Prosím o kontrolu, nemám /si myslím/ nijak zvláštní problém, ale nikdy jsem to neprovedl, tak bych rád věděl jak to mám. Případně odpověď sem a nebo na break307@seznam.cz. Díky John
Logfile of random's system information tool 1.07 (written by random/random)
Run by JOHN at 2010-05-06 23:43:37
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 39 GB (49%) free of 80 GB
Total RAM: 2047 MB (68% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:43:54, on 6.5.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17023)
Boot mode: Normal
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\windows\Explorer.EXE
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\ClocX\ClocX.exe
C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\Microsoft ActiveSync\rapimgr.exe
C:\Program Files\Webshots\webshots.scr
C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\AVG\AVG9\avgfws9.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\windows\system32\svchost.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\KeePass Password Safe 2\KeePass.exe
D:\Staženo\RSIT.exe
C:\Program Files\trend micro\JOHN.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - S-1-5-18 Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe (User 'Default user')
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Search - ?p=ZKfox000
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\AllMusicConverter\YouTubeRipper.dll
O9 - Extra 'Tools' menuitem: Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\AllMusicConverter\YouTubeRipper.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - ProtocolDefaults: '@ivt' protocol is in My Computer Zone, should be Intranet Zone (HKLM)
O15 - ProtocolDefaults: 'file' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O15 - ProtocolDefaults: 'https' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftup ... 0761932656
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 0761908515
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O20 - Winlogon Notify: dpiccdq - dpiccdq.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe
O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O24 - Desktop Component 0: (no name) - (no file)
--
End of file - 8991 bytes
======Scheduled tasks folder======
C:\windows\tasks\GoogleUpdateTaskMachineCore1ca5cd2cb961a6.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-04-19 1615200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-12 79648]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Alcmtr"=C:\windows\ALCMTR.EXE [2005-05-03 69632]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-04-19 2064736]
"ClocX"=C:\Program Files\ClocX\ClocX.exe [2007-07-26 270336]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PMCRemote"=C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe [2007-07-04 253000]
"ctfmon.exe"=C:\windows\system32\ctfmon.exe [2008-04-14 15360]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-06-26 1207080]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-04-06 26105128]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\devices]
C:\Program Files\Innovative Solutions\DriverMax\devices.exe [2010-03-01 9216928]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax]
C:\Program Files\Innovative Solutions\DriverMax\devices.exe [2010-03-01 9216928]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax_RESTART]
C:\Program Files\Innovative Solutions\DriverMax\devices.exe [2010-03-01 9216928]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-06-26 1207080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-02-18 2221352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-02-28 570664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-02-28 570664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8Serv]
C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [2008-03-20 83240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMCLoader]
C:\Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe [2007-07-26 105544]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]
C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [2008-03-20 83240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\remoterm]
