kdykoliv počítač trochu víc vytížím zamrzne, sám se restartuje nebo mi hodí modrou obrazovku, je to ale hodně náhodné, pomoc prosím? :3
log z rsit
Logfile of random's system information tool 1.09 (written by random/random)
Run by crocket at 2012-09-12 19:51:23
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 8 GB (21%) free of 38 GB
Total RAM: 1791 MB (35% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:51:38, on 12.9.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\crocket\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\KaraokeSer.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\crocket\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Documents and Settings\crocket\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\crocket\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\crocket\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\crocket\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\crocket\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\crocket\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\crocket\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\crocket\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\crocket.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 210.176.171.237:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O1 - Hosts: ::1 localhost
O1 - Hosts: 81.0.254.162 L2authd.Lineage2.com
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: (no name) - {80f6f9bf-9fd1-4f41-9ddf-6dd070f4f62f} - (no file)
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [QuickTime Task] "D:\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-796845957-115176313-682003330-1009\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Kopkovi\Nabídka Start\Programy\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b56986.cab
O16 - DPF: {288CED07-83F7-4077-A3A6-FED1A1707B97} (AFCSbsStarter Control) - http://gorealradown.sbs.co.kr/streamer/ ... tarter.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/ ... 10.115.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/Messenger ... E_UNO1.cab
O16 - DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} (CSEQueryObject Object) - http://www.myheritage.cz/Genoogle/Compo ... eQuery.dll
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 4452151130
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDow ... rtScan.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/L ... nstall.cab
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader2.cab
O16 - DPF: {B9B38E70-EEF6-4E3A-AE84-DDE59A053B7C} (Daum ActiveX manager Class) - http://mail.daum.net/hanmail-ax/DaumAct ... er=2,0,1,4
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - http://wwwimages.adobe.com/www.adobe.co ... nos/gp.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://games.myspace.com/Gameshell/Game ... meHost.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.12) - http://www.yougamers.com/systeminfo/MSC3.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b56986.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O21 - SSODL: SwUpdate - {003541A1-3BC0-1B1C-AAF3-040114001C01} - (no file)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: VIA Karaoke digital mixer Service (KaraokeService) - VIA Technologies, Inc. - C:\WINDOWS\system32\KaraokeSer.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
--
End of file - 14522 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-HOME-7B402F244E-Kopkovi.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-115176313-682003330-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-115176313-682003330-1004UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-115176313-682003330-1007Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-115176313-682003330-1007UA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\crocket\Data aplikací\Mozilla\Firefox\Profiles\bwh4f8pa.default
prefs.js - "browser.startup.homepage" - "http://www.tools4arab.com/start"
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.271 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=D:\DivX\DivX Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33]
"Description"=
"Path"=C:\WINDOWS\system32\npdeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]
"Description"=Office Live Update v1.3
"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nosltd.com/getPlus+(R),version=1.6.2.91]
"Description"=getPlus+(R)
"Path"=C:\Program Files\NOS\bin\np_gp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@unity3d.com/UnityPlayer]
"Description"=Unity Player 2.1.0f5
"Path"=C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-06-16 329480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2012-06-06 1519304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-06-16 59144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-06-16 79624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
{EF99BD32-C1FB-11D2-892F-0090271D4F88} -
{80f6f9bf-9fd1-4f41-9ddf-6dd070f4f62f}
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2012-06-06 1519304]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 931200]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2011-06-20 41101936]
"QuickTime Task"=D:\QuickTime\qttask.exe [2011-10-24 421888]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2012-05-15 15504192]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2012-05-15 108352]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-04-16 3872080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-04-04 843712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-01-25 500208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdVantage]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\amd_dc_opt]
C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
C:\Program Files\Ask.com\Updater\Updater.exe [2012-06-06 1564872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
D:\daemon\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DelReg]
C:\Program Files\MSI\DualCoreCenter\DelReg.exe [2008-05-13 196608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DWQueuedReporting]
C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe [2011-07-27 434080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX3800 Series]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE [2005-02-08 98304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\crocket\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-09-07 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2006-03-02 208952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
