Logfile of random's system information tool 1.08 (written by random/random)
Run by Pája at 2010-12-07 18:58:26
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 13 GB (16%) free of 80 GB
Total RAM: 2047 MB (46% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:00:16, on 7.12.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\mHotkey.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Documents and Settings\Pája\Plocha\RSIT.exe
C:\Program Files\trend micro\Pája.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: (no name) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: (no name) - {399d96ca-6f9a-4fff-95fe-284e45ebb935} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
O4 - HKLM\..\Run: [Cm108Sound] RunDll32 cm108.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MyWebSearch\bar\1.bin\m3SrchMn.exe" /m=2 /w /h
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [RGSC] D:\Program Files\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... 2010100406
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout obsah FLV videa s IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se5036.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDow ... rtScan.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Google Update Service (gupdate1c9951d609792ca) (gupdate1c9951d609792ca) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: My Web Search Service (MyWebSearchService) - Unknown owner - C:\PROGRA~1\MyWebSearch\bar\1.bin\mwssvc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 14335 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{3283A1E5-59B7-4FFB-B236-7B286FD62D70}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2007-07-04 91568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}]
mwsBar BHO - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL [2010-10-04 775696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{399d96ca-6f9a-4fff-95fe-284e45ebb935}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-26 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-11-26 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{07B18EA9-A523-4961-B6BB-170DE4475CCA} - My Web Search - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL [2010-10-04 775696]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864]
"36X Raid Configurer"=C:\WINDOWS\system32\xRaidSetup.exe [2007-05-08 1953792]
"CHotkey"=C:\WINDOWS\mHotkey.exe [2006-12-08 547840]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2005-01-12 32768]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"QuickTime Task"=C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe [2006-09-01 282624]
"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2005-10-26 159744]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-11-26 149280]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-05-16 16862720]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles []
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-09-07 2838912]
"NokiaMusic FastStart"=C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe [2010-03-04 2192672]
""= []
"Cm108Sound"=RunDll32 cm108.cpl,CMICtrlWnd []
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2009-05-26 1468296]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-10-16 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-10-16 13851752]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-08-25 1753192]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 153672]
"My Web Search Bar Search Scope Monitor"=C:\PROGRA~1\MyWebSearch\bar\1.bin\m3SrchMn.exe /m=2 /w /h []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2007-02-08 95800]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-06-01 94208]
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2007-07-23 800768]
"RGSC"=D:\Program Files\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe [2009-07-02 306088]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2010-09-25 328056]
"ICQ"=C:\Program Files\ICQ7.2\ICQ.exe [2010-10-27 133432]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Documents and Settings\Pája\Nabídka Start\Programy\Po spuštění
MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe"="C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe:*:Disabled:Sunbelt Kerio Firewall GUI"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Valve\hlds.exe"="C:\Program Files\Valve\hlds.exe:*:Enabled:HLDS Launcher"
"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe"="C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe:*:Enabled:Sunbelt Kerio Firewall Service"
"D:\CS SOURCE\hl2.exe"="D:\CS SOURCE\hl2.exe:*:Enabled:hl2"
"C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe"="C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"E:\Program files\TrackMania Sunrise\TmSunrise.exe"="E:\Program files\TrackMania Sunrise\TmSunrise.exe:*:Enabled:TmSunrise"
"C:\Program Files\Valve\hltv.exe"="C:\Program Files\Valve\hltv.exe:*:Enabled:HLTV Launcher"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\Program Files\Call of Duty 4\iw3mp.exe"="D:\Program Files\Call of Duty 4\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Program Files\Sony Ericsson\Update Service\Update Service.exe"="C:\Program Files\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"D:\Program Files\Microsoft Games\Rise of Nations\rise.exe"="D:\Program Files\Microsoft Games\Rise of Nations\rise.exe:*:Enabled:Rise of Nations"
"D:\Program Files\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe"="D:\Program Files\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"D:\Program Files\Guitar\GHWT.exe"="D:\Program Files\Guitar\GHWT.exe:*:Enabled:Guitar Hero World Tour"
"C:\Program Files\sixteen tons entertainment\Emergency 4\Em4.exe"="C:\Program Files\sixteen tons entertainment\Emergency 4\Em4.exe:*:Enabled:Em4"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"E:\Program files\Medal of Honor 2 BETA\MoHMPUpdater.exe"="E:\Program files\Medal of Honor 2 BETA\MoHMPUpdater.exe:*:Enabled:Medal of Honor™ MP Beta"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Steam\steamapps\common\mafia ii - public demo\launcher.exe"="C:\Program Files\Steam\steamapps\common\mafia ii - public demo\launcher.exe:*:Enabled:Mafia II - Demo"
"C:\Documents and Settings\Pája\Plocha\VideoConverter_Setup.exe"="C:\Documents and Settings\Pája\Plocha\VideoConverter_Setup.exe:*:Enabled:Video Converter"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"E:\Program files\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe"="E:\Program files\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe:*:Enabled:Landwirtschafts Simulator 2011"
"E:\Program files\Landwirtschafts Simulator 2011\game.exe"="E:\Program files\Landwirtschafts Simulator 2011\game.exe:*:Enabled:Landwirtschafts Simulator 2011"
"E:\Program files\Need for Speed Hot Pursuit 3\Launcher.exe"="E:\Program files\Need for Speed Hot Pursuit 3\Launcher.exe:*:Enabled:Need for Speed(TM) Hot Pursuit"
"E:\Program files\Create 2010\pc\Create.exe"="E:\Program files\Create 2010\pc\Create.exe:*:Enabled:Create™"
"E:\Program files\FlatOut Ultimate Carnage\Fouc.exe"="E:\Program files\FlatOut Ultimate Carnage\Fouc.exe:*:Enabled:FlatOut Ultimate Carnage"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"E:\Program files\Call of Juarez-Bound in Blood\CoJBiBGame_x86.exe"="E:\Program files\Call of Juarez-Bound in Blood\CoJBiBGame_x86.exe:*:Enabled:Call of Juarez - Bound in Blood"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
======List of files/folders created in the last 1 months======
2010-12-07 18:58:26 ----D---- C:\rsit
2010-12-07 15:47:37 ----D---- C:\WINDOWS\LastGood
2010-12-04 12:10:28 ----A---- C:\WINDOWS\cocowawa.dll
2010-11-21 10:55:47 ----D---- C:\Program FilesAdvent
2010-11-17 17:20:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\EA Core
2010-11-14 11:26:51 ----D---- C:\Program Files\Defraggler
2010-11-10 20:08:20 ----HDC---- C:\WINDOWS\$NtUninstallKB952011$
2010-11-10 19:03:15 ----A---- C:\WINDOWS\system32\OctaneARM.dll
2010-11-08 16:04:19 ----D---- C:\Program Files\piPOol
======List of files/folders modified in the last 1 months======
2010-12-07 19:00:16 ----D---- C:\Program Files\trend micro
2010-12-07 18:59:10 ----D---- C:\WINDOWS\Prefetch
2010-12-07 18:38:48 ----D---- C:\Documents and Settings\Pája\Data aplikací\uTorrent
2010-12-07 18:09:58 ----D---- C:\WINDOWS\Temp
2010-12-07 17:04:41 ----D---- C:\Documents and Settings\Pája\Data aplikací\ICQ
2010-12-07 15:48:25 ----HD---- C:\Program Files\InstallShield Installation Information
2010-12-07 15:48:24 ----D---- C:\WINDOWS\system32\DirectX
2010-12-07 15:48:23 ----HD---- C:\WINDOWS\inf
2010-12-07 15:47:50 ----RSD---- C:\WINDOWS\assembly
2010-12-07 15:47:37 ----D---- C:\WINDOWS
2010-12-07 15:47:36 ----D---- C:\WINDOWS\system32\CatRoot2
2010-12-07 15:47:26 ----SHD---- C:\WINDOWS\Installer
2010-12-07 15:46:47 ----D---- C:\Config.Msi
2010-12-07 14:05:58 ----D---- C:\Documents and Settings\Pája\Data aplikací\DMCache
2010-12-07 07:34:59 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-12-06 14:40:25 ----D---- C:\WINDOWS\system32
2010-12-05 19:18:18 ----D---- C:\Documents and Settings\Pája\Data aplikací\Skype
2010-12-05 19:14:45 ----D---- C:\Documents and Settings\Pája\Data aplikací\skypePM
2010-12-05 14:58:45 ----RD---- C:\Program Files
2010-12-05 12:41:16 ----D---- C:\WINDOWS\WinSxS
2010-12-05 12:04:19 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-12-05 12:02:52 ----D---- C:\WINDOWS\system32\drivers
2010-12-05 12:02:49 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-12-05 12:02:40 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-12-05 12:02:16 ----D---- C:\Program Files\Common Files\Logitech
2010-12-05 12:02:15 ----D---- C:\Program Files\Logitech
2010-12-05 08:42:05 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2010-12-04 19:22:21 ----D---- C:\Documents and Settings\Pája\Data aplikací\Image Zone Express
2010-12-04 12:32:23 ----D---- C:\Program Files\Valve
2010-12-03 08:09:15 ----A---- C:\WINDOWS\NeroDigital.ini
2010-12-02 10:52:38 ----D---- C:\Documents and Settings\Pája\Data aplikací\esmska
2010-12-02 09:37:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-11-30 16:39:47 ----D---- C:\Program Files\Google
2010-11-30 16:31:49 ----D---- C:\WINDOWS\system32\drivers\etc
2010-11-18 16:43:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\Solidshield
2010-11-17 17:20:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
2010-11-17 16:11:03 ----A---- C:\WINDOWS\system32\ZLib.dll
2010-11-17 09:07:21 ----D---- C:\Documents and Settings\Pája\Data aplikací\Tropico 3
2010-11-14 11:29:28 ----D---- C:\WINDOWS\Debug
2010-11-13 08:12:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-11-10 18:58:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-11-10 18:55:22 ----A---- C:\WINDOWS\system32\MRT.exe
2010-11-08 18:34:50 ----D---- C:\Documents and Settings\Pája\Data aplikací\IDM
2010-11-08 16:05:49 ----A---- C:\WINDOWS\win.ini
2010-11-08 15:50:59 ----D---- C:\Program Files\Total Video Converter
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 JRAID;JRAID; C:\WINDOWS\system32\DRIVERS\jraid.sys [2007-05-10 48640]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-08-09 114016]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\WINDOWS\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2006-07-10 27032]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2007-01-12 82296]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-07-06 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-09-07 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2007-02-20 302000]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2007-02-20 71088]
R1 prodrv03;Star Force copy protection driver v3; C:\WINDOWS\System32\drivers\prodrv03.sys [2008-04-12 115968]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [2005-11-21 16512]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-09-07 100176]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-07-17 281760]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-07-17 25888]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-09-07 23376]
R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-10-24 117760]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-05-20 4800000]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [2008-07-13 101120]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-10-22 9623680]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-01-22 9856]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2009-05-09 27792]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2010-04-27 22856]
R3 WmFilter;Logitech Gaming HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2010-04-27 37704]
R3 WmHidLo;Logitech Gaming USB Filter Driver; C:\WINDOWS\system32\drivers\WmHidLo.sys [2010-04-27 31816]
R3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2010-04-27 15048]
R3 WmXlCore;Logitech Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2010-04-27 66632]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
S3 aj7epi3w;aj7epi3w; C:\WINDOWS\system32\drivers\aj7epi3w.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2007-03-16 38656]
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2009-10-02 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2009-10-02 25512]
S3 GMSIPCI;GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-05-04 25280]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-12 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-12 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-12 21568]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2009-03-19 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2009-03-19 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-08-01 47360]
S3 se46bus;Sony Ericsson Device 070 driver (WDM); C:\WINDOWS\system32\DRIVERS\se46bus.sys [2006-11-30 61536]
S3 se46mdfl;Sony Ericsson Device 070 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se46mdfl.sys [2006-11-30 9360]
S3 se46mdm;Sony Ericsson Device 070 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se46mdm.sys [2006-11-30 97088]
S3 se46mgmt;Sony Ericsson Device 070 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se46mgmt.sys [2006-11-30 88624]
S3 se46nd5;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (NDIS); C:\WINDOWS\system32\DRIVERS\se46nd5.sys [2006-11-30 18704]
S3 se46obex;Sony Ericsson Device 070 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se46obex.sys [2006-11-30 86432]
S3 se46unic;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (WDM); C:\WINDOWS\system32\DRIVERS\se46unic.sys [2006-11-30 90800]
S3 sermouse;Ovladač sériové myši; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2001-10-24 17664]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 USBPNPA;USB PnP Sound Device Interface; C:\WINDOWS\system32\drivers\CM108.sys [2007-07-20 1312768]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2008-07-17 28672]
S3 w810bus;Sony Ericsson W810 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w810bus.sys [2006-02-20 58288]
S3 w810mdfl;Sony Ericsson W810 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w810mdfl.sys [2006-02-20 8336]
S3 w810mdm;Sony Ericsson W810 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w810mdm.sys [2006-02-20 94064]
S3 w810mgmt;Sony Ericsson W810 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w810mgmt.sys [2006-02-20 85408]
S3 w810obex;Sony Ericsson W810 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w810obex.sys [2006-02-20 83344]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-11-26 153376]
R2 KPF4;Sunbelt Kerio Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe [2007-02-20 1222192]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-10-16 156776]
R2 ScsiAccess;ScsiAccess; C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe [2010-09-20 181312]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S2 gupdate1c9951d609792ca;Google Update Service (gupdate1c9951d609792ca); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-22 133104]
S2 MyWebSearchService;My Web Search Service; C:\PROGRA~1\MyWebSearch\bar\1.bin\mwssvc.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-06-08 208896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o preventivní kontrolu, Děkuji.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Knight.Paja
- Návštěvník
- Příspěvky: 26
- Registrován: 06 črc 2010 11:03
- Bydliště: Tlumačov (ZL)
Re: Prosím o preventivní kontrolu, Děkuji.
Zdravim a pekny den preji 
Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R
- Vyskoci na Vas okenko, do ktereho zkopirujte text nize
Kód: Vybrat vše
services.msc- Kliknete na OK
- Najdete sluzby nize
- Google Update Service
Google Updater Service
Java Quick Starter - U sluzby provedte toto
- Klik na ni pravym mysidlem a zvolit Vlastnosti
- Nyní klik na Zastavit
- Typ spousteni nastavit na Zakazano
- Potvrdte kliknutim na OK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Vložte do PC vsechny USB klice (flash disky, ext.disky apod.)
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.-
Knight.Paja
- Návštěvník
- Příspěvky: 26
- Registrován: 06 črc 2010 11:03
- Bydliště: Tlumačov (ZL)
Re: Prosím o preventivní kontrolu, Děkuji.
zdravím,taky jsem z Tlumačova,
ComboFix 10-12-06.04 - Pája 07.12.2010 19:39:18.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1031 [GMT 1:00]
Spuštěný z: c:\documents and settings\Pája\Plocha\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Sunbelt Kerio Personal Firewall *enabled* {E659E0EE-10E6-49B7-8696-60F38D0EB174}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Pája\Data aplikací\BITS
c:\documents and settings\Pája\Data aplikací\BITS\BITS.ini
c:\program files\FunWebProducts
c:\program files\FunWebProducts\ScreenSaver\Images\0179AB59.urr
c:\program files\FunWebProducts\Shared\Cache\CursorManiaBtn.html
c:\program files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\1.bin\F3BKGERR.JPG
c:\program files\MyWebSearch\bar\1.bin\F3CJPEG.DLL
c:\program files\MyWebSearch\bar\1.bin\F3DTactl.dll
c:\program files\MyWebSearch\bar\1.bin\F3HISTSW.DLL
c:\program files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL
c:\program files\MyWebSearch\bar\1.bin\F3HTmlmu.dll
c:\program files\MyWebSearch\bar\1.bin\F3HTtpct.dll
c:\program files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL
c:\program files\MyWebSearch\bar\1.bin\F3POPSWT.DLL
c:\program files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR
c:\program files\MyWebSearch\bar\1.bin\F3REGHK.DLL
c:\program files\MyWebSearch\bar\1.bin\F3REPROX.DLL
c:\program files\MyWebSearch\bar\1.bin\F3RESTUB.DLL
c:\program files\MyWebSearch\bar\1.bin\F3SCrctr.dll
c:\program files\MyWebSearch\bar\1.bin\F3SCHMON.EXE
c:\program files\MyWebSearch\bar\1.bin\F3SPACER.WMV
c:\program files\MyWebSearch\bar\1.bin\F3WALLPP.DAT
c:\program files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL
c:\program files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG
c:\program files\MyWebSearch\bar\1.bin\CHROME.MANIFEST
c:\program files\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR
c:\program files\MyWebSearch\bar\1.bin\INSTALL.RDF
c:\program files\MyWebSearch\bar\1.bin\M3AUXSTB.DLL
c:\program files\MyWebSearch\bar\1.bin\M3DLGHK.DLL
c:\program files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE
c:\program files\MyWebSearch\bar\1.bin\M3HTML.DLL
c:\program files\MyWebSearch\bar\1.bin\M3IDLE.DLL
c:\program files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE
c:\program files\MyWebSearch\bar\1.bin\M3MEDINT.EXE
c:\program files\MyWebSearch\bar\1.bin\M3MSg.dll
c:\program files\MyWebSearch\bar\1.bin\M3OUtlcn.dll
c:\program files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL
c:\program files\MyWebSearch\bar\1.bin\M3SKIN.DLL
c:\program files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE
c:\program files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE
c:\program files\MyWebSearch\bar\1.bin\MWSBAR.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSMLBTN.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSOESTB.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSUABTN.DLL
c:\program files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL
c:\program files\MyWebSearch\bar\Avatar\COMMON.F3S
c:\program files\MyWebSearch\bar\Cache\015E9A84
c:\program files\MyWebSearch\bar\Cache\015EA496
c:\program files\MyWebSearch\bar\Cache\015EB290.bin
c:\program files\MyWebSearch\bar\Cache\015F061F.bin
c:\program files\MyWebSearch\bar\Cache\015F0776.bin
c:\program files\MyWebSearch\bar\Cache\015F0870.bin
c:\program files\MyWebSearch\bar\Cache\files.ini
c:\program files\MyWebSearch\bar\Game\CHECKERS.F3S
c:\program files\MyWebSearch\bar\Game\CHESS.F3S
c:\program files\MyWebSearch\bar\Game\REVERSI.F3S
c:\program files\MyWebSearch\bar\History\search3
c:\program files\MyWebSearch\bar\icons\CM.ICO
c:\program files\MyWebSearch\bar\icons\MFC.ICO
c:\program files\MyWebSearch\bar\icons\PSS.ICO
c:\program files\MyWebSearch\bar\icons\SMILEY.ICO
c:\program files\MyWebSearch\bar\icons\WB.ICO
c:\program files\MyWebSearch\bar\icons\ZWINKY.ICO
c:\program files\MyWebSearch\bar\Message\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\DOG.F3S
c:\program files\MyWebSearch\bar\Notifier\FISH.F3S
c:\program files\MyWebSearch\bar\Notifier\KUNGFU.F3S
c:\program files\MyWebSearch\bar\Notifier\LIFEGARD.F3S
c:\program files\MyWebSearch\bar\Notifier\MAID.F3S
c:\program files\MyWebSearch\bar\Notifier\MAILBOX.F3S
c:\program files\MyWebSearch\bar\Notifier\OPERA.F3S
c:\program files\MyWebSearch\bar\Notifier\ROBOT.F3S
c:\program files\MyWebSearch\bar\Notifier\SEDUCT.F3S
c:\program files\MyWebSearch\bar\Notifier\SURFER.F3S
c:\program files\MyWebSearch\bar\Overlay\COMMON.F3S
c:\program files\MyWebSearch\bar\Settings\prevcfg2.htm
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\windows\system32\f3PSSavr.scr
D:\install.exe
E:\install.exe
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_MYWEBSEARCHSERVICE
-------\Service_MyWebSearchService
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-07 do 2010-12-07 )))))))))))))))))))))))))))))))
.
