Antivir nic nehlasi ale neco porad zapisuje na disk takže ubyva misto a když jsem dělal ve Wordu tak to najednou začalo dělat si smo co chce mazal se text atd
takže log z RSIT
prosím o kontrol a pmoooc díky
Logfile of random's system information tool 1.08 (written by random/random)
Run by tata at 2010-11-26 01:19:37
Microsoft« Windows VistaÖ Home Premium Service Pack 2
System drive C: has 86 GB (38%) free of 227 GB
Total RAM: 2042 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:19:41, on 26.11.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18975)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe
C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe
C:\Program Files\CONEXANT\SmartAudio\SmAudio.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\Lenovo\LenovoCare\LPMGR.EXE
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Lenovo\PMDriver\PMHandler.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Seznam.cz\postak.exe
C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\system32\conime.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe
C:\Users\tata\Downloads\RSIT.exe
C:\Program Files\trend micro\tata.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.live.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.live.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.3.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe /r
O4 - HKLM\..\Run: [TPWAUDAP] C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe
O4 - HKLM\..\Run: [SmartAudio] C:\Program Files\CONEXANT\SMARTAUDIO\SMAUDIO.EXE /c
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\Lenovo\LENOVO~2\LPMGR.exe
O4 - HKLM\..\Run: [CameraApplicationLauncher] C:\Program Files\Lenovo\Camera Center\bin\CameraApplicationLaunchpadLauncher.exe
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWlIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWlIcon.exe
O4 - HKLM\..\Run: [Message Center Plus] C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe /start
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PMHandler] C:\PROGRA~1\Lenovo\PMDriver\PMHandler.exe
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-l ... cfscan.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe
O23 - Service: Lenovo Doze Mode Service (DozeSvc) - Lenovo. - C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE
O23 - Service: Intel« PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Fn+F5 Service (FNF5SVC) - Lenovo. - C:\Program Files\LENOVO\HOTKEY\FNF5SVC.exe
O23 - Service: Slu×ba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PMSveH - Lenovo - C:\Program Files\Lenovo\PMDriver\PMSveH.exe
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Intel« PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\Program Files\Lenovo\System Update\SUService.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TVT Backup Protection Service - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: TVT Windows Update Monitor (TVT_UpdateMonitor) - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 12120 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Check Updates for Windows Live Toolbar.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
C:\Windows\tasks\SystemToolsDailyTest.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-11-24 1623392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2010-10-06 2475336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-02-12 546672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-06-10 1233288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-15 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Program Files\Seznam.cz\core.3.dll [2010-10-06 1164568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-02-12 546672]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2010-10-06 2475336]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-06-10 1233288]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2008-03-26 163840]
"TPFNF7"=C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe [2008-07-30 60192]
"TPWAUDAP"=C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe [2008-03-11 54560]
"SmartAudio"=C:\Program Files\CONEXANT\SMARTAUDIO\SMAUDIO.EXE [2008-07-21 2701880]
"TVT Scheduler Proxy"=C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [2008-05-25 487424]
"LPManager"=C:\PROGRA~1\Lenovo\LENOVO~2\LPMGR.exe [2007-04-26 120368]
"CameraApplicationLauncher"=C:\Program Files\Lenovo\Camera Center\bin\CameraApplicationLaunchpadLauncher.exe [2008-10-07 16384]
"ACTray"=C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe [2009-07-29 435488]
"ACWlIcon"=C:\Program Files\ThinkPad\ConnectUtilities\ACWlIcon.exe [2009-07-29 177440]
"Message Center Plus"=C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-27 49976]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
""= []
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-11-24 2069344]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-11-19 13556256]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-11-19 92704]
"PMHandler"=C:\PROGRA~1\Lenovo\PMDriver\PMHandler.exe [2009-04-02 247080]
"PWMTRV"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor []
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-02-11 186904]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2010-07-12 74752]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"Seznam Postak"=C:\Program Files\Seznam.cz\postak.exe [2010-10-06 488728]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-10-11 14940040]
""= []
"NokiaOviSuite2"=C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2010-09-02 672632]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="avgrsstx.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ACGina
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-11-26 01:04:12 ----D---- C:\Program Files\trend micro
2010-11-26 01:04:11 ----D---- C:\rsit
2010-11-25 22:15:18 ----A---- C:\Windows\system32\avgrep.txt
2010-11-10 10:39:57 ----D---- C:\1d0f7f1e3101ba906d5ace103a9b
2010-11-05 19:41:33 ----D---- C:\Program Files\Common Files\Skype
2010-11-03 21:38:57 ----D---- C:\Users\tata\AppData\Roaming\Thunderbird
2010-11-03 21:37:45 ----D---- C:\Program Files\Mozilla Thunderbird
2010-11-03 20:41:24 ----D---- C:\Windows\system32\WindowsPowerShell
2010-11-03 20:37:19 ----D---- C:\Program Files\Microsoft ATS
2010-11-03 19:05:25 ----D---- C:\Program Files\Common Files\DESIGNER
2010-11-03 19:04:59 ----D---- C:\Program Files\Microsoft Visual Studio
2010-10-27 07:31:34 ----A---- C:\Windows\system32\gameux.dll
2010-10-27 07:31:33 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-10-27 07:31:33 ----A---- C:\Windows\system32\Apphlpdm.dll
======List of files/folders modified in the last 1 months======
2010-11-26 01:19:38 ----D---- C:\Windows\Temp
2010-11-26 01:18:46 ----D---- C:\Windows\Prefetch
2010-11-26 01:04:12 ----RD---- C:\Program Files
2010-11-26 01:02:06 ----D---- C:\Windows\System32
2010-11-26 01:02:06 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-26 01:02:05 ----D---- C:\Windows\inf
2010-11-26 00:56:25 ----D---- C:\Windows\Debug
2010-11-26 00:54:23 ----D---- C:\Windows
2010-11-26 00:54:21 ----SHD---- C:\System Volume Information
2010-11-26 00:54:21 ----D---- C:\Windows\Logs
2010-11-26 00:53:19 ----D---- C:\Users\tata\AppData\Roaming\Skype
2010-11-26 00:52:33 ----D---- C:\Users\tata\AppData\Roaming\skypePM
2010-11-26 00:49:54 ----A---- C:\sysiclog.txt
2010-11-25 23:30:48 ----RD---- C:\data
2010-11-25 20:03:37 ----D---- C:\Users\tata\AppData\Roaming\FileZilla
2010-11-25 13:12:47 ----D---- C:\Windows\system32\drivers\Avg
2010-11-24 17:15:08 ----D---- C:\Program Files\FileZilla FTP Client
2010-11-24 09:47:59 ----D---- C:\Windows\winsxs
2010-11-24 09:47:59 ----D---- C:\Program Files\Internet Explorer
2010-11-24 09:31:55 ----D---- C:\Windows\system32\catroot
2010-11-20 20:11:45 ----D---- C:\Users\tata\AppData\Roaming\vlc
2010-11-17 16:02:45 ----D---- C:\ProgramData\PCDr
2010-11-17 09:11:53 ----SHD---- C:\Windows\Installer
2010-11-17 09:11:48 ----HD---- C:\Config.Msi
2010-11-15 17:15:04 ----D---- C:\Windows\system32\catroot2
2010-11-10 23:39:09 ----D---- C:\Users\tata\AppData\Roaming\uTorrent
2010-11-10 10:47:26 ----D---- C:\ProgramData\Microsoft Help
2010-11-10 10:46:43 ----D---- C:\Program Files\Windows Mail
2010-11-10 10:40:05 ----A---- C:\Windows\system32\mrt.exe
2010-11-07 16:55:20 ----D---- C:\Users\tata\AppData\Roaming\Nokia
2010-11-06 17:25:18 ----D---- C:\Program Files\Common Files\Nokia
2010-11-05 19:41:39 ----D---- C:\Windows\system32\Tasks
2010-11-05 19:41:33 ----RD---- C:\Program Files\Skype