C:\Program Files\Pinnacle\Shared Files\Programs\Remote\remoterm.exe [2007-07-04 253000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\windows\RTHDCPL.EXE [2010-01-31 18749440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\S60 PC Suite Tray]
C:\Program Files\Samsung\Samsung PC Studio 7\PCSuite.exe [2008-12-06 699392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-09-29 61440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wcescomm]
C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-06-26 1207080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"aawservice"=2
"uvnc_service"=3
"TuneUp.ProgramStatisticsSvc"=2
"TuneUp.Defrag"=3
"SMServer"=3
"ServiceLayer"=3
"PLFlash DeviceIoControl Service"=2
"Nero BackItUp Scheduler 3"=2
"Lavasoft Ad-Aware Service"=3
"idsvc"=3
"gusvc"=3
"gupdate1c9e1ff627a7f38"=2
"EPSON_PM_RPCV4_01"=2
"CrossLoopService"=2
"Spooler"=2
"RasMan"=3
"CiSvc"=3
"BthServ"=2
"Browser"=2
C:\Documents and Settings\JOHN\Nabídka Start\Programy\Po spuštění
Webshots.lnk - C:\Program Files\Webshots\Launcher.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\windows\system32\Ati2evxx.dll [2009-04-28 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\windows\system32\avgrsstx.dll [2010-03-04 12464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dpiccdq]
dpiccdq.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati1cixx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ati1rxxx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ati1cixx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ati1rxxx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1
"ShutdownWithoutLogon"=1
"NoDispCPL"=0
"NoDispSettingsPage"=0
"NoDispScrSavPage"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=177
"StartMenuLogOff"=1
"NoRecentDocsNetHood"=1
"NoDriveAutoRun"=67106883
"HideClock"=0
"NoUserNameInStartMenu"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=
"HonorAutoRunSetting"=
"NoResolveTrack"=
"NoViewContextMenu"=
"NoFileAssociate"=
"NoFind"=
"NoRun"=
"NoClose"=
"StartMenuLogoff"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\AVG\AVG9\avgam.exe"="C:\Program Files\AVG\AVG9\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG9\avgdiagex.exe"="C:\Program Files\AVG\AVG9\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Nero\Nero8\Nero Vision\NeroVision.exe"="C:\Program Files\Nero\Nero8\Nero Vision\NeroVision.exe:*:Enabled:NeroVision.exe"
"C:\Program Files\Nero\Nero8\Nero Burning Rom\nero.exe"="C:\Program Files\Nero\Nero8\Nero Burning Rom\nero.exe:*:Enabled:nero.exe"
"C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe:*:Enabled:Nero ControlCenter"
"C:\Documents and Settings\JOHN\Local Settings\Data aplikací\CrossLoop\vncviewer.exe"="C:\Documents and Settings\JOHN\Local Settings\Data aplikací\CrossLoop\vncviewer.exe:*:Enabled:vncviewer.exe"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2b7f5c07-a9e7-11de-b50f-001d9289995d}]
shell\AutoRun\command - StartPortableApps.exe
======File associations======
.scr - open - "%1" /S "%3"
======List of files/folders created in the last 1 months======
2010-05-06 23:40:12 ----D---- C:\rsit
2010-05-06 23:40:12 ----D---- C:\Program Files\trend micro
2010-05-05 22:43:06 ----D---- C:\Program Files\CCleaner
2010-04-30 00:19:16 ----D---- C:\Documents and Settings\JOHN\Data aplikací\AnvSoft
2010-04-30 00:19:14 ----D---- C:\Program Files\AnvSoft
2010-04-25 20:34:42 ----D---- C:\Program Files\Common Files\Adobe
2010-04-25 17:35:51 ----D---- C:\Documents and Settings\JOHN\Data aplikací\Multimedia Player
2010-04-25 17:28:31 ----D---- C:\Program Files\Common Files\PCSuite
2010-04-25 17:28:23 ----A---- C:\windows\system32\DIFxAPI.dll
2010-04-25 17:27:44 ----D---- C:\Program Files\PC Connectivity Solution
2010-04-25 17:24:35 ----D---- C:\Program Files\Samsung programy
2010-04-25 02:54:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters
2010-04-25 01:01:11 ----A---- C:\windows\ProductKeyExplorer.INI
2010-04-22 00:57:23 ----HD---- C:\windows\Icons
2010-04-22 00:02:21 ----HDC---- C:\windows\$NtUninstallKB971468$
2010-04-21 23:56:55 ----HDC---- C:\windows\$NtUninstallKB981349$
2010-04-21 23:54:22 ----HDC---- C:\windows\$NtUninstallKB978601$
