takže nainstaloval som, po instalovani som len otvoril ten program, a po chvíli hned na mna modra obrazovky vyskočila z textom:
A problem has been detected and windows has been shut down to prevent damage to your computer.
DRIVER_IRQL_NOT_LESS_OR_EQUAL
text o tom či sa to objavilo prvy krat alebo mame skontrolovat hardware
STOP : 0x000000D1 (0x006B88E4, 0x00000002, 0x00000000, 0xB042B5CC
**LF30XP.sys adress B042B5CC base at B0422000
a v zložke minidump sa vytvoril jeden subor, takže ho uložím a dám sem na neho link.
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Procesor
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
sxewarrior
- Návštěvník
- Příspěvky: 85
- Registrován: 10 lis 2009 13:39
Re: Procesor
To je driver od toho programu 
Ten minidump nechám zkontrolovat kolegou.
Ten program používáte, potřebujete?
Ten minidump nechám zkontrolovat kolegou.
Ten program používáte, potřebujete?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
sxewarrior
- Návštěvník
- Příspěvky: 85
- Registrován: 10 lis 2009 13:39
Re: Procesor
Aha, ok. Tak používal som ho ale nič sa nestane ak ho odstránim, nie je až tak potrebný na používanie.
Re: Procesor
Vydržte, nevím proč při instalaci dělal problém 
, už jsem napsala kolegovi, až se tu ukáže, určitě se na to podívá
Zatím spustte combofix tak a napište jak to vypadá s počítačem
, už jsem napsala kolegovi, až se tu ukáže, určitě se na to podívá Zatím spustte combofix tak a napište jak to vypadá s počítačem
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
sxewarrior
- Návštěvník
- Příspěvky: 85
- Registrován: 10 lis 2009 13:39
Re: Procesor
ComboFix 09-12-29.06 - marek 01.01.2010 23:34:58.6.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.2047.1525 [GMT 1:00]
Running from: c:\documents and settings\marek\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 091226-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Sunbelt Personal Firewall *disabled* {82B1150E-9B37-49FC-83EB-D52197D900D0}
.
((((((((((((((((((((((((( Files Created from 2009-12-01 to 2010-01-01 )))))))))))))))))))))))))))))))
.
2010-01-01 22:31 . 2010-01-01 22:31 -------- d-----w- c:\windows\LastGood
2009-12-26 18:41 . 2009-03-06 14:22 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2009-12-26 18:41 . 2009-02-09 12:10 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2009-12-26 18:41 . 2009-02-09 12:10 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2009-12-26 18:41 . 2009-02-06 11:11 110592 -c----w- c:\windows\system32\dllcache\services.exe
2009-12-26 18:41 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2009-12-26 18:41 . 2009-02-09 12:10 729088 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2009-12-26 18:41 . 2009-02-09 12:10 714752 -c----w- c:\windows\system32\dllcache\ntdll.dll
2009-12-26 18:41 . 2009-02-09 12:10 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2009-12-26 18:41 . 2009-02-09 12:10 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2009-12-26 18:39 . 2009-06-21 21:44 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2009-12-26 18:29 . 2009-12-26 18:29 -------- d-----w- c:\windows\system32\scripting
2009-12-26 18:29 . 2009-12-26 18:29 -------- d-----w- c:\windows\l2schemas
2009-12-26 18:29 . 2009-12-26 18:29 -------- d-----w- c:\windows\system32\en
2009-12-26 18:29 . 2009-12-26 18:29 -------- d-----w- c:\windows\system32\bits
2009-12-26 18:25 . 2009-12-26 18:29 -------- d-----w- c:\windows\ServicePackFiles
2009-12-26 18:22 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-12-26 17:37 . 2008-10-31 06:09 270888 ----a-r- c:\windows\system32\drivers\SbFw.sys
2009-12-26 17:37 . 2008-06-21 03:54 65576 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2009-12-26 17:37 . 2009-12-26 17:37 -------- d-----w- c:\program files\Sunbelt Software
2009-12-24 23:06 . 2009-12-25 01:08 -------- d-----w- c:\documents and settings\marek\DoctorWeb
2009-12-24 22:38 . 2008-05-03 11:55 2560 ------w- c:\windows\system32\xpsp4res.dll
2009-12-24 22:38 . 2008-04-21 12:08 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe
2009-12-11 09:16 . 2009-12-11 09:16 -------- d-----w- c:\documents and settings\marek\Local Settings\Application Data\GHISLER
2009-12-10 21:41 . 2009-12-10 21:41 -------- d-----w- c:\program files\totalcmd7,5
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-01 21:52 . 2008-06-25 12:01 -------- d-----w- c:\program files\Everstrike Software
2010-01-01 21:00 . 2010-01-01 21:00 -------- d-----w- c:\program files\VS Revo Group
2009-12-26 18:57 . 2008-05-17 11:26 829168 ----a-w- c:\documents and settings\marek\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-26 18:33 . 2008-05-17 11:02 5938 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2009-12-26 18:32 . 2008-05-17 11:02 166455 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-12-25 21:56 . 2009-11-10 14:40 -------- d-----w- c:\program files\trend micro
2009-12-23 19:33 . 2008-09-01 08:13 -------- d-----w- c:\program files\DNA
2009-12-22 17:15 . 2009-11-10 19:59 -------- d-----w- c:\program files\MyDefrag v4.2.5
2009-12-22 00:03 . 2009-12-22 00:03 16 ----a-w- c:\documents and settings\NetworkService\Application Data\fvgqad.dat
2009-12-11 10:33 . 2009-11-09 16:35 -------- d-----w- c:\documents and settings\marek\Application Data\Web Page Maker
2009-12-11 10:24 . 2008-07-28 13:55 -------- d-----w- c:\program files\Non Steam
2009-12-11 09:43 . 2008-10-03 13:55 -------- d-----w- c:\program files\Graffiti Studio 2.0
2009-11-26 17:59 . 2009-02-17 14:08 -------- d-----w- c:\program files\Vstplugins
2009-11-24 23:54 . 2008-05-17 11:32 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2008-05-17 11:32 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:50 . 2008-05-17 11:32 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-11-24 23:50 . 2008-05-17 11:48 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2008-05-17 11:48 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2008-05-17 11:32 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2008-05-17 11:32 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2008-05-17 11:32 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2008-05-17 11:32 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-17 08:59 . 2009-05-05 12:17 -------- d-----w- c:\program files\Elaborate Bytes
2009-11-15 10:18 . 2009-11-15 10:16 -------- d-----w- c:\program files\Common Files\Macromedia
2009-11-15 10:16 . 2009-11-15 10:16 -------- d-----w- c:\program files\Macromedia