2010-11-05 19:41:33 ----D---- C:\Program Files\Common Files
2010-11-05 19:41:25 ----D---- C:\ProgramData\Skype
2010-11-04 08:28:24 ----D---- C:\Windows\rescache
2010-11-04 08:15:39 ----D---- C:\Windows\Microsoft.NET
2010-11-04 08:15:38 ----RSD---- C:\Windows\assembly
2010-11-03 21:18:37 ----A---- C:\Windows\win.ini
2010-11-03 21:16:48 ----D---- C:\Windows\ShellNew
2010-11-03 20:45:21 ----D---- C:\Windows\AppPatch
2010-11-03 20:42:57 ----SD---- C:\Windows\Downloaded Program Files
2010-11-03 19:05:59 ----RSD---- C:\Windows\Fonts
2010-11-03 19:05:48 ----D---- C:\Program Files\Common Files\microsoft shared
2010-11-03 19:05:25 ----D---- C:\Program Files\Microsoft Works
2010-10-28 09:52:33 ----D---- C:\Program Files\Mozilla Firefox
2010-10-27 08:40:47 ----D---- C:\ProgramData\AVG Security Toolbar
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AvgRkx86;avgrkx86.sys; C:\Windows\System32\Drivers\avgrkx86.sys [2010-03-05 52872]
R0 DozeHDD;DozeHDD; C:\Windows\System32\DRIVERS\DozeHDD.sys [2010-01-06 24304]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-02-11 329752]
R0 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2008-08-21 25896]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2010-06-22 216400]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2010-06-01 29584]
R1 AvgTdiX;AVG Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2010-06-22 243024]
R1 lenovo.smi;Lenovo System Interface Driver; C:\Windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
R2 tvtfilter;tvtfilter; C:\Windows\system32\DRIVERS\tvtfilter.sys [2008-12-09 33536]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2008-03-14 169008]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-01-25 183808]
R3 BthEnum;Slu×ba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
R3 BTHUSB;OvladaŔ rozhranÝ USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-07-31 81960]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2008-07-31 100392]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2008-07-31 29736]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-07-31 17320]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-05-21 220160]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-03-25 980992]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-03-25 207872]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-08-07 97536]
R3 NETw5v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-04-28 3658752]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-09-06 45600]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-11-19 7614240]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2008-12-09 30144]
R3 RFCOMM;Za°ÝzenÝ Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 TVTI2C;Lenovo SM bus driver; C:\Windows\system32\DRIVERS\Tvti2c.sys [2008-02-23 37312]
R3 vm331avs;Lenovo EasyCamera; C:\Windows\System32\Drivers\vm331avs.sys [2008-06-30 974336]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-03-25 661504]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
S1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr32v.sys [2010-01-06 11552]
S1 tvtumon;tvtumon; C:\Windows\system32\DRIVERS\tvtumon.sys [2008-05-25 48192]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\adusbser.sys [2006-12-20 97920]
S3 BTHPORT;OvladaŔ portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 Dot4;OvladaŔ MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;OvladaŔ t°Ýdy tiskßrny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;DekodÚr zvuk¨ DRM jßdra spoleŔnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-21 220672]
S3 esihdrv;esihdrv; \??\C:\Users\tata\AppData\Local\Temp\esihdrv.sys []
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 PCDSRVC{3037D694-FD904ACA-06020000}_0;PCDSRVC{3037D694-FD904ACA-06020000}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\program files\pc-doctor\pcdsrvc.pkms [2010-05-07 21360]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2008-01-21 45624]
S3 USB28xxBGA;WinTV HVR-900; C:\Windows\system32\DRIVERS\emBDA.sys [2006-06-06 281600]
S3 USB28xxOEM;WinTV OEM Filter; C:\Windows\system32\DRIVERS\emOEM.sys [2006-06-01 21376]
S3 usbaudio;OvladaŔ zvuk¨ USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbscan;OvladaŔ skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-04-19 128104]
S3 WSDPrintDevice;Podpora tisku WSD prost°ednictvÝm funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 16896]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcPrfMgrSvc;Ac Profile Manager Service; C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe [2009-07-29 124192]
R2 AcSvc;Access Connections Main Service; C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe [2009-07-29 238880]
R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-06-22 308136]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-12 30312]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe [2008-08-26 522792]
R2 DozeSvc;Lenovo Doze Mode Service; C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE [2010-01-06 132456]
R2 EvtEng;Intel« PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-05-01 815104]
R2 FNF5SVC;Fn+F5 Service; C:\Program Files\LENOVO\HOTKEY\FNF5SVC.exe [2008-03-14 54560]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-02-11 354840]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-11-19 203296]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 PMSveH;PMSveH; C:\Program Files\Lenovo\PMDriver\PMSveH.exe [2006-05-24 57344]
R2 Power Manager DBC Service;Power Manager DBC Service; C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE [2010-01-06 75112]
R2 RegSrvc;Intel« PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-05-01 466944]
R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
R2 SUService;System Update; c:\Program Files\Lenovo\System Update\SUService.exe [2008-11-05 28672]
R2 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2007-09-27 644408]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2008-08-08 53325]
R2 TVT Backup Protection Service;TVT Backup Protection Service; C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe [2008-05-25 520192]
R2 TVT Backup Service;TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [2008-05-25 950272]
R2 TVT Scheduler;TVT Scheduler; c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [2008-05-25 1155072]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Slu×ba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-15 135664]
S2 TVT_UpdateMonitor;TVT Windows Update Monitor; C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe [2008-05-25 253952]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-10-06 517448]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
asi svinsky facebok nebo jina havět - prosím pomooc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Sacrificio
- Návštěvník
- Příspěvky: 22
- Registrován: 26 lis 2010 00:30
-
Rudy
- Site Admin
- Příspěvky: 119428
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: asi svinsky facebok nebo jina havět - prosím pomooc
Dejte log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Sacrificio
- Návštěvník
- Příspěvky: 22
- Registrován: 26 lis 2010 00:30
Re: asi svinsky facebok nebo jina havět - prosím pomooc
Díky dnes navečer provedu a dám to sem.
-
Sacrificio
- Návštěvník
- Příspěvky: 22
- Registrován: 26 lis 2010 00:30
Re: asi svinsky facebok nebo jina havět - prosím pomooc
zdravím tak jsem všecko vypnul spustil to combo potvrdil licenci pisklo to a o chvili nato vyskocila nejaka bila hlaska anglicky dal sem ano nic jineho neslo a nic se neděje tak nevim jestli je to ok nebo ne antivir sem vypnul uplně sem tam problikne hard je to oka nebo je neco blbě o te druhehlašce sem se nic nedočet jak postupovat dal ,spustit to znovu ?
ted se jen spustil spořič odrazovky
Restart taky nebyl zaden
Jinak ten zmetek pomalu nebo rychle zapisuje na disk porad mi ubyva volneho mista tak 1giga za 4 hodky
furt se nic neděje žadna aktivita nejaka hlaška nebo tak nevim jestli to combo vubec jede uz je to aso 10minut a nic
Sem to nevydržel a dal znova a ta hlaska je Combofix cannot run vhen AVG is instaled no a zkratka zeho mam odinstalovat AWG mam to udělat ?
ted se jen spustil spořič odrazovky
Restart taky nebyl zaden
Jinak ten zmetek pomalu nebo rychle zapisuje na disk porad mi ubyva volneho mista tak 1giga za 4 hodky
furt se nic neděje žadna aktivita nejaka hlaška nebo tak nevim jestli to combo vubec jede uz je to aso 10minut a nic
Sem to nevydržel a dal znova a ta hlaska je Combofix cannot run vhen AVG is instaled no a zkratka zeho mam odinstalovat AWG mam to udělat ?
