Dobrý den mám problém, zjistil jsem, že se mi změnily některé části v systému z jazyka českého na ruský. Potom začal systém běhat dost pomalu a nakonec mi to hodilo nenačtení do systému. Naštěstí přes nouzový stav jsem to rozběhl, ale v normálním režimu to hází modrou smrt.
Zde LOG
Logfile of random's system information tool 1.08 (written by random/random)
Run by Admin at 2010-09-25 12:23:21
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 49 GB (32%) free of 153 GB
Total RAM: 3071 MB (75% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:25:35, on 25.9.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ASMBB\win32\waudit.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\ASMBB\win32\wauditu.exe
C:\WINDOWS\explorer.exe
C:\DOCUME~1\Admin\LOCALS~1\Temp\mexe.com
C:\Documents and Settings\Admin\Local Settings\Data aplikaci\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Admin\Local Settings\Data aplikaci\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Admin\Local Settings\Data aplikaci\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Admin\Local Settings\Data aplikaci\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Admin\Local Settings\Data aplikaci\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Admin\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Admin.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Pomocnб sluћba pro pшihlбљenн ke sluћbм Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [RAM Idle Professional] C:\Program Files\RAM Idle LE\RAM_XP.exe
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [WallpaperDownloader] C:\Program Files\WallpaperDownloader\WallpaperDownloader.exe -minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [SystemExplorerAutoStart] "C:\Program Files\System Explorer\SystemExplorer.exe" /TRAY
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Pridat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Pridat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojene poznamky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojene poznamky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} (Active602XMLFiller Control) - https://www.mojedatovaschranka.cz/stati ... ?3,16,13,0
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5985630437
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} (CryptSignX Control) - https://adisepo.mfcr.cz/adistc/adis/idp ... tsignx.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2DCCF6B3-95E2-4288-B6C5-B9A035737551}: NameServer = 94.138.116.1,94.138.116.10
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipameti kategorii soucasti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Sluzba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Private Folder Service (prfldsvc) - Unknown owner - C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: waudit - ASM Software LLC - C:\WINDOWS\ASMBB\win32\waudit.exe
--
End of file - 10615 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{C9FCF412-94E5-42B5-919B-CBC1415B2E6A}.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{E95D08AC-BEE2-4844-B8BD-E5603F2D69C4}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocnб sluћba pro pшihlбљenн ke sluћbм Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-12 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CTHelper"=C:\WINDOWS\system32\CTHELPER.EXE [2009-06-23 19456]
"tsnpstd3"=C:\WINDOWS\tsnpstd3.exe [2005-12-20 94208]
"snpstd3"=C:\WINDOWS\vsnpstd3.exe [2005-09-05 339968]
