VIRY.CZ

Dobrý den, mám takový problém, v poslední době se mi stáva, třeba i několikrát za hodinu, že přestane fungovat načítání stránek. Internet je v pořádku, všechny ostatní služby beží jako icq, downloadery, atd. pouze stránky, respektive http nespolupracuje. Dále mi nenabíhá Microsoft Outlook, pouze problikne a vypne se. Používám XP SP3. Děkuji za kontrolu.

Logfile of random's system information tool 1.08 (written by random/random)
Run by MistrGO at 2010-11-20 08:32:28
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 1 GB (6%) free of 20 GB
Total RAM: 2047 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:32:34, on 20.11.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\NetLimiter\NetLimiter.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\ICQ\ICQ.exe
C:\Documents and Settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\11\ISUSPM.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\system32\ASTSRV.EXE
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\MistrGO\Plocha\RSIT(2).exe
C:\Program Files\trend micro\MistrGO.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: HP Smart Web Printing 1.0 - {AE84A6AA-A333-4B92-B276-C11E2212E4FE} - C:\Program Files\HP\Smart Web Printing\SmartWebPrinting.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NetLimiter] C:\Program Files\NetLimiter\NetLimiter.exe /s
O4 - HKLM\..\Run: [Mirabilis ICQ] C:\PROGRA~1\ICQ\ICQNet.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Documents and Settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\11\ISUSPM.exe" -scheduler
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Photo Express Calendar Checker SE.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O4 - Global Startup: WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 6294689875
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\WINDOWS\system32\ASTSRV.EXE
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CADopia License Manager - Unknown owner - C:\OrCAD\OrCAD_10.5\INTELL~1\LicenseManager\lmgrd.exe (file missing)
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Flexlm (lmgrd) - Unknown owner - C:\OrCAD\OrCAD_10.5\IntelliCAD 4\LicenseManager\lmgrd.exe (file missing)
O23 - Service: My Web Search Service (MyWebSearchService) - Unknown owner - C:\PROGRA~1\MyWebSearch\bar\1.bin\mwssvc.exe (file missing)
O23 - Service: NitroPDFDriverCreatorReadSpool (NitroDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: WD SmartWare Drive Manager (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

--
End of file - 10520 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-329068152-507921405-1177238915-1003.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-329068152-507921405-1177238915-1003.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F364306-AA45-47B5-9F9D-39A8B94E7EF1}]
FG2CatchUrl - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll [2008-08-19 104016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE84A6AA-A333-4B92-B276-C11E2212E4FE}]
CPrintEnhancer Object - C:\Program Files\HP\Smart Web Printing\SmartWebPrinting.dll [2006-12-15 599472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-09-15 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-08-02 577536]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-10-07 13574144]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-10-07 86016]
"NetLimiter"=C:\Program Files\NetLimiter\NetLimiter.exe [2008-10-16 823296]
"Mirabilis ICQ"=C:\PROGRA~1\ICQ\ICQNet.exe [2003-10-14 38984]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-10-23 202256]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-09-08 421888]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"ISUSPM"=C:\Documents and Settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\11\ISUSPM.exe [2008-04-22 222496]
""= []