-
Rudy
- Site Admin
- Příspěvky: 119428
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: asi svinsky facebok nebo jina havět - prosím pomooc
S AVG se nesnáší. Pro účel čištění ho odinstalujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Sacrificio
- Návštěvník
- Příspěvky: 22
- Registrován: 26 lis 2010 00:30
Re: asi svinsky facebok nebo jina havět - prosím pomooc
odstranuju pak to znova spustim dik pak se ozvu jak to dopadlo
-
Rudy
- Site Admin
- Příspěvky: 119428
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: asi svinsky facebok nebo jina havět - prosím pomooc
OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Sacrificio
- Návštěvník
- Příspěvky: 22
- Registrován: 26 lis 2010 00:30
Re: asi svinsky facebok nebo jina havět - prosím pomooc
otevřelo se okno spravce a hláška jestli chcu combofix aktualizovat mam dat že jo ?
Dal sem že ne a už to jede
Dal sem že ne a už to jede
-
Rudy
- Site Admin
- Příspěvky: 119428
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: asi svinsky facebok nebo jina havět - prosím pomooc
Už to nechte, ale měl jste aktualizovat.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Sacrificio
- Návštěvník
- Příspěvky: 22
- Registrován: 26 lis 2010 00:30
Re: asi svinsky facebok nebo jina havět - prosím pomooc
no skoda ted smazlo to nejake soubory .ini atd a restartlo se muzu ted zadat heslo bo sem v te uvodi prihlas obrazovce windows nebo nesahat?
tak sem sah zadal semheslo a prihlasilo se to jenže se taky najeli skype a vinamp aty srajdy a v okně comba je nespouštějte žadne aplikace ale ty se porestartu spustily a use generuje log takže mam log a dam ho sem
takže výpis dole
ComboFix 10-11-25.05 - tata 26.11.2010 18:10:38.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2042.1037 [GMT 1:00]
Spuštěný z: c:\users\tata\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\Thumbs.db
Q:\AUTORUN.INF
S:\Autorun.inf
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-10-26 do 2010-11-26 )))))))))))))))))))))))))))))))
.
2010-11-26 17:18 . 2010-11-26 17:37 -------- d-----w- c:\users\tata\AppData\Local\temp
2010-11-26 17:18 . 2010-11-26 17:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-11-26 15:17 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{820CAA30-EBC7-4574-8C33-C21B991D70AC}\mpengine.dll
2010-11-26 00:04 . 2010-11-26 00:19 -------- d-----w- c:\program files\trend micro
2010-11-26 00:04 . 2010-11-26 00:11 -------- d-----w- C:\rsit
2010-11-24 08:35 . 2010-10-19 04:27 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-11-10 09:39 . 2010-11-10 09:46 -------- d-----w- C:\1d0f7f1e3101ba906d5ace103a9b
2010-11-10 09:39 . 2010-10-07 11:37 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2010-11-06 16:29 . 2010-11-09 23:48 -------- d-----w- c:\users\tata\AppData\Local\Nokia
2010-11-06 10:37 . 2010-11-06 10:37 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2010-11-05 18:41 . 2010-11-05 18:41 -------- d-----w- c:\program files\Common Files\Skype
2010-11-03 20:38 . 2010-11-03 20:39 -------- d-----w- c:\users\tata\AppData\Roaming\Thunderbird
2010-11-03 20:38 . 2010-11-03 20:39 -------- d-----w- c:\users\tata\AppData\Local\Thunderbird
2010-11-03 20:37 . 2010-11-03 20:37 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-11-03 19:44 . 2010-11-03 19:44 -------- d-----w- c:\users\tata\AppData\Local\ElevatedDiagnostics
2010-11-03 19:37 . 2010-11-03 19:42 -------- d-----w- c:\program files\Microsoft ATS
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-19 09:41 . 2009-10-03 01:26 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-09-15 02:50 . 2010-04-18 21:43 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-13 13:56 . 2010-10-13 06:18 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-09-08 06:01 . 2010-10-13 06:18 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-08 05:57 . 2010-10-13 06:18 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-08 05:57 . 2010-10-13 06:18 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-09-08 05:56 . 2010-10-13 06:18 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-09-08 05:56 . 2010-10-13 06:18 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-09-08 05:04 . 2010-10-13 06:18 385024 ----a-w- c:\windows\system32\html.iec
2010-09-08 04:26 . 2010-10-13 06:18 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-09-08 04:25 . 2010-10-13 06:18 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-09-06 16:20 . 2010-10-13 06:17 125952 ----a-w- c:\windows\system32\srvsvc.dll
2010-09-06 16:19 . 2010-10-13 06:17 17920 ----a-w- c:\windows\system32\netevent.dll
2010-09-06 13:45 . 2010-10-13 06:17 304128 ----a-w- c:\windows\system32\drivers\srv.sys
2010-09-06 13:45 . 2010-10-13 06:17 145408 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-09-06 13:45 . 2010-10-13 06:17 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-08-31 15:46 . 2010-10-13 06:17 954752 ----a-w- c:\windows\system32\mfc40.dll
2010-08-31 15:46 . 2010-10-13 06:17 954288 ----a-w- c:\windows\system32\mfc40u.dll
2010-08-31 15:44 . 2010-10-13 06:17 531968 ----a-w- c:\windows\system32\comctl32.dll
2010-08-31 13:27 . 2010-10-13 06:18 2038272 ----a-w- c:\windows\system32\win32k.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-06-10 15:28 1233288 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-06-10 1233288]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-06-10 1233288]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"Seznam Postak"="c:\program files\Seznam.cz\postak.exe" [2010-10-06 488728]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-10-11 14940040]
"NokiaOviSuite2"="c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2010-09-02 672632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2008-03-26 163840]
"TPFNF7"="c:\program files\Lenovo\NPDIRECT\TPFNF7SP.exe" [2008-07-30 60192]
"TPWAUDAP"="c:\program files\Lenovo\HOTKEY\TpWAudAp.exe" [2008-03-11 54560]
"SmartAudio"="c:\program files\CONEXANT\SMARTAUDIO\SMAUDIO.EXE" [2008-07-21 2701880]
"TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2008-05-25 487424]
"LPManager"="c:\progra~1\Lenovo\LENOVO~2\LPMGR.exe" [2007-04-26 120368]
"CameraApplicationLauncher"="c:\program files\Lenovo\Camera Center\bin\CameraApplicationLaunchpadLauncher.exe" [2008-10-07 16384]
"ACTray"="c:\program files\ThinkPad\ConnectUtilities\ACTray.exe" [2009-07-29 435488]
"ACWlIcon"="c:\program files\ThinkPad\ConnectUtilities\ACWlIcon.exe" [2009-07-29 177440]
"Message Center Plus"="c:\program files\LENOVO\Message Center Plus\MCPLaunch.exe" [2009-05-27 49976]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-11-19 13556256]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-11-19 92704]
"PMHandler"="c:\progra~1\Lenovo\PMDriver\PMHandler.exe" [2009-04-02 247080]
"PWMTRV"="c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL" [2010-01-06 869736]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-02-11 186904]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-07-12 74752]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http:" [X]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2008-8-26 752168]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
R1 tvtumon;tvtumon;c:\windows\system32\DRIVERS\tvtumon.sys [2008-05-24 48192]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-15 135664]
R2 TVT_UpdateMonitor;TVT Windows Update Monitor;c:\program files\Lenovo\Rescue and Recovery\UpdateMonitor.exe [2008-05-24 253952]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys [2006-12-20 97920]
R3 esihdrv;esihdrv;c:\users\tata\AppData\Local\Temp\esihdrv.sys [x]
R3 PCDSRVC{3037D694-FD904ACA-06020000}_0;PCDSRVC{3037D694-FD904ACA-06020000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor\pcdsrvc.pkms [2010-05-07 21360]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 16896]
S0 DozeHDD;DozeHDD;c:\windows\System32\DRIVERS\DozeHDD.sys [2010-01-06 24304]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
S2 DozeSvc;Lenovo Doze Mode Service;c:\program files\ThinkPad\Utilities\DOZESVC.EXE [2010-01-06 132456]
