Facebook virus (notebook)
Napsal: 02 lis 2011 15:58
Zdravím.
Bratrovi se dostal do notebooku Facebook virus (klasicky "neni flash player"), ovšem "bonusovým" problémem oproti ostatním je, že nefunguje interní klávesnice ani touchpad a momentálně ani síť. Funguje externí klávesnice i myš, ovšem interní kláv. a touchpad třeba v live Linuxu jdou. Pokusil jsem se to projet Avira antivirus z Hirens boot CD, ale nepomohlo.
Přikládám log z RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by iva at 2011-11-02 15:41:51
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 8 GB (6%) free of 147 GB
Total RAM: 1014 MB (68% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
C:\WINDOWS\tasks\Game_Booster_Startup.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-776561741-1604221776-682003330-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-776561741-1604221776-682003330-1003UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}]
IObit Toolbar - C:\Program Files\IObit Toolbar\IE\4.7\iobitToolbarIE.dll [2011-09-27 1050464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-03-28 176936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.4.8.11.dll [2010-08-11 735024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51a86bb3-6602-4c85-92a5-130ee4864f13}]
BrotherSoft Extreme Toolbar - C:\Program Files\BrotherSoft_Extreme\prxtbBrot.dll [2011-03-28 176936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
DVDVideoSoftTB Toolbar
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{872b5b88-9db5-4310-bdd0-ac189557e5f5} -
{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - IObit Toolbar - C:\Program Files\IObit Toolbar\IE\4.7\iobitToolbarIE.dll [2011-09-27 1050464]
{51a86bb3-6602-4c85-92a5-130ee4864f13} - BrotherSoft Extreme Toolbar - C:\Program Files\BrotherSoft_Extreme\prxtbBrot.dll [2011-03-28 176936]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-03-28 176936]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"=C:\WINDOWS\system32\WLTRAY.exe [2007-10-09 2183168]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-12-13 98304]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-12-13 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-12-13 118784]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-03-08 761947]
"SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [2007-05-10 405504]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"Microsoft Startup Manager"=C:\WINDOWS\system32\sysservice.exe [2004-08-18 24576]
"Regedit32"=C:\WINDOWS\system32\regedit.exe [2004-08-18 24576]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2010-11-25 2781000]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2011-08-04 1955208]
"SearchSettings"=C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [2011-09-27 894304]
"wxpdrv"=C:\WINDOWS\services32.exe [2011-10-31 1204736]
"tray_ico"= []
"tray_ico0"=C:\WINDOWS\update.tray-2-0\svchost.exe [2011-10-31 1208832]
"tray_ico1"= []
"tray_ico2"= []
"tray_ico3"= []
"tray_ico4"= []
"5353085.exe"=C:\WINDOWS\TEMP\5353085.exe []
"sysdriver32.exe"=C:\WINDOWS\sysdriver32.exe [2011-10-31 263680]
"sysdriver32_.exe"=C:\WINDOWS\sysdriver32_.exe [2011-10-31 258048]
"3771349.exe"=C:\WINDOWS\TEMP\3771349.exe []
"2789694.exe"=C:\DOCUME~1\Nigs\LOCALS~1\Temp\2789694.exe [2011-10-31 258048]
"3444809.exe"=C:\WINDOWS\TEMP\3444809.exe []
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe /hide /waitservice []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-18 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2011-08-04 1955208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NexonEULauncher]
C:\Program Files\Skype\Phone\Skype.exe [2010-09-02 13351304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2010-09-02 13351304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vovy]
C:\WINDOWS\system32\bibouf.exe [2004-08-18 24576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2006-05-24 622653]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^GamersFirst LIVE!.lnk]
C:\PROGRA~1\GAMERS~1\LIVE!\Live.exe /silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nigs^Nabídka Start^Programy^Po spuštění^0zfplgh.exe]
C:\Documents and Settings\Nigs\Nabídka Start\Programy\Po spuštění\0zfplgh.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nigs^Nabídka Start^Programy^Po spuštění^5ooefk8.exe]
C:\Documents and Settings\Nigs\Nabídka Start\Programy\Po spuštění\5ooefk8.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nigs^Nabídka Start^Programy^Po spuštění^afvb60dyze.exe]
C:\Documents and Settings\Nigs\Nabídka Start\Programy\Po spuštění\afvb60dyze.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nigs^Nabídka Start^Programy^Po spuštění^faqg0hxd66u.exe]
C:\Documents and Settings\Nigs\Nabídka Start\Programy\Po spuštění\faqg0hxd66u.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nigs^Nabídka Start^Programy^Po spuštění^ggwxc86o.exe]
