nefunkční internet, zmizení svchost.exe
Napsal: 22 dub 2010 14:19
Dobrý den, po naběhnutí windows se mi zobrazila tabulka s odpočítáváním a po restartu windows nabíhaly strašně pomalu a nefungoval internet
na netu sem našel že by to mohl zbůsobit antivir:
https://kc.mcafee.com/corporate/index?p ... id=KB68780
Logfile of random's system information tool 1.06 (written by random/random)
Run by Jiří Pánek at 2010-04-22 15:02:17
WIN_XP Service Pack 3
System drive F: has 32 GB (13%) free of 238 GB
Total RAM: 2047 MB (76% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:02:28, on 22.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\Ati2evxx.exe
F:\WINDOWS\system32\Ati2evxx.exe
F:\Program Files\Java\jre6\bin\jqs.exe
F:\Program Files\Common Files\LightScribe\LSSrvc.exe
F:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
f:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
F:\WINDOWS\Explorer.EXE
F:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
F:\Program Files\McAfee\MPF\MPFSrv.exe
F:\Program Files\McAfee\MSK\MskSrver.exe
F:\WINDOWS\system32\oodag.exe
F:\WINDOWS\system32\PnkBstrA.exe
F:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
F:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
F:\Program Files\A4Tech\Mouse\Amoumain.exe
F:\WINDOWS\RTHDCPL.EXE
F:\Program Files\Common Files\Java\Java Update\jusched.exe
F:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
F:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
F:\Documents and Settings\Jiří Pánek\Plocha\Jiřin\RSIT.exe
F:\Program Files\trend micro\Jiří Pánek.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.europowersearch.com/Search.h ... rchLang=CZ
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - f:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - F:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - f:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - F:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: RecFree Toolbar - {0508F8F1-08E3-43EE-AAA8-09AD09803084} - F:\Program Files\RecFree.com\RecFreeToolbar\1.0.23.0\escorTlbr.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - f:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [NeroFilterCheck] F:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "F:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [{1290A33C-85F5-4164-A1BE-7DD299D4986A}] "F:\Program Files\CyberLink\PowerBackup\PBKScheduler.exe"
O4 - HKLM\..\Run: [WheelMouse] F:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [mcagent_exe] "F:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [McENUI] F:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [SiteVacuum] F:\Program Files\EasySearch\SiteVacuumClient.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "F:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [McAfee Backup] "F:\Program Files\McAfee\MBK\McAfeeDataBackup.exe"
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1417001333-115176313-839522115-1003\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = F:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - F:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - F:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [searching] Search from the Address bar
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7282868859
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - f:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - f:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: Správa aplikací (AppMgmt) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - F:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Zvuk systému Windows (AudioSrv) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Služba inteligentního přenosu na pozadí (BITS) (bits) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Prohledávání počítačů (Browser) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: CryptSvc - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Spouštěč procesů serveru DCOM (DcomLaunch) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Klient DHCP (Dhcp) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Správce logických disků (dmserver) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Klient DNS (Dnscache) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Automatická konfigurace pevné sítě (Dot3svc) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Služba EAP (Extensible Authentication Protocol) (EapHost) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Zasílání zpráv o chybách (ERSvc) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Systém událostí modelu COM+ (EventSystem) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Kompatibilita pro rychlé přepínání uživatelů (FastUserSwitchingCompatibility) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Nápověda a odborná pomoc (helpsvc) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Služba Správa klíčů a certifikátů stavu (hkmsvc) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Služba HTTP SSL (HTTPFilter) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - F:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - F:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Server (lanmanserver) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Pracovní stanice (lanmanworkstation) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - F:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Podpora rozhraní NetBIOS nad protokolem TCP/IP (LmHosts) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: MBackMonitor - McAfee - F:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - f:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - F:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - f:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - F:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - f:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - F:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - F:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - F:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - F:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Agent