Daemon tools zlobí

Zpráva

ramzes · #1 Příspěvek od **ramzes** » 01 črc 2010 15:57

Dobrý den,
začal mě zlobit program Daemon tools. Nejde s ním pracovat, nejde emulovat, nejde odinstalovat (pokažde se sekne). V přibrat/odebrat programy ho vůbec nemám a když spustim odinstalačku ze složky tak se nic neděje.
Děkuji za pomoc

log:
1/2
Logfile of random's system information tool 1.07 (written by random/random)
Run by MARTIN at 2010-07-01 16:53:22
Microsoft Windows 7 Professional Service Pack 3
System drive C: has 119 GB (40%) free of 294 GB
Total RAM: 3037 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:53:42, on 1.7.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Lenovo\Lenovo Mouse Suite\FSRremoS.EXE
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Documents and Settings\Default User\Local Settings\Temp\bsasee3y5d\IDMan.exe
C:\Program Files\Lenovo\Lenovo Mouse Suite\Pelmiced.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\Lenovo\Client Security Solution\password_manager.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Documents and Settings\Default User\Local Settings\Temp\bsasee3y5d\IEMonitor.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\OM\PROGRAMY\RSIT.exe
C:\Program Files\trend micro\MARTIN.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.daemonsearch.com/intl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Documents and Settings\Default User\Local Settings\Temp\bsasee3y5d\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Password Manager Browser Helper Object - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [LENOVO.TPFNF6R] C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Message Center Plus] C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe /start
O4 - HKLM\..\Run: [AcWin7Hlpr] C:\Program Files\Lenovo\Access Connections\AcWin7Hlpr.exe showdeskband
O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Daemon for Mouse Suite] C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [IDMan] C:\Documents and Settings\Default User\Local Settings\Temp\bsasee3y5d\IDMan.exe /onboot
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Stáhnout s IDM - C:\Documents and Settings\Default User\Local Settings\Temp\bsasee3y5d\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM obsah FLV videa - C:\Documents and Settings\Default User\Local Settings\Temp\bsasee3y5d\IEGetVL.htm
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Documents and Settings\Default User\Local Settings\Temp\bsasee3y5d\IEGetAll.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra 'Tools' menuitem: Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: AcPrfMgrSvc - Lenovo - C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
O23 - Service: AcSvc - Lenovo - C:\Program Files\Lenovo\Access Connections\AcSvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: COMODO EasyVPN VNC Service (CrdphService) - COMODO - C:\Program Files\COMODO\EasyVPN\crdphService.exe
O23 - Service: COMODO EasyVPN Service (EasyVpnAdpt) - Unknown owner - C:\Program Files\COMODO\EasyVPN\Vpnservice.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\Windows\system32\ibmpmsvc.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Session Launcher Service (PelService) - Unknown owner - C:\Program Files\Lenovo\Lenovo Mouse Suite\PelService.exe
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\Program Files\Lenovo\System Update\SUService.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\Windows\System32\TPHDEXLG.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

--
End of file - 13712 bytes

======Scheduled tasks folder======

C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
C:\Windows\tasks\SystemToolsDailyTest.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Documents and Settings\Default User\Local Settings\Temp\bsasee3y5d\IDMIECC.dll [2007-09-28 95664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-06-25 1241552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]
ZoneAlarm Toolbar - C:\Program Files\ZoneAlarm\tbZone.dll [2010-05-09 2517088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2010-05-26 591336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF468356-BB7E-42D7-9F15-4F3B9BCFCED2}]
IePasswordManagerHelper Class - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll [2009-08-27 763192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-03 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
Locked
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-06-25 1241552]
{66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - ZoneAlarm Toolbar - C:\Program Files\ZoneAlarm\tbZone.dll [2010-05-09 2517088]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2010-05-26 591336]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-07-10 7612960]
"TPHOTKEY"=C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [2009-03-13 68976]
"LENOVO.TPFNF6R"=C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe [2009-08-20 62752]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-08-07 186904]
"TpShocks"=C:\Windows\system32\TpShocks.exe [2009-07-09 337184]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-08-19 174104]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-08-19 151064]
"Message Center Plus"=C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-28 49976]
"AcWin7Hlpr"=C:\Program Files\Lenovo\Access Connections\AcWin7Hlpr.exe [2009-09-09 274432]
"cssauth"=C:\Program Files\Lenovo\Client Security Solution\cssauth.exe [2009-08-27 3089720]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-14 1541416]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-06-28 2837864]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-05-21 2176512]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"Daemon for Mouse Suite"=C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.EXE [2009-11-06 98304]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2010-06-23 1043968]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2010-05-26 730600]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-05-21 3037696]
"IDMan"=C:\Documents and Settings\Default User\Local Settings\Temp\bsasee3y5d\IDMan.exe [2007-12-21 2573744]
"DAEMON Tools"=C:\Program Files\DAEMON Tools\daemon.exe [2007-09-18 171464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comodo EasyVPN]
C:\Program Files\COMODO\EasyVPN\EasyVPN.exe [2009-09-28 3563768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.2\ICQ.exe [2010-06-18 133368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2010-03-30 1820040]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe

C:\Users\MARTIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-07-28 216576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll [2009-08-17 100104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
ACGina

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{10039812-834c-11df-bf72-00269e7967f1}]
shell\AutoRun\command - D:\SCDAAutorun.exe

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-06-29 16:44:18 ----D---- C:\Program Files\DAEMON Tools
2010-06-26 11:50:31 ----D---- C:\Users\MARTIN\AppData\Roaming\CheckPoint
2010-06-26 11:49:59 ----D---- C:\Program Files\Conduit
2010-06-26 11:49:58 ----D---- C:\Program Files\ZoneAlarm
2010-06-26 11:49:41 ----D---- C:\Program Files\CheckPoint
2010-06-26 11:49:12 ----A---- C:\Windows\system32\zlcommdb.dll
2010-06-26 11:49:12 ----A---- C:\Windows\system32\zlcomm.dll
2010-06-26 11:49:05 ----A---- C:\Windows\system32\~GLH0033.TMP
2010-06-24 18:56:06 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-06-24 18:56:06 ----A---- C:\Windows\system32\PresentationHost.exe
2010-06-24 18:56:05 ----A---- C:\Windows\system32\netfxperf.dll
2010-06-24 18:56:05 ----A---- C:\Windows\system32\mscoree.dll
2010-06-24 18:56:05 ----A---- C:\Windows\system32\dfshim.dll
2010-06-24 03:11:10 ----A---- C:\Windows\system32\ntdll.dll
2010-06-24 03:11:01 ----A---- C:\Windows\system32\CPFilters.dll
2010-06-24 03:10:59 ----A---- C:\Windows\system32\msdri.dll
2010-06-22 15:26:28 ----A---- C:\Windows\system32\XAudio2_5.dll
2010-06-22 15:26:27 ----A---- C:\Windows\system32\xactengine3_5.dll
2010-06-22 15:26:27 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2010-06-22 15:26:23 ----A---- C:\Windows\system32\d3dcsx_42.dll
2010-06-22 15:26:22 ----A---- C:\Windows\system32\D3DX9_42.dll
2010-06-22 15:26:22 ----A---- C:\Windows\system32\d3dx11_42.dll
2010-06-22 15:26:22 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-06-22 15:26:20 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-06-22 15:26:17 ----A---- C:\Windows\system32\XAudio2_3.dll
2010-06-22 15:26:17 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2010-06-22 15:26:17 ----A---- C:\Windows\system32\xactengine3_3.dll
2010-06-22 15:26:16 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2010-06-22 15:26:15 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-06-22 15:26:15 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-06-22 15:26:15 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-06-22 12:01:36 ----D---- C:\temp
2010-06-21 16:59:41 ----RHD---- C:\Users\MARTIN\AppData\Roaming\SecuROM
2010-06-21 16:58:47 ----A---- C:\Windows\system32\CmdLineExt.dll
2010-06-21 16:55:35 ----D---- C:\Windows\system32\xlive
2010-06-21 16:55:34 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE
2010-06-21 15:09:41 ----D---- C:\Program Files\SystemRequirementsLab
2010-06-18 20:42:09 ----D---- C:\Program Files\ICQ6Toolbar
2010-06-18 20:41:58 ----D---- C:\ProgramData\ICQ
2010-06-18 20:40:50 ----D---- C:\Program Files\ICQ7.2
2010-06-18 14:13:23 ----D---- C:\Program Files\COMODO
2010-06-18 14:13:22 ----D---- C:\Users\MARTIN\AppData\Roaming\COMODO
2010-06-17 20:22:07 ----D---- C:\Users\MARTIN\AppData\Roaming\Apple Computer
2010-06-17 19:26:02 ----D---- C:\Program Files\LogMeIn Hamachi
2010-06-16 09:02:18 ----D---- C:\Windows\SQL9_KB970892_ENU
2010-06-15 19:11:57 ----D---- C:\Program Files\Microsoft Silverlight
2010-06-15 12:29:18 ----D---- C:\Program Files\Movie Maker
2010-06-15 12:24:44 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2010-06-09 18:11:41 ----D---- C:\Windows\Minidump
2010-06-09 13:48:00 ----D---- C:\Program Files\Hedgewars 0.9.13
2010-06-09 12:45:24 ----A---- C:\Windows\system32\asycfilt.dll
2010-06-09 12:45:22 ----A---- C:\Windows\system32\mshtml.dll
2010-06-09 12:45:18 ----A---- C:\Windows\system32\ieframe.dll
2010-06-09 12:45:16 ----A---- C:\Windows\system32\urlmon.dll
2010-06-09 12:45:16 ----A---- C:\Windows\system32\mstime.dll
2010-06-09 12:45:15 ----A---- C:\Windows\system32\wininet.dll
2010-06-09 12:45:15 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-06-09 12:45:15 ----A---- C:\Windows\system32\iedkcs32.dll
2010-06-09 12:45:14 ----A---- C:\Windows\system32\jsproxy.dll
2010-06-09 12:45:03 ----A---- C:\Windows\system32\atmlib.dll
2010-06-09 12:45:03 ----A---- C:\Windows\system32\atmfd.dll
2010-06-08 17:30:52 ----D---- C:\Program Files\FCE
2010-06-07 19:25:33 ----D---- C:\Users\MARTIN\AppData\Roaming\Hamachi
2010-06-05 14:08:26 ----D---- C:\ProgramData\launcher
2010-06-05 14:05:38 ----DC---- C:\Windows\system32\DRVSTORE
2010-06-05 14:05:04 ----D---- C:\Program Files\Paragon Software

======List of files/folders modified in the last 1 months======

2010-07-01 16:53:34 ----D---- C:\Windows\Internet Logs
2010-07-01 16:53:29 ----D---- C:\Program Files\trend micro
2010-07-01 16:53:07 ----D---- C:\Windows\Temp
2010-07-01 16:51:08 ----D---- C:\Windows\system32\config
2010-07-01 16:50:35 ----D---- C:\Users\MARTIN\AppData\Roaming\DMCache
2010-07-01 16:33:23 ----D---- C:\Users\MARTIN\AppData\Roaming\ICQ
2010-07-01 16:19:05 ----D---- C:\Users\MARTIN\AppData\Roaming\Skype
2010-07-01 13:12:42 ----D---- C:\ProgramData\Spyware Terminator
2010-07-01 10:28:02 ----D---- C:\Windows\System32
2010-07-01 10:28:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-07-01 10:28:01 ----D---- C:\Windows\inf
2010-07-01 09:46:47 ----D---- C:\Users\MARTIN\AppData\Roaming\SMS posílač Treca
2010-07-01 05:12:05 ----D---- C:\Windows\system32\catroot2
2010-06-30 17:17:28 ----SHD---- C:\System Volume Information
2010-06-29 20:54:41 ----D---- C:\Users\MARTIN\AppData\Roaming\Spyware Terminator
2010-06-29 18:02:10 ----D---- C:\ProgramData\Ubisoft
2010-06-29 17:56:33 ----D---- C:\Windows
2010-06-29 17:46:56 ----D---- C:\Program Files\Ubisoft
2010-06-29 17:21:45 ----SHD---- C:\Windows\Installer
2010-06-29 16:47:11 ----HD---- C:\Program Files\InstallShield Installation Information
2010-06-29 16:45:54 ----D---- C:\Program Files\Common Files\InstallShield
2010-06-29 16:44:18 ----RD---- C:\Program Files
2010-06-29 16:29:33 ----D---- C:\Windows\system32\Tasks
2010-06-28 22:57:12 ----A---- C:\Windows\system32\aswBoot.exe
2010-06-27 12:56:10 ----D---- C:\Program Files\Mozilla Firefox
2010-06-26 15:34:54 ----D---- C:\Program Files\Spyware Terminator
2010-06-26 11:53:03 ----D---- C:\Windows\winsxs
2010-06-26 11:51:29 ----D---- C:\Windows\system32\drivers
2010-06-26 11:50:31 ----D---- C:\Windows\system32\ZoneLabs
2010-06-26 11:49:24 ----D---- C:\Windows\system32\catroot
2010-06-25 12:53:22 ----D---- C:\Windows\Microsoft.NET
2010-06-25 12:53:15 ----RSD---- C:\Windows\assembly
2010-06-24 18:55:58 ----D---- C:\Windows\ehome
2010-06-24 18:55:43 ----D---- C:\Windows\AppPatch
2010-06-23 13:51:22 ----A---- C:\Windows\system32\zpeng25.dll
2010-06-23 13:51:20 ----A---- C:\Windows\system32\vswmi.dll
2010-06-23 13:51:18 ----A---- C:\Windows\system32\vsutil.dll
2010-06-23 13:51:18 ----A---- C:\Windows\system32\vsregexp.dll
2010-06-23 13:51:18 ----A---- C:\Windows\system32\vspubapi.dll
2010-06-23 13:51:18 ----A---- C:\Windows\system32\vsmonapi.dll
2010-06-23 13:51:18 ----A---- C:\Windows\system32\vsinit.dll
2010-06-23 13:51:18 ----A---- C:\Windows\system32\vsdata.dll
2010-06-23 12:48:46 ----SD---- C:\ProgramData\Microsoft
2010-06-23 10:40:42 ----D---- C:\Program Files\Crawler
2010-06-22 15:59:22 ----D---- C:\Windows\system32\DriverStore
2010-06-22 15:59:09 ----D---- C:\Program Files\Lenovo
2010-06-22 12:19:37 ----D---- C:\Program Files\Activision
2010-06-21 18:38:47 ----D---- C:\Windows\rescache
2010-06-21 16:59:14 ----HD---- C:\ProgramData
2010-06-21 13:20:54 ----D---- C:\Windows\system32\NDF
2010-06-17 19:47:45 ----D---- C:\ProgramData\Microsoft Help
2010-06-16 14:02:07 ----A---- C:\Windows\win.ini
2010-06-16 09:12:16 ----D---- C:\Program Files\PC-Doctor
2010-06-16 09:10:41 ----SD---- C:\Users\MARTIN\AppData\Roaming\Microsoft
2010-06-16 09:10:41 ----D---- C:\Program Files\Common Files\microsoft shared
2010-06-16 09:09:33 ----D---- C:\Users\MARTIN\AppData\Roaming\Update
2010-06-16 09:02:31 ----D---- C:\Program Files\Microsoft SQL Server
2010-06-15 12:26:10 ----D---- C:\Program Files\Windows Live
2010-06-15 10:40:27 ----D---- C:\Windows\debug
2010-06-15 10:39:41 ----D---- C:\Program Files\CCleaner
2010-06-10 13:57:41 ----D---- C:\Program Files\SpeedFan
2010-06-09 13:03:04 ----D---- C:\Windows\system32\migration
2010-06-09 13:03:04 ----D---- C:\Program Files\Internet Explorer
2010-06-05 13:27:38 ----D---- C:\Windows\Prefetch
2010-06-05 08:43:42 ----D---- C:\swshare