C:\Documents and Settings\Nigs\Nabídka Start\Programy\Po spuštění\ggwxc86o.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nigs^Nabídka Start^Programy^Po spuštění^h60jpzvq.exe]
C:\Documents and Settings\Nigs\Nabídka Start\Programy\Po spuštění\h60jpzvq.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nigs^Nabídka Start^Programy^Po spuštění^i7081kvwr.exe]
C:\Documents and Settings\Nigs\Nabídka Start\Programy\Po spuštění\i7081kvwr.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nigs^Nabídka Start^Programy^Po spuštění^ity81vqrw.exe]
C:\Documents and Settings\Nigs\Nabídka Start\Programy\Po spuštění\ity81vqrw.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nigs^Nabídka Start^Programy^Po spuštění^lq81nijo.exe]
C:\Documents and Settings\Nigs\Nabídka Start\Programy\Po spuštění\lq81nijo.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nigs^Nabídka Start^Programy^Po spuštění^pfl66c86.exe]
C:\Documents and Settings\Nigs\Nabídka Start\Programy\Po spuštění\pfl66c86.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nigs^Nabídka Start^Programy^Po spuštění^sty86k81wh.exe]
C:\Documents and Settings\Nigs\Nabídka Start\Programy\Po spuštění\sty86k81wh.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nigs^Nabídka Start^Programy^Po spuštění^ty81vqg0.exe]
C:\Documents and Settings\Nigs\Nabídka Start\Programy\Po spuštění\ty81vqg0.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nigs^Nabídka Start^Programy^Po spuštění^tz60bhrn.exe]
C:\Documents and Settings\Nigs\Nabídka Start\Programy\Po spuštění\tz60bhrn.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nigs^Nabídka Start^Programy^Po spuštění^u1l703s0.exe]
C:\Documents and Settings\Nigs\Nabídka Start\Programy\Po spuštění\u1l703s0.exe []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-12-13 139264]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\bfnsbdkl]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\cbxsrdlp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\cjccdddc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\gzrjeuze]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\imnpybfn]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\jszaaimi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\klujaobs]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\nrnricou]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\pnyrzefd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\unarwcht]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\xjifouqi]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\xxsefcmd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ybivcbos]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bfnsbdkl]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\cbxsrdlp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\cjccdddc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\gzrjeuze]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\imnpybfn]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\jszaaimi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\klujaobs]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nrnricou]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\pnyrzefd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\unarwcht]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\xjifouqi]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\xxsefcmd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ybivcbos]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
"EnableSecureUIAPaths"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\[PSY] Garrys Mod 11(1.o.o.5)\hl2.exe"="C:\Program Files\[PSY] Garrys Mod 11(1.o.o.5)\hl2.exe:*:Disabled:hl2"
"C:\Program Files\Garena\Garena.exe"="C:\Program Files\Garena\Garena.exe:*:Enabled:Garena"
"C:\Program Files\Hry\Warcraft III\War3.exe"="C:\Program Files\Hry\Warcraft III\War3.exe:*:Enabled:Warcraft III"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine"
"C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"C:\WINDOWS\system32\sysservice.exe"="C:\WINDOWS\system32\sysservice.exe:*:Enabled:dnsclient"
"C:\DOCUME~1\Nigs\LOCALS~1\Temp\7452003.exe"="C:\DOCUME~1\Nigs\LOCALS~1\Temp\7452003.exe:*:Enabled:Microsoft Office"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\Nigs\Dokumenty\Downloads\Flash-Player.exe"="C:\Documents and Settings\Nigs\Dokumenty\Downloads\Flash-Player.exe:*:Enabled:C:\Documents and Settings\Nigs\Dokumenty\Downloads\Flash-Player.exe"
"C:\WINDOWS\update.1\svchost.exe"="C:\WINDOWS\update.1\svchost.exe:*:Enabled:C:\WINDOWS\update.1\svchost.exe"
"C:\WINDOWS\services32.exe"="C:\WINDOWS\services32.exe:*:Enabled:C:\WINDOWS\services32.exe"
"C:\WINDOWS\update.tray-2-0\svchost.exe"="C:\WINDOWS\update.tray-2-0\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-2-0\svchost.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Combat Arms EU\CombatArms.exe"="C:\Program Files\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Program Files\Combat Arms EU\Engine.exe"="C:\Program Files\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"msacm.vorbis"=vorbis.acm