2009-11-10 20:32 . 2009-11-10 20:32 117760 ----a-w- c:\documents and settings\marek\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-11-10 20:28 . 2009-11-10 20:28 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-11-10 20:28 . 2009-11-10 20:28 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-11-10 20:28 . 2009-11-10 20:28 -------- d-----w- c:\documents and settings\marek\Application Data\SUPERAntiSpyware.com
2009-11-10 20:27 . 2009-11-10 20:27 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-11-10 19:27 . 2009-11-10 19:27 -------- d-----w- c:\program files\CCleaner
2009-11-10 19:07 . 2009-11-10 17:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-10 17:03 . 2009-11-10 17:03 -------- d-----w- c:\documents and settings\marek\Application Data\Malwarebytes
2009-11-10 17:03 . 2009-11-10 17:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-11-10 16:15 . 2009-02-02 14:36 -------- d-----w- c:\documents and settings\marek\Application Data\U3
2009-11-10 15:18 . 2008-12-08 21:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-11-09 16:35 . 2009-11-09 16:35 -------- d-----w- c:\program files\Web Page Maker
2009-11-09 16:30 . 2009-11-09 16:28 -------- d-----w- c:\program files\wamp
2009-11-07 08:55 . 2009-11-06 11:46 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-11-05 21:56 . 2009-09-07 11:47 -------- d-----w- c:\program files\QIP8095
2009-11-03 21:20 . 2009-11-03 21:19 -------- d-----w- c:\program files\VDOWNLOADER
2009-10-31 07:31 . 2009-11-10 19:59 926720 ----a-w- c:\windows\system32\MyDefragScreenSaver.exe
2009-10-28 08:58 . 2009-11-10 19:59 93696 ----a-w- c:\windows\system32\MyDefragScreenSaver.scr
2009-10-25 08:07 . 2009-10-25 08:07 483 ----a-w- c:\windows\eReg.dat
2009-10-24 09:59 . 2009-10-24 09:59 293 ----a-w- c:\windows\EReg072.dat
2009-10-13 10:30 . 2004-08-03 23:56 270336 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:38 . 2004-08-03 23:56 149504 ----a-w- c:\windows\system32\rastls.dll
2009-10-12 13:38 . 2004-08-03 23:56 79872 ----a-w- c:\windows\system32\raschap.dll
2003-03-02 00:57 . 2003-03-02 00:57 21019 ----a-w- c:\program files\uninstallBFL
2009-01-27 01:34 . 2009-01-27 01:34 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-01-27 01:34 . 2009-01-27 01:34 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-01-27 01:34 . 2009-01-27 01:34 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-01-27 01:34 . 2009-01-27 01:34 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files\valve\steam\steam.exe" [2009-10-24 1217808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"SoundMan"="SOUNDMAN.EXE" [2006-08-03 577536]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-02-07 71216]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-02-07 54832]
"MimBoot"="c:\progra~1\MUSICM~1\MUSICM~1\mimboot.exe" [2005-05-10 11776]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2007-05-14 35328]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\marek\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 14:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\trojanskinhead69\\condition zero\\hl.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\trojanskinhead69\\counter-strike\\hl.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\trojanskinhead69\\condition zero deleted scenes\\hl.exe"=
"c:\\Program Files\\Non Steam\\hl.exe"=
"c:\\Program Files\\Non Steam\\hlds.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"c:\\Program Files\\Non Steam\\hltv.exe"=
"c:\\Program Files\\xampp\\apache\\bin\\apache.exe"=
"c:\\Program Files\\Miranda IM\\miranda32.exe"=
"c:\\Program Files\\QIP8080\\qip.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\trojanskinhead69\\day of defeat\\hl.exe"=
"c:\\Program Files\\QIP8082\\qip.exe"=
"c:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Program Files\\QIP8092\\qip.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\QIP8095\\qip.exe"=
"c:\\Program Files\\EA GAMES\\Need for Speed Underground 2\\speed2.exe"=
"c:\\Program Files\\QIP8095\\QIP\\qip.exe"=
"c:\\Program Files\\totalcmd7,5\\TOTALCMD.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [17.5.2008 12:48 114768]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [12.10.2009 21:24 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12.10.2009 21:24 74480]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [26.12.2009 18:37 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [21.6.2008 4:54 66600]
R2 acedrv10;acedrv10;c:\windows\system32\drivers\ACEDRV10.sys [24.7.2007 8:45 328824]
R2 acehlp10;acehlp10;c:\windows\system32\drivers\acehlp10.sys [11.7.2007 9:20 201848]
R2 Apache2.2;Apache2.2;c:\program files\xampp\apache\bin\apache.exe [14.6.2008 18:02 17408]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [17.5.2008 12:48 20560]
R2 LF30FS;LF30FS;c:\program files\Everstrike Software\Lock Folder XP 3.5\LF30XP.sys [19.11.2004 17:07 101488]
R2 SbPF.Launcher;SbPF.Launcher;c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [31.10.2008 7:24 95528]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [31.10.2008 7:24 1365288]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [26.12.2009 18:37 65576]
S2 XAMPP;XAMPP Service;c:\program files\xampp\service.exe [21.12.2007 3:01 60928]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [12.10.2009 21:24 7408]
S4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]
.
Contents of the 'Scheduled Tasks' folder
2009-12-22 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-06-03 11:42]
.
.
------- Supplementary Scan -------
.
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
Trusted Zone: musicmatch.com\online
TCP: {1C1879CD-9BA0-470B-BC87-E8AC105BE642} = 62.128.126.10,62.168.96.4
TCP: {E3D8BE3F-1CD4-40AF-A411-FABAAB0CD979} = 193.93.72.10,193.93.72.1
FF - ProfilePath - c:\documents and settings\marek\Application Data\Mozilla\Firefox\Profiles\m9fcc630.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-LFAgent - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-01 23:43
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(840)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(548)
c:\program files\ScanSoft\OmniPageSE4.0\OpHookSE4.dll
.
Completion time: 2010-01-01 23:47:36
ComboFix-quarantined-files.txt 2010-01-01 22:47
Pre-Run: 2 011 287 552 bytes free
Post-Run: 2 031 951 872 voľných bajtov
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
- - End Of File - - CE16DD9750D0B58C79772E9A6B178326
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.2047.1525 [GMT 1:00]
Running from: c:\documents and settings\marek\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 091226-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Sunbelt Personal Firewall *disabled* {82B1150E-9B37-49FC-83EB-D52197D900D0}
.
((((((((((((((((((((((((( Files Created from 2009-12-01 to 2010-01-01 )))))))))))))))))))))))))))))))
.