architektury NAP (Network Access Protection) (napagent) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Síťová připojení (Netman) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Sledování umístění v síti (NLA) (Nla) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Vyměnitelné úložiště (NtmsSvc) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: O&O Defrag - O&O Software GmbH - F:\WINDOWS\system32\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - F:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Správce automatického připojení pomocí vzdáleného přístupu (RasAuto) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Správce vzdáleného přístupu (RasMan) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Vzdálený registr (RemoteRegistry) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Vzdálené volání procedur (RPC) (RpcSs) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Plánovač úloh (Schedule) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Secondary Logon (seclogon) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Oznamování systémových událostí (SENS) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Brána Firewall / Sdílení připojení k Internetu (ICS) (SharedAccess) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Rozpoznávání hardwaru (ShellHWDetection) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Služba obnovení systému (srservice) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Služba rozpoznávání pomocí protokolu SSDP (SSDPSRV) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - F:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Načítání obrázků (WIA) (stisvc) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Telefonní subsystém (TapiSrv) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Terminálová služba (TermService) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Motivy (Themes) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Klient služby sledování distribuovaných propojení (TrkWks) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Hostitel zařízení UPnP (upnphost) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Systémový čas (w32time) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Webový klient (WebClient) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Služba WMI (winmgmt) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Služba sériového čísla přenosného zařízení (WmdmPmSN) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Rozšíření ovladače WMI (Wmi) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Centrum zabezpečení (wscsvc) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Automatické aktualizace (wuauserv) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Windows Driver Foundation - User-mode Driver Framework (WudfSvc) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Automatická konfigurace bezdrátových zařízení (WZCSVC) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Služba pro síťová ustanovení (xmlprov) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
--
End of file - 13944 bytes
======Scheduled tasks folder======
F:\WINDOWS\tasks\McDefragTask.job
F:\WINDOWS\tasks\McQcTask.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - f:\PROGRA~1\mcafee\msk\mskapbho.dll [2009-10-02 246800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - F:\Program Files\McAfee\VirusScan\scriptsn.dll [2009-09-16 62784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - f:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-12-23 251416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - F:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-09 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - F:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2008-10-14 863688]
{0508F8F1-08E3-43EE-AAA8-09AD09803084} - RecFree Toolbar - F:\Program Files\RecFree.com\RecFreeToolbar\1.0.23.0\escorTlbr.dll [2009-03-10 172032]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - f:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-12-23 251416]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=F:\WINDOWS\system32\NeroCheck.exe [2006-01-12 155648]
"RemoteControl"=F:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768]
"{1290A33C-85F5-4164-A1BE-7DD299D4986A}"=F:\Program Files\CyberLink\PowerBackup\PBKScheduler.exe [2004-06-08 69721]
"WheelMouse"=F:\Program Files\A4Tech\Mouse\Amoumain.exe [2006-02-17 163840]
"Adobe Reader Speed Launcher"=F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"mcagent_exe"=F:\Program Files\McAfee.com\Agent\mcagent.exe [2009-10-29 1218008]
"McENUI"=F:\PROGRA~1\McAfee\MHN\McENUI.exe [2009-07-07 1176808]
"SiteVacuum"=F:\Program Files\EasySearch\SiteVacuumClient.exe [2010-01-05 479323]
"RTHDCPL"=F:\WINDOWS\RTHDCPL.EXE [2009-03-24 17567744]
"StartCCC"=F:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-11-24 98304]
"SunJavaUpdateSched"=F:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"McAfee Backup"=F:\Program Files\McAfee\MBK\McAfeeDataBackup.exe [2009-07-08 5134864]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=F:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
F:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Microsoft Office.lnk - F:\Program Files\Microsoft Office\Office10\OSA.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
F:\WINDOWS\system32\Ati2evxx.dll [2009-11-25 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
F:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - F:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"F:\Strong\StrongDC.exe"="F:\Strong\StrongDC.exe:*:Enabled:StrongDC"
"F:\WINDOWS\system32\PnkBstrA.exe"="F:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"F:\WINDOWS\system32\PnkBstrB.exe"="F:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"F:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe"="F:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)"
"F:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe"="F:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)"