======File associations======
.reg - open - "regedit.exe" "%1"
======List of files/folders created in the last 1 month======
2011-11-02 15:41:52 ----D---- C:\Program Files\trend micro
2011-11-02 15:41:51 ----D---- C:\rsit
2011-11-02 15:40:31 ----D---- C:\WINDOWS\av_ico
2011-11-02 15:40:20 ----D---- C:\WINDOWS\tmpb
2011-11-02 15:40:19 ----HD---- C:\WINDOWS\update.1
2011-11-02 15:40:16 ----D---- C:\WINDOWS\update.2
2011-11-02 15:40:15 ----D---- C:\WINDOWS\update.5.0
2011-11-02 15:40:04 ----HD---- C:\WINDOWS\update.tray-2-0
2011-11-02 15:40:03 ----HD---- C:\WINDOWS\update.tray-2-0-lnk
2011-11-02 15:40:01 ----A---- C:\WINDOWS\winlog-ids.txt
2011-11-02 15:40:01 ----A---- C:\WINDOWS\winlog-dirs.txt
2011-11-02 15:40:01 ----A---- C:\WINDOWS\unrar.exe
2011-11-02 15:40:01 ----A---- C:\WINDOWS\sysdriver32_.exe
2011-11-02 15:40:01 ----A---- C:\WINDOWS\sysdriver32.exe
2011-11-02 15:40:01 ----A---- C:\WINDOWS\services32.exe
2011-11-02 15:40:01 ----A---- C:\WINDOWS\iplist.txt
2011-11-02 15:40:01 ----A---- C:\WINDOWS\iecheck_iplist.txt
2011-11-02 15:40:01 ----A---- C:\WINDOWS\front_ip_list.txt
2011-11-02 15:39:10 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys
2011-11-02 15:28:44 ----ASH---- C:\hiberfil.sys
2011-11-01 21:43:34 ----D---- C:\Documents and Settings\iva\Data aplikací\GHISLER
2011-11-01 21:23:02 ----AD---- C:\.Trash-999
2011-11-01 19:49:14 ----A---- C:\WINDOWS\ntbtlog.txt
2011-11-01 19:45:36 ----A---- C:\WINDOWS\OEWABLog.txt
2011-10-31 20:13:30 ----A---- C:\WINDOWS\system32\drivers\epfwtdir.sys
2011-10-31 20:13:29 ----A---- C:\WINDOWS\system32\drivers\eamon.sys
2011-10-31 20:13:27 ----A---- C:\WINDOWS\system32\drivers\ehdrv.sys
2011-10-31 20:12:48 ----D---- C:\Program Files\ESET
2011-10-30 10:12:32 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-10-27 17:35:37 ----D---- C:\Program Files\ConduitEngine
2011-10-27 17:35:37 ----A---- C:\WINDOWS\system32\ConduitEngine.tmp
2011-10-27 17:35:30 ----D---- C:\Program Files\BrotherSoft_Extreme
2011-10-03 08:17:54 ----D---- C:\Program Files\Application Updater
2011-10-03 08:17:52 ----D---- C:\Program Files\IObit Toolbar
======List of files/folders modified in the last 1 month======
2011-11-02 15:41:52 ----D---- C:\Program Files
2011-11-02 15:41:26 ----D---- C:\WINDOWS\Prefetch
2011-11-02 15:39:15 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-11-02 15:39:10 ----D---- C:\WINDOWS\system32\drivers
2011-11-02 15:37:14 ----AD---- C:\WINDOWS\Temp
2011-11-02 15:35:56 ----D---- C:\WINDOWS\system32
2011-11-02 15:35:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-11-02 15:35:35 ----D---- C:\WINDOWS\system32\CatRoot2
2011-11-02 15:31:59 ----D---- C:\WINDOWS
2011-11-02 15:31:37 ----D---- C:\Program Files\Common Files\Akamai
2011-11-02 14:58:21 ----A---- C:\boot.ini
2011-11-02 14:54:14 ----HD---- C:\WINDOWS\inf
2011-11-02 14:48:18 ----SHD---- C:\WINDOWS\CSC
2011-10-31 20:13:44 ----SHD---- C:\WINDOWS\Installer
2011-10-31 19:44:07 ----D---- C:\Program Files\QipGuard
2011-10-31 19:44:02 ----D---- C:\Program Files\LogMeIn Hamachi
2011-10-31 19:43:59 ----SHD---- C:\System Volume Information
2011-10-31 19:43:59 ----D---- C:\WINDOWS\system32\Restore
2011-10-31 19:40:51 ----RSD---- C:\WINDOWS\assembly
2011-10-31 19:34:29 ----D---- C:\Program Files\QIP 2010
2011-10-30 20:53:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\PMB Files
2011-10-30 11:18:30 ----D---- C:\Program Files\Garena
2011-10-30 10:10:19 ----D---- C:\WINDOWS\Logs
2011-10-30 09:21:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\IObit
2011-10-29 16:19:07 ----SD---- C:\WINDOWS\Tasks
2011-10-27 18:50:53 ----D---- C:\WINDOWS\Minidump
2011-10-26 12:58:17 ----D---- C:\Program Files\Hry
2011-10-21 20:01:46 ----D---- C:\Program Files\Valve
2011-10-09 10:33:21 ----A---- C:\WINDOWS\system32\CmdLineExt03.dll
2011-10-03 08:17:55 ----D---- C:\WINDOWS\WinSxS
2011-10-03 08:17:53 ----D---- C:\Program Files\Common Files\Spigot
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 jszaaimi;jszaaimi; C:\WINDOWS\System32\Drivers\jszaaimi.sys [2010-11-13 40128]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-18 61056]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-05-17 50176]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2005-05-16 19968]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-07-04 691696]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-04-28 114984]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-18 39936]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-18 14848]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-04 8832]
R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-07-02 140752]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2006-11-14 32256]