"RAM Idle Professional"=C:\Program Files\RAM Idle LE\RAM_XP.exe [2006-01-17 135168]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-07-07 1753192]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-07-09 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-07-09 13923432]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WallpaperDownloader"=C:\Program Files\WallpaperDownloader\WallpaperDownloader.exe [2010-01-28 655360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"SystemExplorerAutoStart"=C:\Program Files\System Explorer\SystemExplorer.exe [2010-09-10 2220032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabidka Start^Programy^Po spusteni^Windows Search.lnk]
C:\PROGRA~1\WINDOW~3\WINDOW~1.EXE [2008-05-26 123904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SeaPort"=2
"Microsoft Office Groove Audit Service"=3
"idsvc"=3
"IDriverT"=3
"Bonjour Service"=2
"Apple Mobile Device"=2
C:\Documents and Settings\All Users\Nabidka Start\Programy\Po spusteni
BTTray.lnk - C:\Program Files\MSI\Bluetooth Software\BTTray.exe
C:\Documents and Settings\Admin\Nabidka Start\Programy\Po spusteni
MailWasherPro.lnk - C:\Program Files\Firetrust\MailWasher\MailWasherPro.exe
SystemExplorerDisabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\TC UP\PLUGINS\Media\uTorrent\utorrent.exe"="C:\Program Files\TC UP\PLUGINS\Media\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\Opera 10.50 Beta\opera.exe"="C:\Program Files\Opera 10.50 Beta\opera.exe:*:Enabled:Opera Internet Browser"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Disney Interactive Studios\Split Second\SplitSecond.exe"="C:\Program Files\Disney Interactive Studios\Split Second\SplitSecond.exe:*:Enabled:Split/Second"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
======File associations======
.inf - open - "C:\Program Files\TC UP\PLUGINS\Media\Notepad++\notepad++.exe" "%1"
.inf - install -
.ini - open - notepad.exe %1
======List of files/folders created in the last 1 months======
2010-09-25 12:23:21 ----D---- C:\rsit
2010-09-25 12:23:21 ----D---- C:\Program Files\trend micro
2010-09-25 12:21:37 ----AD---- C:\WINDOWS\rundll16.exe
2010-09-25 12:21:37 ----AD---- C:\WINDOWS\logo1_.exe
2010-09-25 12:18:36 ----A---- C:\WINDOWS\system32\TASKMGR.COM
2010-09-25 12:18:36 ----A---- C:\WINDOWS\REGEDIT.COM
2010-09-25 12:17:32 ----A---- C:\ComboFix.txt
2010-09-25 12:16:26 ----SHD---- C:\RECYCLER
2010-09-25 11:59:34 ----ASH---- C:\hiberfil.sys
2010-09-25 11:56:24 ----D---- C:\WINDOWS\temp
2010-09-25 11:52:07 ----RA---- C:\ComboFix.exe
2010-09-25 11:38:17 ----D---- C:\Qoobox
2010-09-25 11:32:34 ----A---- C:\WINDOWS\ntbtlog.txt
2010-09-25 11:32:32 ----ASH---- C:\pagefile.sys
2010-09-25 10:35:51 ----A---- C:\WINDOWS\system32\drivers\sptd.sys
2010-09-23 21:05:29 ----A---- C:\WINDOWS\system32\chsbrkr.dll
2010-09-23 21:05:28 ----A---- C:\WINDOWS\system32\korwbrkr.dll
2010-09-23 21:05:28 ----A---- C:\WINDOWS\system32\chtbrkr.dll
2010-09-23 21:05:27 ----A---- C:\WINDOWS\system32\msir3jp.dll
2010-09-23 21:05:13 ----A---- C:\WINDOWS\system32\kbd101a.dll
2010-09-23 21:05:07 ----A---- C:\WINDOWS\system32\kbdnecNT.dll
2010-09-23 21:05:07 ----A---- C:\WINDOWS\system32\kbdnecAT.dll
2010-09-23 21:05:07 ----A---- C:\WINDOWS\system32\kbdnec95.dll
2010-09-23 21:04:48 ----A---- C:\WINDOWS\system32\c_is2022.dll
2010-09-23 21:04:41 ----A---- C:\WINDOWS\system32\kbdkor.dll
2010-09-23 21:04:41 ----A---- C:\WINDOWS\system32\kbdjpn.dll
2010-09-23 21:04:41 ----A---- C:\WINDOWS\system32\kbd103.dll
2010-09-23 21:04:41 ----A---- C:\WINDOWS\system32\kbd101c.dll
2010-09-23 21:04:38 ----A---- C:\WINDOWS\system32\kbd101b.dll
2010-09-23 21:04:37 ----A---- C:\WINDOWS\system32\kbd106.dll
2010-09-23 21:04:35 ----RA---- C:\WINDOWS\system32\kbdintel.dll
2010-09-23 21:04:35 ----RA---- C:\WINDOWS\system32\kbdintam.dll
2010-09-23 21:04:35 ----RA---- C:\WINDOWS\system32\kbdinpun.dll
2010-09-23 21:04:35 ----RA---- C:\WINDOWS\system32\kbdinmar.dll
2010-09-23 21:04:35 ----RA---- C:\WINDOWS\system32\kbdinkan.dll