D:\Program Files\iTunes\iTunesHelper.exe [2012-03-06 421736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2008-04-14 171008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-04-16 3872080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2006-03-02 59392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-03-02 455168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-03-02 455168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
I:\Program Files\PowerISO\PWRISOVM.EXE -startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
D:\QuickTime\qttask.exe [2011-10-24 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2007-05-10 16342528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TBPanel]
C:\Program Files\VDOTool\TBPANEL.exe [2008-01-09 2169384]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
D:\program files\Winamp\winampa.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^DualCoreCenter.lnk]
C:\PROGRA~1\MSI\DUALCO~1\STARTU~1.EXE [2007-09-27 192512]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2009-05-21 275768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^crocket^Nabídka Start^Programy^Po spuštění^Dropbox.lnk]
C:\DOCUME~1\crocket\DATAAP~1\Dropbox\bin\Dropbox.exe [2012-05-24 27112840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^crocket^Nabídka Start^Programy^Po spuštění^OneNote 2007 Screen Clipper and Launcher.lnk]
C:\PROGRA~1\MI1933~1\Office12\ONENOTEM.EXE [2009-02-26 97680]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^crocket^Nabídka Start^Programy^Po spuštění^µTorrent.lnk]
D:\uTorrent\utorrent.exe [2012-05-19 880496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"CiSvc"=3
"WSearch"=2
"RichVideo"=2
"PnkBstrA"=2
"Pml Driver HPZ12"=2
"JavaQuickStarterService"=2
"Bonjour Service"=2
"BBUpdate"=2
"BBSvc"=2
"Apple Mobile Device"=2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2010-10-20 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-12-01 143360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avldr]
avldr.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]
SwUpdate - {003541A1-3BC0-1B1C-AAF3-040114001C01}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2010-10-20 77824]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=
scecli
scecli
scecli
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1
"NoRun"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\uTorrent\utorrent.exe"="D:\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\Kopkovi\Data aplikací\uTorrent\utorrent.exe"="C:\Documents and Settings\Kopkovi\Data aplikací\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"D:\ICQ6\ICQ6.5\ICQ.exe"="D:\ICQ6\ICQ6.5\ICQ.exe:*:Enabled:ICQ"
"C:\WINDOWS\system32\lsass.exe"="C:\WINDOWS\system32\lsass.exe:*:Enabled:LSA Shell"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"D:\program files\Microsoft Games\Zoo Tycoon 2\zt.exe"="D:\program files\Microsoft Games\Zoo Tycoon 2\zt.exe:*:Enabled:Zoo Tycoon 2 Executable"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\rockstar games\Grand Theft Auto IV\GTAIV.exe"="D:\rockstar games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"D:\call of duty\Modern Warfare 2\iw4mp.exe"="D:\call of duty\Modern Warfare 2\iw4mp.exe:*:Enabled:iw4mp"
"C:\Program Files\SecondLife\SecondLife.exe"="C:\Program Files\SecondLife\SecondLife.exe:*:Enabled:SecondLife"
"C:\Documents and Settings\Kopkovi\Local Settings\Temp\alg.exe"="C:\Documents and Settings\Kopkovi\Local Settings\Temp\alg.exe:*:Enabled:Application Layer Gateway Service"
"D:\program files\Dead Space\Dead Space.exe"="D:\program files\Dead Space\Dead Space.exe:*:Enabled:Dead Space ™"
"D:\program files\Codemasters\Worms 4 Mayhem\WORMS 4 MAYHEM.EXE"="D:\program files\Codemasters\Worms 4 Mayhem\WORMS 4 MAYHEM.EXE:*:Enabled:Worms 4 Mayhem"
"D:\program files\Dragon Age\tools\GffEditor.exe"="D:\program files\Dragon Age\tools\GffEditor.exe:*:Enabled:Dragon Age Toolset GFF editor"
"D:\program files\Dragon Age\tools\ErfEditor.exe"="D:\program files\Dragon Age\tools\ErfEditor.exe:*:Enabled:Dragon Age Toolset ERF editor"
"D:\program files\Monte Cristo\CrazyFactory\CrazyFactory.exe"="D:\program files\Monte Cristo\CrazyFactory\CrazyFactory.exe:*:Enabled:CrazyFactory"
"D:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe"="D:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe:*:Enabled:Rosetta Stone Ltd Services"
"D:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe"="D:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe:*:Enabled:Rosetta Stone Version 3 Application"
"D:\program files\Rockstar Games\EFLC\EFLC.exe"="D:\program files\Rockstar Games\EFLC\EFLC.exe:*:Enabled:Grand Theft Auto : Episodes from Liberty City"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"C:\Documents and Settings\Kopkovi\Local Settings\Data aplikací\AFCSBS\afreecastreamer.exe"="C:\Documents and Settings\Kopkovi\Local Settings\Data aplikací\AFCSBS\afreecastreamer.exe:*:Enabled:Afreeca Streamer"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"D:\program files\SEGA\Alpha Protocol\Binaries\APGame.exe"="D:\program files\SEGA\Alpha Protocol\Binaries\APGame.exe:*:Disabled:Alpha Protocol"
"C:\Documents and Settings\Kopkovi\Data aplikací\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\Kopkovi\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"I:\Program Files\EA Games\Alice Madness Returns\Alice2\Binaries\Win32\AliceMadnessReturns.exe"="I:\Program Files\EA Games\Alice Madness Returns\Alice2\Binaries\Win32\AliceMadnessReturns.exe:*:Enabled:AliceMadnessReturns"
"I:\Program Files\EA Games\Alice Madness Returns\Alice1\bin\alice.exe"="I:\Program Files\EA Games\Alice Madness Returns\Alice1\bin\alice.exe:*:Enabled:American McGee's Alice"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"I:\Program Files\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe"="I:\Program Files\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe:*:Enabled:Assassin's Creed Brotherhood Multiplayer"
"I:\Program Files\The Witcher 2 (CZ)\bin\witcher2.exe"="I:\Program Files\The Witcher 2 (CZ)\bin\witcher2.exe:*:Enabled:The Witcher 2: Assasins of Kings"
"C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe"="C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe:*:Enabled:aTube Catcher to download and convert videos."