R2 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2006-11-14 43520]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2006-11-14 37376]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2006-08-17 44544]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2006-05-24 328237]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-05-24 851434]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-08-12 137728]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-18 9600]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-07-22 1035008]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-07-22 201600]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-12-13 1364574]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-18 67584]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2007-05-10 1222840]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-07-22 717952]
S0 cercsr6;cercsr6; C:\WINDOWS\system32\drivers\cercsr6.sys [2004-12-13 39904]
S1 ehhd4c4;ehhd4c4; C:\WINDOWS\System32\drivers\ehhd4c4.sys []
S1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-07-02 95896]
S1 hps9395;hps9395; C:\WINDOWS\System32\drivers\hps9395.sys []
S1 prsbdc2;prsbdc2; C:\WINDOWS\System32\drivers\prsbdc2.sys []
S1 qss5860;qss5860; C:\WINDOWS\System32\drivers\qss5860.sys []
S2 nrnricou;nrnricou; C:\WINDOWS\system32\drivers\nrnricou.sys []
S2 xjifouqi;xjifouqi; C:\WINDOWS\system32\drivers\xjifouqi.sys []
S3 aa07tmgr;aa07tmgr; C:\WINDOWS\system32\drivers\aa07tmgr.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-18 60800]
S3 BCM43XX;Ovladač bezdrátové karty Dell WLAN; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2007-10-09 1123328]
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-05-24 30427]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-05-24 148900]
S3 btwmodem;Bluetooth Fax Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2006-05-24 30285]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-05-24 66488]
S3 cpuz132;cpuz132; \??\C:\DOCUME~1\Nigs\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 FileMonitor;FileMonitor; \??\C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys []
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\Nigs\LOCALS~1\Temp\WUC8A.tmp []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-18 61824]
S3 NPF;WinPcap Packet Driver (NPF); C:\WINDOWS\system32\drivers\NPF.sys [2010-11-21 50704]
S3 Passthru;Service; C:\WINDOWS\system32\DRIVERS\ndisvvan.sys [2010-11-13 57856]
S3 RegFilter;RegFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys []
S3 sffdisk;Ovladač třídy úložiště SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2004-08-18 11136]
S3 sffp_sd;Ovladač protokolu úložiště SFF pro paměť sběrnici SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2004-08-18 10240]
S3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-08 191872]
S3 UrlFilter;UrlFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys []
S3 XDva375;XDva375; \??\C:\WINDOWS\system32\XDva375.sys []
S3 XDva380;XDva380; \??\C:\WINDOWS\system32\XDva380.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdvancedSystemCareService;Advanced SystemCare Service; C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe [2011-08-09 328536]
R2 Akamai;Akamai NetSession Interface; C:\WINDOWS\System32\svchost.exe [2004-08-18 14336]
R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2011-09-27 745880]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-05-24 270336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-10-10 153376]
R2 QipGuard;QipGuard; C:\Program Files\QipGuard\QipGuard.exe [2011-07-18 190464]
R2 STacSV;SigmaTel Audio Service; C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe [2007-05-10 94208]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 wxpdrivers;wxpdrivers; C:\WINDOWS\update.1\svchost.exe [2011-10-31 1208832]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe []
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2011-08-04 1361288]
S2 IMFservice;IMF Service; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [2011-07-14 820568]
S2 OODefragAgent;O&O Defrag Agent; C:\Program Files\OO Software\Defrag\oodag.exe [2010-11-25 2404168]
S2 oopo6taiiatk2ae;Asset Management Daemon; C:\WINDOWS\system32\vahywoudy.exe [2004-08-18 24576]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe []
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2011-04-24 4066168]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-08-06 411432]
-----------------EOF-----------------
Bratrovi se dostal do notebooku Facebook virus (klasicky "neni flash player"), ovšem "bonusovým" problémem oproti ostatním je, že nefunguje interní klávesnice ani touchpad a momentálně ani síť. Funguje externí klávesnice i myš, ovšem interní kláv. a touchpad třeba v live Linuxu jdou. Pokusil jsem se to projet Avira antivirus z Hirens boot CD, ale nepomohlo.
