 23:54:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2503658$
2011-04-22 23:52:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2507618$
2011-04-22 23:51:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2011-04-22 23:51:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2511455$
2011-04-22 23:49:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2011-04-22 23:36:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2011-04-17 21:26:18 ----D---- C:\Documents and Settings\laci\Data aplikací\Špidla Data Processing, s.r.o
2011-04-17 21:26:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Špidla Data Processing, s.r.o
2011-04-17 21:25:39 ----D---- C:\Program Files\Šachy Grand Master Chess
======List of files/folders modified in the last 1 months======
2011-05-14 23:09:15 ----D---- C:\WINDOWS\Temp
2011-05-14 22:53:09 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-05-14 22:51:56 ----D---- C:\WINDOWS\system32\drivers
2011-05-14 22:31:05 ----D---- C:\WINDOWS\system32
2011-05-14 22:31:04 ----D---- C:\WINDOWS
2011-05-14 21:10:34 ----A---- C:\WINDOWS\MAILTRAN.INI
2011-05-14 20:05:29 ----SHD---- C:\System Volume Information
2011-05-14 01:25:43 ----D---- C:\WINDOWS\system32\CatRoot2
2011-05-14 01:24:09 ----SHD---- C:\WINDOWS\Installer
2011-05-14 01:24:09 ----D---- C:\Config.Msi
2011-05-14 01:24:08 ----D---- C:\WINDOWS\WinSxS
2011-05-14 01:06:42 ----RD---- C:\Downloads
2011-05-13 23:32:24 ----D---- C:\Program Files\VPSS
2011-05-13 18:00:10 ----HD---- C:\WINDOWS\inf
2011-05-13 17:58:11 ----D---- C:\Documents and Settings\laci\Data aplikací\uTorrent
2011-05-13 17:56:43 ----D---- C:\WINDOWS\Debug
2011-05-13 17:56:42 ----D---- C:\WINDOWS\Minidump
2011-05-12 22:33:49 ----A---- C:\WINDOWS\TRNCOM.INI
2011-05-12 18:26:51 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-05-11 01:37:15 ----D---- C:\WINDOWS\system32\CatRoot
2011-05-11 01:10:16 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-05-11 01:10:16 ----D---- C:\Program Files\Internet Explorer
2011-05-11 01:10:12 ----D---- C:\WINDOWS\ie8updates
2011-05-11 01:08:57 ----HD---- C:\WINDOWS\$hf_mig$
2011-05-11 01:07:44 ----D---- C:\WINDOWS\system32\cs-cz
2011-05-11 00:40:16 ----D---- C:\Program Files\Mozilla Thunderbird
2011-05-10 23:49:41 ----D---- C:\Program Files\Mozilla Firefox
2011-05-10 23:46:56 ----RD---- C:\WINDOWS\Web
2011-05-10 23:46:56 ----RD---- C:\Program Files
2011-05-10 23:43:31 ----AC---- C:\WINDOWS\ODBCINST.INI
2011-05-10 23:37:34 ----D---- C:\WINDOWS\system32\ias
2011-05-10 23:37:12 ----ASH---- C:\WINDOWS\fonts\desktop.ini
2011-05-10 22:37:49 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-05-10 22:32:59 ----D---- C:\WINDOWS\Microsoft.NET
2011-05-10 22:27:36 ----A---- C:\WINDOWS\system32\MRT.exe
2011-05-10 22:15:05 ----D---- C:\WINDOWS\system32\XPSViewer
2011-05-10 22:15:04 ----RSD---- C:\WINDOWS\Fonts
2011-05-10 22:13:28 ----RSD---- C:\WINDOWS\assembly
2011-05-10 20:22:54 ----D---- C:\WINDOWS\security
2011-05-10 20:21:33 ----D---- C:\Program Files\Messenger
2011-05-10 20:15:12 ----D---- C:\WINDOWS\system32\inetsrv
2011-05-10 20:15:12 ----D---- C:\WINDOWS\Help
2011-05-10 20:15:06 ----D---- C:\WINDOWS\system32\oobe
2011-05-10 20:13:49 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-05-10 20:13:27 ----D---- C:\WINDOWS\ehome
2011-05-10 14:10:55 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-05-08 18:06:52 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
2011-05-08 18:05:18 ----D---- C:\Program Files\Common Files
2011-05-08 17:24:12 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-05-08 17:19:04 ----SD---- C:\WINDOWS\Tasks
2011-05-08 17:04:34 ----D---- C:\Documents and Settings\laci\Data aplikací\Orbit
2011-05-08 15:22:32 ----A---- C:\WINDOWS\system.ini
2011-05-08 15:13:07 ----D---- C:\WINDOWS\AppPatch
2011-05-08 14:28:17 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_1$
2011-05-08 10:50:29 ----D---- C:\VueScan
2011-05-08 10:34:37 ----D---- C:\Program Files\Bob Came in Pieces
2011-05-08 10:32:14 ----D---- C:\Program Files\Pat & Mat
2011-05-06 20:33:48 ----D---- C:\Program Files\Unlocker
2011-05-06 17:37:59 ----D---- C:\WINDOWS\pss
2011-05-06 17:37:07 ----D---- C:\Documents and Settings\laci\Data aplikací\Winamp
2011-05-06 17:37:06 ----D---- C:\Documents and Settings\laci\Data aplikací\Media Player Classic
2011-05-05 21:39:10 ----D---- C:\WINDOWS\system32\drivers\etc
2011-05-05 21:36:46 ----D---- C:\WINDOWS\system32\config
2011-05-05 20:28:56 ----D---- C:\Program Files\7 Lands
2011-05-05 20:00:31 ----D---- C:\Documents and Settings\laci\Data aplikací\dvdcss
2011-05-05 20:00:30 ----D---- C:\Program Files\DU Meter
2011-05-04 21:34:22 ----A---- C:\WINDOWS\system32\svchost.exe
2011-05-04 18:38:24 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2011-05-03 21:40:48 ----D---- C:\Documents and Settings\laci\Data aplikací\Vso
2011-04-23 14:41:59 ----D---- C:\Program Files\Microsoft Silverlight