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE
Photo Express Calendar Checker SE.lnk - C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe
WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
WDSmartWare.lnk - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ\Icq.exe"="C:\Program Files\ICQ\Icq.exe:*:Enabled:ICQ"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
"C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"
"D:\Program Files\EA GAMES\MOHAA\MOHAA.EXE"="D:\Program Files\EA GAMES\MOHAA\MOHAA.EXE:*:Enabled:Medal of Honor Allied Assault"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\MistrGO\Plocha\DC\StrongDC.exe"="C:\Documents and Settings\MistrGO\Plocha\DC\StrongDC.exe:*:Enabled:StrongDC++"
"I:\Program Files\eMule\emule.exe"="I:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\OrCAD\OrCAD_10.0_Demo\tools\bin\cdsMsgServer.exe"="C:\OrCAD\OrCAD_10.0_Demo\tools\bin\cdsMsgServer.exe:*:Enabled:cdsMsgServer"
"C:\OrCAD\OrCAD_10.0_Demo\tools\bin\cdsNameServer.exe"="C:\OrCAD\OrCAD_10.0_Demo\tools\bin\cdsNameServer.exe:*:Enabled:cdsNameServer"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"D:\Program Files\EA GAMES\MOHAA\moh_spearhead.exe"="D:\Program Files\EA GAMES\MOHAA\moh_spearhead.exe:*:Enabled:Medal of Honor Allied Assault(tm) Spearhead"
"C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"
"C:\OrCAD\OrCAD_10.5\setconfig.exe"="C:\OrCAD\OrCAD_10.5\setconfig.exe:*:Enabled:setconfig (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\updates.exe"="C:\OrCAD\OrCAD_10.5\updates.exe:*:Enabled:updates (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\IntelliCAD 4\icad.exe"="C:\OrCAD\OrCAD_10.5\IntelliCAD 4\icad.exe:*:Enabled:icad (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\IntelliCAD 4\LicenseManager\cadopia.exe"="C:\OrCAD\OrCAD_10.5\IntelliCAD 4\LicenseManager\cadopia.exe:*:Enabled:cadopia (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\IntelliCAD 4\LicenseManager\installs.exe"="C:\OrCAD\OrCAD_10.5\IntelliCAD 4\LicenseManager\installs.exe:*:Enabled:installs (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\IntelliCAD 4\LicenseManager\lmdown.exe"="C:\OrCAD\OrCAD_10.5\IntelliCAD 4\LicenseManager\lmdown.exe:*:Enabled:lmdown (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\IntelliCAD 4\LicenseManager\lmgrd.exe"="C:\OrCAD\OrCAD_10.5\IntelliCAD 4\LicenseManager\lmgrd.exe:*:Enabled:lmgrd (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\IntelliCAD 4\LicenseManager\lmhostid.exe"="C:\OrCAD\OrCAD_10.5\IntelliCAD 4\LicenseManager\lmhostid.exe:*:Enabled:lmhostid (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\IntelliCAD 4\LicenseManager\lmtools.exe"="C:\OrCAD\OrCAD_10.5\IntelliCAD 4\LicenseManager\lmtools.exe:*:Enabled:lmtools (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\IntelliCAD 4\LicenseManager\lmutil.exe"="C:\OrCAD\OrCAD_10.5\IntelliCAD 4\LicenseManager\lmutil.exe:*:Enabled:lmutil (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\cdsdoc.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\cdsdoc.exe:*:Enabled:cdsdoc (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\cdsinfo.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\cdsinfo.exe:*:Enabled:cdsinfo (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\cdsmps.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\cdsmps.exe:*:Enabled:cdsmps (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\cdsMsgServer.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\cdsMsgServer.exe:*:Enabled:cdsMsgServer (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\cdsNameServer.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\cdsNameServer.exe:*:Enabled:cdsNameServer (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\cdsRemshClient.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\cdsRemshClient.exe:*:Enabled:cdsRemshClient (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\cdsRunHidden.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\cdsRunHidden.exe:*:Enabled:cdsRunHidden (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\cdsUnzip.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\cdsUnzip.exe:*:Enabled:cdsUnzip (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\cdswhich.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\cdswhich.exe:*:Enabled:cdswhich (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\cdsZip.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\cdsZip.exe:*:Enabled:cdsZip (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\cds_root.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\cds_root.exe:*:Enabled:cds_root (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\clsAdminTool.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\clsAdminTool.exe:*:Enabled:clsAdminTool (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\clsbd.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\clsbd.exe:*:Enabled:clsbd (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\clu.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\clu.exe:*:Enabled:clu (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\cmfeedback.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\cmfeedback.exe:*:Enabled:cmfeedback (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\consmgr.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\consmgr.exe:*:Enabled:consmgr (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\dregprint.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\dregprint.exe:*:Enabled:dregprint (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\mpsinfo.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\mpsinfo.exe:*:Enabled:mpsinfo (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\nmp.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\nmp.exe:*:Enabled:nmp (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\nmppath.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\nmppath.exe:*:Enabled:nmppath (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\obServer.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\obServer.exe:*:Enabled:obServer (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\van.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\van.exe:*:Enabled:van (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\versionviewer.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\versionviewer.exe:*:Enabled:versionviewer (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\capture\capture.exe"="C:\OrCAD\OrCAD_10.5\tools\capture\capture.exe:*:Enabled:capture (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\capture\comp16.exe"="C:\OrCAD\OrCAD_10.5\tools\capture\comp16.exe:*:Enabled:comp16 (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\capture\pcadi.exe"="C:\OrCAD\OrCAD_10.5\tools\capture\pcadi.exe:*:Enabled:pcadi (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\capture\pspiceexplorersrvr.exe"="C:\OrCAD\OrCAD_10.5\tools\capture\pspiceexplorersrvr.exe:*:Enabled:pspiceexplorersrvr (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\capture\pstswp.exe"="C:\OrCAD\OrCAD_10.5\tools\capture\pstswp.exe:*:Enabled:pstswp (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\capture\regsvr32.exe"="C:\OrCAD\OrCAD_10.5\tools\capture\regsvr32.exe:*:Enabled:regsvr32 (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\capture\sch2cap.exe"="C:\OrCAD\OrCAD_10.5\tools\capture\sch2cap.exe:*:Enabled:sch2cap (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\capture\SETBROWS.EXE"="C:\OrCAD\OrCAD_10.5\tools\capture\SETBROWS.EXE:*:Enabled:SETBROWS (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\capture\tutorial\CAPTUTOR.EXE"="C:\OrCAD\OrCAD_10.5\tools\capture\tutorial\CAPTUTOR.EXE:*:Enabled:CAPTUTOR (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\cdsdoc\bin\cdsdocIndexer.exe"="C:\OrCAD\OrCAD_10.5\tools\cdsdoc\bin\cdsdocIndexer.exe:*:Enabled:cdsdocIndexer (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\cdsdoc\bin\obServer.exe"="C:\OrCAD\OrCAD_10.5\tools\cdsdoc\bin\obServer.exe:*:Enabled:obServer (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\dfII\bin\cdsservipc.exe"="C:\OrCAD\OrCAD_10.5\tools\dfII\bin\cdsservipc.exe:*:Enabled:cdsservipc (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\dfII\bin\skill.exe"="C:\OrCAD\OrCAD_10.5\tools\dfII\bin\skill.exe:*:Enabled:skill (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\dfII\bin\skill_g.exe"="C:\OrCAD\OrCAD_10.5\tools\dfII\bin\skill_g.exe:*:Enabled:skill_g (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\fet\bin\bodygen.exe"="C:\OrCAD\OrCAD_10.5\tools\fet\bin\bodygen.exe:*:Enabled:bodygen (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\fet\bin\cpmaccess.exe"="C:\OrCAD\OrCAD_10.5\tools\fet\bin\cpmaccess.exe:*:Enabled:cpmaccess (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\fet\bin\libaccess.exe"="C:\OrCAD\OrCAD_10.5\tools\fet\bin\libaccess.exe:*:Enabled:libaccess (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\fet\bin\mkdefcfg.exe"="C:\OrCAD\OrCAD_10.5\tools\fet\bin\mkdefcfg.exe:*:Enabled:mkdefcfg (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\fet\bin\newgenasym.exe"="C:\OrCAD\OrCAD_10.5\tools\fet\bin\newgenasym.exe:*:Enabled:newgenasym (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\fet\bin\projmgr.exe"="C:\OrCAD\OrCAD_10.5\tools\fet\bin\projmgr.exe:*:Enabled:projmgr (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\fet\bin\psetup.exe"="C:\OrCAD\OrCAD_10.5\tools\fet\bin\psetup.exe:*:Enabled:psetup (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\fet\bin\versiontool.exe"="C:\OrCAD\OrCAD_10.5\tools\fet\bin\versiontool.exe:*:Enabled:versiontool (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\jre\javaws-1_2_0_02-windows-i586-i.exe"="C:\OrCAD\OrCAD_10.5\tools\jre\javaws-1_2_0_02-windows-i586-i.exe:*:Enabled:javaws-1_2_0_02-windows-i586-i (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\jre\bin\java.exe"="C:\OrCAD\OrCAD_10.5\tools\jre\bin\java.exe:*:Enabled:java (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\jre\bin\javaw.exe"="C:\OrCAD\OrCAD_10.5\tools\jre\bin\javaw.exe:*:Enabled:javaw (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\jre\bin\jpicpl32.exe"="C:\OrCAD\OrCAD_10.5\tools\jre\bin\jpicpl32.exe:*:Enabled:jpicpl32 (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\jre\bin\keytool.exe"="C:\OrCAD\OrCAD_10.5\tools\jre\bin\keytool.exe:*:Enabled:keytool (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\jre\bin\kinit.exe"="C:\OrCAD\OrCAD_10.5\tools\jre\bin\kinit.exe:*:Enabled:kinit (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\jre\bin\klist.exe"="C:\OrCAD\OrCAD_10.5\tools\jre\bin\klist.exe:*:Enabled:klist (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\jre\bin\ktab.exe"="C:\OrCAD\OrCAD_10.5\tools\jre\bin\ktab.exe:*:Enabled:ktab (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\jre\bin\orbd.exe"="C:\OrCAD\OrCAD_10.5\tools\jre\bin\orbd.exe:*:Enabled:orbd (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\jre\bin\policytool.exe"="C:\OrCAD\OrCAD_10.5\tools\jre\bin\policytool.exe:*:Enabled:policytool (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\jre\bin\rmid.exe"="C:\OrCAD\OrCAD_10.5\tools\jre\bin\rmid.exe:*:Enabled:rmid (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\jre\bin\rmiregistry.exe"="C:\OrCAD\OrCAD_10.5\tools\jre\bin\rmiregistry.exe:*:Enabled:rmiregistry (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\jre\bin\servertool.exe"="C:\OrCAD\OrCAD_10.5\tools\jre\bin\servertool.exe:*:Enabled:servertool (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\jre\bin\tnameserv.exe"="C:\OrCAD\OrCAD_10.5\tools\jre\bin\tnameserv.exe:*:Enabled:tnameserv (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\fvupdateutil.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\fvupdateutil.exe:*:Enabled:fvupdateutil (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\gcad.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\gcad.exe:*:Enabled:gcad (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\gcam.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\gcam.exe:*:Enabled:gcam (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\gcdin.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\gcdin.exe:*:Enabled:gcdin (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\idfin.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\idfin.exe:*:Enabled:idfin (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\ipc356.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\ipc356.exe:*:Enabled:ipc356 (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\layout.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\layout.exe:*:Enabled:layout (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\libcat.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\libcat.exe:*:Enabled:libcat (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\lsession.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\lsession.exe:*:Enabled:lsession (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\max2hyp.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\max2hyp.exe:*:Enabled:max2hyp (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\maxascb.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\maxascb.exe:*:Enabled:maxascb (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\maxascx.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\maxascx.exe:*:Enabled:maxascx (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\maxdxf.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\maxdxf.exe:*:Enabled:maxdxf (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\maxeco.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\maxeco.exe:*:Enabled:maxeco (Release OrCAD 10.5)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
"C:\OrCAD\OrCAD_10.5\setconfig.exe"="C:\OrCAD\OrCAD_10.5\setconfig.exe:*:Enabled:setconfig (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\updates.exe"="C:\OrCAD\OrCAD_10.5\updates.exe:*:Enabled:updates (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\IntelliCAD 4\icad.exe"="C:\OrCAD\OrCAD_10.5\IntelliCAD 4\icad.exe:*:Enabled:icad (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\IntelliCAD 4\LicenseManager\cadopia.exe"="C:\OrCAD\OrCAD_10.5\IntelliCAD 4\LicenseManager\cadopia.exe:*:Enabled:cadopia (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\IntelliCAD 4\LicenseManager\installs.exe"="C:\OrCAD\OrCAD_10.5\IntelliCAD 4\LicenseManager\installs.exe:*:Enabled:installs (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\IntelliCAD 4\LicenseManager\lmdown.exe"="C:\OrCAD\OrCAD_10.5\IntelliCAD 4\LicenseManager\lmdown.exe:*:Enabled:lmdown (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\IntelliCAD 4\LicenseManager\lmgrd.exe"="C:\OrCAD\OrCAD_10.5\IntelliCAD 4\LicenseManager\lmgrd.exe:*:Enabled:lmgrd (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\IntelliCAD 4\LicenseManager\lmhostid.exe"="C:\OrCAD\OrCAD_10.5\IntelliCAD 4\LicenseManager\lmhostid.exe:*:Enabled:lmhostid (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\IntelliCAD 4\LicenseManager\lmtools.exe"="C:\OrCAD\OrCAD_10.5\IntelliCAD 4\LicenseManager\lmtools.exe:*:Enabled:lmtools (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\IntelliCAD 4\LicenseManager\lmutil.exe"="C:\OrCAD\OrCAD_10.5\IntelliCAD 4\LicenseManager\lmutil.exe:*:Enabled:lmutil (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\cdsdoc.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\cdsdoc.exe:*:Enabled:cdsdoc (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\cdsinfo.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\cdsinfo.exe:*:Enabled:cdsinfo (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\cdsmps.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\cdsmps.exe:*:Enabled:cdsmps (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\cdsMsgServer.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\cdsMsgServer.exe:*:Enabled:cdsMsgServer (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\cdsNameServer.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\cdsNameServer.exe:*:Enabled:cdsNameServer (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\cdsRemshClient.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\cdsRemshClient.exe:*:Enabled:cdsRemshClient (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\cdsRunHidden.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\cdsRunHidden.exe:*:Enabled:cdsRunHidden (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\cdsUnzip.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\cdsUnzip.exe:*:Enabled:cdsUnzip (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\cdswhich.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\cdswhich.exe:*:Enabled:cdswhich (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\cdsZip.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\cdsZip.exe:*:Enabled:cdsZip (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\cds_root.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\cds_root.exe:*:Enabled:cds_root (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\clsAdminTool.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\clsAdminTool.exe:*:Enabled:clsAdminTool (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\clsbd.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\clsbd.exe:*:Enabled:clsbd (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\clu.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\clu.exe:*:Enabled:clu (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\cmfeedback.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\cmfeedback.exe:*:Enabled:cmfeedback (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\consmgr.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\consmgr.exe:*:Enabled:consmgr (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\dregprint.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\dregprint.exe:*:Enabled:dregprint (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\mpsinfo.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\mpsinfo.exe:*:Enabled:mpsinfo (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\nmp.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\nmp.exe:*:Enabled:nmp (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\nmppath.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\nmppath.exe:*:Enabled:nmppath (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\obServer.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\obServer.exe:*:Enabled:obServer (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\van.