2010-01-01 22:31 . 2010-01-01 22:31 -------- d-----w- c:\windows\LastGood
2009-12-26 18:41 . 2009-03-06 14:22 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2009-12-26 18:41 . 2009-02-09 12:10 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2009-12-26 18:41 . 2009-02-09 12:10 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2009-12-26 18:41 . 2009-02-06 11:11 110592 -c----w- c:\windows\system32\dllcache\services.exe
2009-12-26 18:41 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2009-12-26 18:41 . 2009-02-09 12:10 729088 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2009-12-26 18:41 . 2009-02-09 12:10 714752 -c----w- c:\windows\system32\dllcache\ntdll.dll
2009-12-26 18:41 . 2009-02-09 12:10 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2009-12-26 18:41 . 2009-02-09 12:10 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2009-12-26 18:39 . 2009-06-21 21:44 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2009-12-26 18:29 . 2009-12-26 18:29 -------- d-----w- c:\windows\system32\scripting
2009-12-26 18:29 . 2009-12-26 18:29 -------- d-----w- c:\windows\l2schemas
2009-12-26 18:29 . 2009-12-26 18:29 -------- d-----w- c:\windows\system32\en
2009-12-26 18:29 . 2009-12-26 18:29 -------- d-----w- c:\windows\system32\bits
2009-12-26 18:25 . 2009-12-26 18:29 -------- d-----w- c:\windows\ServicePackFiles
2009-12-26 18:22 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-12-26 17:37 . 2008-10-31 06:09 270888 ----a-r- c:\windows\system32\drivers\SbFw.sys
2009-12-26 17:37 . 2008-06-21 03:54 65576 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2009-12-26 17:37 . 2009-12-26 17:37 -------- d-----w- c:\program files\Sunbelt Software
2009-12-24 23:06 . 2009-12-25 01:08 -------- d-----w- c:\documents and settings\marek\DoctorWeb
2009-12-24 22:38 . 2008-05-03 11:55 2560 ------w- c:\windows\system32\xpsp4res.dll
2009-12-24 22:38 . 2008-04-21 12:08 215552 -c----w- c:\windows\system32\dllcache\wordpad.exe
2009-12-11 09:16 . 2009-12-11 09:16 -------- d-----w- c:\documents and settings\marek\Local Settings\Application Data\GHISLER
2009-12-10 21:41 . 2009-12-10 21:41 -------- d-----w- c:\program files\totalcmd7,5
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-01 21:52 . 2008-06-25 12:01 -------- d-----w- c:\program files\Everstrike Software
2010-01-01 21:00 . 2010-01-01 21:00 -------- d-----w- c:\program files\VS Revo Group
2009-12-26 18:57 . 2008-05-17 11:26 829168 ----a-w- c:\documents and settings\marek\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-26 18:33 . 2008-05-17 11:02 5938 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2009-12-26 18:32 . 2008-05-17 11:02 166455 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-12-25 21:56 . 2009-11-10 14:40 -------- d-----w- c:\program files\trend micro
2009-12-23 19:33 . 2008-09-01 08:13 -------- d-----w- c:\program files\DNA
2009-12-22 17:15 . 2009-11-10 19:59 -------- d-----w- c:\program files\MyDefrag v4.2.5
2009-12-22 00:03 . 2009-12-22 00:03 16 ----a-w- c:\documents and settings\NetworkService\Application Data\fvgqad.dat
2009-12-11 10:33 . 2009-11-09 16:35 -------- d-----w- c:\documents and settings\marek\Application Data\Web Page Maker
2009-12-11 10:24 . 2008-07-28 13:55 -------- d-----w- c:\program files\Non Steam
2009-12-11 09:43 . 2008-10-03 13:55 -------- d-----w- c:\program files\Graffiti Studio 2.0
2009-11-26 17:59 . 2009-02-17 14:08 -------- d-----w- c:\program files\Vstplugins
2009-11-24 23:54 . 2008-05-17 11:32 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2008-05-17 11:32 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:50 . 2008-05-17 11:32 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-11-24 23:50 . 2008-05-17 11:48 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2008-05-17 11:48 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2008-05-17 11:32 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2008-05-17 11:32 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2008-05-17 11:32 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2008-05-17 11:32 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-17 08:59 . 2009-05-05 12:17 -------- d-----w- c:\program files\Elaborate Bytes
2009-11-15 10:18 . 2009-11-15 10:16 -------- d-----w- c:\program files\Common Files\Macromedia
2009-11-15 10:16 . 2009-11-15 10:16 -------- d-----w- c:\program files\Macromedia
2009-11-10 20:32 . 2009-11-10 20:32 117760 ----a-w- c:\documents and settings\marek\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-11-10 20:28 . 2009-11-10 20:28 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-11-10 20:28 . 2009-11-10 20:28 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-11-10 20:28 . 2009-11-10 20:28 -------- d-----w- c:\documents and settings\marek\Application Data\SUPERAntiSpyware.com
2009-11-10 20:27 . 2009-11-10 20:27 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-11-10 19:27 . 2009-11-10 19:27 -------- d-----w- c:\program files\CCleaner
2009-11-10 19:07 . 2009-11-10 17:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-10 17:03 . 2009-11-10 17:03 -------- d-----w- c:\documents and settings\marek\Application Data\Malwarebytes
2009-11-10 17:03 . 2009-11-10 17:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-11-10 16:15 . 2009-02-02 14:36 -------- d-----w- c:\documents and settings\marek\Application Data\U3
2009-11-10 15:18 . 2008-12-08 21:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-11-09 16:35 . 2009-11-09 16:35 -------- d-----w- c:\program files\Web Page Maker
2009-11-09 16:30 . 2009-11-09 16:28 -------- d-----w- c:\program files\wamp
2009-11-07 08:55 . 2009-11-06 11:46 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-11-05 21:56 . 2009-09-07 11:47 -------- d-----w- c:\program files\QIP8095
2009-11-03 21:20 . 2009-11-03 21:19 -------- d-----w- c:\program files\VDOWNLOADER
2009-10-31 07:31 . 2009-11-10 19:59 926720 ----a-w- c:\windows\system32\MyDefragScreenSaver.exe
2009-10-28 08:58 . 2009-11-10 19:59 93696 ----a-w- c:\windows\system32\MyDefragScreenSaver.scr
2009-10-25 08:07 . 2009-10-25 08:07 483 ----a-w- c:\windows\eReg.dat
2009-10-24 09:59 . 2009-10-24 09:59 293 ----a-w- c:\windows\EReg072.dat
2009-10-13 10:30 . 2004-08-03 23:56 270336 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:38 . 2004-08-03 23:56 149504 ----a-w- c:\windows\system32\rastls.dll
2009-10-12 13:38 . 2004-08-03 23:56 79872 ----a-w- c:\windows\system32\raschap.dll
2003-03-02 00:57 . 2003-03-02 00:57 21019 ----a-w- c:\program files\uninstallBFL
2009-01-27 01:34 . 2009-01-27 01:34 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-01-27 01:34 . 2009-01-27 01:34 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-01-27 01:34 . 2009-01-27 01:34 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-01-27 01:34 . 2009-01-27 01:34 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files\valve\steam\steam.exe" [2009-10-24 1217808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"SoundMan"="SOUNDMAN.EXE" [2006-08-03 577536]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-02-07 71216]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-02-07 54832]
"MimBoot"="c:\progra~1\MUSICM~1\MUSICM~1\mimboot.exe" [2005-05-10 11776]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2007-05-14 35328]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\marek\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 14:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\trojanskinhead69\\condition zero\\hl.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\trojanskinhead69\\counter-strike\\hl.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\trojanskinhead69\\condition zero deleted scenes\\hl.exe"=
"c:\\Program Files\\Non Steam\\hl.exe"=
"c:\\Program Files\\Non Steam\\hlds.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"c:\\Program Files\\Non Steam\\hltv.exe"=
"c:\\Program Files\\xampp\\apache\\bin\\apache.exe"=
"c:\\Program Files\\Miranda IM\\miranda32.exe"=
"c:\\Program Files\\QIP8080\\qip.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\trojanskinhead69\\day of defeat\\hl.exe"=
"c:\\Program Files\\QIP8082\\qip.exe"=
"c:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Program Files\\QIP8092\\qip.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\QIP8095\\qip.exe"=
"c:\\Program Files\\EA GAMES\\Need for Speed Underground 2\\speed2.exe"=
"c:\\Program Files\\QIP8095\\QIP\\qip.exe"=
"c:\\Program Files\\totalcmd7,5\\TOTALCMD.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [17.5.2008 12:48 114768]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [12.10.2009 21:24 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12.10.2009 21:24 74480]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [26.12.2009 18:37 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [21.6.2008 4:54 66600]
R2 acedrv10;acedrv10;c:\windows\system32\drivers\ACEDRV10.sys [24.7.2007 8:45 328824]
R2 acehlp10;acehlp10;c:\windows\system32\drivers\acehlp10.sys [11.7.2007 9:20 201848]
R2 Apache2.2;Apache2.2;c:\program files\xampp\apache\bin\apache.exe [14.6.2008 18:02 17408]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [17.5.2008 12:48 20560]
R2 LF30FS;LF30FS;c:\program files\Everstrike Software\Lock Folder XP 3.5\LF30XP.sys [19.11.2004 17:07 101488]
R2 SbPF.Launcher;SbPF.Launcher;c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [31.10.2008 7:24 95528]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [31.10.2008 7:24 1365288]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [26.12.2009 18:37 65576]
S2 XAMPP;XAMPP Service;c:\program files\xampp\service.exe [21.12.2007 3:01 60928]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [12.10.2009 21:24 7408]
S4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]
.