S2 FNF5SVC;Fn+F5 Service;c:\program files\LENOVO\HOTKEY\FNF5SVC.exe [2008-03-14 54560]
S2 Power Manager DBC Service;Power Manager DBC Service;c:\program files\ThinkPad\Utilities\PWMDBSVC.EXE [2010-01-06 75112]
S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2008-08-08 53325]
S2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\Lenovo\Rescue and Recovery\rrpservice.exe [2008-05-25 520192]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-25 183808]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2008-07-31 29736]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-08-07 97536]
S3 NETw5v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-04-28 3658752]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-09-06 45600]
S3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\DRIVERS\Tvti2c.sys [2008-02-22 37312]
S3 vm331avs;Lenovo EasyCamera;c:\windows\system32\Drivers\vm331avs.sys [2008-06-30 974336]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Obsah adresáře 'Naplánované úlohy'
2010-11-26 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-02-12 14:54]
2010-11-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-15 21:29]
2010-11-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-15 21:29]
2010-10-27 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PC-Doctor\uaclauncher.exe [2010-09-08 22:15]
2010-11-25 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\PC-Doctor\pcdrcui.exe [2010-09-08 22:15]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://lenovo.live.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\users\tata\AppData\Roaming\Mozilla\Firefox\Profiles\i5qfe0qp.default\
FF - prefs.js: browser.search.selectedEngine - WebHledani
FF - prefs.js: keyword.URL - hxxp://www.webhledani.cz/results.aspx?i=42&tp=ab&q=
FF - component: c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\components\FirefoxExtension.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - component: c:\users\tata\AppData\Roaming\Mozilla\Firefox\Profiles\i5qfe0qp.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - component: c:\users\tata\AppData\Roaming\Mozilla\Firefox\Profiles\i5qfe0qp.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\components\NativeComponent.dll
FF - component: c:\users\tata\AppData\Roaming\Mozilla\Firefox\Profiles\i5qfe0qp.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npfiller.dll
FF - plugin: c:\users\tata\AppData\Roaming\Mozilla\Firefox\Profiles\i5qfe0qp.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-26 18:37
Windows 6.0.6002 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
c:\users\tata\AppData\Local\Temp\xmlAE8.tmp 207 bytes
sken byl úspešně dokončen
skryté soubory: 1
**************************************************************************
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCDSRVC{3037D694-FD904ACA-06020000}_0]
"ImagePath"="\??\c:\program files\pc-doctor\pcdsrvc.pkms"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'Explorer.exe'(5808)
c:\windows\system32\btmmhook.dll
c:\program files\PC-Doctor\ATLPcdToolbar569208.dll
c:\windows\system32\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\WLANExt.exe
c:\program files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files\Lenovo\Bluetooth Software\bin\btwdins.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Lenovo\PMDriver\PMSveH.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
c:\program files\Lenovo\Rescue and Recovery\rrservice.exe
c:\program files\Common Files\Lenovo\Scheduler\tvtsched.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\ThinkPad\ConnectUtilities\AcSvc.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Lenovo\System Update\SUService.exe
c:\windows\system32\WUDFHost.exe
c:\program files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
c:\windows\ehome\ehsched.exe
c:\windows\ehome\ehRecvr.exe
c:\windows\system32\conime.exe
c:\program files\Lenovo\LenovoCare\LPMGR.EXE
c:\windows\System32\rundll32.exe
c:\program files\Lenovo\PMDriver\PMHandler.exe
c:\windows\System32\rundll32.exe
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe
c:\program files\Lenovo\Bluetooth Software\BtStackServer.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\Common Files\Nokia\NoA\nokiaaserver.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
.
**************************************************************************
.
Celkový čas: 2010-11-26 18:41:36 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-11-26 17:41
Před spuštěním: Volných bajtů: 92 536 647 680
Po spuštění: Volných bajtů: 92 138 700 800
- - End Of File - - 03051A21A233F6753B76DA78BDDC4F47
tak jak to vypadá ?
prozatím to de místo na disku už neubývá tak rychle skoro vůbec resp.asi adekvátně mé činosti no ...
tak sem sah zadal semheslo a prihlasilo se to jenže se taky najeli skype a vinamp aty srajdy a v okně comba je nespouštějte žadne aplikace ale ty se porestartu spustily a use generuje log takže mam log a dam ho sem
takže výpis dole
ComboFix 10-11-25.05 - tata 26.11.2010 18:10:38.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2042.1037 [GMT 1:00]
Spuštěný z: c:\users\tata\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\Thumbs.db
Q:\AUTORUN.INF
S:\Autorun.inf
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-10-26 do 2010-11-26 )))))))))))))))))))))))))))))))
.
2010-11-26 17:18 . 2010-11-26 17:37 -------- d-----w- c:\users\tata\AppData\Local\temp
2010-11-26 17:18 . 2010-11-26 17:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-11-26 15:17 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{820CAA30-EBC7-4574-8C33-C21B991D70AC}\mpengine.dll
2010-11-26 00:04 . 2010-11-26 00:19 -------- d-----w- c:\program files\trend micro
2010-11-26 00:04 . 2010-11-26 00:11 -------- d-----w- C:\rsit
2010-11-24 08:35 . 2010-10-19 04:27 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-11-10 09:39 . 2010-11-10 09:46 -------- d-----w- C:\1d0f7f1e3101ba906d5ace103a9b
2010-11-10 09:39 . 2010-10-07 11:37 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2010-11-06 16:29 . 2010-11-09 23:48 -------- d-----w- c:\users\tata\AppData\Local\Nokia
2010-11-06 10:37 . 2010-11-06 10:37 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2010-11-05 18:41 . 2010-11-05 18:41 -------- d-----w- c:\program files\Common Files\Skype
2010-11-03 20:38 . 2010-11-03 20:39 -------- d-----w- c:\users\tata\AppData\Roaming\Thunderbird
2010-11-03 20:38 . 2010-11-03 20:39 -------- d-----w- c:\users\tata\AppData\Local\Thunderbird
2010-11-03 20:37 . 2010-11-03 20:37 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-11-03 19:44 . 2010-11-03 19:44 -------- d-----w- c:\users\tata\AppData\Local\ElevatedDiagnostics
2010-11-03 19:37 . 2010-11-03 19:42 -------- d-----w- c:\program files\Microsoft ATS
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-19 09:41 . 2009-10-03 01:26 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-09-15 02:50 . 2010-04-18 21:43 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-13 13:56 . 2010-10-13 06:18 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-09-08 06:01 . 2010-10-13 06:18 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-08 05:57 . 2010-10-13 06:18 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-08 05:57 . 2010-10-13 06:18 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-09-08 05:56 . 2010-10-13 06:18 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-09-08 05:56 . 2010-10-13 06:18 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-09-08 05:04 . 2010-10-13 06:18 385024 ----a-w- c:\windows\system32\html.iec
2010-09-08 04:26 . 2010-10-13 06:18 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-09-08 04:25 . 2010-10-13 06:18 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-09-06 16:20 . 2010-10-13 06:17 125952 ----a-w- c:\windows\system32\srvsvc.dll
2010-09-06 16:19 . 2010-10-13 06:17 17920 ----a-w- c:\windows\system32\netevent.dll
2010-09-06 13:45 . 2010-10-13 06:17 304128 ----a-w- c:\windows\system32\drivers\srv.sys