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\van.exe:*:Enabled:van (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\bin\versionviewer.exe"="C:\OrCAD\OrCAD_10.5\tools\bin\versionviewer.exe:*:Enabled:versionviewer (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\capture\capture.exe"="C:\OrCAD\OrCAD_10.5\tools\capture\capture.exe:*:Enabled:capture (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\capture\comp16.exe"="C:\OrCAD\OrCAD_10.5\tools\capture\comp16.exe:*:Enabled:comp16 (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\capture\pcadi.exe"="C:\OrCAD\OrCAD_10.5\tools\capture\pcadi.exe:*:Enabled:pcadi (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\capture\pspiceexplorersrvr.exe"="C:\OrCAD\OrCAD_10.5\tools\capture\pspiceexplorersrvr.exe:*:Enabled:pspiceexplorersrvr (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\capture\pstswp.exe"="C:\OrCAD\OrCAD_10.5\tools\capture\pstswp.exe:*:Enabled:pstswp (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\capture\regsvr32.exe"="C:\OrCAD\OrCAD_10.5\tools\capture\regsvr32.exe:*:Enabled:regsvr32 (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\capture\sch2cap.exe"="C:\OrCAD\OrCAD_10.5\tools\capture\sch2cap.exe:*:Enabled:sch2cap (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\capture\SETBROWS.EXE"="C:\OrCAD\OrCAD_10.5\tools\capture\SETBROWS.EXE:*:Enabled:SETBROWS (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\capture\tutorial\CAPTUTOR.EXE"="C:\OrCAD\OrCAD_10.5\tools\capture\tutorial\CAPTUTOR.EXE:*:Enabled:CAPTUTOR (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\cdsdoc\bin\cdsdocIndexer.exe"="C:\OrCAD\OrCAD_10.5\tools\cdsdoc\bin\cdsdocIndexer.exe:*:Enabled:cdsdocIndexer (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\cdsdoc\bin\obServer.exe"="C:\OrCAD\OrCAD_10.5\tools\cdsdoc\bin\obServer.exe:*:Enabled:obServer (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\dfII\bin\cdsservipc.exe"="C:\OrCAD\OrCAD_10.5\tools\dfII\bin\cdsservipc.exe:*:Enabled:cdsservipc (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\dfII\bin\skill.exe"="C:\OrCAD\OrCAD_10.5\tools\dfII\bin\skill.exe:*:Enabled:skill (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\dfII\bin\skill_g.exe"="C:\OrCAD\OrCAD_10.5\tools\dfII\bin\skill_g.exe:*:Enabled:skill_g (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\fet\bin\bodygen.exe"="C:\OrCAD\OrCAD_10.5\tools\fet\bin\bodygen.exe:*:Enabled:bodygen (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\fet\bin\cpmaccess.exe"="C:\OrCAD\OrCAD_10.5\tools\fet\bin\cpmaccess.exe:*:Enabled:cpmaccess (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\fet\bin\libaccess.exe"="C:\OrCAD\OrCAD_10.5\tools\fet\bin\libaccess.exe:*:Enabled:libaccess (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\fet\bin\mkdefcfg.exe"="C:\OrCAD\OrCAD_10.5\tools\fet\bin\mkdefcfg.exe:*:Enabled:mkdefcfg (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\fet\bin\newgenasym.exe"="C:\OrCAD\OrCAD_10.5\tools\fet\bin\newgenasym.exe:*:Enabled:newgenasym (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\fet\bin\projmgr.exe"="C:\OrCAD\OrCAD_10.5\tools\fet\bin\projmgr.exe:*:Enabled:projmgr (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\fet\bin\psetup.exe"="C:\OrCAD\OrCAD_10.5\tools\fet\bin\psetup.exe:*:Enabled:psetup (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\fet\bin\versiontool.exe"="C:\OrCAD\OrCAD_10.5\tools\fet\bin\versiontool.exe:*:Enabled:versiontool (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\jre\javaws-1_2_0_02-windows-i586-i.exe"="C:\OrCAD\OrCAD_10.5\tools\jre\javaws-1_2_0_02-windows-i586-i.exe:*:Enabled:javaws-1_2_0_02-windows-i586-i (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\jre\bin\java.exe"="C:\OrCAD\OrCAD_10.5\tools\jre\bin\java.exe:*:Enabled:java (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\jre\bin\javaw.exe"="C:\OrCAD\OrCAD_10.5\tools\jre\bin\javaw.exe:*:Enabled:javaw (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\jre\bin\jpicpl32.exe"="C:\OrCAD\OrCAD_10.5\tools\jre\bin\jpicpl32.exe:*:Enabled:jpicpl32 (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\jre\bin\keytool.exe"="C:\OrCAD\OrCAD_10.5\tools\jre\bin\keytool.exe:*:Enabled:keytool (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\jre\bin\kinit.exe"="C:\OrCAD\OrCAD_10.5\tools\jre\bin\kinit.exe:*:Enabled:kinit (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\jre\bin\klist.exe"="C:\OrCAD\OrCAD_10.5\tools\jre\bin\klist.exe:*:Enabled:klist (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\jre\bin\ktab.exe"="C:\OrCAD\OrCAD_10.5\tools\jre\bin\ktab.exe:*:Enabled:ktab (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\jre\bin\orbd.exe"="C:\OrCAD\OrCAD_10.5\tools\jre\bin\orbd.exe:*:Enabled:orbd (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\jre\bin\policytool.exe"="C:\OrCAD\OrCAD_10.5\tools\jre\bin\policytool.exe:*:Enabled:policytool (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\jre\bin\rmid.exe"="C:\OrCAD\OrCAD_10.5\tools\jre\bin\rmid.exe:*:Enabled:rmid (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\jre\bin\rmiregistry.exe"="C:\OrCAD\OrCAD_10.5\tools\jre\bin\rmiregistry.exe:*:Enabled:rmiregistry (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\jre\bin\servertool.exe"="C:\OrCAD\OrCAD_10.5\tools\jre\bin\servertool.exe:*:Enabled:servertool (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\jre\bin\tnameserv.exe"="C:\OrCAD\OrCAD_10.5\tools\jre\bin\tnameserv.exe:*:Enabled:tnameserv (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\fvupdateutil.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\fvupdateutil.exe:*:Enabled:fvupdateutil (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\gcad.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\gcad.exe:*:Enabled:gcad (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\gcam.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\gcam.exe:*:Enabled:gcam (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\gcdin.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\gcdin.exe:*:Enabled:gcdin (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\idfin.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\idfin.exe:*:Enabled:idfin (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\ipc356.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\ipc356.exe:*:Enabled:ipc356 (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\layout.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\layout.exe:*:Enabled:layout (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\libcat.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\libcat.exe:*:Enabled:libcat (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\lsession.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\lsession.exe:*:Enabled:lsession (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\max2hyp.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\max2hyp.exe:*:Enabled:max2hyp (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\maxascb.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\maxascb.exe:*:Enabled:maxascb (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\maxascx.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\maxascx.exe:*:Enabled:maxascx (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\maxdxf.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\maxdxf.exe:*:Enabled:maxdxf (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\maxeco.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\maxeco.exe:*:Enabled:maxeco (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\maxfnetx.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\maxfnetx.exe:*:Enabled:maxfnetx (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\maxminb.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\maxminb.exe:*:Enabled:maxminb (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\maxminw.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\maxminw.exe:*:Enabled:maxminw (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\maxminx.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\maxminx.exe:*:Enabled:maxminx (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\maxorcad.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\maxorcad.exe:*:Enabled:maxorcad (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\maxp99x.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\maxp99x.exe:*:Enabled:maxp99x (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\maxpadb.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\maxpadb.exe:*:Enabled:maxpadb (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\maxpadx.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\maxpadx.exe:*:Enabled:maxpadx (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\maxpcadb.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\maxpcadb.exe:*:Enabled:maxpcadb (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\maxpcadx.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\maxpcadx.exe:*:Enabled:maxpcadx (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\maxprotb.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\maxprotb.exe:*:Enabled:maxprotb (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\maxprotx.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\maxprotx.exe:*:Enabled:maxprotx (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\maxstrb.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\maxstrb.exe:*:Enabled:maxstrb (Release OrCAD 10.5)"
"C:\OrCAD\OrCAD_10.5\tools\layout\maxstrx.exe"="C:\OrCAD\OrCAD_10.5\tools\layout\maxstrx.exe:*:Enabled:maxstrx (Release OrCAD 10.5)"