"F:\Program Files\ICQ6\ICQ.exe"="F:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"F:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe"="F:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe:*:Enabled:Tom Clancy's Rainbow Six Vegas 2"
"F:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe"="F:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe:*:Enabled:Tom Clancy's Rainbow Six Vegas 2 Update"
"F:\Program Files\uTorrent\uTorrent.exe"="F:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"F:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe"="F:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2"
"F:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe"="F:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater"
"F:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe"="F:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor"
"F:\Program Files\Codemasters\GRID\GRID.exe"="F:\Program Files\Codemasters\GRID\GRID.exe:*:Enabled:GRID"
"F:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe"="F:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe:*:Enabled:Tom Clancy's H.A.W.X"
"F:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe"="F:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"F:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe"="F:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"F:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe"="F:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"%windir%\system32\drivers\svchost.exe"="%windir%\system32\drivers\svchost.exe:*:Enabled:svchost"
"F:\Program Files\EA GAMES\Battlefield 2\BF2.exe"="F:\Program Files\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2"
"F:\Program Files\Steam\Steam.exe"="F:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"F:\Program Files\Codemasters\DiRT2\dirt2_game.exe"="F:\Program Files\Codemasters\DiRT2\dirt2_game.exe:*:Enabled:DiRT2"
"F:\Program Files\Common Files\McAfee\MNA\McNASvc.exe"="F:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent"
"F:\Program Files\Steam\steamapps\common\company of heroes\RelicCOH.exe"="F:\Program Files\Steam\steamapps\common\company of heroes\RelicCOH.exe:*:Enabled:Company of Heroes"
"F:\Program Files\Steam\steamapps\common\company of heroes\help.htm"="F:\Program Files\Steam\steamapps\common\company of heroes\help.htm:*:Enabled:Company of Heroes"
"F:\Program Files\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2BetaUpdater.exe"="F:\Program Files\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2BetaUpdater.exe:*:Enabled:Battlefield Bad Company 2 - BETA"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\drivers\svchost.exe"="%windir%\system32\drivers\svchost.exe:*:Enabled:svchost"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{543ab0d8-7e94-11dd-a70b-0019665e22f4}]
shell\AutoRun\command - C:\f18\Launcher.exe
======List of files/folders created in the last 1 months======
2010-04-14 15:03:04 ----HDC---- F:\WINDOWS\$NtUninstallKB979683$
2010-04-14 15:02:56 ----HDC---- F:\WINDOWS\$NtUninstallKB980232$
2010-04-14 15:00:50 ----HDC---- F:\WINDOWS\$NtUninstallKB978338$
2010-04-14 15:00:44 ----HDC---- F:\WINDOWS\$NtUninstallKB977816$
2010-04-14 15:00:38 ----HDC---- F:\WINDOWS\$NtUninstallKB978601$
2010-04-14 15:00:16 ----HDC---- F:\WINDOWS\$NtUninstallKB979309$
2010-04-02 16:16:56 ----D---- F:\Documents and Settings\All Users\Data aplikací\Sun
2010-04-02 16:16:37 ----A---- F:\WINDOWS\system32\javaws.exe
2010-04-02 16:16:37 ----A---- F:\WINDOWS\system32\javaw.exe
2010-04-02 16:16:37 ----A---- F:\WINDOWS\system32\java.exe
2010-03-30 21:10:50 ----D---- F:\Program Files\Aspyr
2010-03-30 21:10:42 ----HDC---- F:\WINDOWS\$NtUninstall_Xbox_360_CC_Driver$
2010-03-30 17:45:07 ----D---- F:\Program Files\Merscom
2010-03-28 13:16:42 ----D---- F:\Documents and Settings\All Users\Data aplikací\TmForever
2010-03-26 20:45:14 ----D---- F:\Program Files\City Interactive
======List of files/folders modified in the last 1 months======
2010-04-22 15:02:20 ----D---- F:\Program Files\trend micro
2010-04-22 15:01:42 ----D---- F:\WINDOWS\Debug
2010-04-22 15:01:42 ----D---- F:\WINDOWS
2010-04-22 15:01:41 ----D---- F:\WINDOWS\Temp
2010-04-22 14:53:52 ----RSHDC---- F:\WINDOWS\system32\dllcache
2010-04-22 14:53:40 ----D---- F:\WINDOWS\system32
2010-04-21 20:34:01 ----D---- F:\WINDOWS\Prefetch
2010-04-20 21:45:00 ----SHD---- F:\WINDOWS\Installer
2010-04-20 21:12:56 ----D---- F:\Program Files\EA GAMES
2010-04-20 21:12:55 ----HD---- F:\WINDOWS\inf
2010-04-20 21:12:43 ----RSD---- F:\WINDOWS\assembly
2010-04-20 21:12:29 ----D---- F:\WINDOWS\system32\CatRoot2
2010-04-20 21:12:24 ----D---- F:\WINDOWS\system32\DirectX
2010-04-20 20:57:26 ----D---- F:\Program Files\Mozilla Firefox
2010-04-20 20:56:19 ----D---- F:\Program Files\SystemRequirementsLab
2010-04-20 20:15:46 ----D---- F:\Documents and Settings\Jiří Pánek\Data aplikací\uTorrent
2010-04-18 23:26:13 ----D---- F:\Torrents
2010-04-14 15:03:01 ----HD---- F:\WINDOWS\$hf_mig$
2010-04-14 15:02:58 ----D---- F:\WINDOWS\system32\drivers
2010-04-08 22:53:34 ----A---- F:\WINDOWS\NeroDigital.ini
2010-04-06 19:52:54 ----A---- F:\WINDOWS\system32\MRT.exe
2010-04-02 22:06:58 ----D---- F:\WINDOWS\system32\config
2010-04-02 16:16:53 ----D---- F:\Program Files\Common Files\Java
2010-04-02 16:16:35 ----D---- F:\Program Files\Java
2010-04-02 16:16:11 ----A---- F:\WINDOWS\system32\PerfStringBackup.INI
2010-04-02 15:57:03 ----RD---- F:\Program Files
2010-04-02 09:38:53 ----D---- F:\Program Files\McAfee
2010-04-01 00:05:41 ----D---- F:\Program Files\Internet Explorer
2010-03-30 21:10:44 ----SD---- F:\WINDOWS\system32\Microsoft
2010-03-29 16:45:40 ----D---- F:\Program Files\Steam
2010-03-27 20:50:07 ----D---- F:\Strong
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Amfilter;A4Tech Mouse Filter Driver; F:\WINDOWS\system32\DRIVERS\Amfilter.sys [2006-01-11 8704]
R1 intelppm;Řadič procesoru Intel; F:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 mfehidk;McAfee Inc. mfehidk; F:\WINDOWS\system32\drivers\mfehidk.sys [2009-11-04 214664]