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Documents and Settings\crocket\Data aplikací\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\crocket\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"
"I:\Program Files\Mass Effect 2\Binaries\MassEffect2.exe"="I:\Program Files\Mass Effect 2\Binaries\MassEffect2.exe:*:Enabled:Mass Effect 2 Game"
"I:\Program Files\Mass Effect 2\MassEffect2Launcher.exe"="I:\Program Files\Mass Effect 2\MassEffect2Launcher.exe:*:Enabled:Mass Effect 2 Launcher"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"D:\program files\Ubisoft\Assassin's Creed Revelations\ACRMP.exe"="D:\program files\Ubisoft\Assassin's Creed Revelations\ACRMP.exe:*:Enabled:Assassin's Creed Revelations Multiplayer"
"D:\program files\Ubisoft\Assassin's Creed Revelations\ACRPR.exe"="D:\program files\Ubisoft\Assassin's Creed Revelations\ACRPR.exe:*:Enabled:ACRPR"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"D:\program files\iTunes\iTunes.exe"="D:\program files\iTunes\iTunes.exe:*:Enabled:iTunes"
"I:\Borderlands(DIRECT PLAY with all 4 DLC's)\Borderlands(DIRECT PLAY with all 4 DLC's)\Binaries\Borderlands.exe"="I:\Borderlands(DIRECT PLAY with all 4 DLC's)\Borderlands(DIRECT PLAY with all 4 DLC's)\Binaries\Borderlands.exe:*:Enabled:Borderlands"
"C:\Program Files\PANDORA.TV\PanService\PandoraService.exe"="C:\Program Files\PANDORA.TV\PanService\PandoraService.exe:*:Enabled:PandoraService"
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"
"D:\program files\origingames\Mass Effect 3\Binaries\Win32\MassEffect3.exe"="D:\program files\origingames\Mass Effect 3\Binaries\Win32\MassEffect3.exe:*:Enabled:Mass Effect™ 3"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Documents and Settings\Kopkovi\Local Settings\Temp\alg.exe"="C:\Documents and Settings\Kopkovi\Local Settings\Temp\alg.exe:*:Enabled:Application Layer Gateway Service"
"C:\WINDOWS\system32\lsass.exe"="C:\WINDOWS\system32\lsass.exe:*:Enabled:LSA Shell"
"D:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe"="D:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe:*:Enabled:Rosetta Stone Ltd Services"
"D:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe"="D:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe:*:Enabled:Rosetta Stone Version 3 Application"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=i420vfw.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"msacm.siren"=sirenacm.dll
"msacm.ac3filter"=ac3filter.acm
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"msacm.lhacm"=lhacm.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.DIVX"=divx.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"msacm.avis"=ff_acm.acm
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"VIDC.FMVC"=fmcodec.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======List of files/folders created in the last 1 month======
2012-09-12 19:12:49 ----D---- C:\rsit
2012-09-12 19:12:49 ----D---- C:\Program Files\trend micro
2012-09-12 17:06:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2736233$
2012-08-15 09:59:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2712808$
2012-08-15 09:56:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2731847$
2012-08-15 09:49:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2705219$
2012-08-15 09:47:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2723135$
2012-08-14 13:04:23 ----A---- C:\WINDOWS\imsins.BAK
2012-08-14 13:00:41 ----HDC---- C:\WINDOWS\ie8
2012-08-14 11:35:06 ----A---- C:\WINDOWS\system32\cohelper.dll
2012-08-14 11:35:04 ----A---- C:\WINDOWS\system32\nvunrm.exe
======List of files/folders modified in the last 1 month======
2012-09-12 19:49:40 ----D---- C:\Program Files
2012-09-12 19:46:11 ----D---- C:\WINDOWS\Prefetch
2012-09-12 19:46:01 ----D---- C:\Documents and Settings\crocket\Data aplikací\HPAppData
2012-09-12 19:44:44 ----HD---- C:\Program Files\InstallShield Installation Information
2012-09-12 19:44:12 ----D---- C:\Program Files\CyberLink
2012-09-12 19:32:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-09-12 19:21:32 ----D---- C:\WINDOWS\Temp
2012-09-12 19:03:26 ----D---- C:\WINDOWS
2012-09-12 19:03:13 ----D---- C:\WINDOWS\system32\CatRoot2
2012-09-12 19:01:44 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2012-09-12 17:49:16 ----D---- C:\WINDOWS\system32
2012-09-12 17:07:18 ----SHD---- C:\WINDOWS\Installer
2012-09-12 17:07:17 ----SHD---- C:\Config.Msi
2012-09-12 17:07:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-09-12 17:06:21 ----HD---- C:\WINDOWS\inf
2012-09-12 17:05:25 ----HD---- C:\WINDOWS\$hf_mig$
2012-09-12 17:00:13 ----A---- C:\WINDOWS\system32\MRT.exe
2012-09-09 20:15:20 ----D---- C:\Documents and Settings\crocket\Data aplikací\uTorrent
2012-09-07 17:36:56 ----D---- C:\WINDOWS\system32\DirectX
2012-09-07 17:35:55 ----RSD---- C:\WINDOWS\assembly
2012-09-03 14:42:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Origin
2012-09-03 14:41:58 ----D---- C:\Documents and Settings\crocket\Data aplikací\Origin
2012-08-18 19:20:56 ----D---- C:\Program Files\Mozilla Firefox
2012-08-15 19:53:13 ----D---- C:\Documents and Settings\crocket\Data aplikací\Ubisoft
2012-08-15 19:39:48 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-08-15 19:39:48 ----D---- C:\Program Files\Microsoft
2012-08-15 19:33:36 ----RSD---- C:\WINDOWS\Fonts
2012-08-15 18:45:19 ----D---- C:\Program Files\DVDVideoSoft
2012-08-15 18:43:29 ----D---- C:\Program Files\Common Files
2012-08-15 17:50:20 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-08-15 17:16:44 ----D---- C:\Documents and Settings\crocket\Data aplikací\Vso
2012-08-15 14:21:36 ----D---- C:\WINDOWS\system32\drivers\etc
2012-08-15 14:10:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2012-08-15 12:07:28 ----D---- C:\Program Files\Ask.com
2012-08-15 12:07:25 ----SD---- C:\WINDOWS\Tasks
2012-08-15 11:54:35 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-08-15 11:54:14 ----D---- C:\WINDOWS\system32\drivers
2012-08-15 11:54:07 ----D---- C:\Program Files\NVIDIA Corporation
2012-08-15 11:16:26 ----RSH---- C:\boot.ini
2012-08-15 11:16:26 ----A---- C:\WINDOWS\win.ini
2012-08-15 11:16:26 ----A---- C:\WINDOWS\system.ini
2012-08-15 10:50:03 ----D---- C:\WINDOWS\system32\CatRoot
2012-08-15 09:42:16 ----D---- C:\Program Files\Internet Explorer
2012-08-15 09:41:17 ----SHD---- C:\System Volume Information
2012-08-15 09:41:17 ----D---- C:\WINDOWS\system32\Restore
2012-08-14 14:54:57 ----D---- C:\WINDOWS\ie8updates
2012-08-14 14:40:19 ----D---- C:\WINDOWS\system32\cs-cz
2012-08-14 14:40:18 ----D---- C:\WINDOWS\Media