======File associations======

.scr - open - Notepad.exe %1
.scr - install -
.scr - config -
.txt - open - C:\OrCAD\OrCAD_10.5\tools\PSpice\pspice.exe /dde

======List of files/folders created in the last 1 months======

2010-11-14 09:52:28 ----D---- C:\WINDOWS\UbiSoft
2010-11-14 09:50:18 ----A---- C:\WINDOWS\disney.ini
2010-11-13 15:50:05 ----A---- C:\WINDOWS\system32\OggDSuninst.exe
2010-11-13 15:49:08 ----D---- C:\Program Files\Garden-Simulator 2010
2010-11-12 19:32:08 ----A---- C:\cmdlog.txt
2010-10-28 08:22:31 ----A---- C:\Program Files\Uninstall Fun Web Products.dll
2010-10-25 18:26:20 ----A---- C:\WINDOWS\system32\drivers\usbser.sys
2010-10-25 18:25:54 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2010-10-25 18:25:45 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2010-10-25 18:15:32 ----D---- C:\Program Files\Common Files\Nokia
2010-10-25 18:14:57 ----D---- C:\Program Files\PC Connectivity Solution
2010-10-25 18:14:40 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys
2010-10-25 18:14:39 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys
2010-10-25 18:14:38 ----A---- C:\WINDOWS\system32\drivers\ccdcmbo.sys
2010-10-25 18:14:36 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2010-10-25 18:14:36 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2010-10-25 18:14:36 ----A---- C:\WINDOWS\system32\drivers\ccdcmb.sys
2010-10-25 18:13:51 ----D---- C:\Program Files\Nokia
2010-10-25 18:13:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\NokiaInstallerCache
2010-10-24 12:06:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2010-10-24 12:06:31 ----A---- C:\WINDOWS\system32\javaws.exe
2010-10-24 12:06:31 ----A---- C:\WINDOWS\system32\javaw.exe
2010-10-24 12:06:31 ----A---- C:\WINDOWS\system32\java.exe
2010-10-24 12:06:31 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-10-24 11:58:12 ----D---- C:\Program Files\Common Files\Java
2010-10-24 11:57:39 ----D---- C:\Program Files\Xerver
2010-10-23 09:19:59 ----D---- C:\Program Files\RapidShareManager
2010-10-23 09:09:22 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2010-10-23 09:09:17 ----A---- C:\WINDOWS\system32\pndx5032.dll
2010-10-23 09:09:17 ----A---- C:\WINDOWS\system32\pndx5016.dll
2010-10-23 09:09:09 ----D---- C:\Program Files\Common Files\xing shared
2010-10-23 09:08:51 ----D---- C:\Program Files\real