2010-09-06 13:45 . 2010-10-13 06:17 145408 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-09-06 13:45 . 2010-10-13 06:17 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-08-31 15:46 . 2010-10-13 06:17 954752 ----a-w- c:\windows\system32\mfc40.dll
2010-08-31 15:46 . 2010-10-13 06:17 954288 ----a-w- c:\windows\system32\mfc40u.dll
2010-08-31 15:44 . 2010-10-13 06:17 531968 ----a-w- c:\windows\system32\comctl32.dll
2010-08-31 13:27 . 2010-10-13 06:18 2038272 ----a-w- c:\windows\system32\win32k.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-06-10 15:28 1233288 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-06-10 1233288]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-06-10 1233288]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"Seznam Postak"="c:\program files\Seznam.cz\postak.exe" [2010-10-06 488728]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-10-11 14940040]
"NokiaOviSuite2"="c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2010-09-02 672632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2008-03-26 163840]
"TPFNF7"="c:\program files\Lenovo\NPDIRECT\TPFNF7SP.exe" [2008-07-30 60192]
"TPWAUDAP"="c:\program files\Lenovo\HOTKEY\TpWAudAp.exe" [2008-03-11 54560]
"SmartAudio"="c:\program files\CONEXANT\SMARTAUDIO\SMAUDIO.EXE" [2008-07-21 2701880]
"TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2008-05-25 487424]
"LPManager"="c:\progra~1\Lenovo\LENOVO~2\LPMGR.exe" [2007-04-26 120368]
"CameraApplicationLauncher"="c:\program files\Lenovo\Camera Center\bin\CameraApplicationLaunchpadLauncher.exe" [2008-10-07 16384]
"ACTray"="c:\program files\ThinkPad\ConnectUtilities\ACTray.exe" [2009-07-29 435488]
"ACWlIcon"="c:\program files\ThinkPad\ConnectUtilities\ACWlIcon.exe" [2009-07-29 177440]
"Message Center Plus"="c:\program files\LENOVO\Message Center Plus\MCPLaunch.exe" [2009-05-27 49976]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-11-19 13556256]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-11-19 92704]
"PMHandler"="c:\progra~1\Lenovo\PMDriver\PMHandler.exe" [2009-04-02 247080]
"PWMTRV"="c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL" [2010-01-06 869736]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-02-11 186904]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-07-12 74752]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http:" [X]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2008-8-26 752168]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
R1 tvtumon;tvtumon;c:\windows\system32\DRIVERS\tvtumon.sys [2008-05-24 48192]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-15 135664]
R2 TVT_UpdateMonitor;TVT Windows Update Monitor;c:\program files\Lenovo\Rescue and Recovery\UpdateMonitor.exe [2008-05-24 253952]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys [2006-12-20 97920]
R3 esihdrv;esihdrv;c:\users\tata\AppData\Local\Temp\esihdrv.sys [x]
R3 PCDSRVC{3037D694-FD904ACA-06020000}_0;PCDSRVC{3037D694-FD904ACA-06020000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor\pcdsrvc.pkms [2010-05-07 21360]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 16896]
S0 DozeHDD;DozeHDD;c:\windows\System32\DRIVERS\DozeHDD.sys [2010-01-06 24304]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
S2 DozeSvc;Lenovo Doze Mode Service;c:\program files\ThinkPad\Utilities\DOZESVC.EXE [2010-01-06 132456]
S2 FNF5SVC;Fn+F5 Service;c:\program files\LENOVO\HOTKEY\FNF5SVC.exe [2008-03-14 54560]
S2 Power Manager DBC Service;Power Manager DBC Service;c:\program files\ThinkPad\Utilities\PWMDBSVC.EXE [2010-01-06 75112]
S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2008-08-08 53325]
S2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\Lenovo\Rescue and Recovery\rrpservice.exe [2008-05-25 520192]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-25 183808]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2008-07-31 29736]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-08-07 97536]
S3 NETw5v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-04-28 3658752]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-09-06 45600]
S3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\DRIVERS\Tvti2c.sys [2008-02-22 37312]
S3 vm331avs;Lenovo EasyCamera;c:\windows\system32\Drivers\vm331avs.sys [2008-06-30 974336]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Obsah adresáře 'Naplánované úlohy'
2010-11-26 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-02-12 14:54]
2010-11-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-15 21:29]
2010-11-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-15 21:29]
2010-10-27 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PC-Doctor\uaclauncher.exe [2010-09-08 22:15]
2010-11-25 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\PC-Doctor\pcdrcui.exe [2010-09-08 22:15]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://lenovo.live.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\users\tata\AppData\Roaming\Mozilla\Firefox\Profiles\i5qfe0qp.default\
FF - prefs.js: browser.search.selectedEngine - WebHledani
FF - prefs.js: keyword.URL - hxxp://www.webhledani.cz/results.aspx?i=42&tp=ab&q=
FF - component: c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\components\FirefoxExtension.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - component: c:\users\tata\AppData\Roaming\Mozilla\Firefox\Profiles\i5qfe0qp.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - component: c:\users\tata\AppData\Roaming\Mozilla\Firefox\Profiles\i5qfe0qp.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\components\NativeComponent.dll
FF - component: c:\users\tata\AppData\Roaming\Mozilla\Firefox\Profiles\i5qfe0qp.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npfiller.dll
FF - plugin: c:\users\tata\AppData\Roaming\Mozilla\Firefox\Profiles\i5qfe0qp.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-26 18:37
Windows 6.0.6002 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
c:\users\tata\AppData\Local\Temp\xmlAE8.tmp 207 bytes
sken byl úspešně dokončen
skryté soubory: 1
**************************************************************************
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCDSRVC{3037D694-FD904ACA-06020000}_0]
"ImagePath"="\??\c:\program files\pc-doctor\pcdsrvc.pkms"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'Explorer.exe'(5808)
c:\windows\system32\btmmhook.dll
c:\program files\PC-Doctor\ATLPcdToolbar569208.dll
c:\windows\system32\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\WLANExt.exe
c:\program files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files\Lenovo\Bluetooth Software\bin\btwdins.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Lenovo\PMDriver\PMSveH.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
c:\program files\Lenovo\Rescue and Recovery\rrservice.exe
c:\program files\Common Files\Lenovo\Scheduler\tvtsched.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\ThinkPad\ConnectUtilities\AcSvc.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Lenovo\System Update\SUService.exe
c:\windows\system32\WUDFHost.exe
c:\program files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
c:\windows\ehome\ehsched.exe
c:\windows\ehome\ehRecvr.exe
c:\windows\system32\conime.exe
c:\program files\Lenovo\LenovoCare\LPMGR.EXE
c:\windows\System32\rundll32.exe
c:\program files\Lenovo\PMDriver\PMHandler.exe
c:\windows\System32\rundll32.exe
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe
c:\program files\Lenovo\Bluetooth Software\BtStackServer.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\Common Files\Nokia\NoA\nokiaaserver.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
.
**************************************************************************
.
Celkový čas: 2010-11-26 18:41:36 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-11-26 17:41
Před spuštěním: Volných bajtů: 92 536 647 680
Po spuštění: Volných bajtů: 92 138 700 800
- - End Of File - - 03051A21A233F6753B76DA78BDDC4F47
tak jak to vypadá ?
prozatím to de místo na disku už neubývá tak rychle skoro vůbec resp.asi adekvátně mé činosti no ...