Přikládám log z RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by iva at 2011-11-02 15:41:51
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 8 GB (6%) free of 147 GB
Total RAM: 1014 MB (68% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
C:\WINDOWS\tasks\Game_Booster_Startup.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-776561741-1604221776-682003330-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-776561741-1604221776-682003330-1003UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}]
IObit Toolbar - C:\Program Files\IObit Toolbar\IE\4.7\iobitToolbarIE.dll [2011-09-27 1050464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-03-28 176936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.4.8.11.dll [2010-08-11 735024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51a86bb3-6602-4c85-92a5-130ee4864f13}]
BrotherSoft Extreme Toolbar - C:\Program Files\BrotherSoft_Extreme\prxtbBrot.dll [2011-03-28 176936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
DVDVideoSoftTB Toolbar
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{872b5b88-9db5-4310-bdd0-ac189557e5f5} -
{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - IObit Toolbar - C:\Program Files\IObit Toolbar\IE\4.7\iobitToolbarIE.dll [2011-09-27 1050464]
{51a86bb3-6602-4c85-92a5-130ee4864f13} - BrotherSoft Extreme Toolbar - C:\Program Files\BrotherSoft_Extreme\prxtbBrot.dll [2011-03-28 176936]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-03-28 176936]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"=C:\WINDOWS\system32\WLTRAY.exe [2007-10-09 2183168]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-12-13 98304]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-12-13 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-12-13 118784]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-03-08 761947]
"SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [2007-05-10 405504]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"Microsoft Startup Manager"=C:\WINDOWS\system32\sysservice.exe [2004-08-18 24576]
"Regedit32"=C:\WINDOWS\system32\regedit.exe [2004-08-18 24576]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2010-11-25 2781000]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2011-08-04 1955208]
"SearchSettings"=C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [2011-09-27 894304]
"wxpdrv"=C:\WINDOWS\services32.exe [2011-10-31 1204736]
"tray_ico"= []
"tray_ico0"=C:\WINDOWS\update.tray-2-0\svchost.exe [2011-10-31 1208832]
"tray_ico1"= []
"tray_ico2"= []
"tray_ico3"= []
"tray_ico4"= []
"5353085.exe"=C:\WINDOWS\TEMP\5353085.exe []
"sysdriver32.exe"=C:\WINDOWS\sysdriver32.exe [2011-10-31 263680]
"sysdriver32_.exe"=C:\WINDOWS\sysdriver32_.exe [2011-10-31 258048]
"3771349.exe"=C:\WINDOWS\TEMP\3771349.exe []
"2789694.exe"=C:\DOCUME~1\Nigs\LOCALS~1\Temp\2789694.exe [2011-10-31 258048]
"3444809.exe"=C:\WINDOWS\TEMP\3444809.exe []
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe /hide /waitservice []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-18 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2011-08-04 1955208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NexonEULauncher]
C:\Program Files\Skype\Phone\Skype.exe [2010-09-02 13351304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2010-09-02 13351304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vovy]
C:\WINDOWS\system32\bibouf.exe [2004-08-18 24576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2006-05-24 622653]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^GamersFirst LIVE!.lnk]
C:\PROGRA~1\GAMERS~1\LIVE!\Live.exe /silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nigs^Nabídka Start^Programy^Po spuštění^0zfplgh.exe]
C:\Documents and Settings\Nigs\Nabídka Start\Programy\Po spuštění\0zfplgh.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nigs^Nabídka Start^Programy^Po spuštění^5ooefk8.exe]
C:\Documents and Settings\Nigs\Nabídka Start\Programy\Po spuštění\5ooefk8.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nigs^Nabídka Start^Programy^Po spuštění^afvb60dyze.exe]
C:\Documents and Settings\Nigs\Nabídka Start\Programy\Po spuštění\afvb60dyze.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nigs^Nabídka Start^Programy^Po spuštění^faqg0hxd66u.exe]
C:\Documents and Settings\Nigs\Nabídka Start\Programy\Po spuštění\faqg0hxd66u.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nigs^Nabídka Start^Programy^Po spuštění^ggwxc86o.exe]
C:\Documents and Settings\Nigs\Nabídka Start\Programy\Po spuštění\ggwxc86o.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nigs^Nabídka Start^Programy^Po spuštění^h60jpzvq.exe]
C:\Documents and Settings\Nigs\Nabídka Start\Programy\Po spuštění\h60jpzvq.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nigs^Nabídka Start^Programy^Po spuštění^i7081kvwr.exe]