2010-04-21 23:52:55 ----HDC---- C:\windows\$NtUninstallKB971737$
2010-04-21 23:50:39 ----HDC---- C:\windows\$NtUninstallKB969947$
2010-04-21 23:46:58 ----N---- C:\windows\system32\browserchoice.exe
2010-04-21 12:28:47 ----A---- C:\windows\system32\uxtuneup.dll
2010-04-21 12:28:47 ----A---- C:\windows\system32\TURegOpt.exe
2010-04-21 12:28:22 ----D---- C:\Program Files\TuneUp Utilities 2010
2010-04-21 12:28:09 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-04-21 00:09:52 ----A---- C:\windows\system32\NVCOSMB.DLL
2010-04-18 18:01:33 ----D---- C:\Documents and Settings\JOHN\Data aplikací\dvdcss
2010-04-15 22:03:23 ----A---- C:\windows\system32\javaws.exe
2010-04-15 22:03:23 ----A---- C:\windows\system32\javaw.exe
2010-04-15 22:03:23 ----A---- C:\windows\system32\java.exe
2010-04-15 22:03:23 ----A---- C:\windows\system32\deployJava1.dll
2010-04-10 00:16:08 ----RA---- C:\windows\system32\RTNUninst32.dll
2010-04-10 00:16:08 ----RA---- C:\windows\system32\RtNicProp32.dll
2010-04-08 23:22:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2010-04-08 23:22:20 ----D---- C:\Program Files\Common Files\Java
2010-04-08 23:15:14 ----D---- C:\Program Files\QuickTime
2010-04-08 23:15:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple Computer
2010-04-08 23:14:36 ----D---- C:\Program Files\Apple Software Update
2010-04-08 23:14:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple
2010-04-08 23:09:13 ----D---- C:\Program Files\Secunia
======List of files/folders modified in the last 1 months======
2010-05-06 23:43:44 ----D---- C:\windows\Temp
2010-05-06 23:40:12 ----D---- C:\Program Files
2010-05-06 23:20:50 ----D---- C:\windows\Prefetch
2010-05-06 23:18:49 ----D---- C:\windows\system32\CatRoot2
2010-05-06 23:18:35 ----D---- C:\Documents and Settings\JOHN\Data aplikací\Skype
2010-05-06 23:18:15 ----D---- C:\windows\system32
2010-05-06 23:16:37 ----A---- C:\windows\SchedLgU.Txt
2010-05-06 23:16:30 ----AC---- C:\windows\win.ini
2010-05-06 23:16:30 ----AC---- C:\windows\system.ini
2010-05-05 23:55:18 ----D---- C:\Documents and Settings\JOHN\Data aplikací\KeePass
2010-05-05 22:36:51 ----D---- C:\WINDOWS
2010-05-03 22:26:11 ----AC---- C:\windows\wincmd.ini
2010-05-03 22:17:34 ----AC---- C:\windows\NeroDigital.ini
2010-04-26 22:50:53 ----SHD---- C:\windows\Installer
2010-04-26 22:50:15 ----D---- C:\Config.Msi
2010-04-26 00:12:19 ----D---- C:\Program Files\KeePass Password Safe
2010-04-25 20:34:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-04-25 20:34:42 ----D---- C:\Program Files\Common Files
2010-04-25 17:31:25 ----D---- C:\windows\system32\drivers
2010-04-25 17:31:03 ----HD---- C:\windows\inf
2010-04-25 17:28:31 ----D---- C:\Program Files\Samsung
2010-04-25 17:28:25 ----D---- C:\windows\system32\CatRoot
2010-04-25 17:27:50 ----DC---- C:\windows\system32\DRVSTORE
2010-04-25 02:58:50 ----SD---- C:\Documents and Settings\JOHN\Data aplikací\Microsoft
2010-04-25 02:54:38 ----RSD---- C:\windows\assembly
2010-04-25 01:27:17 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-23 15:43:12 ----D---- C:\Program Files\ICQ7.0
2010-04-22 23:34:47 ----D---- C:\windows\Debug
2010-04-22 23:34:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-04-22 00:42:20 ----D---- C:\Program Files\FreeDVDRipper
2010-04-22 00:36:06 ----AC---- C:\windows\system32\PerfStringBackup.INI
2010-04-22 00:27:04 ----HDC---- C:\windows\$NtServicePackUninstallNLSDownlevelMapping$
2010-04-22 00:27:04 ----HDC---- C:\windows\$NtServicePackUninstallIDNMitigationAPIs$
2010-04-22 00:27:02 ----HDC---- C:\windows\$NtUninstallKB954600$
2010-04-22 00:27:02 ----HDC---- C:\windows\$NtUninstallKB954211$
2010-04-22 00:27:02 ----HDC---- C:\windows\$NtUninstallKB954155_WM9$
2010-04-22 00:27:02 ----HDC---- C:\windows\$NtUninstallKB952011$
2010-04-22 00:27:01 ----HDC---- C:\windows\$NtUninstallKB955839$
2010-04-22 00:27:00 ----HDC---- C:\windows\$NtUninstallKB960803$
2010-04-22 00:27:00 ----HDC---- C:\windows\$NtUninstallKB959772_WM11$
2010-04-22 00:27:00 ----HDC---- C:\windows\$NtUninstallKB958869$
2010-04-22 00:27:00 ----HDC---- C:\windows\$NtUninstallKB958690$
2010-04-22 00:27:00 ----HDC---- C:\windows\$NtUninstallKB958687$