-
Sacrificio
- Návštěvník
- Příspěvky: 22
- Registrován: 26 lis 2010 00:30
Re: asi svinsky facebok nebo jina havět - prosím pomooc
no asi sem to zakřik ubyva furt ale pomaleji nebo já nevim křáp jeden 
-
Rudy
- Site Admin
- Příspěvky: 119428
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: asi svinsky facebok nebo jina havět - prosím pomooc
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.KillAll::
Collect::
c:\users\tata\AppData\Local\Temp\xmlAE8.tmp
Folder::
c:\program files\Ask.com
Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"=-
[-HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Sacrificio
- Návštěvník
- Příspěvky: 22
- Registrován: 26 lis 2010 00:30
Re: asi svinsky facebok nebo jina havět - prosím pomooc
provedu ja sem si aktivně už instalnul avast bo sem byl bez antiviru mam ho ponechat nebo zas odinstalovat.
-
Sacrificio
- Návštěvník
- Příspěvky: 22
- Registrován: 26 lis 2010 00:30
Re: asi svinsky facebok nebo jina havět - prosím pomooc
no kura jestli sem to nezdupal přetah sm ten soubor na ikonu comba to se spustilo a vyběhla taaktualizace tak sem dal aktualizovat a pak se spustil ten proces fáze 1 a atd je to správně nebyla to ted chyba s tou aktualizací ?? nebo to ma pak udělat jsštějednou všim sem si že se ty soubory s ASK mazaly v combu 
-
Sacrificio
- Návštěvník
- Příspěvky: 22
- Registrován: 26 lis 2010 00:30
Re: asi svinsky facebok nebo jina havět - prosím pomooc
Takže výsledek
ComboFix 10-11-25.06 - tata 26.11.2010 21:54:37.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2042.1038 [GMT 1:00]
Spuštěný z: c:\users\tata\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\tata\Desktop\CFScript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Ask.com
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\UpdateTask.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-10-26 do 2010-11-26 )))))))))))))))))))))))))))))))
.
2010-11-26 21:04 . 2010-11-26 21:19 -------- d-----w- c:\users\tata\AppData\Local\temp
2010-11-26 21:04 . 2010-11-26 21:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-11-26 19:24 . 2010-09-07 15:52 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-11-26 19:24 . 2010-09-07 15:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-11-26 19:24 . 2010-09-07 15:47 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-11-26 19:24 . 2010-09-07 15:52 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-11-26 19:24 . 2010-09-07 15:47 50768 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-11-26 19:23 . 2010-09-07 16:12 38848 ----a-w- c:\windows\avastSS.scr
2010-11-26 19:23 . 2010-09-07 16:11 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-11-26 19:23 . 2010-11-26 19:23 -------- d-----w- c:\programdata\Alwil Software
2010-11-26 19:23 . 2010-11-26 19:23 -------- d-----w- c:\program files\Alwil Software
2010-11-26 18:37 . 2010-11-26 18:37 -------- d-----w- c:\program files\Crawler
2010-11-26 18:13 . 2010-11-26 18:13 -------- d-----w- c:\program files\ESET
2010-11-26 15:17 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{820CAA30-EBC7-4574-8C33-C21B991D70AC}\mpengine.dll
2010-11-26 00:04 . 2010-11-26 00:19 -------- d-----w- c:\program files\trend micro
2010-11-26 00:04 . 2010-11-26 00:11 -------- d-----w- C:\rsit
2010-11-24 08:35 . 2010-10-19 04:27 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-11-10 09:39 . 2010-11-10 09:46 -------- d-----w- C:\1d0f7f1e3101ba906d5ace103a9b
2010-11-10 09:39 . 2010-10-07 11:37 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2010-11-06 16:29 . 2010-11-09 23:48 -------- d-----w- c:\users\tata\AppData\Local\Nokia
2010-11-06 10:37 . 2010-11-06 10:37 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2010-11-05 18:41 . 2010-11-05 18:41 -------- d-----w- c:\program files\Common Files\Skype
2010-11-03 20:38 . 2010-11-03 20:39 -------- d-----w- c:\users\tata\AppData\Roaming\Thunderbird
2010-11-03 20:38 . 2010-11-03 20:39 -------- d-----w- c:\users\tata\AppData\Local\Thunderbird
2010-11-03 19:44 . 2010-11-03 19:44 -------- d-----w- c:\users\tata\AppData\Local\ElevatedDiagnostics
2010-11-03 19:37 . 2010-11-03 19:42 -------- d-----w- c:\program files\Microsoft ATS
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-19 09:41 . 2009-10-03 01:26 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-09-15 02:50 . 2010-04-18 21:43 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-13 13:56 . 2010-10-13 06:18 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-09-08 06:01 . 2010-10-13 06:18 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-08 05:57 . 2010-10-13 06:18 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-08 05:57 . 2010-10-13 06:18 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-09-08 05:56 . 2010-10-13 06:18 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-09-08 05:56 . 2010-10-13 06:18 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-09-08 05:04 . 2010-10-13 06:18 385024 ----a-w- c:\windows\system32\html.iec
2010-09-08 04:26 . 2010-10-13 06:18 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-09-08 04:25 . 2010-10-13 06:18 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-09-06 16:20 . 2010-10-13 06:17 125952 ----a-w- c:\windows\system32\srvsvc.dll
2010-09-06 16:19 . 2010-10-13 06:17 17920 ----a-w- c:\windows\system32\netevent.dll
2010-09-06 13:45 . 2010-10-13 06:17 304128 ----a-w- c:\windows\system32\drivers\srv.sys
2010-09-06 13:45 . 2010-10-13 06:17 145408 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-09-06 13:45 . 2010-10-13 06:17 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-08-31 15:46 . 2010-10-13 06:17 954752 ----a-w- c:\windows\system32\mfc40.dll
2010-08-31 15:46 . 2010-10-13 06:17 954288 ----a-w- c:\windows\system32\mfc40u.dll
2010-08-31 15:44 . 2010-10-13 06:17 531968 ----a-w- c:\windows\system32\comctl32.dll
2010-08-31 13:27 . 2010-10-13 06:18 2038272 ----a-w- c:\windows\system32\win32k.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"Seznam Postak"="c:\program files\Seznam.cz\postak.exe" [2010-10-06 488728]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-10-11 14940040]
"NokiaOviSuite2"="c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2010-09-02 672632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2008-03-26 163840]
"TPFNF7"="c:\program files\Lenovo\NPDIRECT\TPFNF7SP.exe" [2008-07-30 60192]
"TPWAUDAP"="c:\program files\Lenovo\HOTKEY\TpWAudAp.exe" [2008-03-11 54560]
"SmartAudio"="c:\program files\CONEXANT\SMARTAUDIO\SMAUDIO.EXE" [2008-07-21 2701880]
"TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2008-05-25 487424]
"LPManager"="c:\progra~1\Lenovo\LENOVO~2\LPMGR.exe" [2007-04-26 120368]
"CameraApplicationLauncher"="c:\program files\Lenovo\Camera Center\bin\CameraApplicationLaunchpadLauncher.exe" [2008-10-07 16384]
"ACTray"="c:\program files\ThinkPad\ConnectUtilities\ACTray.exe" [2009-07-29 435488]
"ACWlIcon"="c:\program files\ThinkPad\ConnectUtilities\ACWlIcon.exe" [2009-07-29 177440]
"Message Center Plus"="c:\program files\LENOVO\Message Center Plus\MCPLaunch.exe" [2009-05-27 49976]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-11-19 13556256]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-11-19 92704]
"PMHandler"="c:\progra~1\Lenovo\PMDriver\PMHandler.exe" [2009-04-02 247080]
"PWMTRV"="c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL" [2010-01-06 869736]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-02-11 186904]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http:" [X]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2008-8-26 752168]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
R1 tvtumon;tvtumon;c:\windows\system32\DRIVERS\tvtumon.sys [2008-05-24 48192]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-15 135664]
R2 TVT_UpdateMonitor;TVT Windows Update Monitor;c:\program files\Lenovo\Rescue and Recovery\UpdateMonitor.exe [2008-05-24 253952]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys [2006-12-20 97920]
R3 esihdrv;esihdrv;c:\users\tata\AppData\Local\Temp\esihdrv.sys [x]
R3 PCDSRVC{3037D694-FD904ACA-06020000}_0;PCDSRVC{3037D694-FD904ACA-06020000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor\pcdsrvc.pkms [2010-05-07 21360]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 16896]