R1 MPFP;MPFP; F:\WINDOWS\System32\Drivers\Mpfp.sys [2009-07-16 120136]
R2 acedrv11;acedrv11; \??\F:\WINDOWS\system32\drivers\acedrv11.sys []
R2 atksgt;atksgt; F:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-08-12 281760]
R2 lirsgt;lirsgt; F:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-08-12 25888]
R2 MICOMPar;MICOMPar; F:\WINDOWS\system32\drivers\MICOMPar.sys [2008-01-03 13488]
R3 Amusbprt;A4Tech HID-compliant Mouse Driver; F:\WINDOWS\system32\DRIVERS\Amusbprt.sys [2006-05-09 13312]
R3 ati2mtag;ati2mtag; F:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-11-25 4463104]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; F:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2007-02-27 42496]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; F:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; F:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); F:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-03-24 5056000]
R3 mfeavfk;McAfee Inc. mfeavfk; F:\WINDOWS\system32\drivers\mfeavfk.sys [2009-11-04 79816]
R3 mfebopk;McAfee Inc. mfebopk; F:\WINDOWS\system32\drivers\mfebopk.sys [2009-11-04 35272]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; F:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; F:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; F:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 vaxscsi;vaxscsi; F:\WINDOWS\System32\Drivers\vaxscsi.sys [2009-08-24 223128]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; F:\WINDOWS\system32\drivers\WmBEnum.sys [2004-05-13 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; F:\WINDOWS\system32\drivers\WmXlCore.sys [2004-05-13 44384]
S1 ATITool;ATITool Overclocking Utility; F:\WINDOWS\system32\DRIVERS\ATITool.sys [2006-11-10 24064]
S1 kbdhid;Ovladač klávesnice standardu HID; F:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 ADILOADER;General Purpose USB Driver (adildr.sys); F:\WINDOWS\System32\Drivers\adildr.sys []
S3 adiusbaw;USB ADSL WAN Adapter; F:\WINDOWS\system32\DRIVERS\adiusbaw.sys []
S3 Ambfilt;Ambfilt; F:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 catchme;catchme; \??\F:\DOCUME~1\JIPNEK~1\LOCALS~1\Temp\catchme.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\F:\Program Files\MediaCoder\SysInfo.sys []
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; F:\WINDOWS\system32\DRIVERS\fetnd5.sys []
S3 hamachi;Hamachi Network Interface; F:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-06-25 25280]
S3 mferkdk;McAfee Inc. mferkdk; F:\WINDOWS\system32\drivers\mferkdk.sys [2009-09-16 34248]
S3 mfesmfk;McAfee Inc. mfesmfk; F:\WINDOWS\system32\drivers\mfesmfk.sys [2009-11-04 40552]
S3 Monfilt;Monfilt; F:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 mouhid;Ovladač myši standardu HID; F:\WINDOWS\system32\DRIVERS\mouhid.sys [2002-09-23 12160]
S3 NRKCTL32;NRKCTL32; \??\F:\Documents and Settings\Jiří Pánek\Plocha\Jiřin\NRKCTL32.SYS []
S3 pcouffin;VSO Software pcouffin; F:\WINDOWS\System32\Drivers\pcouffin.sys [2009-07-13 47360]
S3 usbprint;Třída USB Printer; F:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; F:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WmFilter;Logitech WingMan HID Filter Driver; F:\WINDOWS\system32\drivers\WmFilter.sys [2004-05-13 21440]
S3 WmHidLo;Logitech WingMan USB Filter Driver; F:\WINDOWS\system32\drivers\WmHidLo.sys [2004-05-13 14720]
S3 WmVirHid;Logitech Virtual Hid Device Driver; F:\WINDOWS\system32\drivers\WmVirHid.sys [2004-05-13 5600]
S3 WpdUsb;WpdUsb; F:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; F:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; F:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Ovladač filtru Obnovy systému; F:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73344]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; F:\WINDOWS\system32\Ati2evxx.exe [2009-11-25 602112]
R2 JavaQuickStarterService;Java Quick Starter; F:\Program Files\Java\jre6\bin\jqs.exe [2010-03-09 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; F:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-04-24 73728]
R2 mcmscsvc;McAfee Services; F:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2009-10-29 865832]
R2 McProxy;McAfee Proxy Service; f:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2009-07-08 359952]
R2 McShield;McAfee Real-time Scanner; F:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2009-09-16 144704]
R2 MpfService;McAfee Personal Firewall Service; F:\Program Files\McAfee\MPF\MPFSrv.exe [2009-10-27 895696]
R2 MSK80Service;McAfee Anti-Spam Service; F:\Program Files\McAfee\MSK\MskSrver.exe [2009-07-08 26640]
R2 O&O Defrag;O&O Defrag; F:\WINDOWS\system32\oodag.exe [2007-01-12 707344]
R2 PnkBstrA;PnkBstrA; F:\WINDOWS\system32\PnkBstrA.exe [2010-01-29 75064]
R2 StarWindService;StarWind iSCSI Service; F:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe [2005-04-02 217600]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; f:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe [2009-12-23 93320]
S2 McNASvc;McAfee Network Agent; f:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2009-07-07 2482848]
S2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; F:\WINDOWS\system32\svchost.exe -k WudfServiceGroup []
S3 aspnet_state;ASP.NET State Service; F:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; F:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; f:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; F:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; F:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MBackMonitor;MBackMonitor; F:\Program Files\McAfee\MBK\MBackMonitor.exe [2009-07-08 68112]
S3 McODS;McAfee Scanner; F:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2009-10-28 365072]
S3 McSysmon;McAfee SystemGuards; F:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2009-11-04 606736]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; F:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; F:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