C:\Documents and Settings\Nigs\Nabídka Start\Programy\Po spuštění\i7081kvwr.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nigs^Nabídka Start^Programy^Po spuštění^ity81vqrw.exe]
C:\Documents and Settings\Nigs\Nabídka Start\Programy\Po spuštění\ity81vqrw.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nigs^Nabídka Start^Programy^Po spuštění^lq81nijo.exe]
C:\Documents and Settings\Nigs\Nabídka Start\Programy\Po spuštění\lq81nijo.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nigs^Nabídka Start^Programy^Po spuštění^pfl66c86.exe]
C:\Documents and Settings\Nigs\Nabídka Start\Programy\Po spuštění\pfl66c86.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nigs^Nabídka Start^Programy^Po spuštění^sty86k81wh.exe]
C:\Documents and Settings\Nigs\Nabídka Start\Programy\Po spuštění\sty86k81wh.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nigs^Nabídka Start^Programy^Po spuštění^ty81vqg0.exe]
C:\Documents and Settings\Nigs\Nabídka Start\Programy\Po spuštění\ty81vqg0.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nigs^Nabídka Start^Programy^Po spuštění^tz60bhrn.exe]
C:\Documents and Settings\Nigs\Nabídka Start\Programy\Po spuštění\tz60bhrn.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Nigs^Nabídka Start^Programy^Po spuštění^u1l703s0.exe]
C:\Documents and Settings\Nigs\Nabídka Start\Programy\Po spuštění\u1l703s0.exe []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-12-13 139264]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\bfnsbdkl]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\cbxsrdlp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\cjccdddc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\gzrjeuze]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\imnpybfn]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\jszaaimi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\klujaobs]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\nrnricou]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\pnyrzefd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\unarwcht]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\xjifouqi]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\xxsefcmd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ybivcbos]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bfnsbdkl]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\cbxsrdlp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\cjccdddc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\gzrjeuze]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\imnpybfn]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\jszaaimi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\klujaobs]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nrnricou]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\pnyrzefd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\unarwcht]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\xjifouqi]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\xxsefcmd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ybivcbos]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
"EnableSecureUIAPaths"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\[PSY] Garrys Mod 11(1.o.o.5)\hl2.exe"="C:\Program Files\[PSY] Garrys Mod 11(1.o.o.5)\hl2.exe:*:Disabled:hl2"
"C:\Program Files\Garena\Garena.exe"="C:\Program Files\Garena\Garena.exe:*:Enabled:Garena"
"C:\Program Files\Hry\Warcraft III\War3.exe"="C:\Program Files\Hry\Warcraft III\War3.exe:*:Enabled:Warcraft III"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine"
"C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"C:\WINDOWS\system32\sysservice.exe"="C:\WINDOWS\system32\sysservice.exe:*:Enabled:dnsclient"
"C:\DOCUME~1\Nigs\LOCALS~1\Temp\7452003.exe"="C:\DOCUME~1\Nigs\LOCALS~1\Temp\7452003.exe:*:Enabled:Microsoft Office"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\Nigs\Dokumenty\Downloads\Flash-Player.exe"="C:\Documents and Settings\Nigs\Dokumenty\Downloads\Flash-Player.exe:*:Enabled:C:\Documents and Settings\Nigs\Dokumenty\Downloads\Flash-Player.exe"
"C:\WINDOWS\update.1\svchost.exe"="C:\WINDOWS\update.1\svchost.exe:*:Enabled:C:\WINDOWS\update.1\svchost.exe"
"C:\WINDOWS\services32.exe"="C:\WINDOWS\services32.exe:*:Enabled:C:\WINDOWS\services32.exe"
"C:\WINDOWS\update.tray-2-0\svchost.exe"="C:\WINDOWS\update.tray-2-0\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-2-0\svchost.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Combat Arms EU\CombatArms.exe"="C:\Program Files\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Program Files\Combat Arms EU\Engine.exe"="C:\Program Files\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"msacm.vorbis"=vorbis.acm