S0 DozeHDD;DozeHDD;c:\windows\System32\DRIVERS\DozeHDD.sys [2010-01-06 24304]
S1 aswSP;aswSP; [x]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
S2 DozeSvc;Lenovo Doze Mode Service;c:\program files\ThinkPad\Utilities\DOZESVC.EXE [2010-01-06 132456]
S2 FNF5SVC;Fn+F5 Service;c:\program files\LENOVO\HOTKEY\FNF5SVC.exe [2008-03-14 54560]
S2 Power Manager DBC Service;Power Manager DBC Service;c:\program files\ThinkPad\Utilities\PWMDBSVC.EXE [2010-01-06 75112]
S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2008-08-08 53325]
S2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\Lenovo\Rescue and Recovery\rrpservice.exe [2008-05-25 520192]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-25 183808]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2008-07-31 29736]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-08-07 97536]
S3 NETw5v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-04-28 3658752]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-09-06 45600]
S3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\DRIVERS\Tvti2c.sys [2008-02-22 37312]
S3 vm331avs;Lenovo EasyCamera;c:\windows\system32\Drivers\vm331avs.sys [2008-06-30 974336]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Obsah adresáře 'Naplánované úlohy'
2010-11-26 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-02-12 14:54]
2010-11-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-15 21:29]
2010-11-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-15 21:29]
2010-10-27 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PC-Doctor\uaclauncher.exe [2010-09-08 22:15]
2010-11-25 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\PC-Doctor\pcdrcui.exe [2010-09-08 22:15]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://lenovo.live.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\users\tata\AppData\Roaming\Mozilla\Firefox\Profiles\i5qfe0qp.default\
FF - prefs.js: browser.search.selectedEngine - WebHledani
FF - prefs.js: keyword.URL - hxxp://www.webhledani.cz/results.aspx?i=42&tp=ab&q=
FF - component: c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\components\FirefoxExtension.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - component: c:\users\tata\AppData\Roaming\Mozilla\Firefox\Profiles\i5qfe0qp.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\components\NativeComponent.dll
FF - component: c:\users\tata\AppData\Roaming\Mozilla\Firefox\Profiles\i5qfe0qp.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npfiller.dll
FF - plugin: c:\users\tata\AppData\Roaming\Mozilla\Firefox\Profiles\i5qfe0qp.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKLM-Run-WinampAgent - c:\program files\Winamp\winampa.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-26 22:19
Windows 6.0.6002 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCDSRVC{3037D694-FD904ACA-06020000}_0]
"ImagePath"="\??\c:\program files\pc-doctor\pcdsrvc.pkms"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'Explorer.exe'(5588)
c:\windows\system32\btmmhook.dll
c:\program files\PC-Doctor\ATLPcdToolbar569208.dll
c:\windows\system32\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\rundll32.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\WLANExt.exe
c:\program files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files\Lenovo\Bluetooth Software\bin\btwdins.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Lenovo\PMDriver\PMSveH.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
c:\program files\Lenovo\Rescue and Recovery\rrservice.exe
c:\program files\Common Files\Lenovo\Scheduler\tvtsched.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\ThinkPad\ConnectUtilities\AcSvc.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Lenovo\System Update\SUService.exe
c:\windows\system32\WUDFHost.exe
c:\program files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
c:\windows\ehome\ehsched.exe
c:\windows\ehome\ehRecvr.exe
c:\windows\system32\conime.exe
c:\program files\Lenovo\LenovoCare\LPMGR.EXE
c:\windows\System32\rundll32.exe
c:\program files\Lenovo\PMDriver\PMHandler.exe
c:\windows\System32\rundll32.exe
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Lenovo\Bluetooth Software\BtStackServer.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
c:\program files\Common Files\Nokia\NoA\nokiaaserver.exe
.
**************************************************************************
.
Celkový čas: 2010-11-26 22:23:13 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-11-26 21:23
ComboFix2.txt 2010-11-26 17:41
Před spuštěním: Volných bajtů: 88 259 551 232
Po spuštění: Volných bajtů: 88 622 788 608
- - End Of File - - 705A0FC5DD6EFEB15EDC24971FB1B981
Jeto už ok a co to vůbec bylo za sviňáka??
ComboFix 10-11-25.06 - tata 26.11.2010 21:54:37.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2042.1038 [GMT 1:00]
Spuštěný z: c:\users\tata\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\tata\Desktop\CFScript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Ask.com
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\UpdateTask.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-10-26 do 2010-11-26 )))))))))))))))))))))))))))))))
.
2010-11-26 21:04 . 2010-11-26 21:19 -------- d-----w- c:\users\tata\AppData\Local\temp
2010-11-26 21:04 . 2010-11-26 21:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-11-26 19:24 . 2010-09-07 15:52 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-11-26 19:24 . 2010-09-07 15:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-11-26 19:24 . 2010-09-07 15:47 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-11-26 19:24 . 2010-09-07 15:52 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-11-26 19:24 . 2010-09-07 15:47 50768 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-11-26 19:23 . 2010-09-07 16:12 38848 ----a-w- c:\windows\avastSS.scr
2010-11-26 19:23 . 2010-09-07 16:11 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-11-26 19:23 . 2010-11-26 19:23 -------- d-----w- c:\programdata\Alwil Software
2010-11-26 19:23 . 2010-11-26 19:23 -------- d-----w- c:\program files\Alwil Software
2010-11-26 18:37 . 2010-11-26 18:37 -------- d-----w- c:\program files\Crawler
2010-11-26 18:13 . 2010-11-26 18:13 -------- d-----w- c:\program files\ESET
2010-11-26 15:17 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{820CAA30-EBC7-4574-8C33-C21B991D70AC}\mpengine.dll
2010-11-26 00:04 . 2010-11-26 00:19 -------- d-----w- c:\program files\trend micro
2010-11-26 00:04 . 2010-11-26 00:11 -------- d-----w- C:\rsit
2010-11-24 08:35 . 2010-10-19 04:27 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-11-10 09:39 . 2010-11-10 09:46 -------- d-----w- C:\1d0f7f1e3101ba906d5ace103a9b
2010-11-10 09:39 . 2010-10-07 11:37 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2010-11-06 16:29 . 2010-11-09 23:48 -------- d-----w- c:\users\tata\AppData\Local\Nokia
2010-11-06 10:37 . 2010-11-06 10:37 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2010-11-05 18:41 . 2010-11-05 18:41 -------- d-----w- c:\program files\Common Files\Skype
2010-11-03 20:38 . 2010-11-03 20:39 -------- d-----w- c:\users\tata\AppData\Roaming\Thunderbird
2010-11-03 20:38 . 2010-11-03 20:39 -------- d-----w- c:\users\tata\AppData\Local\Thunderbird
2010-11-03 19:44 . 2010-11-03 19:44 -------- d-----w- c:\users\tata\AppData\Local\ElevatedDiagnostics
2010-11-03 19:37 . 2010-11-03 19:42 -------- d-----w- c:\program files\Microsoft ATS
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-19 09:41 . 2009-10-03 01:26 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-09-15 02:50 . 2010-04-18 21:43 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-13 13:56 . 2010-10-13 06:18 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-09-08 06:01 . 2010-10-13 06:18 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-08 05:57 . 2010-10-13 06:18 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-08 05:57 . 2010-10-13 06:18 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-09-08 05:56 . 2010-10-13 06:18 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-09-08 05:56 . 2010-10-13 06:18 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-09-08 05:04 . 2010-10-13 06:18 385024 ----a-w- c:\windows\system32\html.iec