2010-12-07 17:58 . 2010-12-07 18:00 -------- d-----w- C:\rsit
2010-12-05 11:55 . 2010-12-05 11:55 -------- d-----w- c:\documents and settings\Pája\Local Settings\Data aplikací\FlatOut Ultimate Carnage
2010-12-04 11:10 . 2010-12-04 11:15 4608 ----a-w- c:\windows\cocowawa.dll
2010-11-21 09:55 . 2010-11-28 17:36 -------- d-----w- C:\Program FilesAdvent
2010-11-17 16:20 . 2010-11-17 16:20 -------- d-----w- c:\documents and settings\All Users\Data aplikací\EA Core
2010-11-14 10:26 . 2010-11-14 10:28 -------- d-----w- c:\program files\Defraggler
2010-11-11 15:36 . 2010-11-11 15:36 -------- d-----w- c:\documents and settings\Pája\Local Settings\Data aplikací\Activision
2010-11-10 18:09 . 2010-11-10 18:09 335872 ----a-r- c:\documents and settings\Pája\Data aplikací\Microsoft\Installer\{AA01BA34-88F7-436D-822A-35324727C4C1}\oo_unerase_9C3BE5C3A3C646DABE40B79DE57BC3BB.exe
2010-11-10 18:09 . 2010-11-10 18:09 335872 ----a-r- c:\documents and settings\Pája\Data aplikací\Microsoft\Installer\{AA01BA34-88F7-436D-822A-35324727C4C1}\ARPPRODUCTICON.exe
2010-11-10 18:03 . 2004-03-16 07:35 49152 ----a-w- c:\windows\system32\OctaneARM.dll
2010-11-08 15:04 . 2010-11-08 15:04 -------- d-----w- c:\program files\piPOol
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-05 11:04 . 2008-10-04 16:07 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-12-05 11:04 . 2008-10-04 16:07 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-12-05 07:42 . 2008-10-04 16:07 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-12-04 11:11 . 2005-10-04 22:54 258300 ----a-w- c:\windows\sxe-loader
2010-11-17 15:11 . 2010-07-13 14:45 53248 ----a-w- c:\windows\system32\ZLib.dll
2010-11-07 12:03 . 2010-11-07 12:03 1409 ----a-w- c:\windows\QTFont.for
2010-11-07 09:47 . 2008-08-11 15:29 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2010-11-07 09:47 . 2008-08-11 15:29 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2010-10-22 06:23 . 2010-06-28 11:59 61440 ----a-w- c:\windows\system32\OpenCL.dll
2010-10-22 06:23 . 2007-06-28 16:43 14532608 ----a-w- c:\windows\system32\nvoglnt.dll
2010-10-22 06:23 . 2010-10-20 16:40 888424 ----a-w- c:\windows\system32\nvdispco32.dll
2010-10-22 06:23 . 2010-10-20 16:40 813672 ----a-w- c:\windows\system32\nvgenco32.dll
2010-10-22 06:23 . 2010-06-28 11:59 2932840 ----a-w- c:\windows\system32\nvcuvid.dll
2010-10-22 06:23 . 2010-06-28 11:59 2666600 ----a-w- c:\windows\system32\nvcuvenc.dll
2010-10-22 06:23 . 2008-10-07 12:33 4882432 ----a-w- c:\windows\system32\nvcuda.dll
2010-10-22 06:23 . 2010-06-28 11:59 13012992 ----a-w- c:\windows\system32\nvcompiler.dll
2010-10-22 06:23 . 2007-06-28 16:43 9623680 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2010-10-22 06:23 . 2007-06-28 16:43 6359552 ----a-w- c:\windows\system32\nv4_disp.dll
2010-10-22 06:23 . 2007-06-28 16:43 1462272 ----a-w- c:\windows\system32\nvapi.dll
2010-10-16 10:05 . 2010-10-16 10:05 81920 ----a-w- c:\windows\system32\nvwddi.dll
2010-10-16 10:05 . 2010-10-16 10:05 335872 ----a-w- c:\windows\system32\nvrsar.dll
2010-10-16 10:05 . 2010-10-16 10:05 331776 ----a-w- c:\windows\system32\nvrshe.dll
2010-10-16 10:05 . 2010-10-16 10:05 286720 ----a-w- c:\windows\system32\nvrsfr.dll
2010-10-16 10:05 . 2010-10-16 10:05 282624 ----a-w- c:\windows\system32\nvrses.dll
2010-10-16 10:05 . 2010-10-16 10:05 282624 ----a-w- c:\windows\system32\nvrsel.dll
2010-10-16 10:05 . 2010-10-16 10:05 278528 ----a-w- c:\windows\system32\nvrsde.dll
2010-10-16 10:05 . 2010-10-16 10:05 274432 ----a-w- c:\windows\system32\nvrsnl.dll
2010-10-16 10:05 . 2010-10-16 10:05 274432 ----a-w- c:\windows\system32\nvrsesm.dll
2010-10-16 10:05 . 2010-10-16 10:05 270336 ----a-w- c:\windows\system32\nvrsru.dll
2010-10-16 10:05 . 2010-10-16 10:05 270336 ----a-w- c:\windows\system32\nvrsptb.dll
2010-10-16 10:05 . 2010-10-16 10:05 266240 ----a-w- c:\windows\system32\nvrsko.dll
2010-10-16 10:05 . 2010-10-16 10:05 262144 ----a-w- c:\windows\system32\nvrshu.dll
2010-10-16 10:05 . 2010-10-16 10:05 258048 ----a-w- c:\windows\system32\nvrstr.dll
2010-10-16 10:05 . 2010-10-16 10:05 258048 ----a-w- c:\windows\system32\nvrssl.dll
2010-10-16 10:05 . 2010-10-16 10:05 258048 ----a-w- c:\windows\system32\nvrssk.dll
2010-10-16 10:05 . 2010-10-16 10:05 253952 ----a-w- c:\windows\system32\nvrsth.dll
2010-10-16 10:05 . 2010-10-16 10:05 253952 ----a-w- c:\windows\system32\nvrssv.dll
2010-10-16 10:05 . 2010-10-16 10:05 253952 ----a-w- c:\windows\system32\nvrsda.dll
2010-10-16 10:05 . 2010-10-16 10:05 249856 ----a-w- c:\windows\system32\nvrsfi.dll
2010-10-16 10:05 . 2010-10-16 10:05 249856 ----a-w- c:\windows\system32\nvrseng.dll
2010-10-16 10:05 . 2010-10-16 10:05 249856 ----a-w- c:\windows\system32\nvrscs.dll
2010-10-16 10:05 . 2010-10-16 10:05 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2010-10-16 10:05 . 2010-10-16 10:05 126976 ----a-w- c:\windows\system32\nvrszht.dll
2010-10-16 10:05 . 2010-10-16 10:05 282624 ----a-w- c:\windows\system32\nvrsit.dll
2010-10-16 10:05 . 2010-10-16 10:05 277608 ----a-w- c:\windows\system32\nvmccs.dll
2010-10-16 10:05 . 2010-10-16 10:05 274432 ----a-w- c:\windows\system32\nvrspt.dll
2010-10-16 10:05 . 2010-10-16 10:05 270336 ----a-w- c:\windows\system32\nvrsja.dll
2010-10-16 10:05 . 2010-10-16 10:05 258048 ----a-w- c:\windows\system32\nvrspl.dll
2010-10-16 10:05 . 2010-10-16 10:05 253952 ----a-w- c:\windows\system32\nvrsno.dll
2010-10-16 10:05 . 2010-10-16 10:05 156776 ----a-w- c:\windows\system32\nvsvc32.exe
2010-10-16 10:05 . 2010-10-16 10:05 145000 ----a-w- c:\windows\system32\nvcolor.exe
2010-10-16 10:05 . 2010-10-16 10:05 13851752 ----a-w- c:\windows\system32\nvcpl.dll
2010-10-16 10:05 . 2010-10-16 10:05 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-10-04 18:48 . 2010-10-04 18:48 22193755 ----a-w- c:\windows\system32\TiskProRadost_AlbumMaker_uninstaller.exe
2010-10-02 11:55 . 2009-02-28 09:54 233960 ----a-w- c:\windows\system32\PnkBstrB.xtr
2010-09-18 10:23 . 2006-03-02 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2006-03-02 12:00 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2006-03-02 12:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2006-03-02 12:00 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-10 05:52 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:52 . 2006-03-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:52 . 2006-03-02 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
.
------- Sigcheck -------
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\ERDNT\cache\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 4AFB3B0919649F95C1964AA1FAD27D73 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[7] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2007-10-30 . 90CAFF4B094573449A0872A0F919B178 . 360064 . . [5.1.2600.3244] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys
[-] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[7] 2006-03-02 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB941644$\tcpip.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2007-02-08 95800]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-06-01 94208]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2007-07-23 800768]
"RGSC"="d:\program files\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe" [2009-07-02 306088]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-09-25 328056]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" [2010-10-27 133432]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-05-08 1953792]
"CHotkey"="mHotkey.exe" [2006-12-08 547840]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-01-12 32768]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"QuickTime Task"="c:\program files\K-Lite Codec Pack\QuickTime\qttask.exe" [2006-09-01 282624]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 159744]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-26 149280]
"RTHDCPL"="RTHDCPL.EXE" [2008-05-16 16862720]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-09-07 2838912]
"NokiaMusic FastStart"="c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe" [2010-03-04 2192672]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-05-26 1468296]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-10-16 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-10-16 13851752]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-08-25 1753192]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 153672]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Intel Core 2 Duo\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
c:\documents and settings\P ja\Nabˇdka Start\Programy\Po spuçtŘnˇ\
MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2008-7-26 565248]
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
InterVideo WinCinema Manager.lnk - c:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2008-1-25 131072]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\Valve\\hlds.exe"=
"c:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4ss.exe"=
"c:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"e:\\Program files\\TrackMania Sunrise\\TmSunrise.exe"=
"c:\\Program Files\\Valve\\hltv.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\Program Files\\Call of Duty 4\\iw3mp.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"d:\\Program Files\\Microsoft Games\\Rise of Nations\\rise.exe"=
"d:\\Program Files\\GTA IV\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"d:\\Program Files\\Guitar\\GHWT.exe"=
"c:\\Program Files\\sixteen tons entertainment\\Emergency 4\\Em4.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\mafia ii - public demo\\launcher.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"e:\\Program files\\Landwirtschafts Simulator 2011\\FarmingSimulator2011.exe"=
"e:\\Program files\\Landwirtschafts Simulator 2011\\game.exe"=
"e:\\Program files\\Need for Speed Hot Pursuit 3\\Launcher.exe"=
"e:\\Program files\\FlatOut Ultimate Carnage\\Fouc.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"e:\\Program files\\Call of Juarez-Bound in Blood\\CoJBiBGame_x86.exe"=
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 13:46 63352]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [6.7.2010 18:58 691696]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [11.3.2010 16:07 165584]
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [20.2.2007 13:34 302000]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [20.2.2007 13:34 71088]
R1 prodrv03;Star Force copy protection driver v3;c:\windows\system32\drivers\prodrv03.sys [12.4.2008 16:48 115968]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11.3.2010 16:07 17744]
S3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\atl01_xp.sys [25.1.2008 23:03 38656]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [16.1.2009 15:29 13224]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [24.12.2009 19:48 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [24.12.2009 19:48 8320]
S3 se46bus;Sony Ericsson Device 070 driver (WDM);c:\windows\system32\drivers\se46bus.sys [14.5.2008 5:53 61536]
S3 se46mdfl;Sony Ericsson Device 070 USB WMC Modem Filter;c:\windows\system32\drivers\se46mdfl.sys [14.5.2008 6:02 9360]
S3 se46mdm;Sony Ericsson Device 070 USB WMC Modem Driver;c:\windows\system32\drivers\se46mdm.sys [14.5.2008 6:02 97088]
S3 se46mgmt;Sony Ericsson Device 070 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\se46mgmt.sys [18.5.2008 6:40 88624]
S3 se46nd5;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (NDIS);c:\windows\system32\drivers\se46nd5.sys [24.5.2008 6:33 18704]
S3 se46obex;Sony Ericsson Device 070 USB WMC OBEX Interface;c:\windows\system32\drivers\se46obex.sys [18.5.2008 6:40 86432]
S3 se46unic;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (WDM);c:\windows\system32\drivers\se46unic.sys [24.5.2008 6:33 90800]
S3 USBPNPA;USB PnP Sound Device Interface;c:\windows\system32\drivers\CM108.sys [1.8.2010 20:52 1312768]
S4 gupdate1c9951d609792ca;Google Update Service (gupdate1c9951d609792ca);c:\program files\Google\Update\GoogleUpdate.exe [22.2.2009 19:42 133104]
.
Obsah adresáře 'Naplánované úlohy'
2010-12-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-22 18:42]
2010-12-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-22 18:42]
2010-12-07 c:\windows\Tasks\User_Feed_Synchronization-{3283A1E5-59B7-4FFB-B236-7B286FD62D70}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
IE: &Search
IE: ????3??
IE: ????3??????