ramzes · #2 Příspěvek od **ramzes** » 01 črc 2010 15:58

2/2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-06-28 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-06-28 165456]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-06-28 46672]
R1 blbdrive;blbdrive; C:\Windows\system32\DRIVERS\blbdrive.sys [2009-07-14 35328]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 DfsC;@%systemroot%\system32\drivers\dfsc.sys,-101; C:\Windows\System32\Drivers\dfsc.sys [2009-07-14 78336]
R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys [2009-07-14 32256]
R1 lenovo.smi;Lenovo System Interface Driver; C:\Windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
R1 nsiproxy;@%SystemRoot%\system32\drivers\nsiproxy.sys,-2; C:\Windows\system32\drivers\nsiproxy.sys [2009-07-14 16896]
R1 pelmoubt;Mouse Suite Bluetooth Driver; C:\Windows\system32\DRIVERS\pelmoubt.sys [2009-04-23 18432]
R1 RDPENCDD;@%systemroot%\system32\drivers\RDPENCDD.sys,-101; C:\Windows\system32\drivers\rdpencdd.sys [2009-07-14 6656]
R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\Windows\system32\drivers\rdprefmp.sys [2009-07-14 7168]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2010-05-21 142592]
R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\Windows\system32\DRIVERS\tdx.sys [2009-07-14 74240]
R1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr32v.sys [2009-08-23 11552]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2010-05-15 461400]
R1 Wanarpv6;@%systemroot%\system32\rascfg.dll,-32012; C:\Windows\system32\DRIVERS\wanarp.sys [2009-07-14 63488]
R1 WfpLwf;WFP Lightweight Filter; C:\Windows\system32\DRIVERS\wfplwf.sys [2009-07-14 9728]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-06-28 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256]
R2 ISWKL;ZoneAlarm Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2010-05-26 26352]
R2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver; C:\Windows\system32\DRIVERS\lltdio.sys [2009-07-14 48128]
R2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; C:\Windows\system32\drivers\luafv.sys [2009-07-14 86528]
R2 PEAUTH;PEAUTH; C:\Windows\system32\drivers\peauth.sys [2009-07-14 586752]
R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-18 11032]
R2 rspndr;Link-Layer Topology Discovery Responder; C:\Windows\system32\DRIVERS\rspndr.sys [2009-07-14 60928]
R2 smihlp;SMI Helper Driver (smihlp); \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [2009-03-13 12560]
R2 tcpipreg;TCP/IP Registry Compatibility; C:\Windows\System32\drivers\tcpipreg.sys [2009-07-14 34816]
R3 5U877;USB Video Device; C:\Windows\system32\DRIVERS\5U877.sys [2009-06-18 125568]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
R3 bowser;@%systemroot%\system32\browser.dll,-102; C:\Windows\system32\DRIVERS\bowser.sys [2009-07-14 69632]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2009-07-14 14080]
R3 CompositeBus;Composite Bus Enumerator Driver; C:\Windows\system32\DRIVERS\CompositeBus.sys [2009-07-14 31232]
R3 DXGKrnl;LDDM Graphics Subsystem; C:\Windows\System32\drivers\dxgkrnl.sys [2009-10-02 728648]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-07-14 304128]
R3 HDAudBus;Ovladač sběrnice Microsoft UAA pro zvuk High Definition Audio; C:\Windows\system32\DRIVERS\HDAudBus.sys [2009-07-14 108544]
R3 HidUsb;Ovladač třídy standardu HID Microsoft; C:\Windows\system32\DRIVERS\hidusb.sys [2009-07-14 24064]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2009-08-18 24872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-07-10 2660896]
R3 intelppm;Intel Processor Driver; C:\Windows\system32\DRIVERS\intelppm.sys [2009-07-14 53760]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-05-18 119256]
R3 monitor;Služba ovladače funkce třídy monitorů Microsoft; C:\Windows\system32\DRIVERS\monitor.sys [2009-07-14 23552]
R3 mouhid;Ovladač myši standardu HID; C:\Windows\system32\DRIVERS\mouhid.sys [2009-07-14 26112]
R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\Windows\System32\drivers\mpsdrv.sys [2009-07-14 60416]
R3 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; C:\Windows\system32\DRIVERS\mrxsmb10.sys [2010-02-27 221696]
R3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; C:\Windows\system32\DRIVERS\mrxsmb20.sys [2010-02-27 95744]
R3 NativeWifiP;NativeWiFi Filter; C:\Windows\system32\DRIVERS\nwifi.sys [2009-07-14 267264]
R3 NETw1v32;Intel(R) Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw1v32.sys [2009-08-03 5958656]
R3 pfc;Padus ASPI Shell; C:\Windows\system32\drivers\pfc.sys [2010-05-10 10368]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2009-10-24 33088]
R3 RasAgileVpn;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys [2009-07-14 49152]
R3 RasSstp;@%systemroot%\system32\sstpsvc.dll,-202; C:\Windows\system32\DRIVERS\rassstp.sys [2009-07-14 75264]
R3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\Windows\system32\DRIVERS\rdpbus.sys [2009-07-14 18944]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-05-22 167936]
R3 srv2;@%systemroot%\system32\srvsvc.dll,-104; C:\Windows\System32\DRIVERS\srv2.sys [2009-07-14 306688]
R3 srvnet;srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [2009-12-08 113664]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-07-14 212656]
R3 umbus;Ovladač sběrnice UMBus Enumerator; C:\Windows\system32\DRIVERS\umbus.sys [2009-07-14 39936]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\Windows\system32\DRIVERS\usbccgp.sys [2009-07-14 75264]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\Windows\system32\DRIVERS\usbehci.sys [2009-07-14 41472]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\Windows\system32\DRIVERS\usbhub.sys [2009-07-14 258560]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\Windows\system32\DRIVERS\usbuhci.sys [2009-07-14 24064]
R3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2009-07-14 34944]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2009-07-14 11264]
S3 1394ohci;1394 OHCI Compliant Host Controller; C:\Windows\system32\DRIVERS\1394ohci.sys [2009-07-14 163328]
S3 AcpiPmi;ACPI Power Meter Driver; C:\Windows\system32\DRIVERS\acpipmi.sys [2009-07-14 9728]
S3 adp94xx;adp94xx; C:\Windows\system32\DRIVERS\adp94xx.sys [2009-07-14 422976]
S3 adpahci;adpahci; C:\Windows\system32\DRIVERS\adpahci.sys [2009-07-14 297552]
S3 adpu320;adpu320; C:\Windows\system32\DRIVERS\adpu320.sys [2009-07-14 146512]
S3 agp440;Intel AGP Bus Filter; C:\Windows\system32\DRIVERS\agp440.sys [2009-07-14 53312]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 amdide;amdide; C:\Windows\system32\DRIVERS\amdide.sys [2009-07-14 14912]
S3 AmdK8;AMD K8 Processor Driver; C:\Windows\system32\DRIVERS\amdk8.sys [2009-07-14 55296]
S3 AmdPPM;AMD Processor Driver; C:\Windows\system32\DRIVERS\amdppm.sys [2009-07-14 52736]
S3 amdsata;amdsata; C:\Windows\system32\DRIVERS\amdsata.sys [2009-07-14 79952]
S3 amdsbs;amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [2009-07-14 159312]
S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys [2009-07-14 50176]
S3 arc;arc; C:\Windows\system32\DRIVERS\arc.sys [2009-07-14 76368]
S3 arcsas;arcsas; C:\Windows\system32\DRIVERS\arcsas.sys [2009-07-14 86608]
S3 ATP;Comodo EasyVPN Miniport Driver; C:\Windows\system32\DRIVERS\cmdatp.sys [2008-12-10 17424]
S3 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\DRIVERS\bxvbdx.sys [2009-07-14 430080]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver; C:\Windows\system32\DRIVERS\BrFiltLo.sys [2009-07-14 13568]
S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver; C:\Windows\system32\DRIVERS\BrFiltUp.sys [2009-07-14 5248]
S3 Brserid;Brother MFC Serial Port Interface Driver (WDM); C:\Windows\System32\Drivers\Brserid.sys [2009-07-14 272128]
S3 BrSerWdm;Brother WDM Serial driver; C:\Windows\System32\Drivers\BrSerWdm.sys [2009-07-14 62336]
S3 BrUsbMdm;Brother MFC USB Fax Only Modem; C:\Windows\System32\Drivers\BrUsbMdm.sys [2009-07-14 12160]
S3 BrUsbSer;Brother MFC USB Serial WDM Driver; C:\Windows\System32\Drivers\BrUsbSer.sys [2009-07-14 11904]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\Windows\system32\DRIVERS\bthmodem.sys [2009-07-14 56320]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2009-07-01 108072]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
S3 circlass;Consumer IR Devices; C:\Windows\system32\DRIVERS\circlass.sys [2009-07-14 37888]
S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\system32\DRIVERS\evbdx.sys [2009-07-14 3100160]
S3 elxstor;elxstor; C:\Windows\system32\DRIVERS\elxstor.sys [2009-07-14 453712]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\DRIVERS\errdev.sys [2009-07-14 7168]
S3 exfat;exFAT File System Driver; C:\Windows\system32\drivers\exfat.sys [2009-07-14 142336]
S3 Filetrace;@%SystemRoot%\system32\drivers\filetrace.sys,-10001; C:\Windows\system32\drivers\filetrace.sys [2009-07-14 28160]
S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys [2009-07-14 46160]
S3 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\Windows\system32\DRIVERS\gagp30kx.sys [2009-07-14 57936]
S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\Windows\system32\drivers\hcw85cir.sys [2009-07-14 26624]
S3 HidBatt;HID UPS Battery Driver; C:\Windows\system32\DRIVERS\HidBatt.sys [2009-07-14 21504]
S3 HidBth;Miniport Microsoft Bluetooth HID; C:\Windows\system32\DRIVERS\hidbth.sys [2009-07-14 91136]
S3 HidIr;Microsoft Infrared HID Driver; C:\Windows\system32\DRIVERS\hidir.sys [2009-07-14 37888]
S3 HpSAMD;HpSAMD; C:\Windows\system32\DRIVERS\HpSAMD.sys [2009-07-14 67152]
S3 iaStorV;iaStorV; C:\Windows\system32\DRIVERS\iaStorV.sys [2009-07-14 332352]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-07-28 5924864]
S3 iirsp;iirsp; C:\Windows\system32\DRIVERS\iirsp.sys [2009-07-14 41040]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-05-25 122368]
S3 intelide;intelide; C:\Windows\system32\DRIVERS\intelide.sys [2009-07-14 15424]
S3 IPMIDRV;IPMIDRV; C:\Windows\system32\DRIVERS\IPMIDrv.sys [2009-07-14 65536]
S3 isapnp;isapnp; C:\Windows\system32\DRIVERS\isapnp.sys [2009-07-14 46656]
S3 iScsiPrt;iScsiPort Driver; C:\Windows\system32\DRIVERS\msiscsi.sys [2009-07-14 186960]
S3 kbdhid;Ovladač klávesnice standardu HID; C:\Windows\system32\DRIVERS\kbdhid.sys [2009-07-14 28160]
S3 LSI_FC;LSI_FC; C:\Windows\system32\DRIVERS\lsi_fc.sys [2009-07-14 95824]
S3 LSI_SAS;LSI_SAS; C:\Windows\system32\DRIVERS\lsi_sas.sys [2009-07-14 89168]
S3 LSI_SAS2;LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [2009-07-14 54864]
S3 LSI_SCSI;LSI_SCSI; C:\Windows\system32\DRIVERS\lsi_scsi.sys [2009-07-14 96848]
S3 megasas;megasas; C:\Windows\system32\DRIVERS\megasas.sys [2009-07-14 30800]
S3 MegaSR;MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [2009-07-14 235584]
S3 mpio;mpio; C:\Windows\system32\DRIVERS\mpio.sys [2009-07-14 130624]
S3 msdsm;msdsm; C:\Windows\system32\DRIVERS\msdsm.sys [2009-07-14 115792]
S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys [2009-07-14 4096]
S3 MsRPC;MsRPC; C:\Windows\system32\drivers\MsRPC.sys [2009-07-14 162896]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2009-07-14 6144]
S3 MTConfig;Microsoft Input Configuration Driver; C:\Windows\system32\DRIVERS\MTConfig.sys [2009-07-14 12288]
S3 NdisCap;NDIS Capture LightWeight Filter; C:\Windows\system32\DRIVERS\ndiscap.sys [2009-07-14 27136]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
S3 nfrd960;nfrd960; C:\Windows\system32\DRIVERS\nfrd960.sys [2009-07-14 44624]
S3 nv_agp;NVIDIA nForce AGP Bus Filter; C:\Windows\system32\DRIVERS\nv_agp.sys [2009-07-14 105024]
S3 nvraid;nvraid; C:\Windows\system32\DRIVERS\nvraid.sys [2009-07-14 117312]
S3 nvstor;nvstor; C:\Windows\system32\DRIVERS\nvstor.sys [2009-07-14 142416]
S3 ohci1394;1394 OHCI Compliant Host Controller (Legacy); C:\Windows\system32\DRIVERS\ohci1394.sys [2009-07-14 62464]
S3 pelbtm;Bluetooth Mouse Filter Driver; C:\Windows\system32\DRIVERS\pelbtm.sys [2007-09-20 13312]
S3 ql2300;ql2300; C:\Windows\system32\DRIVERS\ql2300.sys [2009-07-14 1383488]
S3 ql40xx;ql40xx; C:\Windows\system32\DRIVERS\ql40xx.sys [2009-07-14 106064]
S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\Windows\system32\drivers\qwavedrv.sys [2009-07-14 31744]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sbp2port;sbp2port; C:\Windows\system32\DRIVERS\sbp2port.sys [2009-07-14 85568]
S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys [2009-07-14 26624]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 84992]
S3 sermouse;Serial Mouse Driver; C:\Windows\system32\DRIVERS\sermouse.sys [2009-07-14 19968]
S3 sffdisk;SFF Storage Class Driver; C:\Windows\system32\DRIVERS\sffdisk.sys [2009-07-14 11264]
S3 sffp_mmc;SFF Storage Protocol Driver for MMC; C:\Windows\system32\DRIVERS\sffp_mmc.sys [2009-07-14 12288]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\Windows\system32\DRIVERS\sffp_sd.sys [2009-07-14 12800]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 SiSRaid2;SiSRaid2; C:\Windows\system32\DRIVERS\SiSRaid2.sys [2009-07-14 40016]
S3 SiSRaid4;SiSRaid4; C:\Windows\system32\DRIVERS\sisraid4.sys [2009-07-14 77888]
S3 Smb;@%SystemRoot%\system32\tcpipcfg.dll,-50005; C:\Windows\system32\DRIVERS\smb.sys [2009-07-14 71168]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-14 207360]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-14 980992]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-14 661504]
S3 stexstor;stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [2009-07-14 21072]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 TCPIP6;Microsoft IPv6 Protocol Driver; C:\Windows\system32\DRIVERS\tcpip.sys [2010-04-09 1285000]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 30720]
S3 tssecsrv;@%SystemRoot%\System32\DRIVERS\tssecsrv.sys,-101; C:\Windows\System32\DRIVERS\tssecsrv.sys [2009-07-14 30208]
S3 tunnel;Microsoft Tunnel Miniport Adapter Driver; C:\Windows\system32\DRIVERS\tunnel.sys [2009-07-14 108544]
S3 uagp35;Microsoft AGPv3.5 Filter; C:\Windows\system32\DRIVERS\uagp35.sys [2009-07-14 55888]
S3 uliagpkx;Uli AGP Bus Filter; C:\Windows\system32\DRIVERS\uliagpkx.sys [2009-07-14 57424]
S3 UmPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys [2009-07-14 8192]
S3 usbcir;eHome Infrared Receiver (USBCIR); C:\Windows\system32\DRIVERS\usbcir.sys [2009-07-14 86016]
S3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\Windows\system32\DRIVERS\usbohci.sys [2009-07-14 20480]
S3 usbprint;Třída USB Printer; C:\Windows\system32\DRIVERS\usbprint.sys [2009-07-14 19968]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\Windows\system32\DRIVERS\USBSTOR.SYS [2009-07-14 74752]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2009-07-14 146176]
S3 vga;vga; C:\Windows\system32\DRIVERS\vgapnp.sys [2009-07-14 26112]
S3 vhdmp;vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys [2009-07-14 159824]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 vsmraid;vsmraid; C:\Windows\system32\DRIVERS\vsmraid.sys [2009-07-14 141904]
S3 vwifibus;@%SystemRoot%\System32\drivers\vwifibus.sys,-257; C:\Windows\System32\drivers\vwifibus.sys [2009-07-14 19968]
S3 WacomPen;Wacom Serial Pen HID Driver; C:\Windows\system32\DRIVERS\wacompen.sys [2009-07-14 21632]
S3 Wd;Wd; C:\Windows\system32\DRIVERS\wd.sys [2009-07-14 19024]
S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2009-07-14 19008]
S4 crcdisk;Crcdisk Filter Driver; C:\Windows\system32\DRIVERS\crcdisk.sys [2009-07-14 22096]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcPrfMgrSvc;AcPrfMgrSvc; C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe [2009-09-09 124192]
R2 AcSvc;AcSvc; C:\Program Files\Lenovo\Access Connections\AcSvc.exe [2009-09-09 242976]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 AudioEndpointBuilder;@%SystemRoot%\system32\audiosrv.dll,-204; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-12 30312]
R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [2009-07-02 582944]
R2 CrdphService;COMODO EasyVPN VNC Service; C:\Program Files\COMODO\EasyVPN\crdphService.exe [2009-08-11 491768]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 EasyVpnAdpt;COMODO EasyVPN Service; C:\Program Files\COMODO\EasyVPN\Vpnservice.exe [2009-08-11 45304]
R2 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2009-06-10 42856]
R2 gpsvc;@gpapi.dll,-112; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1107336]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-08-07 354840]
R2 IBMPMSVC;ThinkPad PM Service; C:\Windows\system32\ibmpmsvc.exe [2009-08-18 38176]
R2 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 IswSvc;ZoneAlarm Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2010-05-26 493032]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2009-07-03 45424]
R2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 PelService;Session Launcher Service; C:\Program Files\Lenovo\Lenovo Mouse Suite\PelService.exe [2009-11-13 172032]
R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2008-12-04 226640]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-05-21 488960]
R2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [2009-07-14 3179520]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-25 87904]
R2 SUService;System Update; c:\Program Files\Lenovo\System Update\SUService.exe [2009-09-04 15872]
R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2009-08-27 1021240]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2009-05-21 62320]
R2 UxSms;@%SystemRoot%\system32\dwm.exe,-2000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 vsmon;TrueVector Internet Monitor; C:\Windows\System32\ZoneLabs\vsmon.exe [2010-06-23 2435592]
R2 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 WinDefend;@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Wlansvc;@%SystemRoot%\System32\wlansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 KeyIso;@keyiso.dll,-100; C:\Windows\system32\lsass.exe [2009-07-14 22528]
R3 netprofm;@%SystemRoot%\system32\netprofm.dll,-202; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\Windows\servicing\TrustedInstaller.exe [2009-07-14 204800]
R3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [2009-07-14 22528]
R3 WdiServiceHost;@%systemroot%\system32\wdi.dll,-502; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 WdiSystemHost;@%systemroot%\system32\wdi.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 WinHttpAutoProxySvc;@%SystemRoot%\system32\winhttp.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 clr_optimization_v2.0.50727_32;Microsoft .NET Framework NGEN v2.0.50727_X86; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2009-06-10 66384]
S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe [2009-07-14 22528]
S3 ehRecvr;@%SystemRoot%\ehome\ehrecvr.exe,-101; C:\Windows\ehome\ehRecvr.exe [2010-05-09 556032]
S3 ehSched;@%SystemRoot%\ehome\ehsched.exe,-101; C:\Windows\ehome\ehsched.exe [2009-07-14 94720]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2009-07-14 522752]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-05-19 654848]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 idsvc;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2009-06-10 878416]
S3 IPBusEnum;@%systemroot%\system32\IPBusEnum.dll,-102; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 KtmRm;@comres.dll,-2946; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 p2pimsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8004; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 pla;@%systemroot%\system32\pla.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 PNRPAutoReg;@%SystemRoot%\system32\pnrpauto.dll,-8002; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 PNRPsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Power Manager DBC Service;Power Manager DBC Service; C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE [2009-08-23 75040]
S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SDRSVC;@%SystemRoot%\system32\sdrsvc.dll,-107; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; C:\Windows\System32\snmptrap.exe [2009-07-14 12800]
S3 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 TabletInputService;@%SystemRoot%\system32\TabSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 TBS;@%SystemRoot%\system32\tbssvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG.exe [2009-06-29 39976]
S3 TVT Backup Service;TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [2009-09-04 1474560]
S3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; C:\Windows\system32\UI0Detect.exe [2009-07-14 35840]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 vds;@%SystemRoot%\system32\vds.exe,-100; C:\Windows\System32\vds.exe [2009-07-14 452608]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-19 1343400]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-07-14 1202688]
S3 wcncsvc;@%SystemRoot%\system32\wcncsvc.dll,-3; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WcsPlugInService;@%SystemRoot%\system32\WcsPlugInService.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Wecsvc;@%SystemRoot%\system32\wecsvc.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 wercplsupport;@%SystemRoot%\System32\wercplsupport.dll,-101; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WerSvc;@%SystemRoot%\System32\wersvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WinRM;@%Systemroot%\system32\wsmsvc.dll,-101; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 Mcx2Svc;@%SystemRoot%\ehome\ehres.dll,-15501; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-25 45408]
S4 NetTcpPortSharing;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8201; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 128848]
S4 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-25 239968]