2010-09-23 21:04:35 ----RA---- C:\WINDOWS\system32\kbdinhin.dll
2010-09-23 21:04:35 ----RA---- C:\WINDOWS\system32\kbdinguj.dll
2010-09-23 21:04:35 ----RA---- C:\WINDOWS\system32\kbdindev.dll
2010-09-23 21:04:35 ----RA---- C:\WINDOWS\system32\kbdgeo.dll
2010-09-23 21:04:35 ----RA---- C:\WINDOWS\system32\kbdarmw.dll
2010-09-23 21:04:35 ----RA---- C:\WINDOWS\system32\kbdarme.dll
2010-09-23 21:04:35 ----A---- C:\WINDOWS\system32\Thawbrkr.dll
2010-09-23 21:04:34 ----RA---- C:\WINDOWS\system32\kbdvntc.dll
2010-09-23 21:04:34 ----A---- C:\WINDOWS\system32\c_iscii.dll
2010-09-23 21:04:33 ----RA---- C:\WINDOWS\system32\kbdsyr2.dll
2010-09-23 21:04:33 ----RA---- C:\WINDOWS\system32\kbdsyr1.dll
2010-09-23 21:04:33 ----RA---- C:\WINDOWS\system32\kbddiv2.dll
2010-09-23 21:04:33 ----RA---- C:\WINDOWS\system32\kbddiv1.dll
2010-09-23 21:04:32 ----RA---- C:\WINDOWS\system32\kbdurdu.dll
2010-09-23 21:04:32 ----RA---- C:\WINDOWS\system32\kbdfa.dll
2010-09-23 21:04:32 ----RA---- C:\WINDOWS\system32\kbda3.dll
2010-09-23 21:04:32 ----RA---- C:\WINDOWS\system32\kbda2.dll
2010-09-23 21:04:32 ----RA---- C:\WINDOWS\system32\kbda1.dll
2010-09-23 21:04:32 ----A---- C:\WINDOWS\system32\kbdusa.dll
2010-09-23 21:04:30 ----RA---- C:\WINDOWS\system32\kbdheb.dll
2010-09-23 21:04:27 ----RA---- C:\WINDOWS\system32\kbdth3.dll
2010-09-23 21:04:26 ----RA---- C:\WINDOWS\system32\kbdth2.dll
2010-09-23 21:04:26 ----RA---- C:\WINDOWS\system32\kbdth1.dll
2010-09-23 21:04:26 ----RA---- C:\WINDOWS\system32\kbdth0.dll
2010-09-23 21:04:26 ----A---- C:\WINDOWS\system32\ftlx041e.dll
2010-09-23 20:49:53 ----HD---- C:\WINDOWS\$hf_mig$
2010-09-23 20:47:48 ----A---- C:\WINDOWS\imsins.BAK
2010-09-23 20:47:18 ----D---- C:\WINDOWS\system32\WindowsPowerShell
2010-09-23 20:47:17 ----D---- C:\WINDOWS\system32\winrm
2010-09-23 20:47:14 ----HDC---- C:\WINDOWS\$968930Uinstall_KB968930$
2010-09-23 20:47:06 ----D---- C:\WINDOWS\$NtUninstallKB968930$
2010-09-22 17:40:24 ----A---- C:\WINDOWS\system32\OLD61B.tmp
2010-09-22 17:40:24 ----A---- C:\WINDOWS\system32\msisip.dll
2010-09-22 17:40:22 ----A---- C:\WINDOWS\system32\OLD60F.tmp
2010-09-22 17:40:22 ----A---- C:\WINDOWS\system32\msihnd.dll
2010-09-22 17:40:20 ----A---- C:\WINDOWS\system32\OLD60C.tmp
2010-09-22 17:40:20 ----A---- C:\WINDOWS\system32\msi.dll
2010-09-22 17:28:54 ----A---- C:\WINDOWS\system32\OLDDC.tmp
2010-09-22 17:12:40 ----N---- C:\WINDOWS\{00000001-00000000-00000000-00001102-00000004-00521102}.BAK
2010-09-22 16:51:08 ----D---- C:\Program Files\CooL Wallpaper Changer
2010-09-22 16:29:54 ----RA---- C:\WINDOWS\system32\drivers\SbFw.sys
2010-09-22 16:29:54 ----A---- C:\WINDOWS\system32\drivers\SbFwIm.sys
2010-09-20 19:08:24 ----D---- C:\Program Files\DVDFab 8
2010-09-20 16:04:40 ----D---- C:\Documents and Settings\Admin\Data aplikaci\HateML
2010-09-19 17:36:53 ----A---- C:\WINDOWS\system32\wvc1dmod.dll
2010-09-16 19:40:52 ----D---- C:\Documents and Settings\All Users\Data aplikaci\Boss Media
2010-09-16 17:25:52 ----D---- C:\Program Files\MumboJumbo
2010-09-14 12:03:22 ----A---- C:\WINDOWS\system32\drivers\giveio.sys
2010-09-14 12:03:18 ----D---- C:\Program Files\SensorsView
2010-09-14 11:48:39 ----D---- C:\Documents and Settings\All Users\Data aplikaci\SystemExplorer
2010-09-14 11:48:33 ----D---- C:\Program Files\System Explorer
2010-09-13 15:08:19 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2010-09-13 15:08:19 ----D---- C:\Documents and Settings\All Users\Data aplikaci\Blizzard Entertainment
2010-09-09 17:27:11 ----RA---- C:\WINDOWS\system32\tmp3F1.tmp
2010-09-09 17:27:11 ----RA---- C:\WINDOWS\system32\tmp3F0.tmp
2010-09-09 16:50:52 ----D---- C:\Program Files\Steam
2010-09-09 16:50:43 ----RA---- C:\WINDOWS\system32\tmp304.tmp
2010-09-09 16:50:43 ----RA---- C:\WINDOWS\system32\tmp303.tmp