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Analyzovat LeechGetem
IE: Download All Links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download ALL with IDA
IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Download LeechGetem
IE: Download s průvodcem LeechGetu
IE: Download with IDA
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: E&xportovat do aplikace Microsoft Excel
IE: Stáhnout obsah FLV videa s IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Stáhnout s IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Stáhnout všechny odkazy s IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Translate this web page with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
IE: ????3?? - c:\documents and settings\Pája\Data aplikací\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\documents and settings\Pája\Data aplikací\FlashGetBHO\GetAllUrl.htm
FF - ProfilePath - c:\documents and settings\Pája\Data aplikací\Mozilla\Firefox\Profiles\ytph7k1t.default\
FF - prefs.js: browser.search.selectedEngine - My Web Search
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZNfox000&ptb=3YjuMnZBEEe5wMGyG..Y_Q&psa=&ind=2010100406&ptnrS=ZNfox000&si=&st=kwd&n=77cfb2b6&searchfor=
FF - component: c:\documents and settings\Pája\Data aplikací\IDM\idmmzcc2\components\idmmzcc.dll
FF - component: c:\documents and settings\Pája\Data aplikací\Mozilla\Firefox\Profiles\ytph7k1t.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\Pája\Data aplikací\Mozilla\Firefox\Profiles\ytph7k1t.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\RadioWMPCore.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Extension: Java Console: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
FF - Extension: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Extension: BugMeNot: {987311C6-B504-4aa2-90BF-60CC49808D42} - c:\documents and settings\Pája\Data aplikací\Mozilla\Firefox\Profiles\ytph7k1t.default\extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}
FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\documents and settings\Pája\Data aplikací\Mozilla\Firefox\Profiles\ytph7k1t.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Extension: Babylon-English Toolbar: {ce18769b-c7fa-42d2-860d-17c4662c70ad} - c:\documents and settings\Pája\Data aplikací\Mozilla\Firefox\Profiles\ytph7k1t.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}
FF - Extension: 1-Click YouTube Video Downloader: YoutubeDownloader@PeterOlayev.com - c:\documents and settings\Pája\Data aplikací\Mozilla\Firefox\Profiles\ytph7k1t.default\extensions\YoutubeDownloader@PeterOlayev.com
FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Extension: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
BHO-{07B18EA1-A523-4961-B6BB-170DE4475CCA} - (no file)
BHO-{399d96ca-6f9a-4fff-95fe-284e45ebb935} - (no file)
HKLM-Run-Cm108Sound - cm108.cpl
AddRemove-2D & 3D Animator - c:\program files\2D and 3D Animator\PY_UNINSTAL.EXE SOFTWARE\PySoft\AD_DESIGNER
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-07 19:51
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,fa,79,7f,b3,b1,fd,d8,46,80,39,6b,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,fa,79,7f,b3,b1,fd,d8,46,80,39,6b,\
[HKEY_USERS\S-1-5-21-1177238915-1343024091-682003330-1005\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@="c:\\Documents and Settings\\Pája\\Data aplikací\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022
[HKEY_USERS\S-1-5-21-1177238915-1343024091-682003330-1005\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@="c:\\Documents and Settings\\Pája\\Data aplikací\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3
[HKEY_USERS\S-1-5-21-1177238915-1343024091-682003330-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"??"=hex:0a,f2,69,41,2f,43,ce,5f,d7,df,b0,fb,eb,23,74,67,0b,41,09,e5,c5,53,85,
d5,a4,7f,20,bd,d8,20,a9,29,8c,fb,08,20,39,94,a6,d6,af,fa,d2,be,fd,bb,58,22,\
"??"=hex:b2,dc,1c,56,27,e8,fa,f7,d5,6d,fd,74,06,1e,5d,3a
[HKEY_USERS\S-1-5-21-1177238915-1343024091-682003330-1005\Software\SecuROM\License information*]
"datasecu"=hex:4d,47,c6,b7,18,50,44,42,0b,bb,91,ea,f5,2b,d6,c7,dd,cf,36,3f,2d,
d3,7e,f1,a2,8a,77,fd,a7,c4,55,b4,54,c8,9e,33,8a,86,11,cb,6d,1b,c1,6d,94,a6,\
"rkeysecu"=hex:65,a7,42,bb,24,5f,7a,38,7f,16,41,61,cd,14,cf,5b
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):11,13,d4,75,c9,7f,2f,4e,6a,26,75,bc,ee,dd,89,e6,88,51,50,d9,4c,
47,3f,38,05,bc,e7,1c,15,e5,91,84,77,15,76,0b,97,bc,9a,34,00,00,00,00,00,00,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{6d670b50-8fa9-4b33-89db-2751886450ac}]
@Denied: (Full) (Everyone)
"Model"=dword:000000f7
"Therad"=dword:0000000f
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,85,b1,12,f9,90,dd,23,a1,49,8c,bf,1a,9d,fe,41,71,cb,3f,46,a4,7c,ab,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):ce,be,cb,94,35,75,93,08,13,ba,82,c0,08,86,58,96,1f,4c,5d,e8,20,
3b,5e,d7,54,d5,7a,92,a1,b2,a9,2b,ae,38,f8,44,53,3b,b5,33,00,00,00,00,00,00,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{90e72731-5581-4a6c-ae13-6ec0ce7ac62c}]
@Denied: (Full) (Everyone)
"Model"=dword:000000cc
"Therad"=dword:0000001d
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'explorer.exe'(588)
c:\program files\Internet Download Manager\idmmkb.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Microsoft Silverlight\xapauthenticodesip.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Sunbelt Software\Personal Firewall\kpf4ss.exe
c:\program files\Photodex\ProShowProducer\ScsiAccess.exe
c:\program files\Sunbelt Software\Personal Firewall\kpf4gui.exe
c:\program files\Sunbelt Software\Personal Firewall\kpf4gui.exe
c:\windows\mHotkey.exe
c:\program files\Common Files\Teleca Shared\CapabilityManager.exe
c:\windows\RTHDCPL.EXE
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe
c:\windows\system32\RunDll32.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Microsoft IntelliPoint\dpupdchk.exe
c:\program files\Internet Download Manager\IEMonitor.exe
c:\program files\Common Files\Teleca Shared\Generic.exe
c:\program files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Mozilla Firefox\firefox.exe
.
**************************************************************************
.
Celkový čas: 2010-12-07 20:01:05 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-12-07 19:00
Před spuštěním: Volných bajtů: 13 440 802 816
Po spuštění: Volných bajtů: 13 330 239 488
- - End Of File - - 7671EDE737CFDE5654CD585065976D52
ComboFix 10-12-06.04 - Pája 07.12.2010 19:39:18.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1031 [GMT 1:00]
Spuštěný z: c:\documents and settings\Pája\Plocha\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Sunbelt Kerio Personal Firewall *enabled* {E659E0EE-10E6-49B7-8696-60F38D0EB174}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Pája\Data aplikací\BITS
c:\documents and settings\Pája\Data aplikací\BITS\BITS.ini
c:\program files\FunWebProducts
c:\program files\FunWebProducts\ScreenSaver\Images\0179AB59.urr
c:\program files\FunWebProducts\Shared\Cache\CursorManiaBtn.html
c:\program files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\1.bin\F3BKGERR.JPG
c:\program files\MyWebSearch\bar\1.bin\F3CJPEG.DLL
c:\program files\MyWebSearch\bar\1.bin\F3DTactl.dll
c:\program files\MyWebSearch\bar\1.bin\F3HISTSW.DLL
c:\program files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL
c:\program files\MyWebSearch\bar\1.bin\F3HTmlmu.dll
c:\program files\MyWebSearch\bar\1.bin\F3HTtpct.dll
c:\program files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL
c:\program files\MyWebSearch\bar\1.bin\F3POPSWT.DLL
c:\program files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR
c:\program files\MyWebSearch\bar\1.bin\F3REGHK.DLL
c:\program files\MyWebSearch\bar\1.bin\F3REPROX.DLL
c:\program files\MyWebSearch\bar\1.bin\F3RESTUB.DLL
c:\program files\MyWebSearch\bar\1.bin\F3SCrctr.dll
c:\program files\MyWebSearch\bar\1.bin\F3SCHMON.EXE
c:\program files\MyWebSearch\bar\1.bin\F3SPACER.WMV
c:\program files\MyWebSearch\bar\1.bin\F3WALLPP.DAT
c:\program files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL
c:\program files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG
c:\program files\MyWebSearch\bar\1.bin\CHROME.MANIFEST
c:\program files\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR
c:\program files\MyWebSearch\bar\1.bin\INSTALL.RDF
c:\program files\MyWebSearch\bar\1.bin\M3AUXSTB.DLL
c:\program files\MyWebSearch\bar\1.bin\M3DLGHK.DLL
c:\program files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE
c:\program files\MyWebSearch\bar\1.bin\M3HTML.DLL
c:\program files\MyWebSearch\bar\1.bin\M3IDLE.DLL
c:\program files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE
c:\program files\MyWebSearch\bar\1.bin\M3MEDINT.EXE
c:\program files\MyWebSearch\bar\1.bin\M3MSg.dll
c:\program files\MyWebSearch\bar\1.bin\M3OUtlcn.dll
c:\program files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL
c:\program files\MyWebSearch\bar\1.bin\M3SKIN.DLL
c:\program files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE
c:\program files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE
c:\program files\MyWebSearch\bar\1.bin\MWSBAR.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSMLBTN.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSOESTB.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSUABTN.DLL
c:\program files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL
c:\program files\MyWebSearch\bar\Avatar\COMMON.F3S
c:\program files\MyWebSearch\bar\Cache\015E9A84
c:\program files\MyWebSearch\bar\Cache\015EA496
c:\program files\MyWebSearch\bar\Cache\015EB290.bin
c:\program files\MyWebSearch\bar\Cache\015F061F.bin
c:\program files\MyWebSearch\bar\Cache\015F0776.bin
c:\program files\MyWebSearch\bar\Cache\015F0870.bin
c:\program files\MyWebSearch\bar\Cache\files.ini
c:\program files\MyWebSearch\bar\Game\CHECKERS.F3S
c:\program files\MyWebSearch\bar\Game\CHESS.F3S
c:\program files\MyWebSearch\bar\Game\REVERSI.F3S
c:\program files\MyWebSearch\bar\History\search3
c:\program files\MyWebSearch\bar\icons\CM.ICO
c:\program files\MyWebSearch\bar\icons\MFC.ICO
c:\program files\MyWebSearch\bar\icons\PSS.ICO
c:\program files\MyWebSearch\bar\icons\SMILEY.ICO
c:\program files\MyWebSearch\bar\icons\WB.ICO
c:\program files\MyWebSearch\bar\icons\ZWINKY.ICO
c:\program files\MyWebSearch\bar\Message\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\DOG.F3S
c:\program files\MyWebSearch\bar\Notifier\FISH.F3S
c:\program files\MyWebSearch\bar\Notifier\KUNGFU.F3S
c:\program files\MyWebSearch\bar\Notifier\LIFEGARD.F3S
c:\program files\MyWebSearch\bar\Notifier\MAID.F3S
c:\program files\MyWebSearch\bar\Notifier\MAILBOX.F3S
c:\program files\MyWebSearch\bar\Notifier\OPERA.F3S
c:\program files\MyWebSearch\bar\Notifier\ROBOT.F3S
c:\program files\MyWebSearch\bar\Notifier\SEDUCT.F3S
c:\program files\MyWebSearch\bar\Notifier\SURFER.F3S
c:\program files\MyWebSearch\bar\Overlay\COMMON.F3S
c:\program files\MyWebSearch\bar\Settings\prevcfg2.htm
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\windows\system32\f3PSSavr.scr
D:\install.exe
E:\install.exe
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_MYWEBSEARCHSERVICE
-------\Service_MyWebSearchService
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-07 do 2010-12-07 )))))))))))))))))))))))))))))))
.
2010-12-07 17:58 . 2010-12-07 18:00 -------- d-----w- C:\rsit
2010-12-05 11:55 . 2010-12-05 11:55 -------- d-----w- c:\documents and settings\Pája\Local Settings\Data aplikací\FlatOut Ultimate Carnage
2010-12-04 11:10 . 2010-12-04 11:15 4608 ----a-w- c:\windows\cocowawa.dll
2010-11-21 09:55 . 2010-11-28 17:36 -------- d-----w- C:\Program FilesAdvent
2010-11-17 16:20 . 2010-11-17 16:20 -------- d-----w- c:\documents and settings\All Users\Data aplikací\EA Core
2010-11-14 10:26 . 2010-11-14 10:28 -------- d-----w- c:\program files\Defraggler
2010-11-11 15:36 . 2010-11-11 15:36 -------- d-----w- c:\documents and settings\Pája\Local Settings\Data aplikací\Activision
2010-11-10 18:09 . 2010-11-10 18:09 335872 ----a-r- c:\documents and settings\Pája\Data aplikací\Microsoft\Installer\{AA01BA34-88F7-436D-822A-35324727C4C1}\oo_unerase_9C3BE5C3A3C646DABE40B79DE57BC3BB.exe
2010-11-10 18:09 . 2010-11-10 18:09 335872 ----a-r- c:\documents and settings\Pája\Data aplikací\Microsoft\Installer\{AA01BA34-88F7-436D-822A-35324727C4C1}\ARPPRODUCTICON.exe
2010-11-10 18:03 . 2004-03-16 07:35 49152 ----a-w- c:\windows\system32\OctaneARM.dll
2010-11-08 15:04 . 2010-11-08 15:04 -------- d-----w- c:\program files\piPOol
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-05 11:04 . 2008-10-04 16:07 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-12-05 11:04 . 2008-10-04 16:07 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-12-05 07:42 . 2008-10-04 16:07 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-12-04 11:11 . 2005-10-04 22:54 258300 ----a-w- c:\windows\sxe-loader
2010-11-17 15:11 . 2010-07-13 14:45 53248 ----a-w- c:\windows\system32\ZLib.dll
2010-11-07 12:03 . 2010-11-07 12:03 1409 ----a-w- c:\windows\QTFont.for
2010-11-07 09:47 . 2008-08-11 15:29 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2010-11-07 09:47 . 2008-08-11 15:29 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2010-10-22 06:23 . 2010-06-28 11:59 61440 ----a-w- c:\windows\system32\OpenCL.dll
2010-10-22 06:23 . 2007-06-28 16:43 14532608 ----a-w- c:\windows\system32\nvoglnt.dll
2010-10-22 06:23 . 2010-10-20 16:40 888424 ----a-w- c:\windows\system32\nvdispco32.dll
2010-10-22 06:23 . 2010-10-20 16:40 813672 ----a-w- c:\windows\system32\nvgenco32.dll
2010-10-22 06:23 . 2010-06-28 11:59 2932840 ----a-w- c:\windows\system32\nvcuvid.dll
2010-10-22 06:23 . 2010-06-28 11:59 2666600 ----a-w- c:\windows\system32\nvcuvenc.dll
2010-10-22 06:23 . 2008-10-07 12:33 4882432 ----a-w- c:\windows\system32\nvcuda.dll
2010-10-22 06:23 . 2010-06-28 11:59 13012992 ----a-w- c:\windows\system32\nvcompiler.dll
2010-10-22 06:23 . 2007-06-28 16:43 9623680 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2010-10-22 06:23 . 2007-06-28 16:43 6359552 ----a-w- c:\windows\system32\nv4_disp.dll
2010-10-22 06:23 . 2007-06-28 16:43 1462272 ----a-w- c:\windows\system32\nvapi.dll
2010-10-16 10:05 . 2010-10-16 10:05 81920 ----a-w- c:\windows\system32\nvwddi.dll
2010-10-16 10:05 . 2010-10-16 10:05 335872 ----a-w- c:\windows\system32\nvrsar.dll
2010-10-16 10:05 . 2010-10-16 10:05 331776 ----a-w- c:\windows\system32\nvrshe.dll
2010-10-16 10:05 . 2010-10-16 10:05 286720 ----a-w- c:\windows\system32\nvrsfr.dll
2010-10-16 10:05 . 2010-10-16 10:05 282624 ----a-w- c:\windows\system32\nvrses.dll
2010-10-16 10:05 . 2010-10-16 10:05 282624 ----a-w- c:\windows\system32\nvrsel.dll
2010-10-16 10:05 . 2010-10-16 10:05 278528 ----a-w- c:\windows\system32\nvrsde.dll
2010-10-16 10:05 . 2010-10-16 10:05 274432 ----a-w- c:\windows\system32\nvrsnl.dll
2010-10-16 10:05 . 2010-10-16 10:05 274432 ----a-w- c:\windows\system32\nvrsesm.dll
2010-10-16 10:05 . 2010-10-16 10:05 270336 ----a-w- c:\windows\system32\nvrsru.dll
2010-10-16 10:05 . 2010-10-16 10:05 270336 ----a-w- c:\windows\system32\nvrsptb.dll
2010-10-16 10:05 . 2010-10-16 10:05 266240 ----a-w- c:\windows\system32\nvrsko.dll
2010-10-16 10:05 . 2010-10-16 10:05 262144 ----a-w- c:\windows\system32\nvrshu.dll
2010-10-16 10:05 . 2010-10-16 10:05 258048 ----a-w- c:\windows\system32\nvrstr.dll
2010-10-16 10:05 . 2010-10-16 10:05 258048 ----a-w- c:\windows\system32\nvrssl.dll
2010-10-16 10:05 . 2010-10-16 10:05 258048 ----a-w- c:\windows\system32\nvrssk.dll
2010-10-16 10:05 . 2010-10-16 10:05 253952 ----a-w- c:\windows\system32\nvrsth.dll
2010-10-16 10:05 . 2010-10-16 10:05 253952 ----a-w- c:\windows\system32\nvrssv.dll
2010-10-16 10:05 . 2010-10-16 10:05 253952 ----a-w- c:\windows\system32\nvrsda.dll
2010-10-16 10:05 . 2010-10-16 10:05 249856 ----a-w- c:\windows\system32\nvrsfi.dll
2010-10-16 10:05 . 2010-10-16 10:05 249856 ----a-w- c:\windows\system32\nvrseng.dll
2010-10-16 10:05 . 2010-10-16 10:05 249856 ----a-w- c:\windows\system32\nvrscs.dll
2010-10-16 10:05 . 2010-10-16 10:05 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2010-10-16 10:05 . 2010-10-16 10:05 126976 ----a-w- c:\windows\system32\nvrszht.dll
2010-10-16 10:05 . 2010-10-16 10:05 282624 ----a-w- c:\windows\system32\nvrsit.dll
2010-10-16 10:05 . 2010-10-16 10:05 277608 ----a-w- c:\windows\system32\nvmccs.dll
2010-10-16 10:05 . 2010-10-16 10:05 274432 ----a-w- c:\windows\system32\nvrspt.dll
2010-10-16 10:05 . 2010-10-16 10:05 270336 ----a-w- c:\windows\system32\nvrsja.dll
2010-10-16 10:05 . 2010-10-16 10:05 258048 ----a-w- c:\windows\system32\nvrspl.dll
2010-10-16 10:05 . 2010-10-16 10:05 253952 ----a-w- c:\windows\system32\nvrsno.dll
2010-10-16 10:05 . 2010-10-16 10:05 156776 ----a-w- c:\windows\system32\nvsvc32.exe
2010-10-16 10:05 . 2010-10-16 10:05 145000 ----a-w- c:\windows\system32\nvcolor.exe
2010-10-16 10:05 . 2010-10-16 10:05 13851752 ----a-w- c:\windows\system32\nvcpl.dll
2010-10-16 10:05 . 2010-10-16 10:05 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-10-04 18:48 . 2010-10-04 18:48 22193755 ----a-w- c:\windows\system32\TiskProRadost_AlbumMaker_uninstaller.exe
2010-10-02 11:55 . 2009-02-28 09:54 233960 ----a-w- c:\windows\system32\PnkBstrB.xtr
2010-09-18 10:23 . 2006-03-02 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2006-03-02 12:00 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2006-03-02 12:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2006-03-02 12:00 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-10 05:52 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:52 . 2006-03-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:52 . 2006-03-02 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
.