-----------------EOF-----------------

davidrohusch · #3 Příspěvek od **davidrohusch** » 01 črc 2010 17:12

Nechci rušit ale není náhodou Daemon tools program který je nelegální?????

ramzes · #4 Příspěvek od **ramzes** » 01 črc 2010 18:08

davidrohusch píše:Nechci rušit ale není náhodou Daemon tools program který je nelegální?????

Proč by byl? ..

#5 Příspěvek od **motji** » 01 črc 2010 21:29

Dobrý večer

Prosím odstrante logy z code, špatně se mi to čte. Díky

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT

-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

ramzes · #6 Příspěvek od **ramzes** » 02 črc 2010 12:37

log z MBAM:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4266

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

2.7.2010 13:37:01
mbam-log-2010-07-02 (13-37-01).txt

Typ skenu: Úplný sken (C:\|Q:\|)
Skenované objekty: 309130
Uplynulý čas: 2 hodina(y), 33 minuta(y), 17 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 2
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055c089-8582-441b-a0bf-17b458c2a3a8} (Trojan.BHO.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{0055c089-8582-441b-a0bf-17b458c2a3a8} (Trojan.BHO.H) -> No action taken.

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\Documents and Settings\Default User\Local Settings\Temp\bsasee3y5d\IDMIECC.dll (Trojan.BHO.H) -> No action taken.

#7 Příspěvek od **motji** » 02 črc 2010 21:22

Co našel mbam, smažte.

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem

ramzes · #8 Příspěvek od **ramzes** » 03 črc 2010 10:49

log z combofixu:

ComboFix 10-07-01.02 - MARTIN 03.07.2010 11:05:29.1.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.3037.1895 [GMT 2:00]
Spuštěný z: c:\users\MARTIN\Desktop\ComboFix.exe
SP: Spyware Terminator *disabled* (Updated) {55EE49A8-16BE-4601-BBE6-607B7F7317DE}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\MLPS\apps\csbed\CSBE\ACTIVATION_104\_desktop.ini
c:\program files\MLPS\apps\csbed\CSBE\ACTIVATION_104\BIN\_desktop.ini
c:\windows\system32\Thumbs.db
Q:\Autorun.inf

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-06-03 do 2010-07-03 )))))))))))))))))))))))))))))))
.