2010-04-22 00:27:00 ----HDC---- C:\windows\$NtUninstallKB957095$
2010-04-22 00:27:00 ----HDC---- C:\windows\$NtUninstallKB956844$
2010-04-22 00:26:59 ----HDC---- C:\windows\$NtUninstallKB968816_WM9$
2010-04-22 00:26:59 ----HDC---- C:\windows\$NtUninstallKB968537$
2010-04-22 00:26:59 ----HDC---- C:\windows\$NtUninstallKB960859$
2010-04-22 00:26:57 ----HDC---- C:\windows\$NtUninstallKB971657$
2010-04-22 00:26:56 ----HDC---- C:\windows\$NtUninstallKB973540_WM9$
2010-04-22 00:26:51 ----HDC---- C:\windows\$NtUninstallMSCompPackV1$
2010-04-22 00:26:50 ----HDC---- C:\windows\$NtUninstallWudf01000$
2010-04-22 00:07:00 ----D---- C:\windows\AppPatch
2010-04-22 00:02:50 ----HD---- C:\windows\$hf_mig$
2010-04-22 00:02:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-04-22 00:02:27 ----RSHDC---- C:\windows\system32\dllcache
2010-04-21 23:56:05 ----D---- C:\Program Files\Movie Maker
2010-04-21 23:52:20 ----D---- C:\windows\WinSxS
2010-04-21 23:51:23 ----D---- C:\windows\system32\cs-cz
2010-04-21 23:51:23 ----D---- C:\Program Files\Internet Explorer
2010-04-21 12:29:35 ----SD---- C:\windows\Tasks
2010-04-21 12:28:14 ----D---- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
2010-04-18 21:00:16 ----D---- C:\Program Files\Google
2010-04-15 22:03:21 ----D---- C:\Program Files\Java
2010-04-11 00:44:03 ----D---- C:\windows\system32\RTCOM
2010-04-08 23:26:23 ----D---- C:\windows\SoftwareDistribution
2010-04-08 23:25:44 ----SD---- C:\windows\Downloaded Program Files
2010-04-08 23:19:07 ----RD---- C:\Program Files\Skype
2010-04-08 23:19:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2010-04-08 23:18:37 ----D---- C:\Documents and Settings\JOHN\Data aplikací\vlc
2010-04-08 23:15:05 ----D---- C:\Program Files\Common Files\Apple
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Ovladač procesoru AMD; C:\windows\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\windows\System32\Drivers\avgldx86.sys [2010-03-04 216200]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\windows\System32\Drivers\avgmfx86.sys [2010-03-04 29512]
R1 AvgTdiX;AVG8 Network Redirector; C:\windows\System32\Drivers\avgtdix.sys [2010-04-19 242896]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\windows\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; \??\C:\Program Files\CyberLink\PowerDVD8\000.fcl []
R3 ati2mtag;ati2mtag; C:\windows\system32\DRIVERS\ati2mtag.sys [2009-04-28 3565568]
R3 Avgfwdx;Avgfwdx; C:\windows\system32\DRIVERS\avgfwdx.sys [2009-10-31 30104]
R3 AVGIDSDriverxpx;AVG9IDSDriver; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys []
R3 AVGIDSFilterxpx;AVG9IDSFilter; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys []
R3 AVGIDSShimxpx;AVG9IDSShim; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys []
R3 CamDrL;Logitech QuickCam Pro 3000(CamDrl); C:\windows\system32\DRIVERS\Camdrl.sys [2004-10-08 326656]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\windows\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\windows\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RtkHDAud.sys [2010-01-31 5915136]
R3 LHidFlt2;Logitech HID/USB Mouse Filter Driver; C:\windows\system32\DRIVERS\LHidFlt2.sys [2002-05-21 23270]
R3 LKbdFlt2;Logitech Keyboard Class Filter Driver; C:\windows\system32\DRIVERS\LKbdFlt2.sys [2002-05-21 5846]
R3 LMouFlt2;Logitech Mouse Class Filter Driver; C:\windows\system32\DRIVERS\LMouFlt2.sys [2002-05-21 68886]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\windows\system32\drivers\lvusbsta.sys [2005-01-31 22016]
R3 mouhid;Ovladač myši standardu HID; C:\windows\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MusCAudio;MusCAudio; C:\windows\system32\drivers\MusCAudio.sys [2009-03-02 23096]
R3 MusCVideo;MusCVideo; C:\windows\system32\DRIVERS\MusCVideo.sys [2009-03-02 3768]