Contents of the 'Scheduled Tasks' folder
2009-12-22 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-06-03 11:42]
.
.
------- Supplementary Scan -------
.
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
Trusted Zone: musicmatch.com\online
TCP: {1C1879CD-9BA0-470B-BC87-E8AC105BE642} = 62.128.126.10,62.168.96.4
TCP: {E3D8BE3F-1CD4-40AF-A411-FABAAB0CD979} = 193.93.72.10,193.93.72.1
FF - ProfilePath - c:\documents and settings\marek\Application Data\Mozilla\Firefox\Profiles\m9fcc630.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-LFAgent - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-01 23:43
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(840)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(548)
c:\program files\ScanSoft\OmniPageSE4.0\OpHookSE4.dll
.
Completion time: 2010-01-01 23:47:36
ComboFix-quarantined-files.txt 2010-01-01 22:47
Pre-Run: 2 011 287 552 bytes free
Post-Run: 2 031 951 872 voľných bajtov
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
- - End Of File - - CE16DD9750D0B58C79772E9A6B178326
Re: Procesor
Bohužel ten minidump byl trošku poškozený, ale opravdu tam zlobí ten ovladač od toho programu. Zkoušel jste ten program spustit ještě jednou? Zkuste ho ještě jednou nainstalovat a pokud by stále stále padal do bsod, budete ho muset odinstalovat. Pokud budete mít ještě nějaký minidump, ráda ho uvidím
Jak to ted vypadá s počítačem, změnilo se něco?
Jak to ted vypadá s počítačem, změnilo se něco?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
sxewarrior
- Návštěvník
- Příspěvky: 85
- Registrován: 10 lis 2009 13:39
Re: Procesor
A keď je poškodený treba s tým niečo spraviť? ..Skusil som to znovu odinštalovať a nainštalovať, zatial to nepadlo a nehodilo to Bsod ale budem to sledovať ešte poriadne.
ako si všímam tak pri zapnutí pc sa objavi nachvilu asi na sekundu niečo napísane a je tam na vyber : microsoft windows console, a microsoft windows profesional...o čo ide???
A v C:\ sa vytvorili nejaké dva súbory : cmldr a boot.bak ..súvisí to s niečim?
ako si všímam tak pri zapnutí pc sa objavi nachvilu asi na sekundu niečo napísane a je tam na vyber : microsoft windows console, a microsoft windows profesional...o čo ide???
A v C:\ sa vytvorili nejaké dva súbory : cmldr a boot.bak ..súvisí to s niečim?
Re: Procesor
To co se Vám nainstalovalo a a ty dva soubory patří ke konzoli zotavení. Pokud by se Vám pokazilo pc a nešlo se do něj dostat, dá se udělat oprava přes konzoli . Můžeme jí dát pryč, záleží na Vás.
Pc sledujte, pokud by se zase objevil Bsod, poprosím o minidump.
Pc se ještě seká a zlobí nebo to přeinstalování pomohlo?
. Můžeme jí dát pryč, záleží na Vás.Pc sledujte, pokud by se zase objevil Bsod, poprosím o minidump.
Pc se ještě seká a zlobí nebo to přeinstalování pomohlo?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
sxewarrior
- Návštěvník
- Příspěvky: 85
- Registrován: 10 lis 2009 13:39
Re: Procesor
Aha, nie môžeme to tam nechať, môžno sa to zíde ešte..pri tomto pc človek nikdy nevie..
tak mám pocit že ide normálne, trošku pomaly ale to aj pred chybou šiel, už má nejaký ten rok, ten procesor skáče stále ako sa mu chce pri dákom otvárani programu tak ide do hodnôt 90% ale tak to je asi normálne.. pri tom sledovaní filmu to je stále od 90-100% a seká ten film, taký ťahaný obraz.... budem to sledovať stále a v prípade toho Bsodu sem dám minidump, alebo ak sa objaví chyba napíšem.
tak mám pocit že ide normálne, trošku pomaly ale to aj pred chybou šiel, už má nejaký ten rok, ten procesor skáče stále ako sa mu chce pri dákom otvárani programu tak ide do hodnôt 90% ale tak to je asi normálne.. pri tom sledovaní filmu to je stále od 90-100% a seká ten film, taký ťahaný obraz.... budem to sledovať stále a v prípade toho Bsodu sem dám minidump, alebo ak sa objaví chyba napíšem.
Re: Procesor
Dobře, sledujte ho a dejte vědět .
Odinstalujte combofix přes
Start >> Spustit zkopírujte do okénka:
ComboFix /Uninstall
stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.
Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe
-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir
Stahněte TFC a použijte
TFC (http://oldtimer.geekstogo.com/TFC.exe)
Stáhněte Ccleaner,viz můj podpis
-nainstalujte a vyčištěte dočasné soubory, i registry
Vložte nový log ze RSIT a řekněte co počítač,jak se chová,už je vše v pořádku?
. Odinstalujte combofix přesStart >> Spustit zkopírujte do okénka:
ComboFix /Uninstall
stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.
Stáhněte T-Cleaner http://sweb.cz/Marinus/T-Cleaner.exe
-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir
Stahněte TFC a použijteTFC (http://oldtimer.geekstogo.com/TFC.exe)
Stáhněte Ccleaner,viz můj podpis-nainstalujte a vyčištěte dočasné soubory, i registry
Vložte nový log ze RSIT a řekněte co počítač,jak se chová,už je vše v pořádku?Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
sxewarrior
- Návštěvník
- Příspěvky: 85
- Registrován: 10 lis 2009 13:39
Re: Procesor
Ospravedlnujem sa bol som pracovne vyťažený tak som skôr nemohol..
prikladám nový log z RSIT, no stále mam pocit že to nejde ako by malo, ale má aj nejaký vek ten PC tak možno to bude aj tým už, že to odchádza... pc sa zapne tak aby sa dalo s ním pracovať za nejaké 3-5 minút inak seká atď. Vidím to teraz na zálohu a Reinstall.
Ďakujem za doterajšie rady, pomoc. pár problémov sa vyriešilo.
prikladám nový log z RSIT, no stále mam pocit že to nejde ako by malo, ale má aj nejaký vek ten PC tak možno to bude aj tým už, že to odchádza... pc sa zapne tak aby sa dalo s ním pracovať za nejaké 3-5 minút inak seká atď. Vidím to teraz na zálohu a Reinstall.
Ďakujem za doterajšie rady, pomoc. pár problémov sa vyriešilo.