2012-08-14 14:40:18 ----D---- C:\WINDOWS\Help
2012-08-14 13:18:48 ----D---- C:\WINDOWS\Microsoft.NET
2012-08-14 13:16:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-08-14 13:16:00 ----D---- C:\WINDOWS\WinSxS
2012-08-14 12:54:32 ----D---- C:\WINDOWS\Debug
2012-08-14 12:44:08 ----D---- C:\Program Files\SUPERAntiSpyware
2012-08-14 09:56:57 ----D---- C:\NVIDIA
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2012-03-20 171064]
R0 nvgts;nvgts; C:\WINDOWS\system32\DRIVERS\nvgts.sys [2008-08-18 145952]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2006-06-14 58232]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2006-02-21 19968]
R0 sfsync04;StarForce Protection Synchronization Driver (version 4.x); C:\WINDOWS\System32\drivers\sfsync04.sys [2006-06-14 59264]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2006-06-14 78184]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-05-08 721904]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2011-06-15 60156]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2012-05-09 281760]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2012-05-09 25888]
R2 TBPanel;TBPanel; C:\WINDOWS\system32\drivers\TBPanel.sys [2007-03-16 12256]
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-10-28 49920]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-10-28 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-10-28 21568]
R3 LgBttPort;LGE Bluetooth TransPort; C:\WINDOWS\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]
R3 LGVMODEM;LGE Virtual Modem; C:\WINDOWS\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-05-15 14014656]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2009-07-01 66688]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2009-07-01 13824]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-11-06 47360]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2009-11-11 27744]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-03-02 5888]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2011-06-14 2801904]
S1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys []
S1 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys []
S1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys []
S1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys []
S2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys []
S2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys []
S3 ailv3v77;ailv3v77; C:\WINDOWS\system32\drivers\ailv3v77.sys []
S3 AMBFilt;AMBFilt; C:\WINDOWS\system32\drivers\AMBFilt.sys [2009-06-26 1656960]
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-12-02 3452928]
S3 Cardex;Cardex; \??\C:\WINDOWS\system32\drivers\TBPANEL.SYS []
S3 DualCoreCenter;DualCoreCenter; \??\C:\Program Files\MSI\DualCoreCenter\NTGLM7X.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 GPU-Z;GPU-Z; \??\C:\DOCUME~1\crocket\LOCALS~1\Temp\GPU-Z.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-05-10 4419584]
S3 MonFilt;MonFilt; C:\WINDOWS\system32\drivers\MonFilt.sys [2008-12-02 1389056]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSI_DVD_010507;MSI_DVD_010507; \??\C:\PROGRA~1\MSI\MSIWDev\DVDSYS32_100507.sys []
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; \??\C:\PROGRA~1\MSI\MSIWDev\msibios32_100507.sys []
S3 MSI_VGASYS_010507;MSI_VGASYS_010507; \??\C:\PROGRA~1\MSI\MSIWDev\VGASYS32_100507.sys []
S3 NETIMFLT;PANDA NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\netimflt.sys []
S3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2007-07-12 96384]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2010-07-06 234392]
S3 RushTopDevice2;RushTopDevice2; \??\C:\Program Files\MSI\DualCoreCenter\RushTop.sys []
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 se59bus;Sony Ericsson Device 089 driver (WDM); C:\WINDOWS\system32\DRIVERS\se59bus.sys [2006-09-05 61536]
S3 se59mgmt;Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se59mgmt.sys [2006-09-05 88624]
S3 se59nd5;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (NDIS); C:\WINDOWS\system32\DRIVERS\se59nd5.sys [2006-09-05 18704]
S3 se59obex;Sony Ericsson Device 089 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se59obex.sys [2006-09-05 86432]
S3 se59unic;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM); C:\WINDOWS\system32\DRIVERS\se59unic.sys [2006-09-05 90800]
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-10-24 6784]
S3 tapvpn;TAP VPN Adapter; C:\WINDOWS\system32\DRIVERS\tapvpn.sys [2006-10-26 27136]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2012-02-15 43520]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2010-10-21 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2010-10-21 20864]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2010-10-21 25216]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2009-01-30 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-12-01 598016]
R2 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 KaraokeService;VIA Karaoke digital mixer Service; C:\WINDOWS\system32\KaraokeSer.exe [2011-06-14 88688]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 11552]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2012-05-15 164160]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 sfrem01;SF FrontLine Drivers Auto Removal (v1); C:\WINDOWS\system32\sfrem01.exe [2006-05-10 353912]
S2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-05-16 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-12-20 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Služba Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-04-28 704872]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe []
S3 HssTrayService;Hotspot Shield Tray Service; C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE [2009-06-01 34352]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-03-06 821608]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []
S3 nosGetPlusHelper;getPlus(R) Helper 3004; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-10-11 3369044]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-02-27 55144]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 390504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-06-16 153352]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2012-05-23 66872]
S4 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
počítač padá a zamrzá
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: počítač padá a zamrzá
Stáněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Program Files\Ask.com