na netu sem našel že by to mohl zbůsobit antivir:
https://kc.mcafee.com/corporate/index?p ... id=KB68780
Logfile of random's system information tool 1.06 (written by random/random)
Run by Jiří Pánek at 2010-04-22 15:02:17
WIN_XP Service Pack 3
System drive F: has 32 GB (13%) free of 238 GB
Total RAM: 2047 MB (76% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:02:28, on 22.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\Ati2evxx.exe
F:\WINDOWS\system32\Ati2evxx.exe
F:\Program Files\Java\jre6\bin\jqs.exe
F:\Program Files\Common Files\LightScribe\LSSrvc.exe
F:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
f:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
F:\WINDOWS\Explorer.EXE
F:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
F:\Program Files\McAfee\MPF\MPFSrv.exe
F:\Program Files\McAfee\MSK\MskSrver.exe
F:\WINDOWS\system32\oodag.exe
F:\WINDOWS\system32\PnkBstrA.exe
F:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
F:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
F:\Program Files\A4Tech\Mouse\Amoumain.exe
F:\WINDOWS\RTHDCPL.EXE
F:\Program Files\Common Files\Java\Java Update\jusched.exe
F:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
F:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
F:\Documents and Settings\Jiří Pánek\Plocha\Jiřin\RSIT.exe
F:\Program Files\trend micro\Jiří Pánek.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.europowersearch.com/Search.h ... rchLang=CZ
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - f:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - F:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - f:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - F:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: RecFree Toolbar - {0508F8F1-08E3-43EE-AAA8-09AD09803084} - F:\Program Files\RecFree.com\RecFreeToolbar\1.0.23.0\escorTlbr.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - f:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [NeroFilterCheck] F:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "F:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [{1290A33C-85F5-4164-A1BE-7DD299D4986A}] "F:\Program Files\CyberLink\PowerBackup\PBKScheduler.exe"
O4 - HKLM\..\Run: [WheelMouse] F:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [mcagent_exe] "F:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [McENUI] F:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [SiteVacuum] F:\Program Files\EasySearch\SiteVacuumClient.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "F:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [McAfee Backup] "F:\Program Files\McAfee\MBK\McAfeeDataBackup.exe"
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1417001333-115176313-839522115-1003\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = F:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - F:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - F:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [searching] Search from the Address bar
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7282868859
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - f:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - f:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: Správa aplikací (AppMgmt) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - F:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Zvuk systému Windows (AudioSrv) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Služba inteligentního přenosu na pozadí (BITS) (bits) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Prohledávání počítačů (Browser) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: CryptSvc - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Spouštěč procesů serveru DCOM (DcomLaunch) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Klient DHCP (Dhcp) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Správce logických disků (dmserver) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Klient DNS (Dnscache) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Automatická konfigurace pevné sítě (Dot3svc) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Služba EAP (Extensible Authentication Protocol) (EapHost) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Zasílání zpráv o chybách (ERSvc) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Systém událostí modelu COM+ (EventSystem) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Kompatibilita pro rychlé přepínání uživatelů (FastUserSwitchingCompatibility) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Nápověda a odborná pomoc (helpsvc) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Služba Správa klíčů a certifikátů stavu (hkmsvc) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Služba HTTP SSL (HTTPFilter) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - F:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - F:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Server (lanmanserver) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Pracovní stanice (lanmanworkstation) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - F:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Podpora rozhraní NetBIOS nad protokolem TCP/IP (LmHosts) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: MBackMonitor - McAfee - F:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - f:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - F:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - f:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - F:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - f:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - F:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - F:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - F:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - F:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Agent architektury NAP (Network Access Protection) (napagent) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Síťová