2010-07-03 09:30 . 2010-07-03 09:30 -------- d-----w- C:\Device
2010-07-03 09:28 . 2010-07-03 09:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-07-02 09:02 . 2010-07-02 09:02 -------- d-----w- c:\users\MARTIN\AppData\Roaming\Malwarebytes
2010-07-02 09:01 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-02 09:01 . 2010-07-02 09:01 -------- d-----w- c:\programdata\Malwarebytes
2010-07-02 09:01 . 2010-07-02 09:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-02 09:01 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-01 15:59 . 2010-07-01 15:59 -------- d-----w- c:\users\MARTIN\AppData\Local\Activision
2010-07-01 15:41 . 2010-07-01 15:41 -------- d-----w- c:\program files\Alcohol Soft
2010-07-01 15:40 . 2010-07-01 15:40 -------- d-----w- c:\program files\Franzis
2010-06-29 15:56 . 2010-06-28 20:57 38848 ----a-w- c:\windows\avastSS.scr
2010-06-29 14:44 . 2010-06-29 14:44 -------- d-----w- c:\program files\DAEMON Tools
2010-06-26 09:50 . 2010-06-26 09:50 -------- d-----w- c:\users\MARTIN\AppData\Roaming\CheckPoint
2010-06-26 09:49 . 2010-06-26 09:49 -------- d-----w- c:\program files\Conduit
2010-06-26 09:49 . 2010-06-26 09:49 -------- d-----w- c:\program files\ZoneAlarm
2010-06-26 09:49 . 2010-06-26 09:49 -------- d-----w- c:\program files\CheckPoint
2010-06-26 09:49 . 2010-04-09 07:24 1285000 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-06-26 09:49 . 2010-04-09 07:24 240008 ----a-w- c:\windows\system32\drivers\netio.sys
2010-06-26 09:49 . 2010-06-23 11:51 69120 ----a-w- c:\windows\system32\zlcomm.dll
2010-06-26 09:49 . 2010-06-23 11:51 103936 ----a-w- c:\windows\system32\zlcommdb.dll
2010-06-24 16:56 . 2009-11-25 10:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-06-24 16:56 . 2009-11-25 10:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-06-24 16:56 . 2009-11-25 10:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-06-24 16:56 . 2009-11-25 10:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-06-24 16:56 . 2009-11-25 10:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-06-24 01:11 . 2010-03-24 06:37 1286456 ----a-w- c:\windows\system32\ntdll.dll
2010-06-24 01:11 . 2010-05-09 09:14 641536 ----a-w- c:\windows\system32\CPFilters.dll
2010-06-24 01:10 . 2010-05-09 09:14 417792 ----a-w- c:\windows\system32\msdri.dll
2010-06-22 13:59 . 2009-11-02 13:46 24064 ----a-w- c:\windows\system32\drivers\PELUSBLF.SYS
2010-06-22 13:59 . 2009-11-02 12:29 19456 ----a-w- c:\windows\system32\drivers\PELMOUSE.SYS
2010-06-22 13:59 . 2009-04-23 12:12 18432 ----a-w- c:\windows\system32\drivers\PELMOUBT.SYS
2010-06-22 13:59 . 2007-09-20 11:23 13312 ----a-w- c:\windows\system32\drivers\PELBTM.SYS
2010-06-22 13:59 . 2006-10-31 16:07 19818 ----a-w- c:\windows\system32\drivers\PELPS2M.SYS
2010-06-22 10:01 . 2010-06-22 10:01 -------- d-----w- C:\temp
2010-06-21 15:00 . 2010-06-23 11:09 -------- d-----w- c:\users\MARTIN\AppData\Local\Rockstar Games
2010-06-21 14:59 . 2010-06-21 14:59 -------- d--h--r- c:\users\MARTIN\AppData\Roaming\SecuROM
2010-06-21 14:58 . 2010-06-21 14:58 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-06-21 14:55 . 2010-06-21 14:55 -------- d-----w- c:\windows\system32\xlive
2010-06-21 14:55 . 2010-06-21 14:55 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2010-06-21 13:09 . 2010-06-21 13:09 -------- d-----w- c:\program files\SystemRequirementsLab
2010-06-21 13:09 . 2010-06-21 13:11 -------- d-----w- c:\users\MARTIN\SystemRequirementsLab
2010-06-18 18:42 . 2010-06-18 18:42 -------- d-----w- c:\program files\ICQ6Toolbar
2010-06-18 18:41 . 2010-06-18 18:42 -------- d-----w- c:\programdata\ICQ
2010-06-18 18:41 . 2010-06-18 18:41 -------- d-----w- c:\users\MARTIN\AppData\Local\AOL
2010-06-18 18:40 . 2010-06-18 18:47 -------- d-----w- c:\program files\ICQ7.2
2010-06-18 15:22 . 2010-06-18 15:22 -------- d-----w- c:\users\MARTIN\AppData\Local\storage
2010-06-18 12:13 . 2008-12-10 08:08 17424 ----a-w- c:\windows\system32\drivers\cmdatp.sys
2010-06-18 12:13 . 2010-06-18 12:13 -------- d-----w- c:\program files\COMODO
2010-06-18 12:13 . 2010-06-18 12:14 -------- d-----w- c:\users\MARTIN\AppData\Roaming\COMODO
2010-06-17 18:22 . 2010-06-17 18:22 -------- d-----w- c:\users\MARTIN\AppData\Roaming\Apple Computer
2010-06-16 07:02 . 2010-06-16 07:02 -------- d-----w- c:\windows\SQL9_KB970892_ENU
2010-06-16 06:58 . 2010-06-16 06:58 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2010-06-15 17:11 . 2010-06-15 17:12 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-15 10:24 . 2010-06-15 10:24 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-06-09 11:49 . 2010-07-01 19:50 -------- d-----w- c:\users\MARTIN\.hedgewars
2010-06-09 11:48 . 2010-06-09 11:48 -------- d-----w- c:\program files\Hedgewars 0.9.13
2010-06-09 10:45 . 2010-05-01 14:49 2326528 ----a-w- c:\windows\system32\win32k.sys
2010-06-09 10:45 . 2010-03-05 07:42 67584 ----a-w- c:\windows\system32\asycfilt.dll
2010-06-09 10:45 . 2010-05-21 05:18 977920 ----a-w- c:\windows\system32\wininet.dll
2010-06-09 10:45 . 2010-05-27 07:24 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-06-09 10:45 . 2010-05-27 03:49 293888 ----a-w- c:\windows\system32\atmfd.dll
2010-06-08 15:30 . 2010-06-08 15:30 -------- d-----w- c:\program files\FCE
2010-06-07 17:25 . 2010-06-17 17:25 -------- d-----w- c:\users\MARTIN\AppData\Roaming\Hamachi
2010-06-05 12:08 . 2010-06-05 12:08 -------- d-----w- c:\programdata\launcher
2010-06-05 12:05 . 2009-03-24 17:07 40560 ----a-w- c:\windows\system32\drivers\hotcore3.sys
2010-06-05 12:05 . 2010-06-18 12:13 -------- dc----w- c:\windows\system32\DRVSTORE
2010-06-05 12:05 . 2010-06-05 12:05 -------- d-----w- c:\program files\Paragon Software

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-03 08:58 . 2010-04-30 11:29 -------- d-----w- c:\users\MARTIN\AppData\Roaming\DMCache
2010-07-02 22:45 . 2010-04-29 18:01 -------- d-----w- c:\users\MARTIN\AppData\Roaming\ICQ
2010-07-02 18:30 . 2010-05-04 18:39 -------- d-----w- c:\program files\SpeedFan
2010-07-02 17:28 . 2010-05-21 16:27 -------- d-----w- c:\users\MARTIN\AppData\Roaming\Spyware Terminator
2010-07-02 13:19 . 2010-04-30 11:17 -------- d-----w- c:\users\MARTIN\AppData\Roaming\Skype
2010-07-02 11:08 . 2010-05-21 16:27 -------- d-----w- c:\programdata\Spyware Terminator
2010-07-01 15:52 . 2009-10-24 03:20 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-01 15:45 . 2010-05-04 13:40 -------- d-----w- c:\program files\Activision
2010-07-01 14:53 . 2010-05-21 16:42 -------- d-----w- c:\program files\trend micro
2010-07-01 08:28 . 2009-10-24 04:13 672622 ----a-w- c:\windows\system32\perfh005.dat
2010-07-01 08:28 . 2009-10-24 04:13 137522 ----a-w- c:\windows\system32\perfc005.dat
2010-07-01 07:46 . 2010-05-22 10:55 -------- d-----w- c:\users\MARTIN\AppData\Roaming\SMS posílač Treca
2010-07-01 03:12 . 2010-07-01 07:36 1915904 ----a-w- c:\windows\Internet Logs\xDB6DFF.tmp
2010-07-01 03:12 . 2010-07-01 07:36 145920 ----a-w- c:\windows\Internet Logs\xDB6B7E.tmp
2010-06-29 16:02 . 2010-05-08 18:06 -------- d-----w- c:\programdata\Ubisoft
2010-06-29 15:46 . 2010-05-08 17:49 -------- d-----w- c:\program files\Ubisoft
2010-06-29 15:21 . 2010-06-29 15:21 10134 ----a-r- c:\users\MARTIN\AppData\Roaming\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
2010-06-29 14:45 . 2009-10-24 03:25 -------- d-----w- c:\program files\Common Files\InstallShield
2010-06-28 21:20 . 2010-06-29 07:01 276992 ----a-w- c:\windows\Internet Logs\xDB781B.tmp
2010-06-28 21:20 . 2010-06-29 07:01 1895936 ----a-w- c:\windows\Internet Logs\xDB7A9C.tmp
2010-06-28 20:57 . 2010-04-29 15:33 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-06-28 20:37 . 2010-04-29 15:33 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-06-28 20:37 . 2010-04-29 15:33 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-06-28 20:33 . 2010-04-29 15:33 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-06-28 20:32 . 2010-04-29 15:33 50256 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-06-28 20:32 . 2010-04-29 15:33 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-06-26 13:34 . 2010-05-21 16:27 -------- d-----w- c:\program files\Spyware Terminator
2010-06-26 09:50 . 2010-04-29 15:25 421441 ---ha-w- c:\windows\system32\drivers\vsconfig.xml
2010-06-26 09:50 . 2010-06-26 09:50 -------- d-----w- c:\users\MARTIN\AppData\Roaming\CheckPoint
2010-06-26 09:49 . 2010-06-26 09:49 -------- d-----w- c:\program files\CheckPoint
2010-06-25 22:59 . 2010-04-29 15:51 1756966 ----a-w- c:\windows\Internet Logs\tvDebug.Zip
2010-06-25 10:10 . 2010-06-25 10:10 1859584 ----a-w- c:\windows\Internet Logs\xDB8420.tmp
2010-06-25 10:10 . 2010-06-25 10:10 35840 ----a-w- c:\windows\Internet Logs\xDB81CE.tmp
2010-06-24 21:23 . 2010-06-25 09:07 1859072 ----a-w- c:\windows\Internet Logs\xDBAA93.tmp
2010-06-24 21:23 . 2010-06-25 09:07 84480 ----a-w- c:\windows\Internet Logs\xDBA92B.tmp
2010-06-24 02:27 . 2010-06-24 14:55 1855488 ----a-w- c:\windows\Internet Logs\xDBB7B2.tmp
2010-06-24 02:27 . 2010-06-24 14:55 111104 ----a-w- c:\windows\Internet Logs\xDBB627.tmp
2010-06-23 11:51 . 2010-04-29 15:25 1238528 ----a-w- c:\windows\system32\zpeng25.dll
2010-06-23 11:51 . 2010-06-26 09:49 110080 ----a-w- c:\windows\system32\~GLH0033.TMP
2010-06-23 08:40 . 2010-05-21 16:27 -------- d-----w- c:\program files\Crawler
2010-06-22 21:17 . 2010-06-23 08:37 1851904 ----a-w- c:\windows\Internet Logs\xDB9D89.tmp
2010-06-22 21:17 . 2010-06-23 08:37 96768 ----a-w- c:\windows\Internet Logs\xDB9BF2.tmp
2010-06-22 13:59 . 2009-10-24 03:22 -------- d-----w- c:\program files\Lenovo
2010-06-21 21:34 . 2010-06-22 08:49 196608 ----a-w- c:\windows\Internet Logs\xDBC67B.tmp
2010-06-21 21:34 . 2010-06-22 08:49 1849856 ----a-w- c:\windows\Internet Logs\xDBC7E3.tmp
2010-06-20 21:40 . 2010-06-21 09:08 334848 ----a-w- c:\windows\Internet Logs\xDB8C78.tmp
2010-06-20 21:40 . 2010-06-21 09:08 1837568 ----a-w- c:\windows\Internet Logs\xDB8EAA.tmp
2010-06-20 09:27 . 2010-06-20 16:25 1837056 ----a-w- c:\windows\Internet Logs\xDB8EF7.tmp
2010-06-17 20:10 . 2010-06-18 07:23 1820672 ----a-w- c:\windows\Internet Logs\xDBCD3F.tmp
2010-06-17 17:47 . 2009-10-24 03:44 -------- d-----w- c:\programdata\Microsoft Help
2010-06-16 07:14 . 2010-06-16 07:15 1812992 ----a-w- c:\windows\Internet Logs\xDBAF92.tmp
2010-06-16 07:14 . 2010-06-16 07:15 133632 ----a-w- c:\windows\Internet Logs\xDBADCD.tmp
2010-06-16 07:12 . 2009-10-24 03:37 -------- d-----w- c:\program files\PC-Doctor
2010-06-16 07:10 . 2010-06-16 07:10 1465512 ----a-w- c:\users\MARTIN\AppData\Roaming\Update\patch_551455to551460_32\patch_551455to551460_32.02.exe
2010-06-16 07:09 . 2010-05-22 09:29 -------- d-----w- c:\users\MARTIN\AppData\Roaming\Update
2010-06-16 07:02 . 2009-10-24 03:48 -------- d-----w- c:\program files\Microsoft SQL Server
2010-06-15 10:26 . 2010-04-29 12:44 -------- d-----w- c:\program files\Windows Live
2010-06-15 08:39 . 2010-04-29 16:01 -------- d-----w- c:\program files\CCleaner
2010-06-13 20:53 . 2010-06-14 07:10 1801216 ----a-w- c:\windows\Internet Logs\xDBE17B.tmp
2010-06-13 20:53 . 2010-06-14 07:10 95232 ----a-w- c:\windows\Internet Logs\xDBE051.tmp
2010-06-12 05:20 . 2010-06-12 15:37 468992 ----a-w- c:\windows\Internet Logs\xDB80F3.tmp
2010-06-08 21:00 . 2010-06-26 09:50 52224 ----a-w- c:\users\MARTIN\AppData\Roaming\Mozilla\Firefox\Profiles\dep2rb32.default\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}\components\FFExternalAlert.dll
2010-06-08 21:00 . 2010-06-26 09:50 101376 ----a-w- c:\users\MARTIN\AppData\Roaming\Mozilla\Firefox\Profiles\dep2rb32.default\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}\components\RadioWMPCore.dll
2010-06-05 12:05 . 2010-06-05 12:05 25214 ----a-r- c:\users\MARTIN\AppData\Roaming\Microsoft\Installer\{ACCD5C00-F1E4-11DD-AA93-005056C00008}\RunProductNameDskt_985F828E0E98429F9C05EF3BDE7568F7.exe
2010-06-05 12:05 . 2010-06-05 12:05 25214 ----a-r- c:\users\MARTIN\AppData\Roaming\Microsoft\Installer\{ACCD5C00-F1E4-11DD-AA93-005056C00008}\RunProductName_985F828E0E98429F9C05EF3BDE7568F7.exe
2010-06-05 12:05 . 2010-06-05 12:05 10134 ----a-r- c:\users\MARTIN\AppData\Roaming\Microsoft\Installer\{ACCD5C00-F1E4-11DD-AA93-005056C00008}\ARPPRODUCTICON.exe
2010-06-02 20:56 . 2010-06-03 10:52 1774592 ----a-w- c:\windows\Internet Logs\xDBE5E3.tmp
2010-06-02 20:56 . 2010-06-03 10:52 49152 ----a-w- c:\windows\Internet Logs\xDBE40A.tmp
2010-06-02 14:12 . 2010-06-02 14:13 1772544 ----a-w- c:\windows\Internet Logs\xDB74D9.tmp
2010-06-02 14:12 . 2010-06-02 14:13 48128 ----a-w- c:\windows\Internet Logs\xDB7300.tmp
2010-06-01 11:07 . 2010-06-02 10:56 8704 ----a-w- c:\windows\Internet Logs\xDBD00D.tmp
2010-05-31 21:20 . 2010-06-01 11:07 1768960 ----a-w- c:\windows\Internet Logs\xDB6417.tmp
2010-05-31 21:20 . 2010-06-01 11:07 336384 ----a-w- c:\windows\Internet Logs\xDB5B6A.tmp
2010-05-31 20:11 . 2010-05-31 20:11 -------- d-----w- c:\program files\ffdshow
2010-05-31 13:34 . 2010-04-29 15:22 -------- d-----w- c:\program files\The KMPlayer
2010-05-30 08:16 . 2010-05-30 08:16 -------- d-----w- c:\program files\Common Files\Java
2010-05-30 08:15 . 2009-10-24 03:32 -------- d-----w- c:\program files\Java
2010-05-28 20:48 . 2010-05-29 09:44 1761280 ----a-w- c:\windows\Internet Logs\xDB19CD.tmp
2010-05-26 18:07 . 2010-05-26 18:07 -------- d-----w- c:\users\MARTIN\AppData\Roaming\QIP
2010-05-24 17:31 . 2010-05-25 05:19 502272 ----a-w- c:\windows\Internet Logs\xDB8C88.tmp
2010-05-22 10:56 . 2010-05-22 10:55 -------- d-----w- c:\program files\SMS posílač Treca
2010-05-22 10:55 . 2010-05-22 10:55 -------- d-----w- c:\programdata\IsolatedStorage
2010-05-22 10:55 . 2010-05-22 10:55 0 ----a-w- c:\users\MARTIN\AppData\Roaming\SMS posílač Treca\SMSposilac.exe
2010-05-22 10:14 . 2010-05-13 13:37 -------- d-----w- c:\program files\Full Tilt Poker
2010-05-22 09:35 . 2009-10-24 03:37 -------- d-----w- c:\programdata\PCDr
2010-05-22 09:34 . 2010-05-22 09:34 -------- d-----w- c:\programdata\PC-Doctor for Windows
2010-05-21 16:27 . 2010-05-21 16:27 6144 ----a-w- c:\programdata\Spyware Terminator\sp_rsdel.exe
2010-05-21 16:27 . 2010-05-21 16:27 5632 ----a-w- c:\programdata\Spyware Terminator\fileobjinfo.sys
2010-05-21 16:27 . 2010-05-21 16:27 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-05-21 12:14 . 2010-04-29 17:55 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-20 15:09 . 2010-05-20 15:09 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2010-05-20 15:09 . 2010-05-20 15:09 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2010-05-19 18:42 . 2010-04-29 12:44 146592 ----a-w- c:\users\MARTIN\AppData\Local\GDIPFONTCACHEV1.DAT
2010-05-19 17:12 . 2010-05-19 17:12 -------- d-----w- c:\program files\Bonjour
2010-05-19 17:12 . 2010-04-29 15:08 -------- d-----w- c:\program files\Common Files\Adobe
2010-05-19 17:02 . 2010-05-19 17:02 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2010-05-18 18:38 . 2010-05-18 18:38 -------- d-----w- c:\program files\ICQ-Banner-Remover
2010-05-18 13:06 . 2010-05-18 13:06 -------- d-----w- c:\users\MARTIN\AppData\Roaming\Phantasmagoria
2010-05-15 14:30 . 2010-04-29 15:25 461400 ----a-w- c:\windows\system32\drivers\vsdatant.sys
2010-05-15 08:46 . 2010-05-15 08:40 -------- d-----w- c:\program files\NoPayPOKER
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}"= "c:\program files\ZoneAlarm\tbZone.dll" [2010-05-09 2517088]