------- Sigcheck -------
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\ERDNT\cache\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 4AFB3B0919649F95C1964AA1FAD27D73 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[7] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2007-10-30 . 90CAFF4B094573449A0872A0F919B178 . 360064 . . [5.1.2600.3244] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys
[-] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[7] 2006-03-02 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB941644$\tcpip.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2007-02-08 95800]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-06-01 94208]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2007-07-23 800768]
"RGSC"="d:\program files\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe" [2009-07-02 306088]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-09-25 328056]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" [2010-10-27 133432]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-05-08 1953792]
"CHotkey"="mHotkey.exe" [2006-12-08 547840]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-01-12 32768]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"QuickTime Task"="c:\program files\K-Lite Codec Pack\QuickTime\qttask.exe" [2006-09-01 282624]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 159744]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-26 149280]
"RTHDCPL"="RTHDCPL.EXE" [2008-05-16 16862720]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-09-07 2838912]
"NokiaMusic FastStart"="c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe" [2010-03-04 2192672]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-05-26 1468296]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-10-16 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-10-16 13851752]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-08-25 1753192]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 153672]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Intel Core 2 Duo\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
c:\documents and settings\P ja\Nabˇdka Start\Programy\Po spuçtŘnˇ\
MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2008-7-26 565248]
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
InterVideo WinCinema Manager.lnk - c:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2008-1-25 131072]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\Valve\\hlds.exe"=
"c:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4ss.exe"=
"c:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"e:\\Program files\\TrackMania Sunrise\\TmSunrise.exe"=
"c:\\Program Files\\Valve\\hltv.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\Program Files\\Call of Duty 4\\iw3mp.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"d:\\Program Files\\Microsoft Games\\Rise of Nations\\rise.exe"=
"d:\\Program Files\\GTA IV\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"d:\\Program Files\\Guitar\\GHWT.exe"=
"c:\\Program Files\\sixteen tons entertainment\\Emergency 4\\Em4.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\mafia ii - public demo\\launcher.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"e:\\Program files\\Landwirtschafts Simulator 2011\\FarmingSimulator2011.exe"=
"e:\\Program files\\Landwirtschafts Simulator 2011\\game.exe"=
"e:\\Program files\\Need for Speed Hot Pursuit 3\\Launcher.exe"=
"e:\\Program files\\FlatOut Ultimate Carnage\\Fouc.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"e:\\Program files\\Call of Juarez-Bound in Blood\\CoJBiBGame_x86.exe"=
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 13:46 63352]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [6.7.2010 18:58 691696]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [11.3.2010 16:07 165584]
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [20.2.2007 13:34 302000]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [20.2.2007 13:34 71088]
R1 prodrv03;Star Force copy protection driver v3;c:\windows\system32\drivers\prodrv03.sys [12.4.2008 16:48 115968]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11.3.2010 16:07 17744]
S3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\atl01_xp.sys [25.1.2008 23:03 38656]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [16.1.2009 15:29 13224]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [24.12.2009 19:48 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [24.12.2009 19:48 8320]
S3 se46bus;Sony Ericsson Device 070 driver (WDM);c:\windows\system32\drivers\se46bus.sys [14.5.2008 5:53 61536]
S3 se46mdfl;Sony Ericsson Device 070 USB WMC Modem Filter;c:\windows\system32\drivers\se46mdfl.sys [14.5.2008 6:02 9360]
S3 se46mdm;Sony Ericsson Device 070 USB WMC Modem Driver;c:\windows\system32\drivers\se46mdm.sys [14.5.2008 6:02 97088]
S3 se46mgmt;Sony Ericsson Device 070 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\se46mgmt.sys [18.5.2008 6:40 88624]
S3 se46nd5;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (NDIS);c:\windows\system32\drivers\se46nd5.sys [24.5.2008 6:33 18704]
S3 se46obex;Sony Ericsson Device 070 USB WMC OBEX Interface;c:\windows\system32\drivers\se46obex.sys [18.5.2008 6:40 86432]
S3 se46unic;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (WDM);c:\windows\system32\drivers\se46unic.sys [24.5.2008 6:33 90800]
S3 USBPNPA;USB PnP Sound Device Interface;c:\windows\system32\drivers\CM108.sys [1.8.2010 20:52 1312768]
S4 gupdate1c9951d609792ca;Google Update Service (gupdate1c9951d609792ca);c:\program files\Google\Update\GoogleUpdate.exe [22.2.2009 19:42 133104]
.
Obsah adresáře 'Naplánované úlohy'
2010-12-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-22 18:42]
2010-12-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-22 18:42]
2010-12-07 c:\windows\Tasks\User_Feed_Synchronization-{3283A1E5-59B7-4FFB-B236-7B286FD62D70}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
IE: &Search
IE: ????3??
IE: ????3??????
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Analyzovat LeechGetem
IE: Download All Links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download ALL with IDA
IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Download LeechGetem
IE: Download s průvodcem LeechGetu
IE: Download with IDA
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: E&xportovat do aplikace Microsoft Excel
IE: Stáhnout obsah FLV videa s IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Stáhnout s IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Stáhnout všechny odkazy s IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Translate this web page with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
IE: ????3?? - c:\documents and settings\Pája\Data aplikací\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\documents and settings\Pája\Data aplikací\FlashGetBHO\GetAllUrl.htm
FF - ProfilePath - c:\documents and settings\Pája\Data aplikací\Mozilla\Firefox\Profiles\ytph7k1t.default\
FF - prefs.js: browser.search.selectedEngine - My Web Search
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZNfox000&ptb=3YjuMnZBEEe5wMGyG..Y_Q&psa=&ind=2010100406&ptnrS=ZNfox000&si=&st=kwd&n=77cfb2b6&searchfor=
FF - component: c:\documents and settings\Pája\Data aplikací\IDM\idmmzcc2\components\idmmzcc.dll
FF - component: c:\documents and settings\Pája\Data aplikací\Mozilla\Firefox\Profiles\ytph7k1t.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\Pája\Data aplikací\Mozilla\Firefox\Profiles\ytph7k1t.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\RadioWMPCore.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Extension: Java Console: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
FF - Extension: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Extension: BugMeNot: {987311C6-B504-4aa2-90BF-60CC49808D42} - c:\documents and settings\Pája\Data aplikací\Mozilla\Firefox\Profiles\ytph7k1t.default\extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}
FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\documents and settings\Pája\Data aplikací\Mozilla\Firefox\Profiles\ytph7k1t.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Extension: Babylon-English Toolbar: {ce18769b-c7fa-42d2-860d-17c4662c70ad} - c:\documents and settings\Pája\Data aplikací\Mozilla\Firefox\Profiles\ytph7k1t.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}
FF - Extension: 1-Click YouTube Video Downloader: YoutubeDownloader@PeterOlayev.com - c:\documents and settings\Pája\Data aplikací\Mozilla\Firefox\Profiles\ytph7k1t.default\extensions\YoutubeDownloader@PeterOlayev.com
FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Extension: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
BHO-{07B18EA1-A523-4961-B6BB-170DE4475CCA} - (no file)
BHO-{399d96ca-6f9a-4fff-95fe-284e45ebb935} - (no file)
HKLM-Run-Cm108Sound - cm108.cpl
AddRemove-2D & 3D Animator - c:\program files\2D and 3D Animator\PY_UNINSTAL.EXE SOFTWARE\PySoft\AD_DESIGNER
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-07 19:51
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,fa,79,7f,b3,b1,fd,d8,46,80,39,6b,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,fa,79,7f,b3,b1,fd,d8,46,80,39,6b,\
[HKEY_USERS\S-1-5-21-1177238915-1343024091-682003330-1005\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@="c:\\Documents and Settings\\Pája\\Data aplikací\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022
[HKEY_USERS\S-1-5-21-1177238915-1343024091-682003330-1005\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@="c:\\Documents and Settings\\Pája\\Data aplikací\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3
[HKEY_USERS\S-1-5-21-1177238915-1343024091-682003330-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"??"=hex:0a,f2,69,41,2f,43,ce,5f,d7,df,b0,fb,eb,23,74,67,0b,41,09,e5,c5,53,85,
d5,a4,7f,20,bd,d8,20,a9,29,8c,fb,08,20,39,94,a6,d6,af,fa,d2,be,fd,bb,58,22,\
"??"=hex:b2,dc,1c,56,27,e8,fa,f7,d5,6d,fd,74,06,1e,5d,3a
[HKEY_USERS\S-1-5-21-1177238915-1343024091-682003330-1005\Software\SecuROM\License information*]
"datasecu"=hex:4d,47,c6,b7,18,50,44,42,0b,bb,91,ea,f5,2b,d6,c7,dd,cf,36,3f,2d,
d3,7e,f1,a2,8a,77,fd,a7,c4,55,b4,54,c8,9e,33,8a,86,11,cb,6d,1b,c1,6d,94,a6,\
"rkeysecu"=hex:65,a7,42,bb,24,5f,7a,38,7f,16,41,61,cd,14,cf,5b
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):11,13,d4,75,c9,7f,2f,4e,6a,26,75,bc,ee,dd,89,e6,88,51,50,d9,4c,
47,3f,38,05,bc,e7,1c,15,e5,91,84,77,15,76,0b,97,bc,9a,34,00,00,00,00,00,00,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{6d670b50-8fa9-4b33-89db-2751886450ac}]
@Denied: (Full) (Everyone)
"Model"=dword:000000f7
"Therad"=dword:0000000f
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,85,b1,12,f9,90,dd,23,a1,49,8c,bf,1a,9d,fe,41,71,cb,3f,46,a4,7c,ab,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):ce,be,cb,94,35,75,93,08,13,ba,82,c0,08,86,58,96,1f,4c,5d,e8,20,
3b,5e,d7,54,d5,7a,92,a1,b2,a9,2b,ae,38,f8,44,53,3b,b5,33,00,00,00,00,00,00,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{90e72731-5581-4a6c-ae13-6ec0ce7ac62c}]
@Denied: (Full) (Everyone)
"Model"=dword:000000cc
"Therad"=dword:0000001d
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'explorer.exe'(588)
c:\program files\Internet Download Manager\idmmkb.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Microsoft Silverlight\xapauthenticodesip.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Sunbelt Software\Personal Firewall\kpf4ss.exe
c:\program files\Photodex\ProShowProducer\ScsiAccess.exe
c:\program files\Sunbelt Software\Personal Firewall\kpf4gui.exe
c:\program files\Sunbelt Software\Personal Firewall\kpf4gui.exe
c:\windows\mHotkey.exe
c:\program files\Common Files\Teleca Shared\CapabilityManager.exe
c:\windows\RTHDCPL.EXE
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe
c:\windows\system32\RunDll32.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Microsoft IntelliPoint\dpupdchk.exe
c:\program files\Internet Download Manager\IEMonitor.exe
c:\program files\Common Files\Teleca Shared\Generic.exe
c:\program files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Mozilla Firefox\firefox.exe
.
**************************************************************************
.
Celkový čas: 2010-12-07 20:01:05 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-12-07 19:00
Před spuštěním: Volných bajtů: 13 440 802 816
Po spuštění: Volných bajtů: 13 330 239 488
- - End Of File - - 7671EDE737CFDE5654CD585065976D52
Re: Prosím o preventivní kontrolu, Děkuji.
Tady z Tlumacova ve zlinskem kraji nebo z toho druheho 
Pokud nemate, tak presunte Combofix na plochu
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
FCopy:: c:\windows\system32\dllcache\tcpip.sys | c:\windows\system32\drivers\tcpip.sys Registry:: [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=- "RGSC"=- "DAEMON Tools Lite"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] RemoteControl"=- "NeroFilterCheck"=- "QuickTime Task"=- "Sony Ericsson PC Suite"=- "SunJavaUpdateSched"=- "Adobe Reader Speed Launcher"=- "HP Software Update"=- File:: C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\User_Feed_Synchronization-{3283A1E5-59B7-4FFB-B236-7B286FD62D70}.job DDS:: IE: &Search IE: ????3?? IE: ????3?????? Firefox:: FF - ProfilePath - c:\documents and settings\Pája\Data aplikací\Mozilla\Firefox\Profiles\ytph7k1t.default\ FF - prefs.js: browser.search.selectedEngine - My Web Search FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsear ... searchfor= RegLock:: [HKEY_USERS\S-1-5-21-1177238915-1343024091-682003330-1005\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź] [HKEY_USERS\S-1-5-21-1177238915-1343024091-682003330-1005\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc] [HKEY_USERS\S-1-5-21-1177238915-1343024091-682003330-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] [HKEY_USERS\S-1-5-21-1177238915-1343024091-682003330-1005\Software\SecuROM\License information*] [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{6d670b50-8fa9-4b33-89db-2751886450ac}] [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{90e72731-5581-4a6c-ae13-6ec0ce7ac62c}]- Ulozte vytvoreny TXT jako CFScript.txt
- Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
- Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
Knight.Paja
- Návštěvník
- Příspěvky: 26
- Registrován: 06 črc 2010 11:03
- Bydliště: Tlumačov (ZL)
Re: Prosím o preventivní kontrolu, Děkuji.
Z Tlumačova,ze zlínského kraje
ComboFix 10-12-06.04 - Pája 07.12.2010 20:33:57.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1360 [GMT 1:00]
Spuštěný z: c:\documents and settings\Pája\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Pája\Plocha\CFScript.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Sunbelt Kerio Personal Firewall *enabled* {E659E0EE-10E6-49B7-8696-60F38D0EB174}
FILE ::
"c:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\tasks\User_Feed_Synchronization-{3283A1E5-59B7-4FFB-B236-7B286FD62D70}.job"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\tasks\GoogleUpdateTaskMachineCore.job
c:\windows\tasks\GoogleUpdateTaskMachineUA.job
c:\windows\tasks\User_Feed_Synchronization-{3283A1E5-59B7-4FFB-B236-7B286FD62D70}.job
.
--------------- FCopy ---------------
c:\windows\system32\dllcache\tcpip.sys --> c:\windows\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-07 do 2010-12-07 )))))))))))))))))))))))))))))))
.