======List of files/folders modified in the last 1 months======

2010-11-20 08:32:29 ----D---- C:\Program Files\trend micro
2010-11-20 08:26:27 ----D---- C:\WINDOWS\Prefetch
2010-11-20 08:23:34 ----RD---- C:\Program Files
2010-11-20 08:06:57 ----D---- C:\WINDOWS\Temp
2010-11-20 08:03:28 ----A---- C:\WINDOWS\ULEAD32.INI
2010-11-19 22:36:29 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-11-18 17:46:42 ----D---- C:\Documents and Settings\MistrGO\Data aplikací\uTorrent
2010-11-18 08:06:40 ----HD---- C:\Config.Msi
2010-11-17 22:13:02 ----D---- C:\Program Files\ICQ
2010-11-17 11:30:01 ----SHD---- C:\WINDOWS\Installer
2010-11-17 11:29:43 ----D---- C:\WINDOWS\system32
2010-11-15 06:32:39 ----AD---- C:\WINDOWS
2010-11-14 21:24:11 ----D---- C:\WINDOWS\system32\CatRoot2
2010-11-14 10:02:19 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-14 09:36:10 ----HD---- C:\WINDOWS\inf
2010-11-14 09:36:10 ----D---- C:\WINDOWS\system32\DirectX
2010-11-12 19:31:10 ----D---- C:\WINDOWS\WinSxS
2010-11-12 19:30:41 ----RSD---- C:\WINDOWS\assembly
2010-11-07 17:05:17 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-11-07 16:37:49 ----A---- C:\Documents and Settings\MistrGO\Data aplikací\myMPQ.ini
2010-11-06 23:42:34 ----A---- C:\WINDOWS\WINCMD.INI
2010-11-06 11:56:34 ----A---- C:\WINDOWS\IfoEdit.INI
2010-11-06 10:13:54 ----D---- C:\Documents and Settings\MistrGO\Data aplikací\Apple Computer
2010-11-05 21:44:04 ----SD---- C:\WINDOWS\Tasks
2010-11-05 21:43:56 ----D---- C:\Documents and Settings\MistrGO\Data aplikací\Real
2010-11-05 21:43:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\Real
2010-11-05 12:39:02 ----D---- C:\Documents and Settings\MistrGO\Data aplikací\Nitro PDF
2010-10-31 10:34:32 ----SD---- C:\Documents and Settings\MistrGO\Data aplikací\Microsoft
2010-10-27 11:02:21 ----D---- C:\Documents and Settings\MistrGO\Data aplikací\ICQ
2010-10-25 18:31:39 ----D---- C:\Documents and Settings\MistrGO\Data aplikací\PC Suite
2010-10-25 18:31:25 ----D---- C:\Documents and Settings\MistrGO\Data aplikací\Nokia
2010-10-25 18:26:34 ----D---- C:\WINDOWS\system32\drivers
2010-10-25 18:26:27 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-10-25 18:26:16 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-10-25 18:26:16 ----D---- C:\WINDOWS\system32\drivers\UMDF
2010-10-25 18:15:32 ----D---- C:\Program Files\Common Files
2010-10-25 18:15:03 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-10-25 18:15:03 ----D---- C:\Program Files\DIFX
2010-10-24 12:06:30 ----D---- C:\Program Files\Java
2010-10-23 09:09:26 ----D---- C:\Program Files\Common Files\Real
2010-10-23 09:08:51 ----A---- C:\WINDOWS\system32\pncrt.dll
2010-10-22 15:00:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\DVD Shrink
2010-10-22 07:21:53 ----D---- C:\Program Files\Microsoft Silverlight

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-10-16 639224]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2004-03-08 13567]
R1 cdrbsvsd;cdrbsvsd; C:\WINDOWS\system32\drivers\cdrbsvsd.sys [2003-12-03 13566]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl []
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/01/19 19:33:29]; \??\C:\Program Files\CyberLink\PowerDVD9\000.fcl []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-18 4017536]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-11-08 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-10-07 6133856]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-11-03 47360]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-06-16 83968]
R3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2010-04-19 41984]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 vncmirror;vncmirror; C:\WINDOWS\system32\DRIVERS\vncmirror.sys [2009-03-17 4608]
S1 HCW88AUD;Hauppauge WinTV 88x Audio Capture; C:\WINDOWS\system32\drivers\hcw88aud.sys [2007-01-23 11904]
S3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys []
S3 ap1h7m3l;ap1h7m3l; C:\WINDOWS\system32\drivers\ap1h7m3l.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 HCW88BDA;Hauppauge WinTV 88x DVB Tuner/Demod; C:\WINDOWS\system32\drivers\hcw88bda.sys [2007-01-23 207872]
S3 HCW88TSE;Hauppauge WinTV 88x MPEG/TS Capture; C:\WINDOWS\system32\drivers\hcw88tse.sys [2007-01-23 299776]
S3 HCW88TUNE;Hauppauge WinTV 88x Tuner; C:\WINDOWS\system32\drivers\hcw88tun.sys [2007-01-23 149504]
S3 hcw88vid;Hauppauge WinTV 88x Video; C:\WINDOWS\system32\drivers\hcw88vid.sys [2007-01-23 498176]
S3 HCW88XBAR;Hauppauge WinTV 88x Crossbar; C:\WINDOWS\system32\drivers\HCW88BAR.sys [2007-01-23 23552]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\WINDOWS\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672]
R2 astcc;AST Service; C:\WINDOWS\system32\ASTSRV.EXE [2009-09-15 61760]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1107336]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-09-15 153376]
R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool; C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe [2009-09-15 188736]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-10-07 163908]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-10-15 243056]
R2 StarWindService;StarWind iSCSI Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe [2005-04-02 217600]
R2 WDDMService;WD SmartWare Drive Manager; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-10-14 98304]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 CADopia License Manager;CADopia License Manager; C:\OrCAD\OrCAD_10.5\INTELL~1\LicenseManager\lmgrd.exe []
S2 lmgrd;Flexlm; C:\OrCAD\OrCAD_10.5\IntelliCAD 4\LicenseManager\lmgrd.exe []
S2 MyWebSearchService;My Web Search Service; C:\PROGRA~1\MyWebSearch\bar\1.bin\mwssvc.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-09-24 820008]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2009-03-17 1492344]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Zdravím, tohle fixni v HJT :