2010-09-09 16:36:43 ----A---- C:\WINDOWS\UC.PIF
2010-09-09 16:36:43 ----A---- C:\WINDOWS\RAR.PIF
2010-09-09 16:36:43 ----A---- C:\WINDOWS\PKZIP.PIF
2010-09-09 16:36:43 ----A---- C:\WINDOWS\PKUNZIP.PIF
2010-09-09 16:36:43 ----A---- C:\WINDOWS\NOCLOSE.PIF
2010-09-09 16:36:43 ----A---- C:\WINDOWS\LHA.PIF
2010-09-09 16:36:43 ----A---- C:\WINDOWS\ARJ.PIF
2010-09-09 16:36:42 ----D---- C:\Documents and Settings\Admin\Data aplikaci\GHISLER
2010-09-09 15:53:36 ----RA---- C:\WINDOWS\system32\tmp214.tmp
2010-09-09 15:53:36 ----RA---- C:\WINDOWS\system32\tmp213.tmp
2010-09-09 13:27:48 ----RA---- C:\WINDOWS\system32\tmp18C.tmp
2010-09-09 13:27:48 ----RA---- C:\WINDOWS\system32\tmp18B.tmp
2010-09-09 13:27:48 ----D---- C:\Program Files\OpenAL
2010-09-09 12:16:27 ----D---- C:\WINDOWS\ASMBB
2010-09-09 12:16:27 ----A---- C:\WINDOWS\system32\drivers\KHCAP.sys
2010-09-08 01:15:34 ----D---- C:\Documents and Settings\Admin\Data aplikaci\Posta
2010-09-07 20:14:08 ----D---- C:\Program Files\2K Games
2010-09-06 15:47:40 ----D---- C:\Documents and Settings\All Users\Data aplikaci\F-Secure
2010-09-06 15:35:02 ----D---- C:\Documents and Settings\Admin\Data aplikaci\QuickScan
2010-09-05 13:00:22 ----D---- C:\Documents and Settings\Admin\Data aplikaci\Quest3D
2010-09-05 13:00:20 ----D---- C:\Documents and Settings\Admin\Data aplikaci\Roaming
2010-09-03 13:16:52 ----D---- C:\Program Files\Namco
2010-09-02 21:55:52 ----D---- C:\Documents and Settings\Admin\Data aplikaci\ProtectDISC
2010-09-02 21:55:25 ----D---- C:\Program Files\IQ Publishing
2010-09-02 21:52:22 ----A---- C:\WINDOWS\system32\drivers\sptd.sys.28684971
2010-09-02 19:36:21 ----D---- C:\Documents and Settings\All Users\Data aplikaci\Firetrust
2010-09-02 19:36:20 ----D---- C:\Program Files\Firetrust
2010-09-02 19:36:05 ----D---- C:\Documents and Settings\Admin\Data aplikaci\Firetrust
2010-09-01 20:24:48 ----A---- C:\WINDOWS\system32\cdintf400.dll
2010-08-31 21:55:23 ----D---- C:\Program Files\Microsoft Synchronization Services
2010-08-31 21:55:21 ----D---- C:\Program Files\Common Files\DESIGNER
2010-08-31 21:46:41 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-08-31 21:45:46 ----D---- C:\Program Files\Microsoft Analysis Services
2010-08-31 21:43:52 ----RD---- C:\MSOCache
2010-08-31 17:20:53 ----D---- C:\Documents and Settings\All Users\Data aplikaci\TreeCardGames
2010-08-31 17:20:53 ----D---- C:\Documents and Settings\Admin\Data aplikaci\MahJong Suite
2010-08-31 17:20:26 ----D---- C:\Program Files\MahJong Suite
2010-08-31 16:49:43 ----D---- C:\Program Files\Studio 3
2010-08-30 15:47:16 ----D---- C:\Documents and Settings\Admin\Data aplikaci\Dignita
2010-08-30 15:40:29 ----D---- C:\Documents and Settings\Admin\Data aplikaci\ISDS2Mail
======List of files/folders modified in the last 1 months======
2010-09-25 12:23:46 ----D---- C:\WINDOWS
2010-09-25 12:23:21 ----RD---- C:\Program Files
2010-09-25 12:18:36 ----D---- C:\WINDOWS\system32
2010-09-25 12:14:42 ----A---- C:\WINDOWS\system.ini
2010-09-25 12:10:51 ----D---- C:\WINDOWS\system32\drivers
2010-09-25 12:10:51 ----D---- C:\WINDOWS\AppPatch
2010-09-25 12:10:49 ----D---- C:\Program Files\Common Files
2010-09-25 12:05:28 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-25 12:05:09 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-09-25 11:49:46 ----D---- C:\WINDOWS\system32\drivers\etc
2010-09-25 11:43:41 ----SHD---- C:\System Volume Information
2010-09-25 11:43:41 ----D---- C:\WINDOWS\system32\Restore
2010-09-25 11:36:12 ----D---- C:\WINDOWS\Prefetch
2010-09-25 10:38:44 ----D---- C:\Program Files\DAEMON Tools Lite
2010-09-25 10:34:44 ----D---- C:\Documents and Settings\Admin\Data aplikaci\Wallpaper
2010-09-23 21:15:18 ----D---- C:\WINDOWS\system32\config