2010-12-07 17:58 . 2010-12-07 18:00 -------- d-----w- C:\rsit
2010-12-05 11:55 . 2010-12-05 11:55 -------- d-----w- c:\documents and settings\Pája\Local Settings\Data aplikací\FlatOut Ultimate Carnage
2010-12-04 11:10 . 2010-12-04 11:15 4608 ----a-w- c:\windows\cocowawa.dll
2010-11-21 09:55 . 2010-11-28 17:36 -------- d-----w- C:\Program FilesAdvent
2010-11-17 16:20 . 2010-11-17 16:20 -------- d-----w- c:\documents and settings\All Users\Data aplikací\EA Core
2010-11-14 10:26 . 2010-11-14 10:28 -------- d-----w- c:\program files\Defraggler
2010-11-11 15:36 . 2010-11-11 15:36 -------- d-----w- c:\documents and settings\Pája\Local Settings\Data aplikací\Activision
2010-11-10 18:09 . 2010-11-10 18:09 335872 ----a-r- c:\documents and settings\Pája\Data aplikací\Microsoft\Installer\{AA01BA34-88F7-436D-822A-35324727C4C1}\oo_unerase_9C3BE5C3A3C646DABE40B79DE57BC3BB.exe
2010-11-10 18:09 . 2010-11-10 18:09 335872 ----a-r- c:\documents and settings\Pája\Data aplikací\Microsoft\Installer\{AA01BA34-88F7-436D-822A-35324727C4C1}\ARPPRODUCTICON.exe
2010-11-10 18:03 . 2004-03-16 07:35 49152 ----a-w- c:\windows\system32\OctaneARM.dll
2010-11-08 15:04 . 2010-11-08 15:04 -------- d-----w- c:\program files\piPOol
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-05 11:04 . 2008-10-04 16:07 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-12-05 11:04 . 2008-10-04 16:07 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-12-05 07:42 . 2008-10-04 16:07 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-12-04 11:11 . 2005-10-04 22:54 258300 ----a-w- c:\windows\sxe-loader
2010-11-17 15:11 . 2010-07-13 14:45 53248 ----a-w- c:\windows\system32\ZLib.dll
2010-11-07 12:03 . 2010-11-07 12:03 1409 ----a-w- c:\windows\QTFont.for
2010-11-07 09:47 . 2008-08-11 15:29 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2010-11-07 09:47 . 2008-08-11 15:29 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2010-10-22 06:23 . 2010-06-28 11:59 61440 ----a-w- c:\windows\system32\OpenCL.dll
2010-10-22 06:23 . 2007-06-28 16:43 14532608 ----a-w- c:\windows\system32\nvoglnt.dll
2010-10-22 06:23 . 2010-10-20 16:40 888424 ----a-w- c:\windows\system32\nvdispco32.dll
2010-10-22 06:23 . 2010-10-20 16:40 813672 ----a-w- c:\windows\system32\nvgenco32.dll
2010-10-22 06:23 . 2010-06-28 11:59 2932840 ----a-w- c:\windows\system32\nvcuvid.dll
2010-10-22 06:23 . 2010-06-28 11:59 2666600 ----a-w- c:\windows\system32\nvcuvenc.dll
2010-10-22 06:23 . 2008-10-07 12:33 4882432 ----a-w- c:\windows\system32\nvcuda.dll
2010-10-22 06:23 . 2010-06-28 11:59 13012992 ----a-w- c:\windows\system32\nvcompiler.dll
2010-10-22 06:23 . 2007-06-28 16:43 9623680 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2010-10-22 06:23 . 2007-06-28 16:43 6359552 ----a-w- c:\windows\system32\nv4_disp.dll
2010-10-22 06:23 . 2007-06-28 16:43 1462272 ----a-w- c:\windows\system32\nvapi.dll
2010-10-16 10:05 . 2010-10-16 10:05 81920 ----a-w- c:\windows\system32\nvwddi.dll
2010-10-16 10:05 . 2010-10-16 10:05 335872 ----a-w- c:\windows\system32\nvrsar.dll
2010-10-16 10:05 . 2010-10-16 10:05 331776 ----a-w- c:\windows\system32\nvrshe.dll
2010-10-16 10:05 . 2010-10-16 10:05 286720 ----a-w- c:\windows\system32\nvrsfr.dll
2010-10-16 10:05 . 2010-10-16 10:05 282624 ----a-w- c:\windows\system32\nvrses.dll
2010-10-16 10:05 . 2010-10-16 10:05 282624 ----a-w- c:\windows\system32\nvrsel.dll
2010-10-16 10:05 . 2010-10-16 10:05 278528 ----a-w- c:\windows\system32\nvrsde.dll
2010-10-16 10:05 . 2010-10-16 10:05 274432 ----a-w- c:\windows\system32\nvrsnl.dll
2010-10-16 10:05 . 2010-10-16 10:05 274432 ----a-w- c:\windows\system32\nvrsesm.dll
2010-10-16 10:05 . 2010-10-16 10:05 270336 ----a-w- c:\windows\system32\nvrsru.dll
2010-10-16 10:05 . 2010-10-16 10:05 270336 ----a-w- c:\windows\system32\nvrsptb.dll
2010-10-16 10:05 . 2010-10-16 10:05 266240 ----a-w- c:\windows\system32\nvrsko.dll
2010-10-16 10:05 . 2010-10-16 10:05 262144 ----a-w- c:\windows\system32\nvrshu.dll
2010-10-16 10:05 . 2010-10-16 10:05 258048 ----a-w- c:\windows\system32\nvrstr.dll
2010-10-16 10:05 . 2010-10-16 10:05 258048 ----a-w- c:\windows\system32\nvrssl.dll
2010-10-16 10:05 . 2010-10-16 10:05 258048 ----a-w- c:\windows\system32\nvrssk.dll
2010-10-16 10:05 . 2010-10-16 10:05 253952 ----a-w- c:\windows\system32\nvrsth.dll
2010-10-16 10:05 . 2010-10-16 10:05 253952 ----a-w- c:\windows\system32\nvrssv.dll
2010-10-16 10:05 . 2010-10-16 10:05 253952 ----a-w- c:\windows\system32\nvrsda.dll
2010-10-16 10:05 . 2010-10-16 10:05 249856 ----a-w- c:\windows\system32\nvrsfi.dll
2010-10-16 10:05 . 2010-10-16 10:05 249856 ----a-w- c:\windows\system32\nvrseng.dll
2010-10-16 10:05 . 2010-10-16 10:05 249856 ----a-w- c:\windows\system32\nvrscs.dll
2010-10-16 10:05 . 2010-10-16 10:05 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2010-10-16 10:05 . 2010-10-16 10:05 126976 ----a-w- c:\windows\system32\nvrszht.dll
2010-10-16 10:05 . 2010-10-16 10:05 282624 ----a-w- c:\windows\system32\nvrsit.dll
2010-10-16 10:05 . 2010-10-16 10:05 277608 ----a-w- c:\windows\system32\nvmccs.dll
2010-10-16 10:05 . 2010-10-16 10:05 274432 ----a-w- c:\windows\system32\nvrspt.dll
2010-10-16 10:05 . 2010-10-16 10:05 270336 ----a-w- c:\windows\system32\nvrsja.dll
2010-10-16 10:05 . 2010-10-16 10:05 258048 ----a-w- c:\windows\system32\nvrspl.dll
2010-10-16 10:05 . 2010-10-16 10:05 253952 ----a-w- c:\windows\system32\nvrsno.dll
2010-10-16 10:05 . 2010-10-16 10:05 156776 ----a-w- c:\windows\system32\nvsvc32.exe
2010-10-16 10:05 . 2010-10-16 10:05 145000 ----a-w- c:\windows\system32\nvcolor.exe
2010-10-16 10:05 . 2010-10-16 10:05 13851752 ----a-w- c:\windows\system32\nvcpl.dll
2010-10-16 10:05 . 2010-10-16 10:05 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-10-04 18:48 . 2010-10-04 18:48 22193755 ----a-w- c:\windows\system32\TiskProRadost_AlbumMaker_uninstaller.exe
2010-10-02 11:55 . 2009-02-28 09:54 233960 ----a-w- c:\windows\system32\PnkBstrB.xtr
2010-09-18 10:23 . 2006-03-02 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2006-03-02 12:00 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2006-03-02 12:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2006-03-02 12:00 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-10 05:52 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:52 . 2006-03-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:52 . 2006-03-02 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2007-02-08 95800]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-06-01 94208]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2007-07-23 800768]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-09-25 328056]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" [2010-10-27 133432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-05-08 1953792]
"CHotkey"="mHotkey.exe" [2006-12-08 547840]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-01-12 32768]
"RTHDCPL"="RTHDCPL.EXE" [2008-05-16 16862720]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-09-07 2838912]
"NokiaMusic FastStart"="c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe" [2010-03-04 2192672]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-05-26 1468296]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-10-16 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-10-16 13851752]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-08-25 1753192]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 153672]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Intel Core 2 Duo\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
c:\documents and settings\P ja\Nabˇdka Start\Programy\Po spuçtŘnˇ\
MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2008-7-26 565248]
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
InterVideo WinCinema Manager.lnk - c:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2008-1-25 131072]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\Valve\\hlds.exe"=
"c:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4ss.exe"=
"c:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"e:\\Program files\\TrackMania Sunrise\\TmSunrise.exe"=
"c:\\Program Files\\Valve\\hltv.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\Program Files\\Call of Duty 4\\iw3mp.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"d:\\Program Files\\Microsoft Games\\Rise of Nations\\rise.exe"=
"d:\\Program Files\\GTA IV\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"d:\\Program Files\\Guitar\\GHWT.exe"=
"c:\\Program Files\\sixteen tons entertainment\\Emergency 4\\Em4.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\mafia ii - public demo\\launcher.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"e:\\Program files\\Landwirtschafts Simulator 2011\\FarmingSimulator2011.exe"=
"e:\\Program files\\Landwirtschafts Simulator 2011\\game.exe"=
"e:\\Program files\\Need for Speed Hot Pursuit 3\\Launcher.exe"=
"e:\\Program files\\FlatOut Ultimate Carnage\\Fouc.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"e:\\Program files\\Call of Juarez-Bound in Blood\\CoJBiBGame_x86.exe"=
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 13:46 63352]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [6.7.2010 18:58 691696]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [11.3.2010 16:07 165584]
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [20.2.2007 13:34 302000]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [20.2.2007 13:34 71088]
R1 prodrv03;Star Force copy protection driver v3;c:\windows\system32\drivers\prodrv03.sys [12.4.2008 16:48 115968]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11.3.2010 16:07 17744]
S3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\atl01_xp.sys [25.1.2008 23:03 38656]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [16.1.2009 15:29 13224]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [24.12.2009 19:48 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [24.12.2009 19:48 8320]
S3 se46bus;Sony Ericsson Device 070 driver (WDM);c:\windows\system32\drivers\se46bus.sys [14.5.2008 5:53 61536]
S3 se46mdfl;Sony Ericsson Device 070 USB WMC Modem Filter;c:\windows\system32\drivers\se46mdfl.sys [14.5.2008 6:02 9360]
S3 se46mdm;Sony Ericsson Device 070 USB WMC Modem Driver;c:\windows\system32\drivers\se46mdm.sys [14.5.2008 6:02 97088]
S3 se46mgmt;Sony Ericsson Device 070 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\se46mgmt.sys [18.5.2008 6:40 88624]
S3 se46nd5;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (NDIS);c:\windows\system32\drivers\se46nd5.sys [24.5.2008 6:33 18704]
S3 se46obex;Sony Ericsson Device 070 USB WMC OBEX Interface;c:\windows\system32\drivers\se46obex.sys [18.5.2008 6:40 86432]
S3 se46unic;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (WDM);c:\windows\system32\drivers\se46unic.sys [24.5.2008 6:33 90800]
S3 USBPNPA;USB PnP Sound Device Interface;c:\windows\system32\drivers\CM108.sys [1.8.2010 20:52 1312768]
S4 gupdate1c9951d609792ca;Google Update Service (gupdate1c9951d609792ca);c:\program files\Google\Update\GoogleUpdate.exe [22.2.2009 19:42 133104]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
IE: ????3??
IE: ????3??????
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Analyzovat LeechGetem
IE: Download All Links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download ALL with IDA
IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Download LeechGetem
IE: Download s průvodcem LeechGetu
IE: Download with IDA
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: E&xportovat do aplikace Microsoft Excel
IE: Stáhnout obsah FLV videa s IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Stáhnout s IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Stáhnout všechny odkazy s IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Translate this web page with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
IE: ????3?? - c:\documents and settings\Pája\Data aplikací\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\documents and settings\Pája\Data aplikací\FlashGetBHO\GetAllUrl.htm
FF - ProfilePath - c:\documents and settings\Pája\Data aplikací\Mozilla\Firefox\Profiles\ytph7k1t.default\
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - component: c:\documents and settings\Pája\Data aplikací\IDM\idmmzcc2\components\idmmzcc.dll
FF - component: c:\documents and settings\Pája\Data aplikací\Mozilla\Firefox\Profiles\ytph7k1t.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\Pája\Data aplikací\Mozilla\Firefox\Profiles\ytph7k1t.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\RadioWMPCore.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Extension: Java Console: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
FF - Extension: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Extension: BugMeNot: {987311C6-B504-4aa2-90BF-60CC49808D42} - c:\documents and settings\Pája\Data aplikací\Mozilla\Firefox\Profiles\ytph7k1t.default\extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}
FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\documents and settings\Pája\Data aplikací\Mozilla\Firefox\Profiles\ytph7k1t.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Extension: Babylon-English Toolbar: {ce18769b-c7fa-42d2-860d-17c4662c70ad} - c:\documents and settings\Pája\Data aplikací\Mozilla\Firefox\Profiles\ytph7k1t.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}
FF - Extension: 1-Click YouTube Video Downloader: YoutubeDownloader@PeterOlayev.com - c:\documents and settings\Pája\Data aplikací\Mozilla\Firefox\Profiles\ytph7k1t.default\extensions\YoutubeDownloader@PeterOlayev.com
FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Extension: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-07 20:41
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,fa,79,7f,b3,b1,fd,d8,46,80,39,6b,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,fa,79,7f,b3,b1,fd,d8,46,80,39,6b,\
[HKEY_USERS\S-1-5-21-1177238915-1343024091-682003330-1005\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@="c:\\Documents and Settings\\Pája\\Data aplikací\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022
[HKEY_USERS\S-1-5-21-1177238915-1343024091-682003330-1005\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@="c:\\Documents and Settings\\Pája\\Data aplikací\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3
[HKEY_USERS\S-1-5-21-1177238915-1343024091-682003330-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"??"=hex:0a,f2,69,41,2f,43,ce,5f,d7,df,b0,fb,eb,23,74,67,0b,41,09,e5,c5,53,85,
d5,a4,7f,20,bd,d8,20,a9,29,8c,fb,08,20,39,94,a6,d6,af,fa,d2,be,fd,bb,58,22,\
"??"=hex:b2,dc,1c,56,27,e8,fa,f7,d5,6d,fd,74,06,1e,5d,3a
[HKEY_USERS\S-1-5-21-1177238915-1343024091-682003330-1005\Software\SecuROM\License information*]
"datasecu"=hex:4d,47,c6,b7,18,50,44,42,0b,bb,91,ea,f5,2b,d6,c7,dd,cf,36,3f,2d,
d3,7e,f1,a2,8a,77,fd,a7,c4,55,b4,54,c8,9e,33,8a,86,11,cb,6d,1b,c1,6d,94,a6,\
"rkeysecu"=hex:65,a7,42,bb,24,5f,7a,38,7f,16,41,61,cd,14,cf,5b
.
Celkový čas: 2010-12-07 20:44:28
ComboFix-quarantined-files.txt 2010-12-07 19:44
ComboFix2.txt 2010-12-07 19:01
Před spuštěním: Volných bajtů: 13 377 622 016
Po spuštění: Volných bajtů: 13 358 968 832
- - End Of File - - E2610EA963B9855B6CCF9F9B8E72F297
ComboFix 10-12-06.04 - Pája 07.12.2010 20:33:57.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1360 [GMT 1:00]
Spuštěný z: c:\documents and settings\Pája\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Pája\Plocha\CFScript.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Sunbelt Kerio Personal Firewall *enabled* {E659E0EE-10E6-49B7-8696-60F38D0EB174}
FILE ::
"c:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\tasks\User_Feed_Synchronization-{3283A1E5-59B7-4FFB-B236-7B286FD62D70}.job"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\tasks\GoogleUpdateTaskMachineCore.job
c:\windows\tasks\GoogleUpdateTaskMachineUA.job
c:\windows\tasks\User_Feed_Synchronization-{3283A1E5-59B7-4FFB-B236-7B286FD62D70}.job
.
--------------- FCopy ---------------
c:\windows\system32\dllcache\tcpip.sys --> c:\windows\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-07 do 2010-12-07 )))))))))))))))))))))))))))))))
.