[HKEY_CLASSES_ROOT\clsid\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]
2010-05-09 09:50 2517088 ----a-w- c:\program files\ZoneAlarm\tbZone.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}"= "c:\program files\ZoneAlarm\tbZone.dll" [2010-05-09 2517088]

[HKEY_CLASSES_ROOT\clsid\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-05-21 3037696]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-09-18 171464]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-09-18 205976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-10 7612960]
"TPHOTKEY"="c:\program files\Lenovo\HOTKEY\TPOSDSVC.exe" [2009-03-13 68976]
"LENOVO.TPFNF6R"="c:\program files\Lenovo\HOTKEY\TPFNF6R.exe" [2009-08-20 62752]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-08-07 186904]
"TpShocks"="TpShocks.exe" [2009-07-09 337184]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-19 174104]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-19 151064]
"Message Center Plus"="c:\program files\LENOVO\Message Center Plus\MCPLaunch.exe" [2009-05-28 49976]
"AcWin7Hlpr"="c:\program files\Lenovo\Access Connections\AcWin7Hlpr.exe" [2009-09-09 274432]
"cssauth"="c:\program files\Lenovo\Client Security Solution\cssauth.exe" [2009-08-26 3089720]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-14 1541416]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-06-28 2837864]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-05-21 2176512]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Daemon for Mouse Suite"="c:\program files\Lenovo\Lenovo Mouse Suite\ICO.EXE" [2009-11-06 98304]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2010-06-23 1043968]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2010-05-26 730600]

c:\users\MARTIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2009-7-2 795936]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"DisableCAD"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2009-08-17 21:27 100104 ----a-w- c:\program files\ThinkVantage Fingerprint Software\psqlpwd.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer5"=wdmaud.drv

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comodo EasyVPN]
2009-09-28 15:36 3563768 ----a-w- c:\program files\COMODO\EasyVPN\EasyVPN.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2010-06-18 18:40 133368 ----a-w- c:\program files\ICQ7.2\ICQ.exe

R3 ATP;Comodo EasyVPN Miniport Driver;c:\windows\system32\DRIVERS\cmdatp.sys [2008-12-10 17424]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-05-25 122368]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 pelbtm;Bluetooth Mouse Filter Driver;c:\windows\system32\DRIVERS\pelbtm.sys [2007-09-20 13312]
R3 Power Manager DBC Service;Power Manager DBC Service;c:\program files\ThinkPad\Utilities\PWMDBSVC.EXE [2009-08-23 75040]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-19 1343400]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-04-29 691696]
S0 hotcore3;hc3ServiceName;c:\windows\system32\DRIVERS\hotcore3.sys [2009-03-24 40560]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM86.sys [2009-06-29 20520]
S1 aswSP;aswSP; [x]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
S1 pelmoubt;Mouse Suite Bluetooth Driver;c:\windows\system32\DRIVERS\pelmoubt.sys [2009-04-23 18432]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-05-21 142592]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 176128]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256]
S2 CrdphService;COMODO EasyVPN VNC Service;c:\program files\COMODO\EasyVPN\crdphService.exe [2009-08-11 491768]
S2 EasyVpnAdpt;COMODO EasyVPN Service;c:\program files\COMODO\EasyVPN\Vpnservice.exe [2009-08-11 45304]
S2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2010-05-26 26352]
S2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2010-05-26 493032]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2009-07-03 45424]
S2 PelService;Session Launcher Service;c:\program files\Lenovo\Lenovo Mouse Suite\PelService.exe [2009-11-13 172032]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032]
S2 smihlp;SMI Helper Driver (smihlp);c:\program files\ThinkVantage Fingerprint Software\smihlp.sys [2009-03-13 12560]
S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2009-05-21 62320]
S3 5U877;USB Video Device;c:\windows\system32\DRIVERS\5U877.sys [2009-06-18 125568]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-05-18 119256]
S3 NETw1v32;Intel(R) Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw1v32.sys [2009-08-03 5958656]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-05-22 167936]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Obsah adresáře 'Naplánované úlohy'

2010-06-27 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PC-Doctor\uaclauncher.exe [2010-05-07 19:46]

2010-06-19 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\PC-Doctor\pcdrcui.exe [2010-06-08 21:08]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://google.daemonsearch.com/intl/
uInternet Settings,ProxyOverride = *.local
IE: Crawler Search - tbr:iemenu
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm
IE: Stáhnout s IDM - c:\documents and settings\Default User\Local Settings\Temp\bsasee3y5d\IEExt.htm
IE: Stáhnout s IDM obsah FLV videa - c:\documents and settings\Default User\Local Settings\Temp\bsasee3y5d\IEGetVL.htm
IE: Stáhnout s IDM všechny odkazy - c:\documents and settings\Default User\Local Settings\Temp\bsasee3y5d\IEGetAll.htm
IE: {{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - c:\program files\ICQ7.2\ICQ.exe
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - c:\users\MARTIN\AppData\Roaming\Mozilla\Firefox\Profiles\dep2rb32.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2611275&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ÄŚSFD
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2611275&q=
FF - component: c:\progra~1\Crawler\firefox\components\xcomm.dll
FF - component: c:\progra~1\Crawler\firefox\components\xshared.dll
FF - component: c:\progra~1\Crawler\firefox\components\xsupport.dll
FF - component: c:\program files\CheckPoint\ZAForceField\TrustChecker\components\TrustCheckerMozillaPlugin.dll
FF - component: c:\users\MARTIN\AppData\Roaming\IDM\idmmzcc2\components\idmmzcc.dll
FF - component: c:\users\MARTIN\AppData\Roaming\Mozilla\Firefox\Profiles\dep2rb32.default\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}\components\FFExternalAlert.dll
FF - component: c:\users\MARTIN\AppData\Roaming\Mozilla\Firefox\Profiles\dep2rb32.default\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}\components\RadioWMPCore.dll
FF - plugin: c:\program files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\MARTIN\AppData\Roaming\Mozilla\Firefox\Profiles\dep2rb32.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: c:\users\MARTIN\AppData\Roaming\Mozilla\Firefox\Profiles\dep2rb32.default\extensions\npfax@microgaming.co.uk\platform\WINNT_x86-msvc\plugins\npfax.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

Toolbar-Locked - (no file)
MSConfigStartUp-LogMeIn Hamachi Ui - c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe

.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-2624410775-611335681-473189198-1003\Software\SecuROM\License information*]
"datasecu"=hex:69,35,41,de,c6,d3,fe,a8,83,27,8e,27,5c,0c,7c,f0,59,e6,88,b3,86,
1c,a3,de,f3,d5,c3,d6,3c,b6,65,ff,4a,ca,8a,4f,49,c2,54,8b,30,01,93,1f,1f,aa,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98

[HKEY_USERS\S-1-5-21-2624410775-611335681-473189198-1003_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):bb,a4,ee,da,30,dc,38,6e,b8,c6,c7,6e,e1,1e,43,e6,85,ae,14,7e,10,
19,97,75,00,2e,bb,2f,3f,85,7e,11,64,b9,8e,73,1e,cb,ce,db,00,00,00,00,00,00,\

[HKEY_USERS\S-1-5-21-2624410775-611335681-473189198-1003_Classes\CLSID\{f48a30d1-99c3-4aea-b9c5-b6dfd31c5243}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:000000b7
"Therad"=dword:0000000a
"MData"=hex(0):cb,9b,ad,ef,27,7d,29,69,f5,02,f0,76,aa,4a,f1,7c,d3,d9,67,7f,6a,
4b,7b,ad,1f,7e,00,ca,7a,40,fc,63,3e,86,b2,0e,1a,23,21,60,40,37,2d,cb,62,d0,\