Re: Procesor
Nevidím log ze Rsitu .
Někdy je reinstal dobré řešení, zvlášt když má systém už několik let .
.Někdy je reinstal dobré řešení, zvlášt když má systém už několik let
.Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
sxewarrior
- Návštěvník
- Příspěvky: 85
- Registrován: 10 lis 2009 13:39
Re: Procesor
Aha pardón, nakoniec som ho zabudol vložiť
Logfile of random's system information tool 1.06 (written by random/random)
Run by marek at 2010-01-14 16:10:34
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 4 GB (5%) free of 78 GB
Total RAM: 2047 MB (78% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:11:08, on 14.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\xampp\mysql\bin\mysqld-nt.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\marek\Desktop\RSIT.exe
C:\Program Files\trend micro\marek.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\imapi.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP8095\QIP\qip.exe (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1C1879CD-9BA0-470B-BC87-E8AC105BE642}: NameServer = 62.128.126.10,62.168.96.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{E3D8BE3F-1CD4-40AF-A411-FABAAB0CD979}: NameServer = 193.93.72.10,193.93.72.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{1C1879CD-9BA0-470B-BC87-E8AC105BE642}: NameServer = 62.128.126.10,62.168.96.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{1C1879CD-9BA0-470B-BC87-E8AC105BE642}: NameServer = 62.128.126.10,62.168.96.4
O17 - HKLM\System\CS3\Services\Tcpip\..\{1C1879CD-9BA0-470B-BC87-E8AC105BE642}: NameServer = 62.128.126.10,62.168.96.4
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apache2.2 - Apache Software Foundation - C:\Program Files\xampp\apache\bin\apache.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: mysql - Unknown owner - C:\Program Files\xampp\mysql\bin\mysqld-nt.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: wampapache - Apache Software Foundation - C:\Program Files\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - C:\Program Files\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe
O23 - Service: XAMPP Service (XAMPP) - Unknown owner - C:\Program Files\xampp\service.exe
--
End of file - 8321 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-06-09 34304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2006-06-09 552960]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-08-03 577536]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-09-28 185896]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-10-11 75304]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-02-07 71216]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-02-07 54832]
"MimBoot"=C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe [2005-05-10 11776]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2007-05-14 35328]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
"LFAgent"= []
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=c:\program files\valve\steam\steam.exe [2009-10-24 1217808]
C:\Documents and Settings\marek\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Valve\Steam\SteamApps\trojanskinhead69\condition zero\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\trojanskinhead69\condition zero\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Valve\Steam\SteamApps\trojanskinhead69\counter-strike\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\trojanskinhead69\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Valve\Steam\SteamApps\trojanskinhead69\condition zero deleted scenes\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\trojanskinhead69\condition zero deleted scenes\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Non Steam\hl.exe"="C:\Program Files\Non Steam\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Non Steam\hlds.exe"="C:\Program Files\Non Steam\hlds.exe:*:Enabled:HLDS Launcher"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"
"C:\Program Files\Non Steam\hltv.exe"="C:\Program Files\Non Steam\hltv.exe:*:Enabled:HLTV Launcher"
"C:\Program Files\xampp\apache\bin\apache.exe"="C:\Program Files\xampp\apache\bin\apache.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\QIP8080\qip.exe"="C:\Program Files\QIP8080\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Valve\Steam\SteamApps\trojanskinhead69\day of defeat\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\trojanskinhead69\day of defeat\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\QIP8082\qip.exe"="C:\Program Files\QIP8082\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\TeamViewer\Version4\TeamViewer.exe"="C:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"C:\Program Files\QIP8092\qip.exe"="C:\Program Files\QIP8092\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\QIP8095\qip.exe"="C:\Program Files\QIP8095\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe"="C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe:*:Enabled:speed2"
"C:\Program Files\QIP8095\QIP\qip.exe"="C:\Program Files\QIP8095\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\totalcmd7,5\TOTALCMD.EXE"="C:\Program Files\totalcmd7,5\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======File associations======
.js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"
======List of files/folders created in the last 1 months======
2010-01-14 16:10:34 ----D---- C:\rsit
2010-01-14 16:06:29 ----SHD---- C:\RECYCLER
2010-01-02 12:52:39 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-01-02 12:52:17 ----HDC---- C:\WINDOWS\$NtUninstallKB976325$
2010-01-02 12:52:03 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-01-02 12:51:54 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-01-02 12:51:36 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-01-01 23:31:45 ----A---- C:\Boot.bak
2010-01-01 23:31:36 ----RASHD---- C:\cmdcons
2010-01-01 22:00:43 ----D---- C:\Program Files\VS Revo Group
2009-12-28 11:44:37 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2009-12-27 16:17:12 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-12-27 16:17:01 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-12-27 16:16:50 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-12-27 16:16:39 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-12-27 16:16:31 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-27 16:16:17 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-12-27 16:16:02 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
2009-12-27 16:15:50 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-12-27 16:15:40 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-12-27 16:15:29 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-12-27 16:15:17 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-12-27 16:14:56 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-12-27 16:14:39 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-12-27 16:14:28 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-12-27 16:14:16 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-12-27 16:14:04 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-12-27 16:13:48 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-12-27 16:13:34 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-12-27 16:13:16 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-12-27 16:04:01 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2009-12-27 16:03:49 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-12-27 16:03:41 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-12-27 16:03:30 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-27 16:03:18 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-12-27 15:54:54 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-27 15:53:15 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-12-27 15:52:47 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-12-27 15:52:35 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-12-27 15:52:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-12-27 15:52:16 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-12-27 15:51:54 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-12-27 15:51:08 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-12-26 19:55:45 ----A---- C:\WINDOWS\OEWABLog.txt
2009-12-26 19:50:05 ----D---- C:\WINDOWS\Prefetch