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

HJT najdeš zde :

C:\Program Files\trend micro\MistrGO.exe

Fix znamená že spustíš HJT

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Přes Start >> Ovládací panely >> Přidat nebo odebrat odinstaluj SpybotSD který je už za zenitem.


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

Čištění registru je třeba několikrát zopakovat !


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.

ComboFix 10-11-19.02 - MistrGO 20.11.2010 13:13:00.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1439 [GMT 1:00]
Spuštěný z: c:\documents and settings\MistrGO\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 101120-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\MistrGO\Dokumenty\cc_20101120_130935.reg

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-10-20 do 2010-11-20 )))))))))))))))))))))))))))))))
.

2010-11-20 08:34 . 2010-11-20 08:35 -------- d-----w- C:\ERDNT
2010-11-14 08:52 . 2010-11-14 08:52 -------- d-----w- c:\windows\UbiSoft
2010-11-14 08:43 . 2010-11-14 08:43 1 ----a-w- C:\DXOkay.bin
2010-11-13 14:50 . 2010-11-13 14:50 36734 ----a-w- c:\windows\system32\OggDSuninst.exe
2010-11-13 14:49 . 2010-11-13 14:50 -------- d-----w- c:\program files\Garden-Simulator 2010
2010-11-12 18:32 . 2010-11-12 18:32 -------- d-----w- c:\documents and settings\MistrGO\Local Settings\Data aplikací\LucasArts
2010-11-06 10:37 . 2010-11-06 10:37 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2010-11-06 10:37 . 2010-11-06 10:37 103864 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2010-10-25 17:26 . 2008-04-13 22:15 26112 -c--a-w- c:\windows\system32\dllcache\usbser.sys
2010-10-25 17:26 . 2008-04-13 22:15 26112 ----a-w- c:\windows\system32\drivers\usbser.sys
2010-10-25 17:25 . 2008-11-07 16:55 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll
2010-10-25 17:16 . 2010-10-25 17:31 -------- d-----w- c:\documents and settings\MistrGO\Local Settings\Data aplikací\Nokia
2010-10-25 17:15 . 2010-10-25 17:15 -------- d-----w- c:\program files\Common Files\Nokia
2010-10-25 17:14 . 2010-10-25 17:14 -------- d-----w- c:\program files\PC Connectivity Solution
2010-10-25 17:14 . 2010-02-26 12:32 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2010-10-25 17:14 . 2010-02-26 12:32 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2010-10-25 17:14 . 2010-02-26 12:32 22528 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2010-10-25 17:14 . 2010-02-26 12:32 662016 ----a-w- c:\windows\system32\nmwcdcocls.dll
2010-10-25 17:14 . 2010-02-26 12:32 18176 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2010-10-25 17:14 . 2010-02-26 12:19 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2010-10-25 17:13 . 2010-10-25 17:15 -------- d-----w- c:\program files\Nokia
2010-10-25 17:13 . 2010-10-25 17:13 -------- d-----w- c:\documents and settings\All Users\Data aplikací\NokiaInstallerCache
2010-10-24 11:06 . 2010-09-15 02:50 472808 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2010-10-24 11:06 . 2010-09-15 02:50 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-10-24 10:58 . 2010-10-24 11:06 -------- d-----w- c:\program files\Common Files\Java
2010-10-24 10:57 . 2010-10-24 11:02 -------- d-----w- c:\program files\Xerver
2010-10-23 08:19 . 2010-10-23 08:20 -------- d-----w- c:\program files\RapidShareManager
2010-10-23 08:09 . 2010-10-23 08:09 8192 ----a-w- c:\program files\Mozilla Firefox\plugins\nprjplug.dll
2010-10-23 08:09 . 2010-10-23 08:09 140864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppl3260.dll
2010-10-23 08:09 . 2010-10-23 08:09 98304 ----a-w- c:\program files\Mozilla Firefox\plugins\nprpjplug.dll
2010-10-23 08:09 . 2010-10-23 08:09 -------- d-----w- c:\program files\Common Files\xing shared
2010-10-23 08:08 . 2010-10-23 08:08 569397 ----a-w- c:\program files\Internet Explorer\PLUGINS\RichFX\Player\nprfxins.dll
2010-10-23 08:08 . 2010-10-23 08:09 -------- d-----w- c:\program files\real

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-25 09:05 . 2010-09-25 09:05 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2010-09-25 09:05 . 2010-09-25 09:05 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2010-09-15 00:29 . 2009-05-27 16:55 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-09-08 09:17 . 2010-09-08 09:17 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 09:17 . 2010-09-08 09:17 69632 ----a-w- c:\windows\system32\QuickTime.qts
.