2010-09-23 21:05:35 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-09-23 21:05:19 ----RSD---- C:\WINDOWS\Fonts
2010-09-23 21:05:16 ----D---- C:\WINDOWS\Help
2010-09-23 21:05:15 ----HD---- C:\WINDOWS\inf
2010-09-23 20:53:55 ----D---- C:\WINDOWS\security
2010-09-23 20:49:55 ----D---- C:\Program Files\Internet Explorer
2010-09-23 20:49:53 ----D---- C:\WINDOWS\ie8updates
2010-09-23 20:49:51 ----SHD---- C:\WINDOWS\Installer
2010-09-23 20:48:56 ----RSD---- C:\WINDOWS\assembly
2010-09-23 20:48:56 ----D---- C:\WINDOWS\Microsoft.NET
2010-09-23 20:48:41 ----D---- C:\WINDOWS\system32\DirectX
2010-09-23 20:47:17 ----D---- C:\WINDOWS\system32\wbem
2010-09-23 20:46:54 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-09-23 20:46:48 ----D---- C:\Program Files\Microsoft
2010-09-22 17:07:44 ----D---- C:\NVIDIA
2010-09-22 16:50:49 ----D---- C:\Downloads
2010-09-22 16:46:24 ----D---- C:\Program Files\WallpaperDownloader
2010-09-22 16:43:35 ----D---- C:\WINDOWS\system32\rserver30
2010-09-22 16:34:08 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-09-22 16:34:05 ----D---- C:\WINDOWS\addins
2010-09-22 16:30:22 ----D---- C:\WINDOWS\system32\CatRoot
2010-09-22 16:18:43 ----D---- C:\WINDOWS\Debug
2010-09-22 16:12:08 ----D---- C:\WINDOWS\Downloaded Installations
2010-09-22 16:00:24 ----RASH---- C:\boot.ini
2010-09-22 16:00:24 ----A---- C:\WINDOWS\win.ini
2010-09-22 11:40:31 ----D---- C:\Documents and Settings
2010-09-21 17:23:59 ----D---- C:\Program Files\USDownloader
2010-09-20 19:08:41 ----D---- C:\Documents and Settings\Admin\Data aplikaci\Vso
2010-09-20 16:28:14 ----D---- C:\WINDOWS\WinSxS
2010-09-20 16:28:12 ----D---- C:\Documents and Settings\All Users\Data aplikaci\Nero
2010-09-18 22:51:15 ----D---- C:\WINDOWS\Registration
2010-09-16 18:31:51 ----D---- C:\Program Files\iTV
2010-09-15 12:34:40 ----A---- C:\WINDOWS\system32\MRT.exe
2010-09-10 21:32:32 ----SD---- C:\WINDOWS\Tasks
2010-09-09 17:27:11 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2010-09-09 17:27:11 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2010-09-09 16:36:43 ----D---- C:\Program Files\TC UP
2010-09-09 11:25:24 ----D---- C:\Program Files\City Interactive
2010-09-07 20:28:14 ----D---- C:\Program Files\NVIDIA Corporation
2010-09-07 20:28:13 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-09-07 17:11:54 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-09-07 09:19:34 ----D---- C:\Program Files\Microsoft Silverlight
2010-09-01 20:24:59 ----D---- C:\Documents and Settings\Admin\Data aplikaci\602XML
2010-09-01 17:08:38 ----D---- C:\Documents and Settings\All Users\Data aplikaci\Microsoft Help
2010-08-31 22:40:43 ----SD---- C:\Documents and Settings\Admin\Data aplikaci\Microsoft
2010-08-31 22:09:03 ----D---- C:\WINDOWS\SHELLNEW
2010-08-31 21:56:14 ----D---- C:\Program Files\MSBuild
2010-08-31 21:54:40 ----D---- C:\Program Files\Microsoft Office
2010-08-31 21:54:38 ----SD---- C:\Documents and Settings\All Users\Data aplikaci\Microsoft
2010-08-31 21:54:38 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2010-08-31 21:38:44 ----D---- C:\Program Files\Microsoft Works
2010-08-30 11:51:30 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-08-27 13:13:57 ----D---- C:\Program Files\Windows Sidebar
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 BTKRNL;Bluetooth Protocol Stack; C:\WINDOWS\system32\drivers\btkrnl.sys [2004-03-31 1260106]
R0 giveio;giveio; C:\WINDOWS\system32\drivers\giveio.sys [1996-04-03 5248]
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-08-21 105344]
R0 ohci1394;Hostitelsky radic IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-05-17 50176]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2005-05-16 19968]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-06-27 66560]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-09-07 28880]