2009-12-26 19:39:03 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-12-26 19:38:50 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-12-26 19:38:33 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2009-12-26 19:38:17 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2009-12-26 19:38:06 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-12-26 19:37:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2009-12-26 19:37:34 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-12-26 19:37:22 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2009-12-26 19:37:07 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$
2009-12-26 19:36:55 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-12-26 19:36:43 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-12-26 19:36:30 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-12-26 19:36:19 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2009-12-26 19:36:07 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-12-26 19:35:56 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2009-12-26 19:35:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-12-26 19:35:25 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-12-26 19:35:13 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-12-26 19:34:59 ----HDC---- C:\WINDOWS\$NtUninstallKB950759$
2009-12-26 19:34:47 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-12-26 19:34:37 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2009-12-26 19:34:24 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-12-26 19:31:11 ----A---- C:\WINDOWS\setuplog.txt
2009-12-26 19:29:06 ----D---- C:\WINDOWS\system32\scripting
2009-12-26 19:29:06 ----D---- C:\WINDOWS\system32\en-us
2009-12-26 19:29:05 ----D---- C:\WINDOWS\l2schemas
2009-12-26 19:29:04 ----D---- C:\WINDOWS\system32\en
2009-12-26 19:29:03 ----D---- C:\WINDOWS\system32\bits
2009-12-26 19:25:31 ----D---- C:\WINDOWS\ServicePackFiles
2009-12-26 19:21:22 ----D---- C:\WINDOWS\network diagnostic
2009-12-26 19:19:17 ----A---- C:\WINDOWS\imsins.BAK
2009-12-26 19:15:03 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-12-26 18:37:49 ----D---- C:\Program Files\Sunbelt Software
2009-12-25 19:12:33 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2009-12-25 03:05:17 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$
2009-12-24 23:38:47 ----N---- C:\WINDOWS\system32\xpsp4res.dll
2009-12-22 12:36:23 ----A---- C:\WINDOWS\SchedLgU.Txt
======List of files/folders modified in the last 1 months======
2010-01-14 16:11:08 ----D---- C:\WINDOWS\Temp
2010-01-14 16:11:04 ----D---- C:\WINDOWS
2010-01-14 16:10:38 ----D---- C:\Program Files\trend micro
2010-01-14 16:09:36 ----SHD---- C:\System Volume Information
2010-01-14 16:09:36 ----D---- C:\WINDOWS\system32\Restore
2010-01-14 16:06:29 ----D---- C:\WINDOWS\system32
2010-01-14 16:06:25 ----HD---- C:\WINDOWS\inf
2010-01-14 16:06:23 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-14 16:06:23 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-14 16:05:35 ----D---- C:\WINDOWS\Minidump
2010-01-14 15:57:42 ----D---- C:\Program Files\Mozilla Firefox
2010-01-02 12:56:42 ----D---- C:\Program Files\Everstrike Software
2010-01-02 12:52:28 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-02 12:51:38 ----D---- C:\WINDOWS\system32\drivers
2010-01-01 23:43:28 ----A---- C:\WINDOWS\system.ini
2010-01-01 23:39:27 ----D---- C:\WINDOWS\AppPatch
2010-01-01 23:39:22 ----D---- C:\Program Files\Common Files
2010-01-01 23:31:45 ----RASH---- C:\boot.ini
2010-01-01 22:00:43 ----RD---- C:\Program Files
2009-12-28 00:43:05 ----A---- C:\WINDOWS\NeroDigital.ini
2009-12-27 23:37:13 ----RSD---- C:\WINDOWS\assembly
2009-12-27 23:33:44 ----D---- C:\WINDOWS\Microsoft.NET
2009-12-27 23:17:55 ----D---- C:\WINDOWS\Debug
2009-12-27 23:14:55 ----D---- C:\WINDOWS\system32\wbem
2009-12-27 16:16:51 ----D---- C:\WINDOWS\WinSxS
2009-12-27 16:14:52 ----D---- C:\WINDOWS\system32\CatRoot
2009-12-27 16:03:43 ----D---- C:\Program Files\Outlook Express
2009-12-27 16:02:46 ----SHD---- C:\WINDOWS\Installer
2009-12-27 16:02:46 ----D---- C:\Config.Msi
2009-12-26 19:49:11 ----D---- C:\WINDOWS\system32\Setup
2009-12-26 19:49:09 ----RSD---- C:\WINDOWS\Fonts
2009-12-26 19:40:10 ----D---- C:\WINDOWS\security
2009-12-26 19:34:49 ----D---- C:\Program Files\Messenger
2009-12-26 19:29:48 ----D---- C:\Program Files\Windows Media Player
2009-12-26 19:29:20 ----D---- C:\WINDOWS\system32\inetsrv
2009-12-26 19:29:20 ----D---- C:\WINDOWS\ime
2009-12-26 19:29:20 ----D---- C:\WINDOWS\Help
2009-12-26 19:29:06 ----D---- C:\WINDOWS\system32\usmt
2009-12-26 19:29:05 ----D---- C:\Program Files\Internet Explorer
2009-12-26 19:29:03 ----D---- C:\WINDOWS\PeerNet
2009-12-26 19:29:03 ----D---- C:\Program Files\Movie Maker
2009-12-26 19:25:12 ----D---- C:\WINDOWS\system32\npp
2009-12-26 19:25:11 ----D---- C:\WINDOWS\mui
2009-12-26 19:25:09 ----D---- C:\WINDOWS\msagent
2009-12-26 19:25:05 ----D---- C:\WINDOWS\srchasst
2009-12-26 19:25:03 ----D---- C:\Program Files\NetMeeting
2009-12-26 19:25:00 ----D---- C:\WINDOWS\system32\Com
2009-12-26 19:24:51 ----D---- C:\Program Files\Windows NT
2009-12-26 19:24:44 ----D---- C:\Program Files\Common Files\System
2009-12-26 19:24:01 ----D---- C:\WINDOWS\system32\oobe
2009-12-26 19:23:58 ----D---- C:\WINDOWS\system
2009-12-26 19:19:11 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-12-26 19:15:01 ----D---- C:\WINDOWS\ehome
2009-12-25 23:07:47 ----A---- C:\WINDOWS\wincmd.ini
2009-12-23 20:33:00 ----D---- C:\Program Files\DNA
2009-12-23 20:22:50 ----D---- C:\WINDOWS\system32\config
2009-12-23 12:30:54 ----SD---- C:\WINDOWS\Tasks
2009-12-22 18:15:22 ----D---- C:\Program Files\MyDefrag v4.2.5
2009-12-17 17:53:05 ----A---- C:\WINDOWS\wcx_ftp.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-13 37760]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl []
R2 acedrv10;acedrv10; \??\C:\WINDOWS\system32\drivers\acedrv10.sys []
R2 acehlp10;acehlp10; \??\C:\WINDOWS\system32\drivers\acehlp10.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2004-07-28 9856]
R2 LF30FS;LF30FS; \??\C:\Program Files\Everstrike Software\Lock Folder XP 3.5\LF30XP.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-09-20 4019072]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]
R3 atinrvxx;ATI WDM Rage Theater Video; C:\WINDOWS\system32\DRIVERS\atinrvxx.sys [2004-08-04 105984]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2004-06-08 3968]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12160]
R3 MVDCODEC;ATI WDM Specialized MVD Codec; C:\WINDOWS\system32\DRIVERS\atinmdxx.sys [2004-08-04 13824]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2004-12-16 42496]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-08-06 25280]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 s117bus;Sony Ericsson Device 117 driver (WDM); C:\WINDOWS\system32\DRIVERS\s117bus.sys [2007-06-25 82984]
S3 s117mdfl;Sony Ericsson Device 117 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s117mdfl.sys [2007-06-25 14888]
S3 s117mdm;Sony Ericsson Device 117 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s117mdm.sys [2007-06-25 108456]
S3 s117mgmt;Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s117mgmt.sys [2007-06-25 100264]
S3 s117nd5;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS); C:\WINDOWS\system32\DRIVERS\s117nd5.sys [2007-06-25 22952]
S3 s117obex;Sony Ericsson Device 117 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s117obex.sys [2007-06-25 98344]
S3 s117unic;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM); C:\WINDOWS\system32\DRIVERS\s117unic.sys [2007-06-25 98856]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-03 413696]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 mysql;mysql; C:\Program Files\xampp\mysql\bin\mysqld-nt.exe [2008-08-04 5779456]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2007-02-07 173616]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 Apache2.2;Apache2.2; C:\Program Files\xampp\apache\bin\apache.exe [2008-06-14 17408]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-05-03 520192]
S2 XAMPP;XAMPP Service; C:\Program Files\xampp\service.exe [2007-12-21 60928]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-05-31 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 wampapache;wampapache; C:\Program Files\wamp\bin\apache\apache2.2.11\bin\httpd.exe [2008-12-10 24636]
S3 wampmysqld;wampmysqld; C:\Program Files\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe [2009-06-17 6582912]