((((((((((((((((((((((((((((( SnapShot@2010-11-20_07.50.21 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-11-20 12:04 . 2010-11-20 12:04 16384 c:\windows\Temp\Perflib_Perfdata_5a4.dat
+ 2010-11-20 12:04 . 2010-11-20 12:04 16384 c:\windows\Temp\Perflib_Perfdata_3b8.dat
.
((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-10 16:43 . 2003-10-14 16:36 38984 c:\program files\ICQ\bak\ICQNet.exe
2008-10-10 16:42 . 2003-10-14 16:36 38984 c:\program files\ICQ\ICQNet.exe

.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\documents and settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\11\ISUSPM.exe" [2008-04-22 222496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"SoundMan"="SOUNDMAN.EXE" [2006-08-02 577536]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
"nwiz"="nwiz.exe" [2008-10-07 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
"Mirabilis ICQ"="c:\progra~1\ICQ\ICQNet.exe" [2003-10-14 38984]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Photo Express Calendar Checker SE.lnk - c:\program files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe [2009-4-19 55296]
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-10-14 2049344]
WDSmartWare.lnk - c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-10-14 9085760]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ\\Icq.exe"=
"c:\\Program Files\\FlashFXP\\FlashFXP.exe"=
"c:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\OrCAD\\OrCAD_10.0_Demo\\tools\\bin\\cdsMsgServer.exe"=
"c:\\OrCAD\\OrCAD_10.0_Demo\\tools\\bin\\cdsNameServer.exe"=
"c:\\Program Files\\FlashGet Network\\FlashGet universal\\FlashGet.exe"=
"d:\\Age of Empires II\\age2_x1\\age2_x1.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"d:\\World of Warcraft\\Launcher.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"d:\\Program Files\\Croteam\\Serious Sam - The Second Encounter\\Bin\\SeriousSam.exe"=
"d:\\Program Files\\Croteam\\Serious Sam\\Bin\\SeriousSam.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD9\\PowerDVD9.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"d:\\Program Files\\Steam\\steamapps\\mistrgo\\half-life\\hl.exe"=
"c:\\Program Files\\RealVNC\\VNC4\\winvnc4.exe"=
"d:\\Program Files\\Steam\\Steam.exe"=
"i:\\Program Files\\Microsoft Research\\Microsoft WorldWide Telescope\\WWTExplorer.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\altitude\\altitude.exe"=
"c:\\Documents and Settings\\MistrGO\\Data aplikací\\Octoshape\\Octoshape Streaming Services\\OctoshapeClient.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"d:\\StarCraft II\\StarCraft II.exe"=
"d:\\StarCraft II\\Versions\\Base15405\\SC2.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\moon base alpha\\Binaries\\Win32\\MoonBaseAlphaGame.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\javaw.exe"=
"d:\\Program Files\\LucasArts\\Star Wars The Force Unleashed 2\\SWTFU2.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"47624:TCP"= 47624:TCP:AoE

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [16.10.2008 20:44 639224]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [16.10.2008 19:57 114768]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/01/19 19:33];c:\program files\CyberLink\PowerDVD9\000.fcl [28.2.2009 19:40 87536]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [16.10.2008 19:57 20560]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [30.3.2010 10:16 1107336]
R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\Nitro PDF\Professional\NitroPDFDriverService.exe [15.9.2009 10:20 188736]
R2 WDDMService;WD SmartWare Drive Manager;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [14.10.2009 13:31 98304]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [16.6.2009 8:58 20480]
S1 HCW88AUD;Hauppauge WinTV 88x Audio Capture;c:\windows\system32\drivers\hcw88aud.sys [8.3.2009 21:30 11904]
S2 CADopia License Manager;CADopia License Manager;c:\orcad\OrCAD_10.5\INTELL~1\LicenseManager\lmgrd.exe --> c:\orcad\OrCAD_10.5\INTELL~1\LicenseManager\lmgrd.exe [?]
S2 lmgrd;Flexlm;"c:\orcad\OrCAD_10.5\IntelliCAD 4\LicenseManager\lmgrd.exe" --> c:\orcad\OrCAD_10.5\IntelliCAD 4\LicenseManager\lmgrd.exe [?]
S3 HCW88BDA;Hauppauge WinTV 88x DVB Tuner/Demod;c:\windows\system32\drivers\hcw88bda.sys [8.3.2009 21:31 207872]
S3 HCW88TSE;Hauppauge WinTV 88x MPEG/TS Capture;c:\windows\system32\drivers\hcw88tse.sys [8.3.2009 21:31 299776]
S3 HCW88TUNE;Hauppauge WinTV 88x Tuner;c:\windows\system32\drivers\hcw88tun.sys [8.3.2009 21:29 149504]
S3 hcw88vid;Hauppauge WinTV 88x Video;c:\windows\system32\drivers\hcw88vid.sys [8.3.2009 21:28 498176]
S3 HCW88XBAR;Hauppauge WinTV 88x Crossbar;c:\windows\system32\drivers\hcw88bar.sys [8.3.2009 21:29 23552]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [17.6.2010 14:56 11520]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'

2010-11-20 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-329068152-507921405-1177238915-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 01:02]

2010-11-19 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-329068152-507921405-1177238915-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 01:02]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: &Download All by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
IE: &Download by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
FF - ProfilePath - c:\documents and settings\MistrGO\Data aplikací\Mozilla\Firefox\Profiles\l5mp16s0.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
.
------- Asociace souborů -------
.
.scr=Icad.load.scr
.txt=MECEdit.Document
.

**************************************************************************
skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory:

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD9\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|˙˙˙˙¤•€|ů•6~*]
"AB141C35E9F4BF344B9FC010BB17F68A"=""
.
Celkový čas: 2010-11-20 13:21:26
ComboFix-quarantined-files.txt 2010-11-20 12:21
ComboFix2.txt 2010-11-20 07:57

Před spuštěním: 3 385 774 080
Po spuštění: 3 366 825 984

- - End Of File - - 55601C75EBF07A18B7701442A9B88ABA

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


Pak použij Mbam z mého podpisu a dej mi sem z něj log dříve než něco smažeš.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4323

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

20.11.2010 17:54:14
mbam-log-2010-11-20 (17-54-14).txt

Typ skenu: Rychlý sken
Skenované objekty: 132151
Uplynulý čas: 7 minuta(y), 7 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 3
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
HKEY_CLASSES_ROOT\Interface\{1d4db7d3-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

To co Mbam našel nech smazat a pak dej vědět jaký je stav PC.

Tak zatím se zdá být vše v pořádku. Díky za pomoc.

Není zač.