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-115176313-682003330-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-115176313-682003330-1004UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-115176313-682003330-1007Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-796845957-115176313-682003330-1007UA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
:commands
[Purity]
[Emptytemp]
[Emptyflash]
[Resethosts]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: počítač padá a zamrzá
díky za pomoc ;~; tady je ten log
Logfile of random's system information tool 1.09 (written by random/random)
Run by crocket at 2012-09-12 20:26:53
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 9 GB (25%) free of 38 GB
Total RAM: 1791 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:27:20, on 12.9.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\KaraokeSer.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\notepad.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\crocket\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\crocket.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 210.176.171.237:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [QuickTime Task] "D:\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-796845957-115176313-682003330-1009\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Kopkovi\Nabídka Start\Programy\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b56986.cab
O16 - DPF: {288CED07-83F7-4077-A3A6-FED1A1707B97} (AFCSbsStarter Control) - http://gorealradown.sbs.co.kr/streamer/ ... tarter.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/ ... 10.115.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/Messenger ... E_UNO1.cab
O16 - DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} (CSEQueryObject Object) - http://www.myheritage.cz/Genoogle/Compo ... eQuery.dll
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 4452151130
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDow ... rtScan.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/L ... nstall.cab
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader2.cab
O16 - DPF: {B9B38E70-EEF6-4E3A-AE84-DDE59A053B7C} (Daum ActiveX manager Class) - http://mail.daum.net/hanmail-ax/DaumAct ... er=2,0,1,4
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - http://wwwimages.adobe.com/www.adobe.co ... nos/gp.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://games.myspace.com/Gameshell/Game ... meHost.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.12) - http://www.yougamers.com/systeminfo/MSC3.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b56986.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O21 - SSODL: SwUpdate - {003541A1-3BC0-1B1C-AAF3-040114001C01} - (no file)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: VIA Karaoke digital mixer Service (KaraokeService) - VIA Technologies, Inc. - C:\WINDOWS\system32\KaraokeSer.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
--
End of file - 12696 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-HOME-7B402F244E-Kopkovi.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\crocket\Data aplikací\Mozilla\Firefox\Profiles\bwh4f8pa.default
prefs.js - "browser.startup.homepage" - "http://www.tools4arab.com/start"
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.271 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=D:\DivX\DivX Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33]
"Description"=
"Path"=C:\WINDOWS\system32\npdeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]
"Description"=Office Live Update v1.3
"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nosltd.com/getPlus+(R),version=1.6.2.91]
"Description"=getPlus+(R)
"Path"=C:\Program Files\NOS\bin\np_gp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@unity3d.com/UnityPlayer]
"Description"=Unity Player 2.1.0f5
"Path"=C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-06-16 329480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-06-16 59144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-06-16 79624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 931200]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2011-06-20 41101936]
"QuickTime Task"=D:\QuickTime\qttask.exe [2011-10-24 421888]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2012-05-15 15504192]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2012-05-15 108352]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-04-16 3872080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-04-04 843712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-01-25 500208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdVantage]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\amd_dc_opt]
C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
D:\daemon\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DelReg]
C:\Program Files\MSI\DualCoreCenter\DelReg.exe [2008-05-13 196608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DWQueuedReporting]
C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe [2011-07-27 434080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX3800 Series]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE [2005-02-08 98304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\crocket\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-09-07 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2006-03-02 208952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
D:\Program Files\iTunes\iTunesHelper.exe [2012-03-06 421736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2008-04-14 171008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-04-16 3872080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2006-03-02 59392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-03-02 455168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-03-02 455168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
I:\Program Files\PowerISO\PWRISOVM.EXE -startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
D:\QuickTime\qttask.exe [2011-10-24 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2007-05-10 16342528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TBPanel]
C:\Program Files\VDOTool\TBPANEL.exe [2008-01-09 2169384]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
D:\program files\Winamp\winampa.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^DualCoreCenter.lnk]
C:\PROGRA~1\MSI\DUALCO~1\STARTU~1.EXE [2007-09-27 192512]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2009-05-21 275768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^crocket^Nabídka Start^Programy^Po spuštění^Dropbox.lnk]