2010-12-07 17:58 . 2010-12-07 18:00 -------- d-----w- C:\rsit
2010-12-05 11:55 . 2010-12-05 11:55 -------- d-----w- c:\documents and settings\Pája\Local Settings\Data aplikací\FlatOut Ultimate Carnage
2010-12-04 11:10 . 2010-12-04 11:15 4608 ----a-w- c:\windows\cocowawa.dll
2010-11-21 09:55 . 2010-11-28 17:36 -------- d-----w- C:\Program FilesAdvent
2010-11-17 16:20 . 2010-11-17 16:20 -------- d-----w- c:\documents and settings\All Users\Data aplikací\EA Core
2010-11-14 10:26 . 2010-11-14 10:28 -------- d-----w- c:\program files\Defraggler
2010-11-11 15:36 . 2010-11-11 15:36 -------- d-----w- c:\documents and settings\Pája\Local Settings\Data aplikací\Activision
2010-11-10 18:09 . 2010-11-10 18:09 335872 ----a-r- c:\documents and settings\Pája\Data aplikací\Microsoft\Installer\{AA01BA34-88F7-436D-822A-35324727C4C1}\oo_unerase_9C3BE5C3A3C646DABE40B79DE57BC3BB.exe
2010-11-10 18:09 . 2010-11-10 18:09 335872 ----a-r- c:\documents and settings\Pája\Data aplikací\Microsoft\Installer\{AA01BA34-88F7-436D-822A-35324727C4C1}\ARPPRODUCTICON.exe
2010-11-10 18:03 . 2004-03-16 07:35 49152 ----a-w- c:\windows\system32\OctaneARM.dll
2010-11-08 15:04 . 2010-11-08 15:04 -------- d-----w- c:\program files\piPOol
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-05 11:04 . 2008-10-04 16:07 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-12-05 11:04 . 2008-10-04 16:07 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-12-05 07:42 . 2008-10-04 16:07 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-12-04 11:11 . 2005-10-04 22:54 258300 ----a-w- c:\windows\sxe-loader
2010-11-17 15:11 . 2010-07-13 14:45 53248 ----a-w- c:\windows\system32\ZLib.dll
2010-11-07 12:03 . 2010-11-07 12:03 1409 ----a-w- c:\windows\QTFont.for
2010-11-07 09:47 . 2008-08-11 15:29 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2010-11-07 09:47 . 2008-08-11 15:29 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2010-10-22 06:23 . 2010-06-28 11:59 61440 ----a-w- c:\windows\system32\OpenCL.dll
2010-10-22 06:23 . 2007-06-28 16:43 14532608 ----a-w- c:\windows\system32\nvoglnt.dll
2010-10-22 06:23 . 2010-10-20 16:40 888424 ----a-w- c:\windows\system32\nvdispco32.dll
2010-10-22 06:23 . 2010-10-20 16:40 813672 ----a-w- c:\windows\system32\nvgenco32.dll
2010-10-22 06:23 . 2010-06-28 11:59 2932840 ----a-w- c:\windows\system32\nvcuvid.dll
2010-10-22 06:23 . 2010-06-28 11:59 2666600 ----a-w- c:\windows\system32\nvcuvenc.dll
2010-10-22 06:23 . 2008-10-07 12:33 4882432 ----a-w- c:\windows\system32\nvcuda.dll
2010-10-22 06:23 . 2010-06-28 11:59 13012992 ----a-w- c:\windows\system32\nvcompiler.dll
2010-10-22 06:23 . 2007-06-28 16:43 9623680 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2010-10-22 06:23 . 2007-06-28 16:43 6359552 ----a-w- c:\windows\system32\nv4_disp.dll
2010-10-22 06:23 . 2007-06-28 16:43 1462272 ----a-w- c:\windows\system32\nvapi.dll
2010-10-16 10:05 . 2010-10-16 10:05 81920 ----a-w- c:\windows\system32\nvwddi.dll
2010-10-16 10:05 . 2010-10-16 10:05 335872 ----a-w- c:\windows\system32\nvrsar.dll
2010-10-16 10:05 . 2010-10-16 10:05 331776 ----a-w- c:\windows\system32\nvrshe.dll
2010-10-16 10:05 . 2010-10-16 10:05 286720 ----a-w- c:\windows\system32\nvrsfr.dll
2010-10-16 10:05 . 2010-10-16 10:05 282624 ----a-w- c:\windows\system32\nvrses.dll
2010-10-16 10:05 . 2010-10-16 10:05 282624 ----a-w- c:\windows\system32\nvrsel.dll
2010-10-16 10:05 . 2010-10-16 10:05 278528 ----a-w- c:\windows\system32\nvrsde.dll
2010-10-16 10:05 . 2010-10-16 10:05 274432 ----a-w- c:\windows\system32\nvrsnl.dll
2010-10-16 10:05 . 2010-10-16 10:05 274432 ----a-w- c:\windows\system32\nvrsesm.dll
2010-10-16 10:05 . 2010-10-16 10:05 270336 ----a-w- c:\windows\system32\nvrsru.dll
2010-10-16 10:05 . 2010-10-16 10:05 270336 ----a-w- c:\windows\system32\nvrsptb.dll
2010-10-16 10:05 . 2010-10-16 10:05 266240 ----a-w- c:\windows\system32\nvrsko.dll
2010-10-16 10:05 . 2010-10-16 10:05 262144 ----a-w- c:\windows\system32\nvrshu.dll
2010-10-16 10:05 . 2010-10-16 10:05 258048 ----a-w- c:\windows\system32\nvrstr.dll
2010-10-16 10:05 . 2010-10-16 10:05 258048 ----a-w- c:\windows\system32\nvrssl.dll
2010-10-16 10:05 . 2010-10-16 10:05 258048 ----a-w- c:\windows\system32\nvrssk.dll
2010-10-16 10:05 . 2010-10-16 10:05 253952 ----a-w- c:\windows\system32\nvrsth.dll
2010-10-16 10:05 . 2010-10-16 10:05 253952 ----a-w- c:\windows\system32\nvrssv.dll
2010-10-16 10:05 . 2010-10-16 10:05 253952 ----a-w- c:\windows\system32\nvrsda.dll
2010-10-16 10:05 . 2010-10-16 10:05 249856 ----a-w- c:\windows\system32\nvrsfi.dll
2010-10-16 10:05 . 2010-10-16 10:05 249856 ----a-w- c:\windows\system32\nvrseng.dll
2010-10-16 10:05 . 2010-10-16 10:05 249856 ----a-w- c:\windows\system32\nvrscs.dll
2010-10-16 10:05 . 2010-10-16 10:05 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2010-10-16 10:05 . 2010-10-16 10:05 126976 ----a-w- c:\windows\system32\nvrszht.dll
2010-10-16 10:05 . 2010-10-16 10:05 282624 ----a-w- c:\windows\system32\nvrsit.dll
2010-10-16 10:05 . 2010-10-16 10:05 277608 ----a-w- c:\windows\system32\nvmccs.dll
2010-10-16 10:05 . 2010-10-16 10:05 274432 ----a-w- c:\windows\system32\nvrspt.dll
2010-10-16 10:05 . 2010-10-16 10:05 270336 ----a-w- c:\windows\system32\nvrsja.dll
2010-10-16 10:05 . 2010-10-16 10:05 258048 ----a-w- c:\windows\system32\nvrspl.dll
2010-10-16 10:05 . 2010-10-16 10:05 253952 ----a-w- c:\windows\system32\nvrsno.dll
2010-10-16 10:05 . 2010-10-16 10:05 156776 ----a-w- c:\windows\system32\nvsvc32.exe
2010-10-16 10:05 . 2010-10-16 10:05 145000 ----a-w- c:\windows\system32\nvcolor.exe
2010-10-16 10:05 . 2010-10-16 10:05 13851752 ----a-w- c:\windows\system32\nvcpl.dll
2010-10-16 10:05 . 2010-10-16 10:05 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-10-04 18:48 . 2010-10-04 18:48 22193755 ----a-w- c:\windows\system32\TiskProRadost_AlbumMaker_uninstaller.exe
2010-10-02 11:55 . 2009-02-28 09:54 233960 ----a-w- c:\windows\system32\PnkBstrB.xtr
2010-09-18 10:23 . 2006-03-02 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2006-03-02 12:00 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2006-03-02 12:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2006-03-02 12:00 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-10 05:52 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:52 . 2006-03-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:52 . 2006-03-02 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2007-02-08 95800]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-06-01 94208]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2007-07-23 800768]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-09-25 328056]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" [2010-10-27 133432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-05-08 1953792]
"CHotkey"="mHotkey.exe" [2006-12-08 547840]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-01-12 32768]
"RTHDCPL"="RTHDCPL.EXE" [2008-05-16 16862720]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-09-07 2838912]
"NokiaMusic FastStart"="c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe" [2010-03-04 2192672]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-05-26 1468296]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-10-16 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-10-16 13851752]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-08-25 1753192]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 153672]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Intel Core 2 Duo\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
c:\documents and settings\P ja\Nabˇdka Start\Programy\Po spuçtŘnˇ\
MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2008-7-26 565248]
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
InterVideo WinCinema Manager.lnk - c:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2008-1-25 131072]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\Valve\\hlds.exe"=
"c:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4ss.exe"=
"c:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"e:\\Program files\\TrackMania Sunrise\\TmSunrise.exe"=
"c:\\Program Files\\Valve\\hltv.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\Program Files\\Call of Duty 4\\iw3mp.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"d:\\Program Files\\Microsoft Games\\Rise of Nations\\rise.exe"=
"d:\\Program Files\\GTA IV\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"d:\\Program Files\\Guitar\\GHWT.exe"=
"c:\\Program Files\\sixteen tons entertainment\\Emergency 4\\Em4.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\mafia ii - public demo\\launcher.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"e:\\Program files\\Landwirtschafts Simulator 2011\\FarmingSimulator2011.exe"=
"e:\\Program files\\Landwirtschafts Simulator 2011\\game.exe"=
"e:\\Program files\\Need for Speed Hot Pursuit 3\\Launcher.exe"=
"e:\\Program files\\FlatOut Ultimate Carnage\\Fouc.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"e:\\Program files\\Call of Juarez-Bound in Blood\\CoJBiBGame_x86.exe"=
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 13:46 63352]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [6.7.2010 18:58 691696]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [11.3.2010 16:07 165584]
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [20.2.2007 13:34 302000]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [20.2.2007 13:34 71088]
R1 prodrv03;Star Force copy protection driver v3;c:\windows\system32\drivers\prodrv03.sys [12.4.2008 16:48 115968]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11.3.2010 16:07 17744]
S3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\atl01_xp.sys [25.1.2008 23:03 38656]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [16.1.2009 15:29 13224]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [24.12.2009 19:48 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [24.12.2009 19:48 8320]
S3 se46bus;Sony Ericsson Device 070 driver (WDM);c:\windows\system32\drivers\se46bus.sys [14.5.2008 5:53 61536]
S3 se46mdfl;Sony Ericsson Device 070 USB WMC Modem Filter;c:\windows\system32\drivers\se46mdfl.sys [14.5.2008 6:02 9360]
S3 se46mdm;Sony Ericsson Device 070 USB WMC Modem Driver;c:\windows\system32\drivers\se46mdm.sys [14.5.2008 6:02 97088]
S3 se46mgmt;Sony Ericsson Device 070 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\se46mgmt.sys [18.5.2008 6:40 88624]
S3 se46nd5;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (NDIS);c:\windows\system32\drivers\se46nd5.sys [24.5.2008 6:33 18704]
S3 se46obex;Sony Ericsson Device 070 USB WMC OBEX Interface;c:\windows\system32\drivers\se46obex.sys [18.5.2008 6:40 86432]
S3 se46unic;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (WDM);c:\windows\system32\drivers\se46unic.sys [24.5.2008 6:33 90800]
S3 USBPNPA;USB PnP Sound Device Interface;c:\windows\system32\drivers\CM108.sys [1.8.2010 20:52 1312768]
S4 gupdate1c9951d609792ca;Google Update Service (gupdate1c9951d609792ca);c:\program files\Google\Update\GoogleUpdate.exe [22.2.2009 19:42 133104]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
IE: ????3??
IE: ????3??????
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Analyzovat LeechGetem
IE: Download All Links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download ALL with IDA
IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Download LeechGetem
IE: Download s průvodcem LeechGetu
IE: Download with IDA
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: E&xportovat do aplikace Microsoft Excel
IE: Stáhnout obsah FLV videa s IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Stáhnout s IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Stáhnout všechny odkazy s IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Translate this web page with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
IE: ????3?? - c:\documents and settings\Pája\Data aplikací\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\documents and settings\Pája\Data aplikací\FlashGetBHO\GetAllUrl.htm
FF - ProfilePath - c:\documents and settings\Pája\Data aplikací\Mozilla\Firefox\Profiles\ytph7k1t.default\
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - component: c:\documents and settings\Pája\Data aplikací\IDM\idmmzcc2\components\idmmzcc.dll
FF - component: c:\documents and settings\Pája\Data aplikací\Mozilla\Firefox\Profiles\ytph7k1t.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\Pája\Data aplikací\Mozilla\Firefox\Profiles\ytph7k1t.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\RadioWMPCore.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Extension: Java Console: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
FF - Extension: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Extension: BugMeNot: {987311C6-B504-4aa2-90BF-60CC49808D42} - c:\documents and settings\Pája\Data aplikací\Mozilla\Firefox\Profiles\ytph7k1t.default\extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}
FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\documents and settings\Pája\Data aplikací\Mozilla\Firefox\Profiles\ytph7k1t.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Extension: Babylon-English Toolbar: {ce18769b-c7fa-42d2-860d-17c4662c70ad} - c:\documents and settings\Pája\Data aplikací\Mozilla\Firefox\Profiles\ytph7k1t.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}
FF - Extension: 1-Click YouTube Video Downloader: YoutubeDownloader@PeterOlayev.com - c:\documents and settings\Pája\Data aplikací\Mozilla\Firefox\Profiles\ytph7k1t.default\extensions\YoutubeDownloader@PeterOlayev.com
FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Extension: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-07 20:41
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,fa,79,7f,b3,b1,fd,d8,46,80,39,6b,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,fa,79,7f,b3,b1,fd,d8,46,80,39,6b,\
[HKEY_USERS\S-1-5-21-1177238915-1343024091-682003330-1005\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@="c:\\Documents and Settings\\Pája\\Data aplikací\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022
[HKEY_USERS\S-1-5-21-1177238915-1343024091-682003330-1005\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@="c:\\Documents and Settings\\Pája\\Data aplikací\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3
[HKEY_USERS\S-1-5-21-1177238915-1343024091-682003330-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"??"=hex:0a,f2,69,41,2f,43,ce,5f,d7,df,b0,fb,eb,23,74,67,0b,41,09,e5,c5,53,85,
d5,a4,7f,20,bd,d8,20,a9,29,8c,fb,08,20,39,94,a6,d6,af,fa,d2,be,fd,bb,58,22,\
"??"=hex:b2,dc,1c,56,27,e8,fa,f7,d5,6d,fd,74,06,1e,5d,3a
[HKEY_USERS\S-1-5-21-1177238915-1343024091-682003330-1005\Software\SecuROM\License information*]
"datasecu"=hex:4d,47,c6,b7,18,50,44,42,0b,bb,91,ea,f5,2b,d6,c7,dd,cf,36,3f,2d,
d3,7e,f1,a2,8a,77,fd,a7,c4,55,b4,54,c8,9e,33,8a,86,11,cb,6d,1b,c1,6d,94,a6,\
"rkeysecu"=hex:65,a7,42,bb,24,5f,7a,38,7f,16,41,61,cd,14,cf,5b
.
Celkový čas: 2010-12-07 20:44:28
ComboFix-quarantined-files.txt 2010-12-07 19:44
ComboFix2.txt 2010-12-07 19:01
Před spuštěním: Volných bajtů: 13 377 622 016
Po spuštění: Volných bajtů: 13 358 968 832
- - End Of File - - E2610EA963B9855B6CCF9F9B8E72F297
Re: Prosím o preventivní kontrolu, Děkuji.
Odinstalujte Combofix
- Start - Spustit (nebo pouzijte klavesobou zkratku Win+R)
- Napiste ComboFix /Uninstall
- Stisknete Enter
- Tohle smaze Combofix a jeho slozky
T-Cleaner http://sweb.cz/Marinus/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)
- Provedte aktualizaci - treti zalozka
- Provedte uplny sken - nic nemazte
- MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
Knight.Paja
- Návštěvník
- Příspěvky: 26
- Registrován: 06 črc 2010 11:03
- Bydliště: Tlumačov (ZL)
Re: Prosím o preventivní kontrolu, Děkuji.
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org
Verze databáze: 5263
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
7.12.2010 22:26:18
mbam-log-2010-12-07 (22-26-13).txt
Typ kontroly: Úplný test (C:\|D:\|E:\|)
Testované objekty: 437656
Uplynulý čas: 1 hodin, 10 minut, 44 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 10
Infikované hodnoty v registru: 1
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 12
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7D5DD829-6C90-42C5-B54C-2AFA82F988BA} (Rogue.Installer) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.
Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Value: f3PopularScreensavers -> No action taken.
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
c:\program files\Steam\steamapps\common\mafia ii - public demo\pc\mafia.ii.exe (RiskWare.Tool.CK) -> No action taken.
c:\program files\Ubisoft\ubisoft game launcher\ubiorbitapi_r2.dll (Trojan.Agent.CK) -> No action taken.
c:\documents and settings\Pája\dokumenty\downloads\Programs\potrestanie.exe (Joke.Stressreducer) -> No action taken.
c:\documents and settings\Pája\Plocha\t-cleaner(2).exe (Backdoor.Bot) -> No action taken.
d:\stáhnuté programy\adaphotoportable_version\adobe photoshop cs3 portable version\portable adobe photoshop cs3 standard\CSDATA\1000000600002i\svchost.exe (Rootkit.Dropper) -> No action taken.
d:\stáhnuté programy\adaphotoportable_version\adobe photoshop cs3 portable version\portable adobe photoshop cs3 standard\CSDATA\1000000b00002i\rundll32.exe (Rootkit.Dropper) -> No action taken.
d:\stáhnuté programy\adaphotoportable_version\adobe photoshop cs3 portable version\portable adobe photoshop cs3 standard\CSDATA\4000002c0600002i\photoshop.exe (Rootkit.Dropper) -> No action taken.
d:\stáhnuté programy\adaphotoportable_version\adobe photoshop cs3 portable version\portable adobe photoshop cs3 standard\CSDATA\4000009c00002i\IEXPLORE.EXE (Rootkit.Dropper) -> No action taken.
e:\program files\mafia 2 iso\phoenix_14beta(2)\Phx_data\Res\EmuCfg.exe (Trojan.Agent) -> No action taken.
e:\program files\mafia 2 iso\phoenix_14beta(2)\Phx_data\Res\GCFMgr.exe (Trojan.Agent) -> No action taken.
e:\program files\mafia 2 iso\phoenix_14beta(2)\Phx_data\Res\RICO.exe (Backdoor.Bot) -> No action taken.
e:\program files\mafia 2 iso\phoenix_14beta(2)\Phx_data\Res\ss.exe (Backdoor.Bot) -> No action taken.
www.malwarebytes.org
Verze databáze: 5263
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
7.12.2010 22:26:18
mbam-log-2010-12-07 (22-26-13).txt
Typ kontroly: Úplný test (C:\|D:\|E:\|)
Testované objekty: 437656
Uplynulý čas: 1 hodin, 10 minut, 44 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 10
Infikované hodnoty v registru: 1
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 12
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7D5DD829-6C90-42C5-B54C-2AFA82F988BA} (Rogue.Installer) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.
Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Value: f3PopularScreensavers -> No action taken.