R3 PinnacleRoyalTS;Pinnacle Systems RoyalTS Device; C:\windows\system32\DRIVERS\RoyalTS.sys [2008-12-15 123520]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\windows\system32\DRIVERS\Rtenicxp.sys [2010-03-08 220112]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\windows\system32\drivers\usbaudio.sys [2008-04-14 60032]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\windows\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\windows\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\windows\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\windows\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S1 wceusbsh;Windows CE USB Serial Host Driver; C:\windows\system32\DRIVERS\wceusbsh.sys [2008-04-14 31744]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\windows\system32\DRIVERS\adusbser.sys [2006-10-23 93440]
S3 AVFSFilter;AVFSFilter; C:\windows\system32\DRIVERS\avfsfilter.sys []
S3 Avgfwfd;AVG network filter service; C:\windows\system32\DRIVERS\avgfwdx.sys [2009-10-31 30104]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BTHMODEM;Ovladač komunikace modemu Bluetooth; C:\windows\system32\DRIVERS\bthmodem.sys [2008-04-14 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 CCDECODE;Dekodér Closed Caption; C:\windows\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 cpuz132;cpuz132; \??\C:\DOCUME~1\JOHN\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys []
S3 esihdrv;esihdrv; \??\C:\DOCUME~1\JOHN\LOCALS~1\Temp\esihdrv.sys []
S3 MPE;Filtr MPE BDA; C:\windows\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\windows\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\windows\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcdsa;Samsung USB Phone Parent; C:\windows\system32\drivers\nmwcdsa.sys [2007-05-02 135680]
S3 nmwcdsac;Samsung USB Generic; C:\windows\system32\drivers\nmwcdsac.sys [2007-05-02 8320]
S3 nmwcdsacj;Samsung USB Port; C:\windows\system32\drivers\nmwcdsacj.sys [2007-05-02 12288]
S3 nmwcdsacm;Samsung USB Modem; C:\windows\system32\drivers\nmwcdsacm.sys [2007-05-02 12288]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\windows\System32\Drivers\pcouffin.sys [2009-03-21 47360]
S3 PSI;PSI; C:\windows\system32\DRIVERS\psi_mf.sys [2009-06-17 12648]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\windows\System32\Drivers\RootMdm.sys [2001-10-25 5888]
S3 sermouse;Ovladač sériové myši; C:\windows\system32\DRIVERS\sermouse.sys [2001-10-24 17664]
S3 SLIP;BDA Slip De-Framer; C:\windows\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SSUSBDownload;SAMSUNG SYMBIAN USB Downloader Driver; C:\windows\system32\DRIVERS\SSUSBDownload.sys []
S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 usbprint;Třída USB Printer; C:\windows\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;Motorola USB Modem Driver; C:\windows\system32\DRIVERS\usbser.sys [2008-04-14 26112]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S4 IntelIde;IntelIde; C:\windows\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\windows\system32\Ati2evxx.exe [2009-04-28 602112]
R2 avg9emc;AVG E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-03-04 916760]
R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-03-04 308064]
R2 avgfws9;AVG Firewall; C:\Program Files\AVG\AVG9\avgfws9.exe [2010-03-04 2325816]
R2 AVGIDSAgent;AVG9IDSAgent; C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-03-04 5888008]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-25 1047880]
R2 UxTuneUp;TuneUp Theme Extension; C:\windows\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\windows\System32\svchost.exe [2008-04-14 14336]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 BthServ;Bluetooth Support Service; C:\windows\system32\svchost.exe [2008-04-14 14336]
S4 CrossLoopService;CrossLoop Service; C:\Documents and Settings\JOHN\Local Settings\Data aplikací\CrossLoop\CrossLoopService.exe [2010-02-15 560792]
S4 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\Documents and Settings\All Users\Data aplikací\EPSON\EPW!3 SSRP\E_S40RP7.EXE [2007-01-11 113664]
S4 gupdate1c9e1ff627a7f38;Google Update Service (gupdate1c9e1ff627a7f38); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-31 133104]
S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-04 136120]
S4 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-07-22 1029456]
S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S4 SMServer;SMServer; C:\WINDOWS\system32\snmvtsvc.exe [2009-03-02 237568]
S4 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-04-21 435016]