C:\DOCUME~1\crocket\DATAAP~1\Dropbox\bin\Dropbox.exe [2012-05-24 27112840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^crocket^Nabídka Start^Programy^Po spuštění^OneNote 2007 Screen Clipper and Launcher.lnk]
C:\PROGRA~1\MI1933~1\Office12\ONENOTEM.EXE [2009-02-26 97680]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^crocket^Nabídka Start^Programy^Po spuštění^µTorrent.lnk]
D:\uTorrent\utorrent.exe [2012-05-19 880496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"CiSvc"=3
"WSearch"=2
"RichVideo"=2
"PnkBstrA"=2
"Pml Driver HPZ12"=2
"JavaQuickStarterService"=2
"Bonjour Service"=2
"BBUpdate"=2
"BBSvc"=2
"Apple Mobile Device"=2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2010-10-20 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-12-01 143360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avldr]
avldr.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]
SwUpdate - {003541A1-3BC0-1B1C-AAF3-040114001C01}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2010-10-20 77824]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=
scecli
scecli
scecli
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1
"NoRun"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\uTorrent\utorrent.exe"="D:\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\Kopkovi\Data aplikací\uTorrent\utorrent.exe"="C:\Documents and Settings\Kopkovi\Data aplikací\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"D:\ICQ6\ICQ6.5\ICQ.exe"="D:\ICQ6\ICQ6.5\ICQ.exe:*:Enabled:ICQ"
"C:\WINDOWS\system32\lsass.exe"="C:\WINDOWS\system32\lsass.exe:*:Enabled:LSA Shell"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"D:\program files\Microsoft Games\Zoo Tycoon 2\zt.exe"="D:\program files\Microsoft Games\Zoo Tycoon 2\zt.exe:*:Enabled:Zoo Tycoon 2 Executable"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\rockstar games\Grand Theft Auto IV\GTAIV.exe"="D:\rockstar games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"D:\call of duty\Modern Warfare 2\iw4mp.exe"="D:\call of duty\Modern Warfare 2\iw4mp.exe:*:Enabled:iw4mp"
"C:\Program Files\SecondLife\SecondLife.exe"="C:\Program Files\SecondLife\SecondLife.exe:*:Enabled:SecondLife"
"C:\Documents and Settings\Kopkovi\Local Settings\Temp\alg.exe"="C:\Documents and Settings\Kopkovi\Local Settings\Temp\alg.exe:*:Enabled:Application Layer Gateway Service"
"D:\program files\Dead Space\Dead Space.exe"="D:\program files\Dead Space\Dead Space.exe:*:Enabled:Dead Space ™"
"D:\program files\Codemasters\Worms 4 Mayhem\WORMS 4 MAYHEM.EXE"="D:\program files\Codemasters\Worms 4 Mayhem\WORMS 4 MAYHEM.EXE:*:Enabled:Worms 4 Mayhem"
"D:\program files\Dragon Age\tools\GffEditor.exe"="D:\program files\Dragon Age\tools\GffEditor.exe:*:Enabled:Dragon Age Toolset GFF editor"
"D:\program files\Dragon Age\tools\ErfEditor.exe"="D:\program files\Dragon Age\tools\ErfEditor.exe:*:Enabled:Dragon Age Toolset ERF editor"
"D:\program files\Monte Cristo\CrazyFactory\CrazyFactory.exe"="D:\program files\Monte Cristo\CrazyFactory\CrazyFactory.exe:*:Enabled:CrazyFactory"
"D:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe"="D:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe:*:Enabled:Rosetta Stone Ltd Services"
"D:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe"="D:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe:*:Enabled:Rosetta Stone Version 3 Application"
"D:\program files\Rockstar Games\EFLC\EFLC.exe"="D:\program files\Rockstar Games\EFLC\EFLC.exe:*:Enabled:Grand Theft Auto : Episodes from Liberty City"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"C:\Documents and Settings\Kopkovi\Local Settings\Data aplikací\AFCSBS\afreecastreamer.exe"="C:\Documents and Settings\Kopkovi\Local Settings\Data aplikací\AFCSBS\afreecastreamer.exe:*:Enabled:Afreeca Streamer"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"D:\program files\SEGA\Alpha Protocol\Binaries\APGame.exe"="D:\program files\SEGA\Alpha Protocol\Binaries\APGame.exe:*:Disabled:Alpha Protocol"
"C:\Documents and Settings\Kopkovi\Data aplikací\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\Kopkovi\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"I:\Program Files\EA Games\Alice Madness Returns\Alice2\Binaries\Win32\AliceMadnessReturns.exe"="I:\Program Files\EA Games\Alice Madness Returns\Alice2\Binaries\Win32\AliceMadnessReturns.exe:*:Enabled:AliceMadnessReturns"
"I:\Program Files\EA Games\Alice Madness Returns\Alice1\bin\alice.exe"="I:\Program Files\EA Games\Alice Madness Returns\Alice1\bin\alice.exe:*:Enabled:American McGee's Alice"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"I:\Program Files\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe"="I:\Program Files\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe:*:Enabled:Assassin's Creed Brotherhood Multiplayer"
"I:\Program Files\The Witcher 2 (CZ)\bin\witcher2.exe"="I:\Program Files\The Witcher 2 (CZ)\bin\witcher2.exe:*:Enabled:The Witcher 2: Assasins of Kings"
"C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe"="C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe:*:Enabled:aTube Catcher to download and convert videos."
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Documents and Settings\crocket\Data aplikací\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\crocket\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"
"I:\Program Files\Mass Effect 2\Binaries\MassEffect2.exe"="I:\Program Files\Mass Effect 2\Binaries\MassEffect2.exe:*:Enabled:Mass Effect 2 Game"
"I:\Program Files\Mass Effect 2\MassEffect2Launcher.exe"="I:\Program Files\Mass Effect 2\MassEffect2Launcher.exe:*:Enabled:Mass Effect 2 Launcher"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"D:\program files\Ubisoft\Assassin's Creed Revelations\ACRMP.exe"="D:\program files\Ubisoft\Assassin's Creed Revelations\ACRMP.exe:*:Enabled:Assassin's Creed Revelations Multiplayer"
"D:\program files\Ubisoft\Assassin's Creed Revelations\ACRPR.exe"="D:\program files\Ubisoft\Assassin's Creed Revelations\ACRPR.exe:*:Enabled:ACRPR"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"D:\program files\iTunes\iTunes.exe"="D:\program files\iTunes\iTunes.exe:*:Enabled:iTunes"
"I:\Borderlands(DIRECT PLAY with all 4 DLC's)\Borderlands(DIRECT PLAY with all 4 DLC's)\Binaries\Borderlands.exe"="I:\Borderlands(DIRECT PLAY with all 4 DLC's)\Borderlands(DIRECT PLAY with all 4 DLC's)\Binaries\Borderlands.exe:*:Enabled:Borderlands"
"C:\Program Files\PANDORA.TV\PanService\PandoraService.exe"="C:\Program Files\PANDORA.TV\PanService\PandoraService.exe:*:Enabled:PandoraService"