připojení (Netman) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Sledování umístění v síti (NLA) (Nla) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Vyměnitelné úložiště (NtmsSvc) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: O&O Defrag - O&O Software GmbH - F:\WINDOWS\system32\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - F:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Správce automatického připojení pomocí vzdáleného přístupu (RasAuto) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Správce vzdáleného přístupu (RasMan) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Vzdálený registr (RemoteRegistry) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Vzdálené volání procedur (RPC) (RpcSs) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Plánovač úloh (Schedule) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Secondary Logon (seclogon) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Oznamování systémových událostí (SENS) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Brána Firewall / Sdílení připojení k Internetu (ICS) (SharedAccess) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Rozpoznávání hardwaru (ShellHWDetection) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Služba obnovení systému (srservice) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Služba rozpoznávání pomocí protokolu SSDP (SSDPSRV) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - F:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Načítání obrázků (WIA) (stisvc) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Telefonní subsystém (TapiSrv) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Terminálová služba (TermService) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Motivy (Themes) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Klient služby sledování distribuovaných propojení (TrkWks) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Hostitel zařízení UPnP (upnphost) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Systémový čas (w32time) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Webový klient (WebClient) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Služba WMI (winmgmt) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Služba sériového čísla přenosného zařízení (WmdmPmSN) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Rozšíření ovladače WMI (Wmi) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Centrum zabezpečení (wscsvc) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Automatické aktualizace (wuauserv) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Windows Driver Foundation - User-mode Driver Framework (WudfSvc) - Unknown owner - F:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Automatická konfigurace bezdrátových zařízení (WZCSVC) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Služba pro síťová ustanovení (xmlprov) - Unknown owner - F:\WINDOWS\System32\svchost.exe (file missing)
--
End of file - 13944 bytes
======Scheduled tasks folder======
F:\WINDOWS\tasks\McDefragTask.job
F:\WINDOWS\tasks\McQcTask.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - f:\PROGRA~1\mcafee\msk\mskapbho.dll [2009-10-02 246800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - F:\Program Files\McAfee\VirusScan\scriptsn.dll [2009-09-16 62784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - f:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-12-23 251416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - F:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-09 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - F:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2008-10-14 863688]
{0508F8F1-08E3-43EE-AAA8-09AD09803084} - RecFree Toolbar - F:\Program Files\RecFree.com\RecFreeToolbar\1.0.23.0\escorTlbr.dll [2009-03-10 172032]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - f:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-12-23 251416]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=F:\WINDOWS\system32\NeroCheck.exe [2006-01-12 155648]
"RemoteControl"=F:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768]
"{1290A33C-85F5-4164-A1BE-7DD299D4986A}"=F:\Program Files\CyberLink\PowerBackup\PBKScheduler.exe [2004-06-08 69721]
"WheelMouse"=F:\Program Files\A4Tech\Mouse\Amoumain.exe [2006-02-17 163840]
"Adobe Reader Speed Launcher"=F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"mcagent_exe"=F:\Program Files\McAfee.com\Agent\mcagent.exe [2009-10-29 1218008]
"McENUI"=F:\PROGRA~1\McAfee\MHN\McENUI.exe [2009-07-07 1176808]
"SiteVacuum"=F:\Program Files\EasySearch\SiteVacuumClient.exe [2010-01-05 479323]
"RTHDCPL"=F:\WINDOWS\RTHDCPL.EXE [2009-03-24 17567744]
"StartCCC"=F:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-11-24 98304]
"SunJavaUpdateSched"=F:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"McAfee Backup"=F:\Program Files\McAfee\MBK\McAfeeDataBackup.exe [2009-07-08 5134864]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=F:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
F:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Microsoft Office.lnk - F:\Program Files\Microsoft Office\Office10\OSA.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
F:\WINDOWS\system32\Ati2evxx.dll [2009-11-25 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
F:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - F:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"F:\Strong\StrongDC.exe"="F:\Strong\StrongDC.exe:*:Enabled:StrongDC"
"F:\WINDOWS\system32\PnkBstrA.exe"="F:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"F:\WINDOWS\system32\PnkBstrB.exe"="F:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"F:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe"="F:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)"
"F:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe"="F:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)"