======File associations======
.reg - open - "regedit.exe" "%1"
======List of files/folders created in the last 1 month======
2011-11-02 15:41:52 ----D---- C:\Program Files\trend micro
2011-11-02 15:41:51 ----D---- C:\rsit
2011-11-02 15:40:31 ----D---- C:\WINDOWS\av_ico
2011-11-02 15:40:20 ----D---- C:\WINDOWS\tmpb
2011-11-02 15:40:19 ----HD---- C:\WINDOWS\update.1
2011-11-02 15:40:16 ----D---- C:\WINDOWS\update.2
2011-11-02 15:40:15 ----D---- C:\WINDOWS\update.5.0
2011-11-02 15:40:04 ----HD---- C:\WINDOWS\update.tray-2-0
2011-11-02 15:40:03 ----HD---- C:\WINDOWS\update.tray-2-0-lnk
2011-11-02 15:40:01 ----A---- C:\WINDOWS\winlog-ids.txt
2011-11-02 15:40:01 ----A---- C:\WINDOWS\winlog-dirs.txt
2011-11-02 15:40:01 ----A---- C:\WINDOWS\unrar.exe
2011-11-02 15:40:01 ----A---- C:\WINDOWS\sysdriver32_.exe
2011-11-02 15:40:01 ----A---- C:\WINDOWS\sysdriver32.exe
2011-11-02 15:40:01 ----A---- C:\WINDOWS\services32.exe
2011-11-02 15:40:01 ----A---- C:\WINDOWS\iplist.txt
2011-11-02 15:40:01 ----A---- C:\WINDOWS\iecheck_iplist.txt
2011-11-02 15:40:01 ----A---- C:\WINDOWS\front_ip_list.txt
2011-11-02 15:39:10 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys
2011-11-02 15:28:44 ----ASH---- C:\hiberfil.sys
2011-11-01 21:43:34 ----D---- C:\Documents and Settings\iva\Data aplikací\GHISLER
2011-11-01 21:23:02 ----AD---- C:\.Trash-999
2011-11-01 19:49:14 ----A---- C:\WINDOWS\ntbtlog.txt
2011-11-01 19:45:36 ----A---- C:\WINDOWS\OEWABLog.txt
2011-10-31 20:13:30 ----A---- C:\WINDOWS\system32\drivers\epfwtdir.sys
2011-10-31 20:13:29 ----A---- C:\WINDOWS\system32\drivers\eamon.sys
2011-10-31 20:13:27 ----A---- C:\WINDOWS\system32\drivers\ehdrv.sys
2011-10-31 20:12:48 ----D---- C:\Program Files\ESET
2011-10-30 10:12:32 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-10-27 17:35:37 ----D---- C:\Program Files\ConduitEngine
2011-10-27 17:35:37 ----A---- C:\WINDOWS\system32\ConduitEngine.tmp
2011-10-27 17:35:30 ----D---- C:\Program Files\BrotherSoft_Extreme
2011-10-03 08:17:54 ----D---- C:\Program Files\Application Updater
2011-10-03 08:17:52 ----D---- C:\Program Files\IObit Toolbar
======List of files/folders modified in the last 1 month======
2011-11-02 15:41:52 ----D---- C:\Program Files
2011-11-02 15:41:26 ----D---- C:\WINDOWS\Prefetch
2011-11-02 15:39:15 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-11-02 15:39:10 ----D---- C:\WINDOWS\system32\drivers
2011-11-02 15:37:14 ----AD---- C:\WINDOWS\Temp
2011-11-02 15:35:56 ----D---- C:\WINDOWS\system32
2011-11-02 15:35:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-11-02 15:35:35 ----D---- C:\WINDOWS\system32\CatRoot2
2011-11-02 15:31:59 ----D---- C:\WINDOWS
2011-11-02 15:31:37 ----D---- C:\Program Files\Common Files\Akamai
2011-11-02 14:58:21 ----A---- C:\boot.ini
2011-11-02 14:54:14 ----HD---- C:\WINDOWS\inf
2011-11-02 14:48:18 ----SHD---- C:\WINDOWS\CSC
2011-10-31 20:13:44 ----SHD---- C:\WINDOWS\Installer
2011-10-31 19:44:07 ----D---- C:\Program Files\QipGuard
2011-10-31 19:44:02 ----D---- C:\Program Files\LogMeIn Hamachi
2011-10-31 19:43:59 ----SHD---- C:\System Volume Information
2011-10-31 19:43:59 ----D---- C:\WINDOWS\system32\Restore
2011-10-31 19:40:51 ----RSD---- C:\WINDOWS\assembly
2011-10-31 19:34:29 ----D---- C:\Program Files\QIP 2010
2011-10-30 20:53:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\PMB Files
2011-10-30 11:18:30 ----D---- C:\Program Files\Garena
2011-10-30 10:10:19 ----D---- C:\WINDOWS\Logs
2011-10-30 09:21:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\IObit
2011-10-29 16:19:07 ----SD---- C:\WINDOWS\Tasks
2011-10-27 18:50:53 ----D---- C:\WINDOWS\Minidump
2011-10-26 12:58:17 ----D---- C:\Program Files\Hry
2011-10-21 20:01:46 ----D---- C:\Program Files\Valve
2011-10-09 10:33:21 ----A---- C:\WINDOWS\system32\CmdLineExt03.dll
2011-10-03 08:17:55 ----D---- C:\WINDOWS\WinSxS
2011-10-03 08:17:53 ----D---- C:\Program Files\Common Files\Spigot
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 jszaaimi;jszaaimi; C:\WINDOWS\System32\Drivers\jszaaimi.sys [2010-11-13 40128]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-18 61056]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-05-17 50176]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2005-05-16 19968]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-07-04 691696]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-04-28 114984]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-18 39936]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-18 14848]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-04 8832]
R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-07-02 140752]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2006-11-14 32256]