2010-09-08 04:26 . 2010-10-13 06:18 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-09-08 04:25 . 2010-10-13 06:18 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-09-06 16:20 . 2010-10-13 06:17 125952 ----a-w- c:\windows\system32\srvsvc.dll
2010-09-06 16:19 . 2010-10-13 06:17 17920 ----a-w- c:\windows\system32\netevent.dll
2010-09-06 13:45 . 2010-10-13 06:17 304128 ----a-w- c:\windows\system32\drivers\srv.sys
2010-09-06 13:45 . 2010-10-13 06:17 145408 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-09-06 13:45 . 2010-10-13 06:17 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-08-31 15:46 . 2010-10-13 06:17 954752 ----a-w- c:\windows\system32\mfc40.dll
2010-08-31 15:46 . 2010-10-13 06:17 954288 ----a-w- c:\windows\system32\mfc40u.dll
2010-08-31 15:44 . 2010-10-13 06:17 531968 ----a-w- c:\windows\system32\comctl32.dll
2010-08-31 13:27 . 2010-10-13 06:18 2038272 ----a-w- c:\windows\system32\win32k.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"Seznam Postak"="c:\program files\Seznam.cz\postak.exe" [2010-10-06 488728]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-10-11 14940040]
"NokiaOviSuite2"="c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2010-09-02 672632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2008-03-26 163840]
"TPFNF7"="c:\program files\Lenovo\NPDIRECT\TPFNF7SP.exe" [2008-07-30 60192]
"TPWAUDAP"="c:\program files\Lenovo\HOTKEY\TpWAudAp.exe" [2008-03-11 54560]
"SmartAudio"="c:\program files\CONEXANT\SMARTAUDIO\SMAUDIO.EXE" [2008-07-21 2701880]
"TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2008-05-25 487424]
"LPManager"="c:\progra~1\Lenovo\LENOVO~2\LPMGR.exe" [2007-04-26 120368]
"CameraApplicationLauncher"="c:\program files\Lenovo\Camera Center\bin\CameraApplicationLaunchpadLauncher.exe" [2008-10-07 16384]
"ACTray"="c:\program files\ThinkPad\ConnectUtilities\ACTray.exe" [2009-07-29 435488]
"ACWlIcon"="c:\program files\ThinkPad\ConnectUtilities\ACWlIcon.exe" [2009-07-29 177440]
"Message Center Plus"="c:\program files\LENOVO\Message Center Plus\MCPLaunch.exe" [2009-05-27 49976]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-11-19 13556256]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-11-19 92704]
"PMHandler"="c:\progra~1\Lenovo\PMDriver\PMHandler.exe" [2009-04-02 247080]
"PWMTRV"="c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL" [2010-01-06 869736]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-02-11 186904]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http:" [X]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2008-8-26 752168]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
R1 tvtumon;tvtumon;c:\windows\system32\DRIVERS\tvtumon.sys [2008-05-24 48192]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-15 135664]
R2 TVT_UpdateMonitor;TVT Windows Update Monitor;c:\program files\Lenovo\Rescue and Recovery\UpdateMonitor.exe [2008-05-24 253952]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys [2006-12-20 97920]
R3 esihdrv;esihdrv;c:\users\tata\AppData\Local\Temp\esihdrv.sys [x]
R3 PCDSRVC{3037D694-FD904ACA-06020000}_0;PCDSRVC{3037D694-FD904ACA-06020000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor\pcdsrvc.pkms [2010-05-07 21360]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 16896]
S0 DozeHDD;DozeHDD;c:\windows\System32\DRIVERS\DozeHDD.sys [2010-01-06 24304]
S1 aswSP;aswSP; [x]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
S2 DozeSvc;Lenovo Doze Mode Service;c:\program files\ThinkPad\Utilities\DOZESVC.EXE [2010-01-06 132456]
S2 FNF5SVC;Fn+F5 Service;c:\program files\LENOVO\HOTKEY\FNF5SVC.exe [2008-03-14 54560]
S2 Power Manager DBC Service;Power Manager DBC Service;c:\program files\ThinkPad\Utilities\PWMDBSVC.EXE [2010-01-06 75112]
S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2008-08-08 53325]
S2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\Lenovo\Rescue and Recovery\rrpservice.exe [2008-05-25 520192]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-25 183808]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2008-07-31 29736]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-08-07 97536]
S3 NETw5v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-04-28 3658752]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-09-06 45600]
S3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\DRIVERS\Tvti2c.sys [2008-02-22 37312]
S3 vm331avs;Lenovo EasyCamera;c:\windows\system32\Drivers\vm331avs.sys [2008-06-30 974336]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Obsah adresáře 'Naplánované úlohy'
2010-11-26 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-02-12 14:54]
2010-11-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-15 21:29]
2010-11-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-15 21:29]
2010-10-27 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PC-Doctor\uaclauncher.exe [2010-09-08 22:15]
2010-11-25 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\PC-Doctor\pcdrcui.exe [2010-09-08 22:15]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://lenovo.live.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\users\tata\AppData\Roaming\Mozilla\Firefox\Profiles\i5qfe0qp.default\
FF - prefs.js: browser.search.selectedEngine - WebHledani
FF - prefs.js: keyword.URL - hxxp://www.webhledani.cz/results.aspx?i=42&tp=ab&q=
FF - component: c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\components\FirefoxExtension.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - component: c:\users\tata\AppData\Roaming\Mozilla\Firefox\Profiles\i5qfe0qp.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\components\NativeComponent.dll
FF - component: c:\users\tata\AppData\Roaming\Mozilla\Firefox\Profiles\i5qfe0qp.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npfiller.dll
FF - plugin: c:\users\tata\AppData\Roaming\Mozilla\Firefox\Profiles\i5qfe0qp.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKLM-Run-WinampAgent - c:\program files\Winamp\winampa.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-26 22:19
Windows 6.0.6002 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCDSRVC{3037D694-FD904ACA-06020000}_0]
"ImagePath"="\??\c:\program files\pc-doctor\pcdsrvc.pkms"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'Explorer.exe'(5588)
c:\windows\system32\btmmhook.dll
c:\program files\PC-Doctor\ATLPcdToolbar569208.dll
c:\windows\system32\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\rundll32.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\WLANExt.exe
c:\program files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files\Lenovo\Bluetooth Software\bin\btwdins.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Lenovo\PMDriver\PMSveH.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
c:\program files\Lenovo\Rescue and Recovery\rrservice.exe
c:\program files\Common Files\Lenovo\Scheduler\tvtsched.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\ThinkPad\ConnectUtilities\AcSvc.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Lenovo\System Update\SUService.exe
c:\windows\system32\WUDFHost.exe
c:\program files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
c:\windows\ehome\ehsched.exe
c:\windows\ehome\ehRecvr.exe
c:\windows\system32\conime.exe
c:\program files\Lenovo\LenovoCare\LPMGR.EXE
c:\windows\System32\rundll32.exe
c:\program files\Lenovo\PMDriver\PMHandler.exe
c:\windows\System32\rundll32.exe
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Lenovo\Bluetooth Software\BtStackServer.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
c:\program files\Common Files\Nokia\NoA\nokiaaserver.exe
.
**************************************************************************
.
Celkový čas: 2010-11-26 22:23:13 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-11-26 21:23
ComboFix2.txt 2010-11-26 17:41
Před spuštěním: Volných bajtů: 88 259 551 232
Po spuštění: Volných bajtů: 88 622 788 608
- - End Of File - - 705A0FC5DD6EFEB15EDC24971FB1B981
Jeto už ok a co to vůbec bylo za sviňáka??
Přispějete na provoz fóra?