"F:\Program Files\ICQ6\ICQ.exe"="F:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"F:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe"="F:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe:*:Enabled:Tom Clancy's Rainbow Six Vegas 2"
"F:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe"="F:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe:*:Enabled:Tom Clancy's Rainbow Six Vegas 2 Update"
"F:\Program Files\uTorrent\uTorrent.exe"="F:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"F:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe"="F:\Program Files\Ubisoft\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2"
"F:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe"="F:\Program Files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater"
"F:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe"="F:\Program Files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor"
"F:\Program Files\Codemasters\GRID\GRID.exe"="F:\Program Files\Codemasters\GRID\GRID.exe:*:Enabled:GRID"
"F:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe"="F:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe:*:Enabled:Tom Clancy's H.A.W.X"
"F:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe"="F:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"F:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe"="F:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"F:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe"="F:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"%windir%\system32\drivers\svchost.exe"="%windir%\system32\drivers\svchost.exe:*:Enabled:svchost"
"F:\Program Files\EA GAMES\Battlefield 2\BF2.exe"="F:\Program Files\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2"
"F:\Program Files\Steam\Steam.exe"="F:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"F:\Program Files\Codemasters\DiRT2\dirt2_game.exe"="F:\Program Files\Codemasters\DiRT2\dirt2_game.exe:*:Enabled:DiRT2"
"F:\Program Files\Common Files\McAfee\MNA\McNASvc.exe"="F:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent"
"F:\Program Files\Steam\steamapps\common\company of heroes\RelicCOH.exe"="F:\Program Files\Steam\steamapps\common\company of heroes\RelicCOH.exe:*:Enabled:Company of Heroes"
"F:\Program Files\Steam\steamapps\common\company of heroes\help.htm"="F:\Program Files\Steam\steamapps\common\company of heroes\help.htm:*:Enabled:Company of Heroes"
"F:\Program Files\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2BetaUpdater.exe"="F:\Program Files\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2BetaUpdater.exe:*:Enabled:Battlefield Bad Company 2 - BETA"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\drivers\svchost.exe"="%windir%\system32\drivers\svchost.exe:*:Enabled:svchost"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{543ab0d8-7e94-11dd-a70b-0019665e22f4}]
shell\AutoRun\command - C:\f18\Launcher.exe
======List of files/folders created in the last 1 months======
2010-04-14 15:03:04 ----HDC---- F:\WINDOWS\$NtUninstallKB979683$
2010-04-14 15:02:56 ----HDC---- F:\WINDOWS\$NtUninstallKB980232$
2010-04-14 15:00:50 ----HDC---- F:\WINDOWS\$NtUninstallKB978338$
2010-04-14 15:00:44 ----HDC---- F:\WINDOWS\$NtUninstallKB977816$
2010-04-14 15:00:38 ----HDC---- F:\WINDOWS\$NtUninstallKB978601$
2010-04-14 15:00:16 ----HDC---- F:\WINDOWS\$NtUninstallKB979309$
2010-04-02 16:16:56 ----D---- F:\Documents and Settings\All Users\Data aplikací\Sun
2010-04-02 16:16:37 ----A---- F:\WINDOWS\system32\javaws.exe
2010-04-02 16:16:37 ----A---- F:\WINDOWS\system32\javaw.exe
2010-04-02 16:16:37 ----A---- F:\WINDOWS\system32\java.exe
2010-03-30 21:10:50 ----D---- F:\Program Files\Aspyr
2010-03-30 21:10:42 ----HDC---- F:\WINDOWS\$NtUninstall_Xbox_360_CC_Driver$
2010-03-30 17:45:07 ----D---- F:\Program Files\Merscom
2010-03-28 13:16:42 ----D---- F:\Documents and Settings\All Users\Data aplikací\TmForever
2010-03-26 20:45:14 ----D---- F:\Program Files\City Interactive
======List of files/folders modified in the last 1 months======
2010-04-22 15:02:20 ----D---- F:\Program Files\trend micro
2010-04-22 15:01:42 ----D---- F:\WINDOWS\Debug
2010-04-22 15:01:42 ----D---- F:\WINDOWS
2010-04-22 15:01:41 ----D---- F:\WINDOWS\Temp
2010-04-22 14:53:52 ----RSHDC---- F:\WINDOWS\system32\dllcache
2010-04-22 14:53:40 ----D---- F:\WINDOWS\system32
2010-04-21 20:34:01 ----D---- F:\WINDOWS\Prefetch
2010-04-20 21:45:00 ----SHD---- F:\WINDOWS\Installer
2010-04-20 21:12:56 ----D---- F:\Program Files\EA GAMES
2010-04-20 21:12:55 ----HD---- F:\WINDOWS\inf
2010-04-20 21:12:43 ----RSD---- F:\WINDOWS\assembly
2010-04-20 21:12:29 ----D---- F:\WINDOWS\system32\CatRoot2
2010-04-20 21:12:24 ----D---- F:\WINDOWS\system32\DirectX
2010-04-20 20:57:26 ----D---- F:\Program Files\Mozilla Firefox
2010-04-20 20:56:19 ----D---- F:\Program Files\SystemRequirementsLab
2010-04-20 20:15:46 ----D---- F:\Documents and Settings\Jiří Pánek\Data aplikací\uTorrent
2010-04-18 23:26:13 ----D---- F:\Torrents
2010-04-14 15:03:01 ----HD---- F:\WINDOWS\$hf_mig$
2010-04-14 15:02:58 ----D---- F:\WINDOWS\system32\drivers
2010-04-08 22:53:34 ----A---- F:\WINDOWS\NeroDigital.ini
2010-04-06 19:52:54 ----A---- F:\WINDOWS\system32\MRT.exe
2010-04-02 22:06:58 ----D---- F:\WINDOWS\system32\config
2010-04-02 16:16:53 ----D---- F:\Program Files\Common Files\Java
2010-04-02 16:16:35 ----D---- F:\Program Files\Java
2010-04-02 16:16:11 ----A---- F:\WINDOWS\system32\PerfStringBackup.INI
2010-04-02 15:57:03 ----RD---- F:\Program Files
2010-04-02 09:38:53 ----D---- F:\Program Files\McAfee
2010-04-01 00:05:41 ----D---- F:\Program Files\Internet Explorer
2010-03-30 21:10:44 ----SD---- F:\WINDOWS\system32\Microsoft
2010-03-29 16:45:40 ----D---- F:\Program Files\Steam
2010-03-27 20:50:07 ----D---- F:\Strong
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Amfilter;A4Tech Mouse Filter Driver; F:\WINDOWS\system32\DRIVERS\Amfilter.sys [2006-01-11 8704]
R1 intelppm;Řadič procesoru Intel; F:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 mfehidk;McAfee Inc. mfehidk; F:\WINDOWS\system32\drivers\mfehidk.sys [2009-11-04 214664]