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
c:\program files\Steam\steamapps\common\mafia ii - public demo\pc\mafia.ii.exe (RiskWare.Tool.CK) -> No action taken.
c:\program files\Ubisoft\ubisoft game launcher\ubiorbitapi_r2.dll (Trojan.Agent.CK) -> No action taken.
c:\documents and settings\Pája\dokumenty\downloads\Programs\potrestanie.exe (Joke.Stressreducer) -> No action taken.
c:\documents and settings\Pája\Plocha\t-cleaner(2).exe (Backdoor.Bot) -> No action taken.
d:\stáhnuté programy\adaphotoportable_version\adobe photoshop cs3 portable version\portable adobe photoshop cs3 standard\CSDATA\1000000600002i\svchost.exe (Rootkit.Dropper) -> No action taken.
d:\stáhnuté programy\adaphotoportable_version\adobe photoshop cs3 portable version\portable adobe photoshop cs3 standard\CSDATA\1000000b00002i\rundll32.exe (Rootkit.Dropper) -> No action taken.
d:\stáhnuté programy\adaphotoportable_version\adobe photoshop cs3 portable version\portable adobe photoshop cs3 standard\CSDATA\4000002c0600002i\photoshop.exe (Rootkit.Dropper) -> No action taken.
d:\stáhnuté programy\adaphotoportable_version\adobe photoshop cs3 portable version\portable adobe photoshop cs3 standard\CSDATA\4000009c00002i\IEXPLORE.EXE (Rootkit.Dropper) -> No action taken.
e:\program files\mafia 2 iso\phoenix_14beta(2)\Phx_data\Res\EmuCfg.exe (Trojan.Agent) -> No action taken.
e:\program files\mafia 2 iso\phoenix_14beta(2)\Phx_data\Res\GCFMgr.exe (Trojan.Agent) -> No action taken.
e:\program files\mafia 2 iso\phoenix_14beta(2)\Phx_data\Res\RICO.exe (Backdoor.Bot) -> No action taken.
e:\program files\mafia 2 iso\phoenix_14beta(2)\Phx_data\Res\ss.exe (Backdoor.Bot) -> No action taken.
Re: Prosím o preventivní kontrolu, Děkuji.
Vse co nasel MBAM smazte Ke crackum asi nema cenu se vyjadrovat ze 
Napiste jak se chova PC...
Ke crackum asi nema cenu se vyjadrovat ze Napiste jak se chova PC...
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
Knight.Paja
- Návštěvník
- Příspěvky: 26
- Registrován: 06 črc 2010 11:03
- Bydliště: Tlumačov (ZL)
Re: Prosím o preventivní kontrolu, Děkuji.
Vše odstraněno,PC je o poznání rychlejší:-)
-
Knight.Paja
- Návštěvník
- Příspěvky: 26
- Registrován: 06 črc 2010 11:03
- Bydliště: Tlumačov (ZL)
Re: Prosím o preventivní kontrolu, Děkuji.
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org
Verze databáze: 5263
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
7.12.2010 22:31:03
mbam-log-2010-12-07 (22-31-03).txt
Typ kontroly: Úplný test (C:\|D:\|E:\|)
Testované objekty: 437656
Uplynulý čas: 1 hodin, 10 minut, 44 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 10
Infikované hodnoty v registru: 1
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 12
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7D5DD829-6C90-42C5-B54C-2AFA82F988BA} (Rogue.Installer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Value: f3PopularScreensavers -> Quarantined and deleted successfully.
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
c:\program files\Steam\steamapps\common\mafia ii - public demo\pc\mafia.ii.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
c:\program files\Ubisoft\ubisoft game launcher\ubiorbitapi_r2.dll (Trojan.Agent.CK) -> Quarantined and deleted successfully.
c:\documents and settings\Pája\dokumenty\downloads\Programs\potrestanie.exe (Joke.Stressreducer) -> Quarantined and deleted successfully.
c:\documents and settings\Pája\Plocha\t-cleaner(2).exe (Backdoor.Bot) -> Quarantined and deleted successfully.
d:\stáhnuté programy\adaphotoportable_version\adobe photoshop cs3 portable version\portable adobe photoshop cs3 standard\CSDATA\1000000600002i\svchost.exe (Rootkit.Dropper) -> Quarantined and deleted successfully.
d:\stáhnuté programy\adaphotoportable_version\adobe photoshop cs3 portable version\portable adobe photoshop cs3 standard\CSDATA\1000000b00002i\rundll32.exe (Rootkit.Dropper) -> Quarantined and deleted successfully.
d:\stáhnuté programy\adaphotoportable_version\adobe photoshop cs3 portable version\portable adobe photoshop cs3 standard\CSDATA\4000002c0600002i\photoshop.exe (Rootkit.Dropper) -> Quarantined and deleted successfully.
d:\stáhnuté programy\adaphotoportable_version\adobe photoshop cs3 portable version\portable adobe photoshop cs3 standard\CSDATA\4000009c00002i\IEXPLORE.EXE (Rootkit.Dropper) -> Quarantined and deleted successfully.
e:\program files\mafia 2 iso\phoenix_14beta(2)\Phx_data\Res\EmuCfg.exe (Trojan.Agent) -> Quarantined and deleted successfully.
e:\program files\mafia 2 iso\phoenix_14beta(2)\Phx_data\Res\GCFMgr.exe (Trojan.Agent) -> Quarantined and deleted successfully.
e:\program files\mafia 2 iso\phoenix_14beta(2)\Phx_data\Res\RICO.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
e:\program files\mafia 2 iso\phoenix_14beta(2)\Phx_data\Res\ss.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
www.malwarebytes.org
Verze databáze: 5263
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
7.12.2010 22:31:03
mbam-log-2010-12-07 (22-31-03).txt
Typ kontroly: Úplný test (C:\|D:\|E:\|)
Testované objekty: 437656
Uplynulý čas: 1 hodin, 10 minut, 44 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 10
Infikované hodnoty v registru: 1
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 12
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7D5DD829-6C90-42C5-B54C-2AFA82F988BA} (Rogue.Installer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Value: f3PopularScreensavers -> Quarantined and deleted successfully.
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
c:\program files\Steam\steamapps\common\mafia ii - public demo\pc\mafia.ii.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
c:\program files\Ubisoft\ubisoft game launcher\ubiorbitapi_r2.dll (Trojan.Agent.CK) -> Quarantined and deleted successfully.
c:\documents and settings\Pája\dokumenty\downloads\Programs\potrestanie.exe (Joke.Stressreducer) -> Quarantined and deleted successfully.
c:\documents and settings\Pája\Plocha\t-cleaner(2).exe (Backdoor.Bot) -> Quarantined and deleted successfully.
d:\stáhnuté programy\adaphotoportable_version\adobe photoshop cs3 portable version\portable adobe photoshop cs3 standard\CSDATA\1000000600002i\svchost.exe (Rootkit.Dropper) -> Quarantined and deleted successfully.
d:\stáhnuté programy\adaphotoportable_version\adobe photoshop cs3 portable version\portable adobe photoshop cs3 standard\CSDATA\1000000b00002i\rundll32.exe (Rootkit.Dropper) -> Quarantined and deleted successfully.
d:\stáhnuté programy\adaphotoportable_version\adobe photoshop cs3 portable version\portable adobe photoshop cs3 standard\CSDATA\4000002c0600002i\photoshop.exe (Rootkit.Dropper) -> Quarantined and deleted successfully.
d:\stáhnuté programy\adaphotoportable_version\adobe photoshop cs3 portable version\portable adobe photoshop cs3 standard\CSDATA\4000009c00002i\IEXPLORE.EXE (Rootkit.Dropper) -> Quarantined and deleted successfully.
e:\program files\mafia 2 iso\phoenix_14beta(2)\Phx_data\Res\EmuCfg.exe (Trojan.Agent) -> Quarantined and deleted successfully.
e:\program files\mafia 2 iso\phoenix_14beta(2)\Phx_data\Res\GCFMgr.exe (Trojan.Agent) -> Quarantined and deleted successfully.
e:\program files\mafia 2 iso\phoenix_14beta(2)\Phx_data\Res\RICO.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
e:\program files\mafia 2 iso\phoenix_14beta(2)\Phx_data\Res\ss.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
Re: Prosím o preventivní kontrolu, Děkuji.
MBAM muzete odinstalovat nebo nechat na obcasny sken - v pripade nalezu velmi doporucuji dat sem log na posouzeni, at si neodstrelite neco legitimniho OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner (viz muj podpis)Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A poprosim o novy log z RSIT"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
Knight.Paja
- Návštěvník
- Příspěvky: 26
- Registrován: 06 črc 2010 11:03
- Bydliště: Tlumačov (ZL)
Re: Prosím o preventivní kontrolu, Děkuji.
Logfile of random's system information tool 1.08 (written by random/random)
Run by Pája at 2010-12-07 22:51:44
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 18 GB (23%) free of 80 GB
Total RAM: 2047 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:52:44, on 7.12.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\mHotkey.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Pája\Plocha\RSIT.exe
C:\Program Files\trend micro\Pája.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: (no name) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - (no file)
O2 - BHO: (no name) - {399d96ca-6f9a-4fff-95fe-284e45ebb935} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout obsah FLV videa s IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se5036.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDow ... rtScan.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 11753 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2007-07-04 91568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{399d96ca-6f9a-4fff-95fe-284e45ebb935}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-26 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-11-26 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864]
"36X Raid Configurer"=C:\WINDOWS\system32\xRaidSetup.exe [2007-05-08 1953792]
"CHotkey"=C:\WINDOWS\mHotkey.exe [2006-12-08 547840]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2005-01-12 32768]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-05-16 16862720]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles []
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-09-07 2838912]
"NokiaMusic FastStart"=C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe [2010-03-04 2192672]
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2009-05-26 1468296]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-10-16 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-10-16 13851752]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-08-25 1753192]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 153672]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2007-02-08 95800]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-06-01 94208]
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2007-07-23 800768]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2010-09-25 328056]
"ICQ"=C:\Program Files\ICQ7.2\ICQ.exe [2010-10-27 133432]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Documents and Settings\Pája\Nabídka Start\Programy\Po spuštění
MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe"="C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe:*:Disabled:Sunbelt Kerio Firewall GUI"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Valve\hlds.exe"="C:\Program Files\Valve\hlds.exe:*:Enabled:HLDS Launcher"
"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe"="C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe:*:Enabled:Sunbelt Kerio Firewall Service"
"C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe"="C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"E:\Program files\TrackMania Sunrise\TmSunrise.exe"="E:\Program files\TrackMania Sunrise\TmSunrise.exe:*:Enabled:TmSunrise"
"C:\Program Files\Valve\hltv.exe"="C:\Program Files\Valve\hltv.exe:*:Enabled:HLTV Launcher"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\Program Files\Call of Duty 4\iw3mp.exe"="D:\Program Files\Call of Duty 4\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Program Files\Sony Ericsson\Update Service\Update Service.exe"="C:\Program Files\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"D:\Program Files\Microsoft Games\Rise of Nations\rise.exe"="D:\Program Files\Microsoft Games\Rise of Nations\rise.exe:*:Enabled:Rise of Nations"
"D:\Program Files\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe"="D:\Program Files\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"D:\Program Files\Guitar\GHWT.exe"="D:\Program Files\Guitar\GHWT.exe:*:Enabled:Guitar Hero World Tour"
"C:\Program Files\sixteen tons entertainment\Emergency 4\Em4.exe"="C:\Program Files\sixteen tons entertainment\Emergency 4\Em4.exe:*:Enabled:Em4"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\Program Files\Steam\steamapps\common\mafia ii - public demo\launcher.exe"="C:\Program Files\Steam\steamapps\common\mafia ii - public demo\launcher.exe:*:Enabled:Mafia II - Demo"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"E:\Program files\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe"="E:\Program files\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe:*:Enabled:Landwirtschafts Simulator 2011"
"E:\Program files\Landwirtschafts Simulator 2011\game.exe"="E:\Program files\Landwirtschafts Simulator 2011\game.exe:*:Enabled:Landwirtschafts Simulator 2011"
"E:\Program files\Need for Speed Hot Pursuit 3\Launcher.exe"="E:\Program files\Need for Speed Hot Pursuit 3\Launcher.exe:*:Enabled:Need for Speed(TM) Hot Pursuit"
"E:\Program files\FlatOut Ultimate Carnage\Fouc.exe"="E:\Program files\FlatOut Ultimate Carnage\Fouc.exe:*:Enabled:FlatOut Ultimate Carnage"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"E:\Program files\Call of Juarez-Bound in Blood\CoJBiBGame_x86.exe"="E:\Program files\Call of Juarez-Bound in Blood\CoJBiBGame_x86.exe:*:Enabled:Call of Juarez - Bound in Blood"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
======List of files/folders created in the last 1 months======
2010-12-07 22:51:44 ----D---- C:\rsit
2010-12-07 21:06:23 ----D---- C:\Documents and Settings\Pája\Data aplikací\Malwarebytes
2010-12-07 21:06:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-12-07 21:06:18 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-12-07 21:06:14 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-12-07 21:06:14 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-12-07 20:56:46 ----SHD---- C:\RECYCLER
2010-12-07 20:44:35 ----D---- C:\WINDOWS\temp
2010-12-04 12:10:28 ----A---- C:\WINDOWS\cocowawa.dll
2010-11-21 10:55:47 ----D---- C:\Program FilesAdvent
2010-11-17 17:20:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\EA Core
2010-11-14 11:26:51 ----D---- C:\Program Files\Defraggler
2010-11-10 20:08:20 ----HDC---- C:\WINDOWS\$NtUninstallKB952011$
2010-11-10 19:03:15 ----A---- C:\WINDOWS\system32\OctaneARM.dll
2010-11-08 16:04:19 ----D---- C:\Program Files\piPOol
======List of files/folders modified in the last 1 months======
2010-12-07 22:52:44 ----D---- C:\Program Files\trend micro
2010-12-07 22:52:41 ----D---- C:\WINDOWS\Prefetch
2010-12-07 22:50:26 ----D---- C:\WINDOWS
2010-12-07 22:47:43 ----D---- C:\Documents and Settings\Pája\Data aplikací\uTorrent
2010-12-07 22:47:39 ----D---- C:\Documents and Settings\Pája\Data aplikací\DMCache
2010-12-07 22:45:40 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-12-07 22:45:29 ----D---- C:\WINDOWS\system32
2010-12-07 22:32:49 ----D---- C:\WINDOWS\system32\drivers
2010-12-07 22:31:47 ----D---- C:\WINDOWS\system32\CatRoot2
2010-12-07 22:31:28 ----HDC---- C:\WINDOWS\$NtUninstallKB911564$
2010-12-07 21:06:14 ----RD---- C:\Program Files
2010-12-07 20:53:49 ----SHD---- C:\System Volume Information
2010-12-07 20:53:49 ----D---- C:\WINDOWS\system32\Restore
2010-12-07 20:41:23 ----A---- C:\WINDOWS\system.ini
2010-12-07 20:40:56 ----D---- C:\WINDOWS\system32\drivers\etc
2010-12-07 20:40:28 ----SD---- C:\WINDOWS\Tasks
2010-12-07 20:37:44 ----D---- C:\WINDOWS\AppPatch
2010-12-07 20:37:43 ----D---- C:\Program Files\Common Files
2010-12-07 20:33:58 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-12-07 19:48:40 ----D---- C:\WINDOWS\system32\config
2010-12-07 19:30:56 ----D---- C:\Documents and Settings\Pája\Data aplikací\ICQ
2010-12-07 15:48:25 ----HD---- C:\Program Files\InstallShield Installation Information
2010-12-07 15:48:24 ----D---- C:\WINDOWS\system32\DirectX
2010-12-07 15:48:23 ----HD---- C:\WINDOWS\inf
2010-12-07 15:47:50 ----RSD---- C:\WINDOWS\assembly
2010-12-07 15:47:26 ----SHD---- C:\WINDOWS\Installer
2010-12-07 15:46:47 ----D---- C:\Config.Msi
2010-12-05 19:18:18 ----D---- C:\Documents and Settings\Pája\Data aplikací\Skype
2010-12-05 19:14:45 ----D---- C:\Documents and Settings\Pája\Data aplikací\skypePM
2010-12-05 12:41:16 ----D---- C:\WINDOWS\WinSxS
2010-12-05 12:04:19 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-12-05 12:02:49 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-12-05 12:02:16 ----D---- C:\Program Files\Common Files\Logitech
2010-12-05 12:02:15 ----D---- C:\Program Files\Logitech
2010-12-05 08:42:05 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2010-12-04 19:22:21 ----D---- C:\Documents and Settings\Pája\Data aplikací\Image Zone Express
2010-12-04 12:32:23 ----D---- C:\Program Files\Valve
2010-12-03 08:09:15 ----A---- C:\WINDOWS\NeroDigital.ini
2010-12-02 10:52:38 ----D---- C:\Documents and Settings\Pája\Data aplikací\esmska
2010-12-02 09:37:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-11-30 16:39:47 ----D---- C:\Program Files\Google
2010-11-18 16:43:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\Solidshield
2010-11-17 17:20:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
2010-11-17 16:11:03 ----A---- C:\WINDOWS\system32\ZLib.dll
2010-11-17 09:07:21 ----D---- C:\Documents and Settings\Pája\Data aplikací\Tropico 3
2010-11-14 11:29:28 ----D---- C:\WINDOWS\Debug
2010-11-13 08:12:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-11-10 18:58:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-11-10 18:55:22 ----A---- C:\WINDOWS\system32\MRT.exe
2010-11-08 18:34:50 ----D---- C:\Documents and Settings\Pája\Data aplikací\IDM
2010-11-08 16:05:49 ----A---- C:\WINDOWS\win.ini
2010-11-08 15:50:59 ----D---- C:\Program Files\Total Video Converter
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 JRAID;JRAID; C:\WINDOWS\system32\DRIVERS\jraid.sys [2007-05-10 48640]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-08-09 114016]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\WINDOWS\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2006-07-10 27032]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2007-01-12 82296]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-07-06 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-09-07 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2007-02-20 302000]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2007-02-20 71088]
R1 prodrv03;Star Force copy protection driver v3; C:\WINDOWS\System32\drivers\prodrv03.sys [2008-04-12 115968]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [2005-11-21 16512]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-09-07 100176]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-07-17 281760]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-07-17 25888]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-09-07 23376]
R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-10-24 117760]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-05-20 4800000]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [2008-07-13 101120]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-10-22 9623680]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-01-22 9856]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2009-05-09 27792]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2010-04-27 22856]
R3 WmFilter;Logitech Gaming HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2010-04-27 37704]
R3 WmHidLo;Logitech Gaming USB Filter Driver; C:\WINDOWS\system32\drivers\WmHidLo.sys [2010-04-27 31816]
R3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2010-04-27 15048]
R3 WmXlCore;Logitech Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2010-04-27 66632]