S4 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\windows\System32\TUProgSt.exe [2008-12-06 603904]
S4 uvnc_service;uvnc_service; C:\Documents and Settings\JOHN\Local Settings\Data aplikací\CrossLoop\winvnc.exe [2009-12-06 1590216]
S4 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu RSIT
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu RSIT
Spusťte soubor C:\Program Files\trend micro\JOHN.exe . Naběhne HijackThis. V okně HijackThis fixněte:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O8 - Extra context menu item: &Search - ?p=ZKfox000
O20 - Winlogon Notify: dpiccdq - dpiccdq.dll (file missing)
restartujte PC a dejte nový log.
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O8 - Extra context menu item: &Search - ?p=ZKfox000
O20 - Winlogon Notify: dpiccdq - dpiccdq.dll (file missing)
restartujte PC a dejte nový log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu RSIT
Díky, tady je novej log..
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:18:59, on 7.5.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17023)
Boot mode: Normal
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\windows\Explorer.EXE
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\ClocX\ClocX.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\Microsoft ActiveSync\rapimgr.exe
C:\Program Files\Webshots\webshots.scr
C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\AVG\AVG9\avgfws9.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\windows\system32\svchost.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\trend micro\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - S-1-5-18 Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe (User 'Default user')
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\AllMusicConverter\YouTubeRipper.dll
O9 - Extra 'Tools' menuitem: Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\AllMusicConverter\YouTubeRipper.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - ProtocolDefaults: '@ivt' protocol is in My Computer Zone, should be Intranet Zone (HKLM)
O15 - ProtocolDefaults: 'file' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O15 - ProtocolDefaults: 'https' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftup ... 0761932656
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 0761908515
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe
O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O24 - Desktop Component 0: (no name) - (no file)
--
End of file - 8582 bytes
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:18:59, on 7.5.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17023)
Boot mode: Normal
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\windows\Explorer.EXE
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\ClocX\ClocX.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\Microsoft ActiveSync\rapimgr.exe
C:\Program Files\Webshots\webshots.scr
C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\AVG\AVG9\avgfws9.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\windows\system32\svchost.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\trend micro\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - S-1-5-18 Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe (User 'Default user')
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\AllMusicConverter\YouTubeRipper.dll
O9 - Extra 'Tools' menuitem: Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\AllMusicConverter\YouTubeRipper.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - ProtocolDefaults: '@ivt' protocol is in My Computer Zone, should be Intranet Zone (HKLM)
O15 - ProtocolDefaults: 'file' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O15 - ProtocolDefaults: 'https' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftup ... 0761932656
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 0761908515
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe
O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O24 - Desktop Component 0: (no name) - (no file)
--
End of file - 8582 bytes
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu RSIT
Log vypadá čistý.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?