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-06-10 45648]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-05-10 30808]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2006-10-19 12664]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-05-10 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-05-10 441176]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-05-10 307928]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-05-10 49240]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-01-20 33292]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-12-24 5632]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 acedrv11;acedrv11; \??\C:\WINDOWS\system32\drivers\acedrv11.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-05-10 19544]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-05-10 102616]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2007-12-31 278728]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2007-12-31 25416]
R2 regi;regi; \??\C:\WINDOWS\system32\drivers\regi.sys []
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2006-10-31 35840]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-11-29 2830336]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-05-07 4739072]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-01-17 47360]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2010-11-12 27632]
R3 taphss;Anchorfree HSS Adapter; C:\WINDOWS\system32\DRIVERS\taphss.sys [2009-10-02 32768]
R3 tapvpn;TAP VPN Adapter; C:\WINDOWS\system32\DRIVERS\tapvpn.sys [2008-01-23 27136]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\NSDriver.sys []
S3 Ad-Watch Real-Time Scanner;AW Real-Time Scanner; C:\WINDOWS\system32\drivers\Ad-Watch Real-Time Scanner.sys []
S3 Ad-Watch Registry Filter;Ad-Watch Registry Kernel Filter; \??\C:\WINDOWS\AWRTRD.sys []
S3 AR2425;AzureWave AR5006 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\aw5006.sys [2006-12-18 556832]
S3 Bridge;Most MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 BridgeMP;Miniport mostu MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 DUMeterDrv;Hagel Technologies DU Meter traffic accounting driver; \??\C:\Program Files\DU Meter\DUM_XP32.SYS []
S3 FreshIO;FreshIO; C:\WINDOWS\system32\drivers\FreshIO.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2010-03-09 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2010-03-09 25512]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-10-21 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-12 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-21 21568]
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2008-04-13 22016]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-07-30 18048]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-07-30 23040]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2010-07-26 137600]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 SNTNLUSB;SafeNet USB SuperPro/UltraPro/HardwareKey; C:\WINDOWS\system32\DRIVERS\SNTNLUSB.SYS [2007-04-27 35328]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2007-05-02 83592]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704]
S3 STIrUsb;SigmaTel USB-IrDA Dongle; C:\WINDOWS\system32\DRIVERS\irstusb.sys [2001-08-17 26624]
S3 StMp3Rec;Player Recovery Device Control Driver; C:\WINDOWS\System32\Drivers\StMp3Rec.sys [2005-08-16 38422]
S3 tap0901;TAP-Win32 Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2009-07-22 28592]
S3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-07-30 8192]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-07-30 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-11-29 430080]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-05-10 42184]
R2 DUMeterSvc;DU Meter Service; C:\Program Files\DU Meter\DUMeterSvc.exe [2011-05-04 1412488]
R2 HotspotShieldService;Hotspot Shield Service; C:\Program Files\Hotspot Shield\bin\openvpnas.exe [2009-11-18 224816]
R2 HssSrv;Hotspot Shield Helper Service; C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe [2009-11-12 331824]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2011-05-04 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-02-02 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2011-05-08 496128]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2011-05-04 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-11-28 520192]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 HssTrayService;Hotspot Shield Tray Service; C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE [2009-11-18 57640]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Re: Prosím o pomoc
Otevřete si Poznámkový blok a zkopírujte do něj text Kód: Vybrat vše
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^laci^Nabídka Start^Programy^Po spuštění^FreeRapid 0.83u1.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WEBTRAN"=-
klikněte na uložit, pak na soubor standardně 2X klikněte a potvrďte dialogové okno.
Pokud nejsou problémy,je to vše.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Prosím o pomoc
Ďakujem tomuto fóru a najmä "motji" za pomoc a trpezlivosť s riešením môjho problému.
Hľadám spôsob
,ako prispieť na chod tohoto fóra a tak pomôcť tejto skupinke nadšencov v ich práci.
Ešte raz dakujem
Hľadám spôsob
,ako prispieť na chod tohoto fóra a tak pomôcť tejto skupinke nadšencov v ich práci.Ešte raz dakujem
Re: Prosím o pomoc
I za kolegy není zač .
Pokud chcete podpořit forum, v podpise mám odkaz. Děkujeme .
Hezký den.
.Pokud chcete podpořit forum, v podpise mám odkaz. Děkujeme
.Hezký den.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Přispějete na provoz fóra?