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by marek at 2010-01-14 16:10:34
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 4 GB (5%) free of 78 GB
Total RAM: 2047 MB (78% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:11:08, on 14.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\xampp\mysql\bin\mysqld-nt.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\marek\Desktop\RSIT.exe
C:\Program Files\trend micro\marek.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\imapi.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP8095\QIP\qip.exe (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1C1879CD-9BA0-470B-BC87-E8AC105BE642}: NameServer = 62.128.126.10,62.168.96.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{E3D8BE3F-1CD4-40AF-A411-FABAAB0CD979}: NameServer = 193.93.72.10,193.93.72.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{1C1879CD-9BA0-470B-BC87-E8AC105BE642}: NameServer = 62.128.126.10,62.168.96.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{1C1879CD-9BA0-470B-BC87-E8AC105BE642}: NameServer = 62.128.126.10,62.168.96.4
O17 - HKLM\System\CS3\Services\Tcpip\..\{1C1879CD-9BA0-470B-BC87-E8AC105BE642}: NameServer = 62.128.126.10,62.168.96.4
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apache2.2 - Apache Software Foundation - C:\Program Files\xampp\apache\bin\apache.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: mysql - Unknown owner - C:\Program Files\xampp\mysql\bin\mysqld-nt.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: wampapache - Apache Software Foundation - C:\Program Files\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - C:\Program Files\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe
O23 - Service: XAMPP Service (XAMPP) - Unknown owner - C:\Program Files\xampp\service.exe
--
End of file - 8321 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-06-09 34304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2006-06-09 552960]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-08-03 577536]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-09-28 185896]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-10-11 75304]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-02-07 71216]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-02-07 54832]
"MimBoot"=C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe [2005-05-10 11776]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2007-05-14 35328]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
"LFAgent"= []
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=c:\program files\valve\steam\steam.exe [2009-10-24 1217808]
C:\Documents and Settings\marek\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Valve\Steam\SteamApps\trojanskinhead69\condition zero\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\trojanskinhead69\condition zero\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Valve\Steam\SteamApps\trojanskinhead69\counter-strike\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\trojanskinhead69\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Valve\Steam\SteamApps\trojanskinhead69\condition zero deleted scenes\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\trojanskinhead69\condition zero deleted scenes\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Non Steam\hl.exe"="C:\Program Files\Non Steam\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Non Steam\hlds.exe"="C:\Program Files\Non Steam\hlds.exe:*:Enabled:HLDS Launcher"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"
"C:\Program Files\Non Steam\hltv.exe"="C:\Program Files\Non Steam\hltv.exe:*:Enabled:HLTV Launcher"
"C:\Program Files\xampp\apache\bin\apache.exe"="C:\Program Files\xampp\apache\bin\apache.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\QIP8080\qip.exe"="C:\Program Files\QIP8080\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Valve\Steam\SteamApps\trojanskinhead69\day of defeat\hl.exe"="C:\Program Files\Valve\Steam\SteamApps\trojanskinhead69\day of defeat\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\QIP8082\qip.exe"="C:\Program Files\QIP8082\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\TeamViewer\Version4\TeamViewer.exe"="C:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"C:\Program Files\QIP8092\qip.exe"="C:\Program Files\QIP8092\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\QIP8095\qip.exe"="C:\Program Files\QIP8095\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe"="C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe:*:Enabled:speed2"
"C:\Program Files\QIP8095\QIP\qip.exe"="C:\Program Files\QIP8095\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\totalcmd7,5\TOTALCMD.EXE"="C:\Program Files\totalcmd7,5\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======File associations======
.js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"
======List of files/folders created in the last 1 months======
2010-01-14 16:10:34 ----D---- C:\rsit
2010-01-14 16:06:29 ----SHD---- C:\RECYCLER
2010-01-02 12:52:39 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-01-02 12:52:17 ----HDC---- C:\WINDOWS\$NtUninstallKB976325$
2010-01-02 12:52:03 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-01-02 12:51:54 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-01-02 12:51:36 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-01-01 23:31:45 ----A---- C:\Boot.bak
2010-01-01 23:31:36 ----RASHD---- C:\cmdcons
2010-01-01 22:00:43 ----D---- C:\Program Files\VS Revo Group
2009-12-28 11:44:37 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2009-12-27 16:17:12 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-12-27 16:17:01 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-12-27 16:16:50 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-12-27 16:16:39 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-12-27 16:16:31 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-27 16:16:17 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-12-27 16:16:02 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
2009-12-27 16:15:50 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-12-27 16:15:40 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-12-27 16:15:29 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-12-27 16:15:17 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-12-27 16:14:56 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-12-27 16:14:39 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-12-27 16:14:28 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-12-27 16:14:16 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-12-27 16:14:04 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-12-27 16:13:48 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-12-27 16:13:34 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-12-27 16:13:16 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-12-27 16:04:01 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2009-12-27 16:03:49 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-12-27 16:03:41 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-12-27 16:03:30 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-27 16:03:18 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-12-27 15:54:54 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-27 15:53:15 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-12-27 15:52:47 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-12-27 15:52:35 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-12-27 15:52:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-12-27 15:52:16 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-12-27 15:51:54 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-12-27 15:51:08 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-12-26 19:55:45 ----A---- C:\WINDOWS\OEWABLog.txt
2009-12-26 19:50:05 ----D---- C:\WINDOWS\Prefetch
2009-12-26 19:39:03 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-12-26 19:38:50 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-12-26 19:38:33 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2009-12-26 19:38:17 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2009-12-26 19:38:06 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-12-26 19:37:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2009-12-26 19:37:34 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-12-26 19:37:22 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2009-12-26 19:37:07 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$