S3 a2y266dk;a2y266dk; C:\WINDOWS\system32\drivers\a2y266dk.sys []
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2007-03-16 38656]
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2009-10-02 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2009-10-02 25512]
S3 GMSIPCI;GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-05-04 25280]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-12 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-12 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-12 21568]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2009-03-19 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2009-03-19 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-08-01 47360]
S3 se46bus;Sony Ericsson Device 070 driver (WDM); C:\WINDOWS\system32\DRIVERS\se46bus.sys [2006-11-30 61536]
S3 se46mdfl;Sony Ericsson Device 070 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se46mdfl.sys [2006-11-30 9360]
S3 se46mdm;Sony Ericsson Device 070 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se46mdm.sys [2006-11-30 97088]
S3 se46mgmt;Sony Ericsson Device 070 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se46mgmt.sys [2006-11-30 88624]
S3 se46nd5;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (NDIS); C:\WINDOWS\system32\DRIVERS\se46nd5.sys [2006-11-30 18704]
S3 se46obex;Sony Ericsson Device 070 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se46obex.sys [2006-11-30 86432]
S3 se46unic;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (WDM); C:\WINDOWS\system32\DRIVERS\se46unic.sys [2006-11-30 90800]
S3 sermouse;Ovladač sériové myši; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2001-10-24 17664]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 USBPNPA;USB PnP Sound Device Interface; C:\WINDOWS\system32\drivers\CM108.sys [2007-07-20 1312768]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2008-07-17 28672]
S3 w810bus;Sony Ericsson W810 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w810bus.sys [2006-02-20 58288]
S3 w810mdfl;Sony Ericsson W810 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w810mdfl.sys [2006-02-20 8336]
S3 w810mdm;Sony Ericsson W810 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w810mdm.sys [2006-02-20 94064]
S3 w810mgmt;Sony Ericsson W810 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w810mgmt.sys [2006-02-20 85408]
S3 w810obex;Sony Ericsson W810 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w810obex.sys [2006-02-20 83344]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 KPF4;Sunbelt Kerio Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe [2007-02-20 1222192]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-10-16 156776]
R2 ScsiAccess;ScsiAccess; C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe [2010-09-20 181312]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-06-08 208896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 gupdate1c9951d609792ca;Google Update Service (gupdate1c9951d609792ca); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-22 133104]
S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-11-26 153376]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Run by Pája at 2010-12-07 22:51:44
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 18 GB (23%) free of 80 GB
Total RAM: 2047 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:52:44, on 7.12.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\mHotkey.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Pája\Plocha\RSIT.exe
C:\Program Files\trend micro\Pája.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: (no name) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - (no file)
O2 - BHO: (no name) - {399d96ca-6f9a-4fff-95fe-284e45ebb935} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout obsah FLV videa s IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se5036.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDow ... rtScan.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 11753 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2007-07-04 91568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{399d96ca-6f9a-4fff-95fe-284e45ebb935}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-26 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-11-26 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864]
"36X Raid Configurer"=C:\WINDOWS\system32\xRaidSetup.exe [2007-05-08 1953792]
"CHotkey"=C:\WINDOWS\mHotkey.exe [2006-12-08 547840]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2005-01-12 32768]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-05-16 16862720]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles []
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-09-07 2838912]
"NokiaMusic FastStart"=C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe [2010-03-04 2192672]
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2009-05-26 1468296]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-10-16 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-10-16 13851752]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-08-25 1753192]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 153672]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2007-02-08 95800]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-06-01 94208]
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2007-07-23 800768]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2010-09-25 328056]
"ICQ"=C:\Program Files\ICQ7.2\ICQ.exe [2010-10-27 133432]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Documents and Settings\Pája\Nabídka Start\Programy\Po spuštění
MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe"="C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe:*:Disabled:Sunbelt Kerio Firewall GUI"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Valve\hlds.exe"="C:\Program Files\Valve\hlds.exe:*:Enabled:HLDS Launcher"
"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe"="C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe:*:Enabled:Sunbelt Kerio Firewall Service"
"C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe"="C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"E:\Program files\TrackMania Sunrise\TmSunrise.exe"="E:\Program files\TrackMania Sunrise\TmSunrise.exe:*:Enabled:TmSunrise"
"C:\Program Files\Valve\hltv.exe"="C:\Program Files\Valve\hltv.exe:*:Enabled:HLTV Launcher"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\Program Files\Call of Duty 4\iw3mp.exe"="D:\Program Files\Call of Duty 4\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Program Files\Sony Ericsson\Update Service\Update Service.exe"="C:\Program Files\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"D:\Program Files\Microsoft Games\Rise of Nations\rise.exe"="D:\Program Files\Microsoft Games\Rise of Nations\rise.exe:*:Enabled:Rise of Nations"
"D:\Program Files\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe"="D:\Program Files\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"D:\Program Files\Guitar\GHWT.exe"="D:\Program Files\Guitar\GHWT.exe:*:Enabled:Guitar Hero World Tour"
"C:\Program Files\sixteen tons entertainment\Emergency 4\Em4.exe"="C:\Program Files\sixteen tons entertainment\Emergency 4\Em4.exe:*:Enabled:Em4"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\Program Files\Steam\steamapps\common\mafia ii - public demo\launcher.exe"="C:\Program Files\Steam\steamapps\common\mafia ii - public demo\launcher.exe:*:Enabled:Mafia II - Demo"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"E:\Program files\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe"="E:\Program files\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe:*:Enabled:Landwirtschafts Simulator 2011"
"E:\Program files\Landwirtschafts Simulator 2011\game.exe"="E:\Program files\Landwirtschafts Simulator 2011\game.exe:*:Enabled:Landwirtschafts Simulator 2011"
"E:\Program files\Need for Speed Hot Pursuit 3\Launcher.exe"="E:\Program files\Need for Speed Hot Pursuit 3\Launcher.exe:*:Enabled:Need for Speed(TM) Hot Pursuit"
"E:\Program files\FlatOut Ultimate Carnage\Fouc.exe"="E:\Program files\FlatOut Ultimate Carnage\Fouc.exe:*:Enabled:FlatOut Ultimate Carnage"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"E:\Program files\Call of Juarez-Bound in Blood\CoJBiBGame_x86.exe"="E:\Program files\Call of Juarez-Bound in Blood\CoJBiBGame_x86.exe:*:Enabled:Call of Juarez - Bound in Blood"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
======List of files/folders created in the last 1 months======
2010-12-07 22:51:44 ----D---- C:\rsit
2010-12-07 21:06:23 ----D---- C:\Documents and Settings\Pája\Data aplikací\Malwarebytes
2010-12-07 21:06:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-12-07 21:06:18 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-12-07 21:06:14 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-12-07 21:06:14 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-12-07 20:56:46 ----SHD---- C:\RECYCLER
2010-12-07 20:44:35 ----D---- C:\WINDOWS\temp
2010-12-04 12:10:28 ----A---- C:\WINDOWS\cocowawa.dll
2010-11-21 10:55:47 ----D---- C:\Program FilesAdvent
2010-11-17 17:20:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\EA Core
2010-11-14 11:26:51 ----D---- C:\Program Files\Defraggler
2010-11-10 20:08:20 ----HDC---- C:\WINDOWS\$NtUninstallKB952011$
2010-11-10 19:03:15 ----A---- C:\WINDOWS\system32\OctaneARM.dll
2010-11-08 16:04:19 ----D---- C:\Program Files\piPOol
======List of files/folders modified in the last 1 months======
2010-12-07 22:52:44 ----D---- C:\Program Files\trend micro
2010-12-07 22:52:41 ----D---- C:\WINDOWS\Prefetch
2010-12-07 22:50:26 ----D---- C:\WINDOWS
2010-12-07 22:47:43 ----D---- C:\Documents and Settings\Pája\Data aplikací\uTorrent
2010-12-07 22:47:39 ----D---- C:\Documents and Settings\Pája\Data aplikací\DMCache
2010-12-07 22:45:40 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-12-07 22:45:29 ----D---- C:\WINDOWS\system32
2010-12-07 22:32:49 ----D---- C:\WINDOWS\system32\drivers
2010-12-07 22:31:47 ----D---- C:\WINDOWS\system32\CatRoot2
2010-12-07 22:31:28 ----HDC---- C:\WINDOWS\$NtUninstallKB911564$
2010-12-07 21:06:14 ----RD---- C:\Program Files
2010-12-07 20:53:49 ----SHD---- C:\System Volume Information
2010-12-07 20:53:49 ----D---- C:\WINDOWS\system32\Restore
2010-12-07 20:41:23 ----A---- C:\WINDOWS\system.ini
2010-12-07 20:40:56 ----D---- C:\WINDOWS\system32\drivers\etc
2010-12-07 20:40:28 ----SD---- C:\WINDOWS\Tasks
2010-12-07 20:37:44 ----D---- C:\WINDOWS\AppPatch
2010-12-07 20:37:43 ----D---- C:\Program Files\Common Files
2010-12-07 20:33:58 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-12-07 19:48:40 ----D---- C:\WINDOWS\system32\config
2010-12-07 19:30:56 ----D---- C:\Documents and Settings\Pája\Data aplikací\ICQ
2010-12-07 15:48:25 ----HD---- C:\Program Files\InstallShield Installation Information
2010-12-07 15:48:24 ----D---- C:\WINDOWS\system32\DirectX
2010-12-07 15:48:23 ----HD---- C:\WINDOWS\inf
2010-12-07 15:47:50 ----RSD---- C:\WINDOWS\assembly
2010-12-07 15:47:26 ----SHD---- C:\WINDOWS\Installer
2010-12-07 15:46:47 ----D---- C:\Config.Msi
2010-12-05 19:18:18 ----D---- C:\Documents and Settings\Pája\Data aplikací\Skype
2010-12-05 19:14:45 ----D---- C:\Documents and Settings\Pája\Data aplikací\skypePM
2010-12-05 12:41:16 ----D---- C:\WINDOWS\WinSxS
2010-12-05 12:04:19 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-12-05 12:02:49 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-12-05 12:02:16 ----D---- C:\Program Files\Common Files\Logitech
2010-12-05 12:02:15 ----D---- C:\Program Files\Logitech
2010-12-05 08:42:05 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2010-12-04 19:22:21 ----D---- C:\Documents and Settings\Pája\Data aplikací\Image Zone Express
2010-12-04 12:32:23 ----D---- C:\Program Files\Valve
2010-12-03 08:09:15 ----A---- C:\WINDOWS\NeroDigital.ini
2010-12-02 10:52:38 ----D---- C:\Documents and Settings\Pája\Data aplikací\esmska
2010-12-02 09:37:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-11-30 16:39:47 ----D---- C:\Program Files\Google
2010-11-18 16:43:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\Solidshield
2010-11-17 17:20:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
2010-11-17 16:11:03 ----A---- C:\WINDOWS\system32\ZLib.dll
2010-11-17 09:07:21 ----D---- C:\Documents and Settings\Pája\Data aplikací\Tropico 3
2010-11-14 11:29:28 ----D---- C:\WINDOWS\Debug
2010-11-13 08:12:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-11-10 18:58:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-11-10 18:55:22 ----A---- C:\WINDOWS\system32\MRT.exe
2010-11-08 18:34:50 ----D---- C:\Documents and Settings\Pája\Data aplikací\IDM
2010-11-08 16:05:49 ----A---- C:\WINDOWS\win.ini
2010-11-08 15:50:59 ----D---- C:\Program Files\Total Video Converter
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 JRAID;JRAID; C:\WINDOWS\system32\DRIVERS\jraid.sys [2007-05-10 48640]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-08-09 114016]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\WINDOWS\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2006-07-10 27032]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2007-01-12 82296]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-07-06 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-09-07 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2007-02-20 302000]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2007-02-20 71088]
R1 prodrv03;Star Force copy protection driver v3; C:\WINDOWS\System32\drivers\prodrv03.sys [2008-04-12 115968]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [2005-11-21 16512]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-09-07 100176]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-07-17 281760]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-07-17 25888]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-09-07 23376]
R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-10-24 117760]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-05-20 4800000]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [2008-07-13 101120]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-10-22 9623680]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-01-22 9856]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2009-05-09 27792]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2010-04-27 22856]
R3 WmFilter;Logitech Gaming HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2010-04-27 37704]
R3 WmHidLo;Logitech Gaming USB Filter Driver; C:\WINDOWS\system32\drivers\WmHidLo.sys [2010-04-27 31816]
R3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2010-04-27 15048]
R3 WmXlCore;Logitech Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2010-04-27 66632]
S3 a2y266dk;a2y266dk; C:\WINDOWS\system32\drivers\a2y266dk.sys []
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2007-03-16 38656]
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2009-10-02 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2009-10-02 25512]
S3 GMSIPCI;GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-05-04 25280]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-12 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-12 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-12 21568]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2009-03-19 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2009-03-19 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-08-01 47360]
S3 se46bus;Sony Ericsson Device 070 driver (WDM); C:\WINDOWS\system32\DRIVERS\se46bus.sys [2006-11-30 61536]
S3 se46mdfl;Sony Ericsson Device 070 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se46mdfl.sys [2006-11-30 9360]
S3 se46mdm;Sony Ericsson Device 070 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se46mdm.sys [2006-11-30 97088]
S3 se46mgmt;Sony Ericsson Device 070 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se46mgmt.sys [2006-11-30 88624]
S3 se46nd5;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (NDIS); C:\WINDOWS\system32\DRIVERS\se46nd5.sys [2006-11-30 18704]
S3 se46obex;Sony Ericsson Device 070 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se46obex.sys [2006-11-30 86432]
S3 se46unic;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (WDM); C:\WINDOWS\system32\DRIVERS\se46unic.sys [2006-11-30 90800]
S3 sermouse;Ovladač sériové myši; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2001-10-24 17664]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 USBPNPA;USB PnP Sound Device Interface; C:\WINDOWS\system32\drivers\CM108.sys [2007-07-20 1312768]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2008-07-17 28672]
S3 w810bus;Sony Ericsson W810 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w810bus.sys [2006-02-20 58288]
S3 w810mdfl;Sony Ericsson W810 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w810mdfl.sys [2006-02-20 8336]
S3 w810mdm;Sony Ericsson W810 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w810mdm.sys [2006-02-20 94064]
S3 w810mgmt;Sony Ericsson W810 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w810mgmt.sys [2006-02-20 85408]
S3 w810obex;Sony Ericsson W810 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w810obex.sys [2006-02-20 83344]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 KPF4;Sunbelt Kerio Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe [2007-02-20 1222192]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-10-16 156776]
R2 ScsiAccess;ScsiAccess; C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe [2010-09-20 181312]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-06-08 208896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 gupdate1c9951d609792ca;Google Update Service (gupdate1c9951d609792ca); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-22 133104]
S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-11-26 153376]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Re: Prosím o preventivní kontrolu, Děkuji.
Doporucuji odinstalovat Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam
- Nahrady za Spybota:
- Samozrejme pouzivejte jen jeden z nich
- Osobne doporucuji SuperAntiSpyware
Doporucuji odinstalovat klienty P2P siti - jsou potencialnim rizikem pro bezpecnost PC a jsou velmi casto zdrojem viru a haveti. Otevrete si poznamkovy blok
- Start->spustit->notepad
- Vlozte text nize
Kód: Vybrat vše
Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{399d96ca-6f9a-4fff-95fe-284e45ebb935}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RemoteControl"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=-- Soubor ulozte jako oprava.reg
- Pri ukladani dejte ulozit jako typ Vsechny soubory (nastevni je uvedeno na obrazku nize)
- Zavrit notepad a spustit dvojklikem oprava.reg
- Pripadny dotaz na zmenu registru potvrdte
- Okno jen problikne a opravi regsitry - soubor muzete smazat
Jinak log vypada v poradku 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
Knight.Paja
- Návštěvník
- Příspěvky: 26
- Registrován: 06 črc 2010 11:03
- Bydliště: Tlumačov (ZL)
Re: Prosím o preventivní kontrolu, Děkuji.
registry vloženy
Děkuji za pomoc.
Takže jsme skoro sousedi:-),když oba bydlíme ve stejným Tlumačově.
Děkuji za pomoc.
Takže jsme skoro sousedi:-),když oba bydlíme ve stejným Tlumačově.
Re: Prosím o preventivní kontrolu, Děkuji.
No ani ne skoro jako spis uplne 
Kdyby byly problemy, tak dam do PC osobne, bude to rychlejsi
Nemate zac, rad jsem pomohl Zase nekdy 
Kdyby byly problemy, tak dam do PC osobne, bude to rychlejsi
Nemate zac, rad jsem pomohl
Zase nekdy "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?