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'lsass.exe'(668)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll

- - - - - - - > 'Explorer.exe'(1660)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
c:\program files\Lenovo\Client Security Solution\tvtpwm_windows_hook.dll
c:\program files\ThinkPad\Bluetooth Software\btmmhook.dll
c:\program files\PC-Doctor\ATLPcdToolbar551452.dll
c:\program files\Lenovo\Access Connections\ACDeskBand.dll
c:\program files\Lenovo\Access Connections\AcLocSettings.dll
c:\program files\Lenovo\Access Connections\AcSvcStub.dll
c:\program files\Lenovo\Access Connections\ACHelper.dll
c:\program files\Lenovo\Lenovo Mouse Suite\pelscrll.dll
c:\program files\Lenovo\Lenovo Mouse Suite\PELCOMM.dll
c:\program files\Lenovo\Lenovo Mouse Suite\PELHOOKS.dll
c:\program files\ThinkPad\Bluetooth Software\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\ibmpmsvc.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\atieclxx.exe
c:\program files\ThinkVantage Fingerprint Software\upeksvr.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\progra~1\Lenovo\HOTKEY\tpnumlk.exe
c:\program files\Lenovo\Access Connections\AcPrfMgrSvc.exe
c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Lenovo\Lenovo Mouse Suite\PelElvDm.exe
c:\program files\Lenovo\Access Connections\AcSvc.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\ThinkPad\Bluetooth Software\btwdins.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Lenovo\System Update\SUService.exe
c:\program files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
c:\windows\system32\taskhost.exe
c:\progra~1\Lenovo\HOTKEY\tpnumlkd.exe
c:\windows\system32\conhost.exe
c:\program files\Lenovo\HOTKEY\TPONSCR.exe
c:\program files\Lenovo\Zoom\TpScrex.exe
c:\windows\System32\TpShocks.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\Synaptics\SynTP\SynTPLpr.exe
c:\program files\Lenovo\Client Security Solution\password_manager.exe
c:\program files\Lenovo\Access Connections\SvcGuiHlpr.exe
c:\program files\Lenovo\Lenovo Mouse Suite\Pelmiced.exe
c:\program files\windows defender\MpCmdRun.exe
.
**************************************************************************
.
Celkový čas: 2010-07-03 11:45:58 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-07-03 09:45

Před spuštěním: Volných bajtů: 115 212 636 160
Po spuštění: Volných bajtů: 115 032 248 320

- - End Of File - - 656B8897328FBBD2CEFC1D47C1388AA2

#9 Příspěvek od **motji** » 03 črc 2010 11:54

Změnilo se něco po použití combofixu?
Ještě zkuste odstranit driver od daemonu

Stáhněte SPTD http://www.duplexsecure.com/en/downloads
-vyberte verzi podle svého operačního systému. SPTD for Windows (32 bit) nebo (64b)
-uložte na plochu a spusťte
- zvolte možnost Uninstall
- restart PC

ramzes · #10 Příspěvek od **ramzes** » 03 črc 2010 15:31

Zmizely všechny virtuální mechaniky, takže se zdá, že byl deamon i alcohol odstraněn.

Když sputím SPTD, tak tam mám pouze možnost -install-, mám to tedy první nainstalovat?

#11 Příspěvek od **motji** » 03 črc 2010 16:02

Ne, neinstalujte.

Tento program znáte?
c:\program files\COMODO\EasyVPN

Tuto složku znáte?
C:\Device

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše


Folder::
c:\program files\DAEMON Tools
c:\program files\Alcohol Soft
c:\windows\Internet Logs

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools"=-
"AlcoholAutomount"=-

Firefox::
FF - ProfilePath - c:\users\MARTIN\AppData\Roaming\Mozilla\Firefox\Profiles\dep2rb32.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ÄŚSFD
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.as ... 2611275&q=

DDS::
uStart Page = hxxp://google.daemonsearch.com/intl/

Reglock::
[HKEY_USERS\S-1-5-21-2624410775-611335681-473189198-1003_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
[HKEY_USERS\S-1-5-21-2624410775-611335681-473189198-1003_Classes\CLSID\{f48a30d1-99c3-4aea-b9c5-b6dfd31c5243}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:

Obrázek

-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

ramzes · #12 Příspěvek od **ramzes** » 03 črc 2010 19:25

- první program vím co je
- s druhým souborem si nejsem tak jistý

log z combofixu:
ComboFix 10-07-01.02 - MARTIN 03.07.2010 19:34:34.2.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.3037.1930 [GMT 2:00]
Spuštěný z: c:\users\MARTIN\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\MARTIN\Desktop\CFScript.txt.txt
SP: Spyware Terminator *disabled* (Updated) {55EE49A8-16BE-4601-BBE6-607B7F7317DE}
.\

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Alcohol Soft
c:\program files\Alcohol Soft\Alcohol 120\Alcohol.exe
c:\program files\Alcohol Soft\Alcohol 120\Alcoholx.dll
c:\program files\Alcohol Soft\Alcohol 120\AX_GE.dll
c:\program files\Alcohol Soft\Alcohol 120\AxCmd.exe
c:\program files\Alcohol Soft\Alcohol 120\AXShlEx.dll
c:\program files\Alcohol Soft\Alcohol 120\AxType.ini
c:\program files\Alcohol Soft\Alcohol 120\DevSupp.dll
c:\program files\Alcohol Soft\Alcohol 120\imgengine.dll
c:\program files\Alcohol Soft\Alcohol 120\pfctoc.dll
c:\program files\Alcohol Soft\Alcohol 120\Plugins\AxSWind.dll
c:\program files\Alcohol Soft\Alcohol 120\Plugins\AxtraWd.dll
c:\program files\Alcohol Soft\Alcohol 120\Plugins\dpm.dll
c:\program files\Alcohol Soft\Alcohol 120\Plugins\Helper\AxSrvUACHlper.exe
c:\program files\Alcohol Soft\Alcohol 120\Plugins\Helper\UACHlper.exe
c:\program files\Alcohol Soft\Alcohol 120\Plugins\NapalmBurn.dll
c:\program files\Alcohol Soft\Alcohol 120\uninst.exe
c:\program files\DAEMON Tools
c:\program files\DAEMON Tools\cryptapi.dll
c:\program files\DAEMON Tools\daemon.dll
c:\program files\DAEMON Tools\daemon.exe
c:\program files\DAEMON Tools\chkupd.exe
c:\program files\DAEMON Tools\Icons\tray1.ico
c:\program files\DAEMON Tools\Icons\tray2.ico
c:\program files\DAEMON Tools\Lang\ENU.dll
c:\program files\DAEMON Tools\pfctoc.dll
c:\program files\DAEMON Tools\Plugins\Images\bw5mount.dll
c:\program files\DAEMON Tools\Plugins\Images\bwtmount.dll
c:\program files\DAEMON Tools\Plugins\Images\ccdmount.dll
c:\program files\DAEMON Tools\Plugins\Images\cuemount.dll
c:\program files\DAEMON Tools\Plugins\Images\iszmount.dll
c:\program files\DAEMON Tools\Plugins\Images\mdsmount.dll
c:\program files\DAEMON Tools\Plugins\Images\nrgmount.dll
c:\program files\DAEMON Tools\Plugins\Images\pdimount.dll
c:\program files\DAEMON Tools\Plugins\Images\pfcmount.dll
c:\program files\DAEMON Tools\uninst.exe
c:\windows\Internet Logs\Backup7.5.2010.xml
c:\windows\Internet Logs\fwdbglog.txt
c:\windows\Internet Logs\fwpktlog.txt
c:\windows\Internet Logs\installer_042910172516.log
c:\windows\Internet Logs\installer_062610114735.log
c:\windows\Internet Logs\MARTIN-THINK.ldb
c:\windows\Internet Logs\tvDebug.log
c:\windows\Internet Logs\tvDebug.Zip
c:\windows\Internet Logs\vsdata.dll
c:\windows\Internet Logs\xDB19CD.tmp
c:\windows\Internet Logs\xDB5B6A.tmp
c:\windows\Internet Logs\xDB6417.tmp
c:\windows\Internet Logs\xDB6B7E.tmp
c:\windows\Internet Logs\xDB6DFF.tmp
c:\windows\Internet Logs\xDB7300.tmp
c:\windows\Internet Logs\xDB74D9.tmp
c:\windows\Internet Logs\xDB781B.tmp
c:\windows\Internet Logs\xDB7A9C.tmp
c:\windows\Internet Logs\xDB80F3.tmp
c:\windows\Internet Logs\xDB81CE.tmp
c:\windows\Internet Logs\xDB8420.tmp
c:\windows\Internet Logs\xDB8C78.tmp
c:\windows\Internet Logs\xDB8C88.tmp
c:\windows\Internet Logs\xDB8EAA.tmp
c:\windows\Internet Logs\xDB8EF7.tmp
c:\windows\Internet Logs\xDB9BF2.tmp
c:\windows\Internet Logs\xDB9D89.tmp
c:\windows\Internet Logs\xDBA92B.tmp
c:\windows\Internet Logs\xDBAA93.tmp
c:\windows\Internet Logs\xDBADCD.tmp
c:\windows\Internet Logs\xDBAF92.tmp
c:\windows\Internet Logs\xDBB627.tmp
c:\windows\Internet Logs\xDBB7B2.tmp
c:\windows\Internet Logs\xDBC67B.tmp
c:\windows\Internet Logs\xDBC7E3.tmp
c:\windows\Internet Logs\xDBCD3F.tmp
c:\windows\Internet Logs\xDBD00D.tmp
c:\windows\Internet Logs\xDBE051.tmp
c:\windows\Internet Logs\xDBE17B.tmp
c:\windows\Internet Logs\xDBE1D8.tmp
c:\windows\Internet Logs\xDBE40A.tmp
c:\windows\Internet Logs\xDBE5E3.tmp
c:\windows\Internet Logs\xDBF435.tmp
c:\windows\Internet Logs\ZALog2010.06.24.txt
c:\windows\Internet Logs\ZALog2010.06.25.txt
c:\windows\Internet Logs\ZALog2010.06.27.txt
c:\windows\Internet Logs\ZALog2010.06.28.txt
c:\windows\Internet Logs\ZALog2010.06.29.txt
c:\windows\Internet Logs\ZALog2010.06.30.txt
c:\windows\Internet Logs\ZALog2010.07.01.txt
c:\windows\Internet Logs\ZALog2010.07.02.txt
c:\windows\Internet Logs . . . . nemohl být smazán
c:\windows\Internet Logs\BACKUP.RDB . . . . nemohl být smazán
c:\windows\Internet Logs\IAMDB.RDB . . . . nemohl být smazán
c:\windows\Internet Logs\ZALog.txt . . . . nemohl být smazán

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-06-03 do 2010-07-03 )))))))))))))))))))))))))))))))
.