R2 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2006-11-14 43520]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2006-11-14 37376]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2006-08-17 44544]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2006-05-24 328237]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-05-24 851434]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-08-12 137728]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-18 9600]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-07-22 1035008]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-07-22 201600]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-12-13 1364574]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-18 67584]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2007-05-10 1222840]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-07-22 717952]
S0 cercsr6;cercsr6; C:\WINDOWS\system32\drivers\cercsr6.sys [2004-12-13 39904]
S1 ehhd4c4;ehhd4c4; C:\WINDOWS\System32\drivers\ehhd4c4.sys []
S1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-07-02 95896]
S1 hps9395;hps9395; C:\WINDOWS\System32\drivers\hps9395.sys []
S1 prsbdc2;prsbdc2; C:\WINDOWS\System32\drivers\prsbdc2.sys []
S1 qss5860;qss5860; C:\WINDOWS\System32\drivers\qss5860.sys []
S2 nrnricou;nrnricou; C:\WINDOWS\system32\drivers\nrnricou.sys []
S2 xjifouqi;xjifouqi; C:\WINDOWS\system32\drivers\xjifouqi.sys []
S3 aa07tmgr;aa07tmgr; C:\WINDOWS\system32\drivers\aa07tmgr.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-18 60800]
S3 BCM43XX;Ovladač bezdrátové karty Dell WLAN; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2007-10-09 1123328]
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-05-24 30427]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-05-24 148900]
S3 btwmodem;Bluetooth Fax Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2006-05-24 30285]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-05-24 66488]
S3 cpuz132;cpuz132; \??\C:\DOCUME~1\Nigs\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 FileMonitor;FileMonitor; \??\C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys []
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\Nigs\LOCALS~1\Temp\WUC8A.tmp []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-18 61824]
S3 NPF;WinPcap Packet Driver (NPF); C:\WINDOWS\system32\drivers\NPF.sys [2010-11-21 50704]
S3 Passthru;Service; C:\WINDOWS\system32\DRIVERS\ndisvvan.sys [2010-11-13 57856]
S3 RegFilter;RegFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys []
S3 sffdisk;Ovladač třídy úložiště SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2004-08-18 11136]
S3 sffp_sd;Ovladač protokolu úložiště SFF pro paměť sběrnici SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2004-08-18 10240]
S3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-08 191872]
S3 UrlFilter;UrlFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys []
S3 XDva375;XDva375; \??\C:\WINDOWS\system32\XDva375.sys []
S3 XDva380;XDva380; \??\C:\WINDOWS\system32\XDva380.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdvancedSystemCareService;Advanced SystemCare Service; C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe [2011-08-09 328536]
R2 Akamai;Akamai NetSession Interface; C:\WINDOWS\System32\svchost.exe [2004-08-18 14336]
R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2011-09-27 745880]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-05-24 270336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-10-10 153376]
R2 QipGuard;QipGuard; C:\Program Files\QipGuard\QipGuard.exe [2011-07-18 190464]
R2 STacSV;SigmaTel Audio Service; C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe [2007-05-10 94208]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 wxpdrivers;wxpdrivers; C:\WINDOWS\update.1\svchost.exe [2011-10-31 1208832]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe []
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2011-08-04 1361288]
S2 IMFservice;IMF Service; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [2011-07-14 820568]
S2 OODefragAgent;O&O Defrag Agent; C:\Program Files\OO Software\Defrag\oodag.exe [2010-11-25 2404168]
S2 oopo6taiiatk2ae;Asset Management Daemon; C:\WINDOWS\system32\vahywoudy.exe [2004-08-18 24576]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe []
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2011-04-24 4066168]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-08-06 411432]
-----------------EOF-----------------
Stáhněte program 
Může se stát,že po aplikaci scriptu nenaběhne Windows běžným způsobem.V tomto případě restartujte počítač a při startu mačkejte F8 a zvolte možnost Poslední známá funkční konfigurace
+ nový RSIT