R1 AmdK8;Ovladac procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys []
R1 kbdhid;Ovladac klavesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 LADriver;LADriver; \??\C:\WINDOWS\system32\drivers\LADriver.sys []
R1 LDDriver;LDDriver; \??\C:\WINDOWS\system32\drivers\LDDriver.sys []
R1 LHDriver;LHDriver; \??\C:\WINDOWS\system32\drivers\LHDriver.sys []
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R1 Tcpip6;Ovladac protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R1 VD_FileDisk;VD_FileDisk; C:\WINDOWS\system32\drivers\VD_FileDisk.sys [2006-01-13 15872]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-09-07 100176]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2010-06-19 281760]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2010-06-19 25888]
R2 Prvflder;Prvflder; C:\WINDOWS\system32\DRIVERS\prvflder.sys [2006-04-21 70912]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-09-07 23376]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2004-03-31 16640]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2004-03-31 30235]
R3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2004-03-31 146684]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2004-03-31 52856]
R3 COMMONFX.SYS;COMMONFX.SYS; C:\WINDOWS\System32\drivers\COMMONFX.SYS [2009-06-23 99352]
R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\system32\drivers\ctac32k.sys [2009-06-23 511000]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2009-06-23 528408]
R3 CTAUDFX.SYS;CTAUDFX.SYS; C:\WINDOWS\System32\drivers\CTAUDFX.SYS [2009-06-23 555032]
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\system32\drivers\ctprxy2k.sys [2009-06-23 14360]
R3 CTSBLFX.SYS;CTSBLFX.SYS; C:\WINDOWS\System32\drivers\CTSBLFX.SYS [2009-06-23 566296]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\drivers\ctsfm2k.sys [2009-06-23 157208]
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\system32\drivers\emupia2k.sys [2009-06-23 92696]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2009-06-23 798744]
R3 hidusb;Ovladac tridy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 KHCAP;KHCap Packet Driver (KHCAP); C:\WINDOWS\system32\drivers\KHCAP.sys [2010-09-09 41216]
R3 mirrorv3;mirrorv3; C:\WINDOWS\system32\DRIVERS\rminiv3.sys [2010-04-21 3328]
R3 mouhid;Ovladac mysi standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-07-10 10604128]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-09-11 57856]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-09-11 19968]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2009-06-23 127512]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-05-09 47360]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 SNPSTD3;USB PC Camera (SNPSTD3); C:\WINDOWS\system32\DRIVERS\snpstd3.sys [2005-12-08 8718848]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbaudio;Ovladac zvukove karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Obecny nadrazeny ovladac Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 USBSTOR;Ovladac velkokapacitniho pametoveho zarizeni USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-09-25 691696]
S1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-09-07 46672]
S1 KLIF;KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [2008-12-11 148496]
S3 CCDECODE;Dekoder Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 COMMONFX;COMMONFX; C:\WINDOWS\system32\drivers\COMMONFX.SYS [2009-06-23 99352]
S3 CTAUDFX;CTAUDFX; C:\WINDOWS\system32\drivers\CTAUDFX.SYS [2009-06-23 555032]
S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\WINDOWS\system32\drivers\ctdvda2k.sys [2009-06-23 347080]