2009-12-26 19:36:55 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-12-26 19:36:43 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-12-26 19:36:30 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-12-26 19:36:19 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2009-12-26 19:36:07 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-12-26 19:35:56 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2009-12-26 19:35:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-12-26 19:35:25 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-12-26 19:35:13 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-12-26 19:34:59 ----HDC---- C:\WINDOWS\$NtUninstallKB950759$
2009-12-26 19:34:47 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-12-26 19:34:37 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2009-12-26 19:34:24 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-12-26 19:31:11 ----A---- C:\WINDOWS\setuplog.txt
2009-12-26 19:29:06 ----D---- C:\WINDOWS\system32\scripting
2009-12-26 19:29:06 ----D---- C:\WINDOWS\system32\en-us
2009-12-26 19:29:05 ----D---- C:\WINDOWS\l2schemas
2009-12-26 19:29:04 ----D---- C:\WINDOWS\system32\en
2009-12-26 19:29:03 ----D---- C:\WINDOWS\system32\bits
2009-12-26 19:25:31 ----D---- C:\WINDOWS\ServicePackFiles
2009-12-26 19:21:22 ----D---- C:\WINDOWS\network diagnostic
2009-12-26 19:19:17 ----A---- C:\WINDOWS\imsins.BAK
2009-12-26 19:15:03 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-12-26 18:37:49 ----D---- C:\Program Files\Sunbelt Software
2009-12-25 19:12:33 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2009-12-25 03:05:17 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$
2009-12-24 23:38:47 ----N---- C:\WINDOWS\system32\xpsp4res.dll
2009-12-22 12:36:23 ----A---- C:\WINDOWS\SchedLgU.Txt
======List of files/folders modified in the last 1 months======
2010-01-14 16:11:08 ----D---- C:\WINDOWS\Temp
2010-01-14 16:11:04 ----D---- C:\WINDOWS
2010-01-14 16:10:38 ----D---- C:\Program Files\trend micro
2010-01-14 16:09:36 ----SHD---- C:\System Volume Information
2010-01-14 16:09:36 ----D---- C:\WINDOWS\system32\Restore
2010-01-14 16:06:29 ----D---- C:\WINDOWS\system32
2010-01-14 16:06:25 ----HD---- C:\WINDOWS\inf
2010-01-14 16:06:23 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-14 16:06:23 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-14 16:05:35 ----D---- C:\WINDOWS\Minidump
2010-01-14 15:57:42 ----D---- C:\Program Files\Mozilla Firefox
2010-01-02 12:56:42 ----D---- C:\Program Files\Everstrike Software
2010-01-02 12:52:28 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-02 12:51:38 ----D---- C:\WINDOWS\system32\drivers
2010-01-01 23:43:28 ----A---- C:\WINDOWS\system.ini
2010-01-01 23:39:27 ----D---- C:\WINDOWS\AppPatch
2010-01-01 23:39:22 ----D---- C:\Program Files\Common Files
2010-01-01 23:31:45 ----RASH---- C:\boot.ini
2010-01-01 22:00:43 ----RD---- C:\Program Files
2009-12-28 00:43:05 ----A---- C:\WINDOWS\NeroDigital.ini
2009-12-27 23:37:13 ----RSD---- C:\WINDOWS\assembly
2009-12-27 23:33:44 ----D---- C:\WINDOWS\Microsoft.NET
2009-12-27 23:17:55 ----D---- C:\WINDOWS\Debug
2009-12-27 23:14:55 ----D---- C:\WINDOWS\system32\wbem
2009-12-27 16:16:51 ----D---- C:\WINDOWS\WinSxS
2009-12-27 16:14:52 ----D---- C:\WINDOWS\system32\CatRoot
2009-12-27 16:03:43 ----D---- C:\Program Files\Outlook Express
2009-12-27 16:02:46 ----SHD---- C:\WINDOWS\Installer
2009-12-27 16:02:46 ----D---- C:\Config.Msi
2009-12-26 19:49:11 ----D---- C:\WINDOWS\system32\Setup
2009-12-26 19:49:09 ----RSD---- C:\WINDOWS\Fonts
2009-12-26 19:40:10 ----D---- C:\WINDOWS\security
2009-12-26 19:34:49 ----D---- C:\Program Files\Messenger
2009-12-26 19:29:48 ----D---- C:\Program Files\Windows Media Player
2009-12-26 19:29:20 ----D---- C:\WINDOWS\system32\inetsrv
2009-12-26 19:29:20 ----D---- C:\WINDOWS\ime
2009-12-26 19:29:20 ----D---- C:\WINDOWS\Help
2009-12-26 19:29:06 ----D---- C:\WINDOWS\system32\usmt
2009-12-26 19:29:05 ----D---- C:\Program Files\Internet Explorer
2009-12-26 19:29:03 ----D---- C:\WINDOWS\PeerNet
2009-12-26 19:29:03 ----D---- C:\Program Files\Movie Maker
2009-12-26 19:25:12 ----D---- C:\WINDOWS\system32\npp
2009-12-26 19:25:11 ----D---- C:\WINDOWS\mui
2009-12-26 19:25:09 ----D---- C:\WINDOWS\msagent
2009-12-26 19:25:05 ----D---- C:\WINDOWS\srchasst
2009-12-26 19:25:03 ----D---- C:\Program Files\NetMeeting
2009-12-26 19:25:00 ----D---- C:\WINDOWS\system32\Com
2009-12-26 19:24:51 ----D---- C:\Program Files\Windows NT
2009-12-26 19:24:44 ----D---- C:\Program Files\Common Files\System
2009-12-26 19:24:01 ----D---- C:\WINDOWS\system32\oobe
2009-12-26 19:23:58 ----D---- C:\WINDOWS\system
2009-12-26 19:19:11 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-12-26 19:15:01 ----D---- C:\WINDOWS\ehome
2009-12-25 23:07:47 ----A---- C:\WINDOWS\wincmd.ini
2009-12-23 20:33:00 ----D---- C:\Program Files\DNA
2009-12-23 20:22:50 ----D---- C:\WINDOWS\system32\config
2009-12-23 12:30:54 ----SD---- C:\WINDOWS\Tasks
2009-12-22 18:15:22 ----D---- C:\Program Files\MyDefrag v4.2.5
2009-12-17 17:53:05 ----A---- C:\WINDOWS\wcx_ftp.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-13 37760]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl []
R2 acedrv10;acedrv10; \??\C:\WINDOWS\system32\drivers\acedrv10.sys []
R2 acehlp10;acehlp10; \??\C:\WINDOWS\system32\drivers\acehlp10.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2004-07-28 9856]
R2 LF30FS;LF30FS; \??\C:\Program Files\Everstrike Software\Lock Folder XP 3.5\LF30XP.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-09-20 4019072]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]
R3 atinrvxx;ATI WDM Rage Theater Video; C:\WINDOWS\system32\DRIVERS\atinrvxx.sys [2004-08-04 105984]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2004-06-08 3968]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12160]
R3 MVDCODEC;ATI WDM Specialized MVD Codec; C:\WINDOWS\system32\DRIVERS\atinmdxx.sys [2004-08-04 13824]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2004-12-16 42496]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-08-06 25280]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 s117bus;Sony Ericsson Device 117 driver (WDM); C:\WINDOWS\system32\DRIVERS\s117bus.sys [2007-06-25 82984]
S3 s117mdfl;Sony Ericsson Device 117 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s117mdfl.sys [2007-06-25 14888]
S3 s117mdm;Sony Ericsson Device 117 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s117mdm.sys [2007-06-25 108456]
S3 s117mgmt;Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s117mgmt.sys [2007-06-25 100264]
S3 s117nd5;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS); C:\WINDOWS\system32\DRIVERS\s117nd5.sys [2007-06-25 22952]
S3 s117obex;Sony Ericsson Device 117 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s117obex.sys [2007-06-25 98344]
S3 s117unic;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM); C:\WINDOWS\system32\DRIVERS\s117unic.sys [2007-06-25 98856]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-03 413696]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 mysql;mysql; C:\Program Files\xampp\mysql\bin\mysqld-nt.exe [2008-08-04 5779456]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2007-02-07 173616]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 Apache2.2;Apache2.2; C:\Program Files\xampp\apache\bin\apache.exe [2008-06-14 17408]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-05-03 520192]
S2 XAMPP;XAMPP Service; C:\Program Files\xampp\service.exe [2007-12-21 60928]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-05-31 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 wampapache;wampapache; C:\Program Files\wamp\bin\apache\apache2.2.11\bin\httpd.exe [2008-12-10 24636]
S3 wampmysqld;wampmysqld; C:\Program Files\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe [2009-06-17 6582912]
-----------------EOF-----------------
Re: Procesor
spusťte přejmenované HJT C:\Program Files\trend micro\marek.exe-Klikněte na "Do a system scan only"
-u řádku
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
Dejte fajfku do čtverečku a zmáčkněte Fix checked
-restartujte pc
Já tam nic špatného nevidím
, možná už je systém opravdu jen unavený.Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Přispějete na provoz fóra?