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"
"D:\program files\origingames\Mass Effect 3\Binaries\Win32\MassEffect3.exe"="D:\program files\origingames\Mass Effect 3\Binaries\Win32\MassEffect3.exe:*:Enabled:Mass Effect™ 3"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Documents and Settings\Kopkovi\Local Settings\Temp\alg.exe"="C:\Documents and Settings\Kopkovi\Local Settings\Temp\alg.exe:*:Enabled:Application Layer Gateway Service"
"C:\WINDOWS\system32\lsass.exe"="C:\WINDOWS\system32\lsass.exe:*:Enabled:LSA Shell"
"D:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe"="D:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe:*:Enabled:Rosetta Stone Ltd Services"
"D:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe"="D:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe:*:Enabled:Rosetta Stone Version 3 Application"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=i420vfw.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"msacm.siren"=sirenacm.dll
"msacm.ac3filter"=ac3filter.acm
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"msacm.lhacm"=lhacm.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.DIVX"=divx.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"msacm.avis"=ff_acm.acm
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"VIDC.FMVC"=fmcodec.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======List of files/folders created in the last 1 month======
2012-09-12 20:22:53 ----D---- C:\_OTM
2012-09-12 19:12:49 ----D---- C:\rsit
2012-09-12 19:12:49 ----D---- C:\Program Files\trend micro
2012-09-12 17:06:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2736233$
2012-08-15 09:59:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2712808$
2012-08-15 09:56:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2731847$
2012-08-15 09:49:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2705219$
2012-08-15 09:47:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2723135$
2012-08-14 13:04:23 ----A---- C:\WINDOWS\imsins.BAK
2012-08-14 13:00:41 ----HDC---- C:\WINDOWS\ie8
2012-08-14 11:35:06 ----A---- C:\WINDOWS\system32\cohelper.dll
2012-08-14 11:35:04 ----A---- C:\WINDOWS\system32\nvunrm.exe
======List of files/folders modified in the last 1 month======
2012-09-12 20:26:44 ----D---- C:\WINDOWS\Prefetch
2012-09-12 20:25:57 ----D---- C:\WINDOWS\Temp
2012-09-12 20:25:08 ----D---- C:\WINDOWS\system32\CatRoot2
2012-09-12 20:23:58 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-09-12 20:23:47 ----D---- C:\WINDOWS\system32\drivers\etc
2012-09-12 20:23:45 ----D---- C:\WINDOWS\system32
2012-09-12 20:23:45 ----D---- C:\WINDOWS
2012-09-12 20:22:54 ----SD---- C:\WINDOWS\Tasks
2012-09-12 20:22:54 ----D---- C:\Program Files
2012-09-12 19:46:01 ----D---- C:\Documents and Settings\crocket\Data aplikací\HPAppData
2012-09-12 19:44:44 ----HD---- C:\Program Files\InstallShield Installation Information
2012-09-12 19:44:12 ----D---- C:\Program Files\CyberLink
2012-09-12 19:01:44 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2012-09-12 17:07:18 ----SHD---- C:\WINDOWS\Installer
2012-09-12 17:07:17 ----SHD---- C:\Config.Msi
2012-09-12 17:07:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-09-12 17:06:21 ----HD---- C:\WINDOWS\inf
2012-09-12 17:05:25 ----HD---- C:\WINDOWS\$hf_mig$
2012-09-12 17:00:13 ----A---- C:\WINDOWS\system32\MRT.exe
2012-09-09 20:15:20 ----D---- C:\Documents and Settings\crocket\Data aplikací\uTorrent
2012-09-07 17:36:56 ----D---- C:\WINDOWS\system32\DirectX
2012-09-07 17:35:55 ----RSD---- C:\WINDOWS\assembly
2012-09-03 14:42:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Origin
2012-09-03 14:41:58 ----D---- C:\Documents and Settings\crocket\Data aplikací\Origin
2012-08-18 19:20:56 ----D---- C:\Program Files\Mozilla Firefox
2012-08-15 19:53:13 ----D---- C:\Documents and Settings\crocket\Data aplikací\Ubisoft
2012-08-15 19:39:48 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-08-15 19:39:48 ----D---- C:\Program Files\Microsoft
2012-08-15 19:33:36 ----RSD---- C:\WINDOWS\Fonts
2012-08-15 18:45:19 ----D---- C:\Program Files\DVDVideoSoft
2012-08-15 18:43:29 ----D---- C:\Program Files\Common Files
2012-08-15 17:50:20 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-08-15 17:16:44 ----D---- C:\Documents and Settings\crocket\Data aplikací\Vso
2012-08-15 14:10:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2012-08-15 11:54:35 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-08-15 11:54:14 ----D---- C:\WINDOWS\system32\drivers
2012-08-15 11:54:07 ----D---- C:\Program Files\NVIDIA Corporation
2012-08-15 11:16:26 ----RSH---- C:\boot.ini
2012-08-15 11:16:26 ----A---- C:\WINDOWS\win.ini
2012-08-15 11:16:26 ----A---- C:\WINDOWS\system.ini
2012-08-15 10:50:03 ----D---- C:\WINDOWS\system32\CatRoot
2012-08-15 09:42:16 ----D---- C:\Program Files\Internet Explorer
2012-08-15 09:41:17 ----SHD---- C:\System Volume Information
2012-08-15 09:41:17 ----D---- C:\WINDOWS\system32\Restore
2012-08-14 14:54:57 ----D---- C:\WINDOWS\ie8updates
2012-08-14 14:40:19 ----D---- C:\WINDOWS\system32\cs-cz
2012-08-14 14:40:18 ----D---- C:\WINDOWS\Media
2012-08-14 14:40:18 ----D---- C:\WINDOWS\Help
2012-08-14 13:18:48 ----D---- C:\WINDOWS\Microsoft.NET
2012-08-14 13:16:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-08-14 13:16:00 ----D---- C:\WINDOWS\WinSxS
2012-08-14 12:54:32 ----D---- C:\WINDOWS\Debug
2012-08-14 12:44:08 ----D---- C:\Program Files\SUPERAntiSpyware
2012-08-14 09:56:57 ----D---- C:\NVIDIA
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2012-03-20 171064]
R0 nvgts;nvgts; C:\WINDOWS\system32\DRIVERS\nvgts.sys [2008-08-18 145952]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2006-06-14 58232]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2006-02-21 19968]
R0 sfsync04;StarForce Protection Synchronization Driver (version 4.x); C:\WINDOWS\System32\drivers\sfsync04.sys [2006-06-14 59264]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2006-06-14 78184]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-05-08 721904]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 MpKsl94a48061;MpKsl94a48061; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{77412415-C864-4C59-8587-8FEE1EC1607C}\MpKsl94a48061.sys []
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2011-06-15 60156]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2012-05-09 281760]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2012-05-09 25888]
R2 TBPanel;TBPanel; C:\WINDOWS\system32\drivers\TBPanel.sys [2007-03-16 12256]