2010-07-03 17:50 . 2010-07-03 17:50 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-07-03 17:50 . 2010-07-03 17:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-07-03 09:30 . 2010-07-03 09:30 -------- d-----w- C:\Device
2010-07-02 09:02 . 2010-07-02 09:02 -------- d-----w- c:\users\MARTIN\AppData\Roaming\Malwarebytes
2010-07-02 09:01 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-02 09:01 . 2010-07-02 09:01 -------- d-----w- c:\programdata\Malwarebytes
2010-07-02 09:01 . 2010-07-02 09:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-02 09:01 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-01 15:59 . 2010-07-01 15:59 -------- d-----w- c:\users\MARTIN\AppData\Local\Activision
2010-07-01 15:40 . 2010-07-01 15:40 -------- d-----w- c:\program files\Franzis
2010-06-29 15:56 . 2010-06-28 20:57 38848 ----a-w- c:\windows\avastSS.scr
2010-06-26 09:50 . 2010-06-26 09:50 -------- d-----w- c:\users\MARTIN\AppData\Roaming\CheckPoint
2010-06-26 09:49 . 2010-06-26 09:49 -------- d-----w- c:\program files\Conduit
2010-06-26 09:49 . 2010-06-26 09:49 -------- d-----w- c:\program files\ZoneAlarm
2010-06-26 09:49 . 2010-06-26 09:49 -------- d-----w- c:\program files\CheckPoint
2010-06-26 09:49 . 2010-04-09 07:24 1285000 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-06-26 09:49 . 2010-04-09 07:24 240008 ----a-w- c:\windows\system32\drivers\netio.sys
2010-06-26 09:49 . 2010-06-23 11:51 69120 ----a-w- c:\windows\system32\zlcomm.dll
2010-06-26 09:49 . 2010-06-23 11:51 103936 ----a-w- c:\windows\system32\zlcommdb.dll
2010-06-24 16:56 . 2009-11-25 10:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-06-24 16:56 . 2009-11-25 10:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-06-24 16:56 . 2009-11-25 10:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-06-24 16:56 . 2009-11-25 10:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-06-24 16:56 . 2009-11-25 10:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-06-24 01:11 . 2010-03-24 06:37 1286456 ----a-w- c:\windows\system32\ntdll.dll
2010-06-24 01:11 . 2010-05-09 09:14 641536 ----a-w- c:\windows\system32\CPFilters.dll
2010-06-24 01:10 . 2010-05-09 09:14 417792 ----a-w- c:\windows\system32\msdri.dll
2010-06-22 13:59 . 2009-11-02 13:46 24064 ----a-w- c:\windows\system32\drivers\PELUSBLF.SYS
2010-06-22 13:59 . 2009-11-02 12:29 19456 ----a-w- c:\windows\system32\drivers\PELMOUSE.SYS
2010-06-22 13:59 . 2009-04-23 12:12 18432 ----a-w- c:\windows\system32\drivers\PELMOUBT.SYS
2010-06-22 13:59 . 2007-09-20 11:23 13312 ----a-w- c:\windows\system32\drivers\PELBTM.SYS
2010-06-22 13:59 . 2006-10-31 16:07 19818 ----a-w- c:\windows\system32\drivers\PELPS2M.SYS
2010-06-22 10:01 . 2010-06-22 10:01 -------- d-----w- C:\temp
2010-06-21 15:00 . 2010-06-23 11:09 -------- d-----w- c:\users\MARTIN\AppData\Local\Rockstar Games
2010-06-21 14:59 . 2010-06-21 14:59 -------- d--h--r- c:\users\MARTIN\AppData\Roaming\SecuROM
2010-06-21 14:58 . 2010-06-21 14:58 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-06-21 14:55 . 2010-06-21 14:55 -------- d-----w- c:\windows\system32\xlive
2010-06-21 14:55 . 2010-06-21 14:55 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2010-06-21 13:09 . 2010-06-21 13:09 -------- d-----w- c:\program files\SystemRequirementsLab
2010-06-21 13:09 . 2010-06-21 13:11 -------- d-----w- c:\users\MARTIN\SystemRequirementsLab
2010-06-18 18:42 . 2010-06-18 18:42 -------- d-----w- c:\program files\ICQ6Toolbar
2010-06-18 18:41 . 2010-06-18 18:42 -------- d-----w- c:\programdata\ICQ
2010-06-18 18:41 . 2010-06-18 18:41 -------- d-----w- c:\users\MARTIN\AppData\Local\AOL
2010-06-18 18:40 . 2010-06-18 18:47 -------- d-----w- c:\program files\ICQ7.2
2010-06-18 15:22 . 2010-06-18 15:22 -------- d-----w- c:\users\MARTIN\AppData\Local\storage
2010-06-18 12:13 . 2008-12-10 08:08 17424 ----a-w- c:\windows\system32\drivers\cmdatp.sys
2010-06-18 12:13 . 2010-06-18 12:13 -------- d-----w- c:\program files\COMODO
2010-06-18 12:13 . 2010-06-18 12:14 -------- d-----w- c:\users\MARTIN\AppData\Roaming\COMODO
2010-06-17 18:22 . 2010-06-17 18:22 -------- d-----w- c:\users\MARTIN\AppData\Roaming\Apple Computer
2010-06-16 07:02 . 2010-06-16 07:02 -------- d-----w- c:\windows\SQL9_KB970892_ENU
2010-06-16 06:58 . 2010-06-16 06:58 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2010-06-15 17:11 . 2010-06-15 17:12 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-15 10:24 . 2010-06-15 10:24 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-06-09 11:49 . 2010-07-01 19:50 -------- d-----w- c:\users\MARTIN\.hedgewars
2010-06-09 11:48 . 2010-06-09 11:48 -------- d-----w- c:\program files\Hedgewars 0.9.13
2010-06-09 10:45 . 2010-05-01 14:49 2326528 ----a-w- c:\windows\system32\win32k.sys
2010-06-09 10:45 . 2010-03-05 07:42 67584 ----a-w- c:\windows\system32\asycfilt.dll
2010-06-09 10:45 . 2010-05-21 05:18 977920 ----a-w- c:\windows\system32\wininet.dll
2010-06-09 10:45 . 2010-05-27 07:24 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-06-09 10:45 . 2010-05-27 03:49 293888 ----a-w- c:\windows\system32\atmfd.dll
2010-06-08 15:30 . 2010-06-08 15:30 -------- d-----w- c:\program files\FCE
2010-06-07 17:25 . 2010-06-17 17:25 -------- d-----w- c:\users\MARTIN\AppData\Roaming\Hamachi
2010-06-05 12:08 . 2010-06-05 12:08 -------- d-----w- c:\programdata\launcher
2010-06-05 12:05 . 2009-03-24 17:07 40560 ----a-w- c:\windows\system32\drivers\hotcore3.sys
2010-06-05 12:05 . 2010-06-18 12:13 -------- dc----w- c:\windows\system32\DRVSTORE
2010-06-05 12:05 . 2010-06-05 12:05 -------- d-----w- c:\program files\Paragon Software

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-03 17:50 . 2010-04-30 11:17 -------- d-----w- c:\users\MARTIN\AppData\Roaming\Skype
2010-07-03 17:31 . 2010-04-29 18:01 -------- d-----w- c:\users\MARTIN\AppData\Roaming\ICQ
2010-07-03 16:05 . 2010-05-22 10:55 -------- d-----w- c:\users\MARTIN\AppData\Roaming\SMS posílač Treca
2010-07-03 08:58 . 2010-04-30 11:29 -------- d-----w- c:\users\MARTIN\AppData\Roaming\DMCache
2010-07-02 18:30 . 2010-05-04 18:39 -------- d-----w- c:\program files\SpeedFan
2010-07-02 17:28 . 2010-05-21 16:27 -------- d-----w- c:\users\MARTIN\AppData\Roaming\Spyware Terminator
2010-07-02 11:08 . 2010-05-21 16:27 -------- d-----w- c:\programdata\Spyware Terminator
2010-07-01 15:52 . 2009-10-24 03:20 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-01 15:45 . 2010-05-04 13:40 -------- d-----w- c:\program files\Activision
2010-07-01 14:53 . 2010-05-21 16:42 -------- d-----w- c:\program files\trend micro
2010-07-01 08:28 . 2009-10-24 04:13 672622 ----a-w- c:\windows\system32\perfh005.dat
2010-07-01 08:28 . 2009-10-24 04:13 137522 ----a-w- c:\windows\system32\perfc005.dat
2010-06-29 16:02 . 2010-05-08 18:06 -------- d-----w- c:\programdata\Ubisoft
2010-06-29 15:46 . 2010-05-08 17:49 -------- d-----w- c:\program files\Ubisoft
2010-06-29 15:21 . 2010-06-29 15:21 10134 ----a-r- c:\users\MARTIN\AppData\Roaming\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
2010-06-29 14:45 . 2009-10-24 03:25 -------- d-----w- c:\program files\Common Files\InstallShield
2010-06-28 20:57 . 2010-04-29 15:33 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-06-28 20:37 . 2010-04-29 15:33 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-06-28 20:37 . 2010-04-29 15:33 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-06-28 20:33 . 2010-04-29 15:33 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-06-28 20:32 . 2010-04-29 15:33 50256 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-06-28 20:32 . 2010-04-29 15:33 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-06-26 13:34 . 2010-05-21 16:27 -------- d-----w- c:\program files\Spyware Terminator
2010-06-26 09:50 . 2010-04-29 15:25 421441 ---ha-w- c:\windows\system32\drivers\vsconfig.xml
2010-06-26 09:50 . 2010-06-26 09:50 -------- d-----w- c:\users\MARTIN\AppData\Roaming\CheckPoint
2010-06-26 09:49 . 2010-06-26 09:49 -------- d-----w- c:\program files\CheckPoint
2010-06-23 11:51 . 2010-04-29 15:25 1238528 ----a-w- c:\windows\system32\zpeng25.dll
2010-06-23 11:51 . 2010-06-26 09:49 110080 ----a-w- c:\windows\system32\~GLH0033.TMP
2010-06-23 08:40 . 2010-05-21 16:27 -------- d-----w- c:\program files\Crawler
2010-06-22 13:59 . 2009-10-24 03:22 -------- d-----w- c:\program files\Lenovo
2010-06-17 17:47 . 2009-10-24 03:44 -------- d-----w- c:\programdata\Microsoft Help
2010-06-16 07:12 . 2009-10-24 03:37 -------- d-----w- c:\program files\PC-Doctor
2010-06-16 07:10 . 2010-06-16 07:10 1465512 ----a-w- c:\users\MARTIN\AppData\Roaming\Update\patch_551455to551460_32\patch_551455to551460_32.02.exe
2010-06-16 07:09 . 2010-05-22 09:29 -------- d-----w- c:\users\MARTIN\AppData\Roaming\Update
2010-06-16 07:02 . 2009-10-24 03:48 -------- d-----w- c:\program files\Microsoft SQL Server
2010-06-15 10:26 . 2010-04-29 12:44 -------- d-----w- c:\program files\Windows Live
2010-06-15 08:39 . 2010-04-29 16:01 -------- d-----w- c:\program files\CCleaner
2010-06-08 21:00 . 2010-06-26 09:50 52224 ----a-w- c:\users\MARTIN\AppData\Roaming\Mozilla\Firefox\Profiles\dep2rb32.default\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}\components\FFExternalAlert.dll
2010-06-08 21:00 . 2010-06-26 09:50 101376 ----a-w- c:\users\MARTIN\AppData\Roaming\Mozilla\Firefox\Profiles\dep2rb32.default\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}\components\RadioWMPCore.dll
2010-06-05 12:05 . 2010-06-05 12:05 25214 ----a-r- c:\users\MARTIN\AppData\Roaming\Microsoft\Installer\{ACCD5C00-F1E4-11DD-AA93-005056C00008}\RunProductNameDskt_985F828E0E98429F9C05EF3BDE7568F7.exe
2010-06-05 12:05 . 2010-06-05 12:05 25214 ----a-r- c:\users\MARTIN\AppData\Roaming\Microsoft\Installer\{ACCD5C00-F1E4-11DD-AA93-005056C00008}\RunProductName_985F828E0E98429F9C05EF3BDE7568F7.exe
2010-06-05 12:05 . 2010-06-05 12:05 10134 ----a-r- c:\users\MARTIN\AppData\Roaming\Microsoft\Installer\{ACCD5C00-F1E4-11DD-AA93-005056C00008}\ARPPRODUCTICON.exe
2010-05-31 20:11 . 2010-05-31 20:11 -------- d-----w- c:\program files\ffdshow
2010-05-31 13:34 . 2010-04-29 15:22 -------- d-----w- c:\program files\The KMPlayer
2010-05-30 08:16 . 2010-05-30 08:16 -------- d-----w- c:\program files\Common Files\Java
2010-05-30 08:15 . 2009-10-24 03:32 -------- d-----w- c:\program files\Java
2010-05-26 18:07 . 2010-05-26 18:07 -------- d-----w- c:\users\MARTIN\AppData\Roaming\QIP
2010-05-22 10:56 . 2010-05-22 10:55 -------- d-----w- c:\program files\SMS posílač Treca
2010-05-22 10:55 . 2010-05-22 10:55 -------- d-----w- c:\programdata\IsolatedStorage
2010-05-22 10:55 . 2010-05-22 10:55 0 ----a-w- c:\users\MARTIN\AppData\Roaming\SMS posílač Treca\SMSposilac.exe
2010-05-22 10:14 . 2010-05-13 13:37 -------- d-----w- c:\program files\Full Tilt Poker
2010-05-22 09:35 . 2009-10-24 03:37 -------- d-----w- c:\programdata\PCDr
2010-05-22 09:34 . 2010-05-22 09:34 -------- d-----w- c:\programdata\PC-Doctor for Windows
2010-05-21 16:27 . 2010-05-21 16:27 6144 ----a-w- c:\programdata\Spyware Terminator\sp_rsdel.exe
2010-05-21 16:27 . 2010-05-21 16:27 5632 ----a-w- c:\programdata\Spyware Terminator\fileobjinfo.sys
2010-05-21 16:27 . 2010-05-21 16:27 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-05-21 12:14 . 2010-04-29 17:55 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-20 15:09 . 2010-05-20 15:09 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2010-05-20 15:09 . 2010-05-20 15:09 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2010-05-19 18:42 . 2010-04-29 12:44 146592 ----a-w- c:\users\MARTIN\AppData\Local\GDIPFONTCACHEV1.DAT
2010-05-19 17:12 . 2010-05-19 17:12 -------- d-----w- c:\program files\Bonjour
2010-05-19 17:12 . 2010-04-29 15:08 -------- d-----w- c:\program files\Common Files\Adobe
2010-05-19 17:02 . 2010-05-19 17:02 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2010-05-18 18:38 . 2010-05-18 18:38 -------- d-----w- c:\program files\ICQ-Banner-Remover
2010-05-18 13:06 . 2010-05-18 13:06 -------- d-----w- c:\users\MARTIN\AppData\Roaming\Phantasmagoria
2010-05-15 14:30 . 2010-04-29 15:25 461400 ----a-w- c:\windows\system32\drivers\vsdatant.sys
2010-05-15 08:46 . 2010-05-15 08:40 -------- d-----w- c:\program files\NoPayPOKER
2010-05-12 19:45 . 2009-07-14 02:37 -------- d-----w- c:\program files\Windows Mail
2010-05-10 11:57 . 2010-05-10 11:57 -------- d-----w- c:\users\MARTIN\AppData\Roaming\ACD Systems
2010-05-10 11:56 . 2010-05-10 11:56 -------- d-----w- c:\program files\Common Files\ACD Systems
2010-05-10 11:56 . 2010-05-10 11:56 -------- d-----w- c:\programdata\ACD Systems
2010-05-10 11:56 . 2010-05-10 11:56 -------- d-----w- c:\program files\ACD Systems
2010-05-10 11:56 . 2010-05-10 11:56 10368 ----a-w- c:\windows\system32\drivers\pfc.sys
2010-05-10 11:48 . 2010-05-10 11:48 -------- d-----w- c:\users\MARTIN\AppData\Roaming\FastStone
2010-05-08 18:52 . 2010-05-08 18:52 -------- d-----w- c:\users\MARTIN\AppData\Roaming\Ubisoft
2010-05-08 17:48 . 2010-05-08 17:48 -------- d-----w- c:\users\MARTIN\AppData\Roaming\InstallShield
2010-05-07 19:46 . 2010-05-07 19:46 655872 ----a-w- c:\programdata\PC-Doctor for Windows\startmenu\msvcr90.dll
2010-05-07 19:46 . 2010-05-07 19:46 572928 ----a-w- c:\programdata\PC-Doctor for Windows\startmenu\msvcp90.dll
2010-05-07 19:46 . 2010-05-07 19:46 27136 ----a-w- c:\programdata\PC-Doctor for Windows\startmenu\startmenu-localizer.exe
2010-05-07 19:46 . 2010-05-07 19:46 24064 ----a-w- c:\programdata\PC-Doctor for Windows\startmenu\CommandLine.dll
2010-05-07 19:46 . 2010-05-07 19:46 225280 ----a-w- c:\programdata\PC-Doctor for Windows\startmenu\msvcm90.dll
2010-05-07 19:46 . 2010-05-07 19:46 1768960 ----a-w- c:\programdata\PC-Doctor for Windows\startmenu\Common.dll
2010-05-07 19:28 . 2010-05-07 19:28 54 ----a-w- c:\programdata\Last.fm\Client\uninst2.bat
2010-05-07 19:28 . 2010-05-07 19:28 683801 ----a-w- c:\programdata\Last.fm\Client\UninstWMP\unins000.exe
2010-05-07 19:28 . 2010-05-07 19:28 -------- d-----w- c:\programdata\Last.fm
2010-05-07 19:27 . 2010-05-07 19:27 -------- d-----w- c:\program files\Last.fm
2010-05-07 05:41 . 2010-05-07 05:41 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2010-05-06 18:20 . 2010-05-06 18:20 -------- d-----w- c:\program files\QuickTime
2010-05-06 18:20 . 2010-05-06 18:20 -------- d-----w- c:\programdata\Apple Computer
2010-05-06 18:19 . 2010-05-06 18:19 -------- d-----w- c:\program files\Common Files\Apple
2010-05-06 18:18 . 2010-05-06 18:18 -------- d-----w- c:\program files\Apple Software Update
2010-05-06 18:18 . 2010-05-06 18:18 -------- d-----w- c:\programdata\Apple
2010-05-05 18:43 . 2010-05-05 18:39 -------- d-----w- c:\programdata\NOS
2010-05-05 18:40 . 2010-05-05 18:40 -------- d-----w- c:\programdata\McAfee
2010-05-05 18:39 . 2010-05-05 18:39 -------- d-----w- c:\program files\NOS
2010-05-05 10:23 . 2010-05-05 10:23 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2010-05-05 10:23 . 2010-05-05 10:23 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-04-30 12:00 . 2010-04-30 11:54 57290208 ----a-w- c:\programdata\PCDr\upgrades\setup.exe
2010-04-30 11:29 . 2010-04-30 11:29 116144 ----a-w- c:\users\MARTIN\AppData\Roaming\IDM\idmmzcc2\components\idmmzcc.dll
2010-04-29 15:50 . 2010-04-29 15:50 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}"= "c:\program files\ZoneAlarm\tbZone.dll" [2010-05-09 2517088]