S3 CTERFXFX.SYS;CTERFXFX.SYS; C:\WINDOWS\System32\drivers\CTERFXFX.SYS [2009-06-23 100888]
S3 CTERFXFX;CTERFXFX; C:\WINDOWS\system32\drivers\CTERFXFX.SYS [2009-06-23 100888]
S3 CTSBLFX;CTSBLFX; C:\WINDOWS\system32\drivers\CTSBLFX.SYS [2009-06-23 566296]
S3 FLASHSYS;FLASHSYS; \??\C:\Program Files\MSI\Live Update 4\LU4\FLASHSYS.sys []
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 hap16v2k;Creative P16V HAL Driver; C:\WINDOWS\system32\drivers\hap16v2k.sys [2009-06-23 162840]
S3 hap17v2k;Creative P17V HAL Driver; C:\WINDOWS\system32\drivers\hap17v2k.sys [2009-06-23 189464]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2009-09-19 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2009-09-19 123648]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TSP;TSP; \??\C:\WINDOWS\system32\drivers\klif.sys []
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-05-23 29696]
S3 WSTCODEC;Dalnopisny kodek svetoveho standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpurne prostredi zprostredkovatele sluzeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 btwdins;Bluetooth Service; C:\Program Files\MSI\Bluetooth Software\bin\btwdins.exe [2004-03-31 135168]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2009-02-14 307200]
R2 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-07-09 155752]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-04-30 75064]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 SimpTcp;Jednoduche sluzby TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-18 19456]
R2 SNMP;SNMP; C:\WINDOWS\System32\snmp.exe [2008-04-14 32768]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
R2 waudit;waudit; C:\WINDOWS\ASMBB\win32\waudit.exe [2010-09-09 1056768]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Sluzba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-24 136176]
S2 prfldsvc;Private Folder Service; C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe [2006-04-21 69632]
S2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-02-11 79360]
S3 fsssvc;Sluzba Windows Live Zabezpeceni rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 LPDSVC;Tiskovy server TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-18 19456]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 p2pgasvc;Overovani v siti skupiny rovnocennych pocitacu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 p2pimsvc;Spravce identit site rovnocennych pocitacu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 p2psvc;Sit rovnocennych pocitacu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 PNRPSvc;Protokol PNRP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 SNMPTRAP;Zachytavani pro sluzbu SNMP; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Sluzba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosím o kontrolu LOG
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Interpol
- 1. Stupeň Varování
- Příspěvky: 65
- Registrován: 15 úno 2006 22:55
- Bydliště: Karlovy Vary
- Kontaktovat uživatele:
prosím o kontrolu LOG
Nikdy není možné dobře zabezpečit svůj systém .............
-
Rudy
- Site Admin
- Příspěvky: 119426
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu LOG
Dejte log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Interpol
- 1. Stupeň Varování
- Příspěvky: 65
- Registrován: 15 úno 2006 22:55
- Bydliště: Karlovy Vary
- Kontaktovat uživatele:
Re: prosím o kontrolu LOG
děkuji už jsem to vyřešil rychleji zálohou toho důležitého a přeinstalací systému do nového kabátu, ale díky. myslím si že to byl rootkit.
Nikdy není možné dobře zabezpečit svůj systém .............
-
Rudy
- Site Admin
- Příspěvky: 119426
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu LOG
Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?