R1 MPFP;MPFP; F:\WINDOWS\System32\Drivers\Mpfp.sys [2009-07-16 120136]
R2 acedrv11;acedrv11; \??\F:\WINDOWS\system32\drivers\acedrv11.sys []
R2 atksgt;atksgt; F:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-08-12 281760]
R2 lirsgt;lirsgt; F:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-08-12 25888]
R2 MICOMPar;MICOMPar; F:\WINDOWS\system32\drivers\MICOMPar.sys [2008-01-03 13488]
R3 Amusbprt;A4Tech HID-compliant Mouse Driver; F:\WINDOWS\system32\DRIVERS\Amusbprt.sys [2006-05-09 13312]
R3 ati2mtag;ati2mtag; F:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-11-25 4463104]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; F:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2007-02-27 42496]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; F:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; F:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); F:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-03-24 5056000]
R3 mfeavfk;McAfee Inc. mfeavfk; F:\WINDOWS\system32\drivers\mfeavfk.sys [2009-11-04 79816]
R3 mfebopk;McAfee Inc. mfebopk; F:\WINDOWS\system32\drivers\mfebopk.sys [2009-11-04 35272]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; F:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; F:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; F:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 vaxscsi;vaxscsi; F:\WINDOWS\System32\Drivers\vaxscsi.sys [2009-08-24 223128]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; F:\WINDOWS\system32\drivers\WmBEnum.sys [2004-05-13 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; F:\WINDOWS\system32\drivers\WmXlCore.sys [2004-05-13 44384]
S1 ATITool;ATITool Overclocking Utility; F:\WINDOWS\system32\DRIVERS\ATITool.sys [2006-11-10 24064]
S1 kbdhid;Ovladač klávesnice standardu HID; F:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 ADILOADER;General Purpose USB Driver (adildr.sys); F:\WINDOWS\System32\Drivers\adildr.sys []
S3 adiusbaw;USB ADSL WAN Adapter; F:\WINDOWS\system32\DRIVERS\adiusbaw.sys []
S3 Ambfilt;Ambfilt; F:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 catchme;catchme; \??\F:\DOCUME~1\JIPNEK~1\LOCALS~1\Temp\catchme.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\F:\Program Files\MediaCoder\SysInfo.sys []
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; F:\WINDOWS\system32\DRIVERS\fetnd5.sys []
S3 hamachi;Hamachi Network Interface; F:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-06-25 25280]
S3 mferkdk;McAfee Inc. mferkdk; F:\WINDOWS\system32\drivers\mferkdk.sys [2009-09-16 34248]
S3 mfesmfk;McAfee Inc. mfesmfk; F:\WINDOWS\system32\drivers\mfesmfk.sys [2009-11-04 40552]
S3 Monfilt;Monfilt; F:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 mouhid;Ovladač myši standardu HID; F:\WINDOWS\system32\DRIVERS\mouhid.sys [2002-09-23 12160]
S3 NRKCTL32;NRKCTL32; \??\F:\Documents and Settings\Jiří Pánek\Plocha\Jiřin\NRKCTL32.SYS []
S3 pcouffin;VSO Software pcouffin; F:\WINDOWS\System32\Drivers\pcouffin.sys [2009-07-13 47360]
S3 usbprint;Třída USB Printer; F:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; F:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WmFilter;Logitech WingMan HID Filter Driver; F:\WINDOWS\system32\drivers\WmFilter.sys [2004-05-13 21440]
S3 WmHidLo;Logitech WingMan USB Filter Driver; F:\WINDOWS\system32\drivers\WmHidLo.sys [2004-05-13 14720]
S3 WmVirHid;Logitech Virtual Hid Device Driver; F:\WINDOWS\system32\drivers\WmVirHid.sys [2004-05-13 5600]
S3 WpdUsb;WpdUsb; F:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; F:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; F:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Ovladač filtru Obnovy systému; F:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73344]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; F:\WINDOWS\system32\Ati2evxx.exe [2009-11-25 602112]
R2 JavaQuickStarterService;Java Quick Starter; F:\Program Files\Java\jre6\bin\jqs.exe [2010-03-09 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; F:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-04-24 73728]
R2 mcmscsvc;McAfee Services; F:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2009-10-29 865832]
R2 McProxy;McAfee Proxy Service; f:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2009-07-08 359952]
R2 McShield;McAfee Real-time Scanner; F:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2009-09-16 144704]
R2 MpfService;McAfee Personal Firewall Service; F:\Program Files\McAfee\MPF\MPFSrv.exe [2009-10-27 895696]
R2 MSK80Service;McAfee Anti-Spam Service; F:\Program Files\McAfee\MSK\MskSrver.exe [2009-07-08 26640]
R2 O&O Defrag;O&O Defrag; F:\WINDOWS\system32\oodag.exe [2007-01-12 707344]
R2 PnkBstrA;PnkBstrA; F:\WINDOWS\system32\PnkBstrA.exe [2010-01-29 75064]
R2 StarWindService;StarWind iSCSI Service; F:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe [2005-04-02 217600]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; f:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe [2009-12-23 93320]
S2 McNASvc;McAfee Network Agent; f:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2009-07-07 2482848]
S2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; F:\WINDOWS\system32\svchost.exe -k WudfServiceGroup []
S3 aspnet_state;ASP.NET State Service; F:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; F:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; f:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; F:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; F:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MBackMonitor;MBackMonitor; F:\Program Files\McAfee\MBK\MBackMonitor.exe [2009-07-08 68112]
S3 McODS;McAfee Scanner; F:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2009-10-28 365072]
S3 McSysmon;McAfee SystemGuards; F:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2009-11-04 606736]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; F:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; F:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