[HKEY_CLASSES_ROOT\clsid\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]
2010-05-09 09:50 2517088 ----a-w- c:\program files\ZoneAlarm\tbZone.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}"= "c:\program files\ZoneAlarm\tbZone.dll" [2010-05-09 2517088]

[HKEY_CLASSES_ROOT\clsid\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-05-21 3037696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-10 7612960]
"TPHOTKEY"="c:\program files\Lenovo\HOTKEY\TPOSDSVC.exe" [2009-03-13 68976]
"LENOVO.TPFNF6R"="c:\program files\Lenovo\HOTKEY\TPFNF6R.exe" [2009-08-20 62752]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-08-07 186904]
"TpShocks"="TpShocks.exe" [2009-07-09 337184]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-19 174104]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-19 151064]
"Message Center Plus"="c:\program files\LENOVO\Message Center Plus\MCPLaunch.exe" [2009-05-28 49976]
"AcWin7Hlpr"="c:\program files\Lenovo\Access Connections\AcWin7Hlpr.exe" [2009-09-09 274432]
"cssauth"="c:\program files\Lenovo\Client Security Solution\cssauth.exe" [2009-08-26 3089720]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-14 1541416]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-06-28 2837864]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-05-21 2176512]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Daemon for Mouse Suite"="c:\program files\Lenovo\Lenovo Mouse Suite\ICO.EXE" [2009-11-06 98304]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2010-06-23 1043968]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2010-05-26 730600]

c:\users\MARTIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2009-7-2 795936]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"DisableCAD"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2009-08-17 21:27 100104 ----a-w- c:\program files\ThinkVantage Fingerprint Software\psqlpwd.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer5"=wdmaud.drv

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comodo EasyVPN]
2009-09-28 15:36 3563768 ----a-w- c:\program files\COMODO\EasyVPN\EasyVPN.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2010-06-18 18:40 133368 ----a-w- c:\program files\ICQ7.2\ICQ.exe

R3 ATP;Comodo EasyVPN Miniport Driver;c:\windows\system32\DRIVERS\cmdatp.sys [2008-12-10 17424]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-05-25 122368]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 pelbtm;Bluetooth Mouse Filter Driver;c:\windows\system32\DRIVERS\pelbtm.sys [2007-09-20 13312]
R3 Power Manager DBC Service;Power Manager DBC Service;c:\program files\ThinkPad\Utilities\PWMDBSVC.EXE [2009-08-23 75040]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-19 1343400]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-04-29 691696]
S0 hotcore3;hc3ServiceName;c:\windows\system32\DRIVERS\hotcore3.sys [2009-03-24 40560]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM86.sys [2009-06-29 20520]
S1 aswSP;aswSP; [x]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
S1 pelmoubt;Mouse Suite Bluetooth Driver;c:\windows\system32\DRIVERS\pelmoubt.sys [2009-04-23 18432]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-05-21 142592]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 176128]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256]
S2 CrdphService;COMODO EasyVPN VNC Service;c:\program files\COMODO\EasyVPN\crdphService.exe [2009-08-11 491768]
S2 EasyVpnAdpt;COMODO EasyVPN Service;c:\program files\COMODO\EasyVPN\Vpnservice.exe [2009-08-11 45304]
S2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2010-05-26 26352]
S2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2010-05-26 493032]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2009-07-03 45424]
S2 PelService;Session Launcher Service;c:\program files\Lenovo\Lenovo Mouse Suite\PelService.exe [2009-11-13 172032]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032]
S2 smihlp;SMI Helper Driver (smihlp);c:\program files\ThinkVantage Fingerprint Software\smihlp.sys [2009-03-13 12560]
S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2009-05-21 62320]
S3 5U877;USB Video Device;c:\windows\system32\DRIVERS\5U877.sys [2009-06-18 125568]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-05-18 119256]
S3 NETw1v32;Intel(R) Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw1v32.sys [2009-08-03 5958656]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-05-22 167936]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Obsah adresáře 'Naplánované úlohy'

2010-06-27 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PC-Doctor\uaclauncher.exe [2010-05-07 19:46]

2010-06-19 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\PC-Doctor\pcdrcui.exe [2010-06-08 21:08]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: Crawler Search - tbr:iemenu
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm
IE: Stáhnout s IDM - c:\documents and settings\Default User\Local Settings\Temp\bsasee3y5d\IEExt.htm
IE: Stáhnout s IDM obsah FLV videa - c:\documents and settings\Default User\Local Settings\Temp\bsasee3y5d\IEGetVL.htm
IE: Stáhnout s IDM všechny odkazy - c:\documents and settings\Default User\Local Settings\Temp\bsasee3y5d\IEGetAll.htm
IE: {{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - c:\program files\ICQ7.2\ICQ.exe
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - c:\users\MARTIN\AppData\Roaming\Mozilla\Firefox\Profiles\dep2rb32.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - component: c:\progra~1\Crawler\firefox\components\xcomm.dll
FF - component: c:\progra~1\Crawler\firefox\components\xshared.dll
FF - component: c:\progra~1\Crawler\firefox\components\xsupport.dll
FF - component: c:\program files\CheckPoint\ZAForceField\TrustChecker\components\TrustCheckerMozillaPlugin.dll
FF - component: c:\users\MARTIN\AppData\Roaming\IDM\idmmzcc2\components\idmmzcc.dll
FF - component: c:\users\MARTIN\AppData\Roaming\Mozilla\Firefox\Profiles\dep2rb32.default\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}\components\FFExternalAlert.dll
FF - component: c:\users\MARTIN\AppData\Roaming\Mozilla\Firefox\Profiles\dep2rb32.default\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}\components\RadioWMPCore.dll
FF - plugin: c:\program files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\MARTIN\AppData\Roaming\Mozilla\Firefox\Profiles\dep2rb32.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: c:\users\MARTIN\AppData\Roaming\Mozilla\Firefox\Profiles\dep2rb32.default\extensions\npfax@microgaming.co.uk\platform\WINNT_x86-msvc\plugins\npfax.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-2624410775-611335681-473189198-1003\Software\SecuROM\License information*]
"datasecu"=hex:69,35,41,de,c6,d3,fe,a8,83,27,8e,27,5c,0c,7c,f0,59,e6,88,b3,86,
1c,a3,de,f3,d5,c3,d6,3c,b6,65,ff,4a,ca,8a,4f,49,c2,54,8b,30,01,93,1f,1f,aa,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'lsass.exe'(652)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll

- - - - - - - > 'Explorer.exe'(5852)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
c:\program files\Lenovo\Client Security Solution\tvtpwm_windows_hook.dll
c:\program files\ThinkPad\Bluetooth Software\btmmhook.dll
c:\program files\PC-Doctor\ATLPcdToolbar551452.dll
c:\program files\Lenovo\Access Connections\ACDeskBand.dll
c:\program files\Lenovo\Access Connections\AcLocSettings.dll
c:\program files\Lenovo\Access Connections\AcSvcStub.dll
c:\program files\Lenovo\Access Connections\ACHelper.dll
c:\program files\ThinkPad\Bluetooth Software\btncopy.dll
c:\program files\Lenovo\Lenovo Mouse Suite\pelscrll.dll
c:\program files\Lenovo\Lenovo Mouse Suite\PELCOMM.dll
c:\program files\Lenovo\Lenovo Mouse Suite\PELHOOKS.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\ibmpmsvc.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\atieclxx.exe
c:\program files\ThinkVantage Fingerprint Software\upeksvr.exe
c:\windows\system32\conhost.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Lenovo\HOTKEY\TPONSCR.exe
c:\progra~1\Lenovo\HOTKEY\tpnumlk.exe
c:\progra~1\Lenovo\HOTKEY\tpnumlkd.exe
c:\program files\Lenovo\Access Connections\AcPrfMgrSvc.exe
c:\program files\Lenovo\Zoom\TpScrex.exe
c:\windows\System32\TpShocks.exe
c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Lenovo\Lenovo Mouse Suite\PelElvDm.exe
c:\program files\Lenovo\Access Connections\AcSvc.exe
c:\program files\Synaptics\SynTP\SynTPLpr.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Lenovo\Client Security Solution\password_manager.exe
c:\program files\Lenovo\Lenovo Mouse Suite\FSRremoS.EXE
c:\program files\Lenovo\Lenovo Mouse Suite\Pelmiced.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Lenovo\Access Connections\SvcGuiHlpr.exe
c:\program files\ThinkPad\Bluetooth Software\btwdins.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Lenovo\System Update\SUService.exe
c:\program files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
.
**************************************************************************
.
Celkový čas: 2010-07-03 20:02:07 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-07-03 18:02
ComboFix2.txt 2010-07-03 09:46

Před spuštěním: Volných bajtů: 114 481 283 072
Po spuštění: Volných bajtů: 114 180 005 888

- - End Of File - - 8713664C667E79065470EE0636059DCA

#13 Příspěvek od **motji** » 03 črc 2010 21:21

A můžete se do té složky C:\Device podívat?

Jak to vypadá teď s počítačem?

ramzes · #14 Příspěvek od **ramzes** » 03 črc 2010 21:35

C:/Device/HarddiskVolume1/Boot/BCD

Počítač pracuje jak má

. Problém s Deamon byl určitě odstarněn.

#15 Příspěvek od **motji** » 03 črc 2010 21:38

Víte o co se jedná?
C:/Device/HarddiskVolume1/Boot/BCD

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.

***********

Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir

***********

Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

Obrázek

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

Obrázek

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy

ok

zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.

***********

Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech

***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

VIRY.CZ

Daemon tools zlobí

Daemon tools zlobí

Re: Deamon tools zlobí

Re: Daemon tools zlobí

Re: Daemon tools zlobí

Re: Daemon tools zlobí

Re: Daemon tools zlobí

Re: Daemon tools zlobí

Re: Daemon tools zlobí

Re: Daemon tools zlobí

Re: Daemon tools zlobí

Re: Daemon tools zlobí

Re: Daemon tools zlobí

Re: Daemon tools zlobí

Re: Daemon tools zlobí

Re: Daemon tools zlobí