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-10-28 49920]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-10-28 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-10-28 21568]
R3 LgBttPort;LGE Bluetooth TransPort; C:\WINDOWS\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]
R3 LGVMODEM;LGE Virtual Modem; C:\WINDOWS\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-05-15 14014656]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2009-07-01 66688]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2009-07-01 13824]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-11-06 47360]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2009-11-11 27744]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-03-02 5888]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2011-06-14 2801904]
S1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys []
S1 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys []
S1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys []
S1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys []
S2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys []
S2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys []
S3 alc7hf95;alc7hf95; C:\WINDOWS\system32\drivers\alc7hf95.sys []
S3 AMBFilt;AMBFilt; C:\WINDOWS\system32\drivers\AMBFilt.sys [2009-06-26 1656960]
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-12-02 3452928]
S3 Cardex;Cardex; \??\C:\WINDOWS\system32\drivers\TBPANEL.SYS []
S3 DualCoreCenter;DualCoreCenter; \??\C:\Program Files\MSI\DualCoreCenter\NTGLM7X.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 GPU-Z;GPU-Z; \??\C:\DOCUME~1\crocket\LOCALS~1\Temp\GPU-Z.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-05-10 4419584]
S3 MonFilt;MonFilt; C:\WINDOWS\system32\drivers\MonFilt.sys [2008-12-02 1389056]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSI_DVD_010507;MSI_DVD_010507; \??\C:\PROGRA~1\MSI\MSIWDev\DVDSYS32_100507.sys []
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; \??\C:\PROGRA~1\MSI\MSIWDev\msibios32_100507.sys []
S3 MSI_VGASYS_010507;MSI_VGASYS_010507; \??\C:\PROGRA~1\MSI\MSIWDev\VGASYS32_100507.sys []
S3 NETIMFLT;PANDA NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\netimflt.sys []
S3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2007-07-12 96384]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2010-07-06 234392]
S3 RushTopDevice2;RushTopDevice2; \??\C:\Program Files\MSI\DualCoreCenter\RushTop.sys []
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 se59bus;Sony Ericsson Device 089 driver (WDM); C:\WINDOWS\system32\DRIVERS\se59bus.sys [2006-09-05 61536]
S3 se59mgmt;Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se59mgmt.sys [2006-09-05 88624]
S3 se59nd5;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (NDIS); C:\WINDOWS\system32\DRIVERS\se59nd5.sys [2006-09-05 18704]
S3 se59obex;Sony Ericsson Device 089 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se59obex.sys [2006-09-05 86432]
S3 se59unic;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM); C:\WINDOWS\system32\DRIVERS\se59unic.sys [2006-09-05 90800]
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-10-24 6784]
S3 tapvpn;TAP VPN Adapter; C:\WINDOWS\system32\DRIVERS\tapvpn.sys [2006-10-26 27136]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2012-02-15 43520]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2010-10-21 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2010-10-21 20864]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2010-10-21 25216]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2009-01-30 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-12-01 598016]
R2 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 KaraokeService;VIA Karaoke digital mixer Service; C:\WINDOWS\system32\KaraokeSer.exe [2011-06-14 88688]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 11552]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2012-05-15 164160]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 sfrem01;SF FrontLine Drivers Auto Removal (v1); C:\WINDOWS\system32\sfrem01.exe [2006-05-10 353912]
S2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-05-16 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-12-20 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Služba Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-04-28 704872]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe []
S3 HssTrayService;Hotspot Shield Tray Service; C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE [2009-06-01 34352]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-03-06 821608]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []
S3 nosGetPlusHelper;getPlus(R) Helper 3004; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-10-11 3369044]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-02-27 55144]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 390504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-06-16 153352]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2012-05-23 66872]
S4 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
-----------------EOF-----------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by crocket at 2012-09-12 20:26:53
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 9 GB (25%) free of 38 GB
Total RAM: 1791 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:27:20, on 12.9.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\KaraokeSer.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\notepad.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\crocket\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\crocket.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 210.176.171.237:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [QuickTime Task] "D:\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-796845957-115176313-682003330-1009\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Kopkovi\Nabídka Start\Programy\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b56986.cab
O16 - DPF: {288CED07-83F7-4077-A3A6-FED1A1707B97} (AFCSbsStarter Control) - http://gorealradown.sbs.co.kr/streamer/ ... tarter.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/ ... 10.115.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/Messenger ... E_UNO1.cab
O16 - DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} (CSEQueryObject Object) - http://www.myheritage.cz/Genoogle/Compo ... eQuery.dll
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 4452151130
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDow ... rtScan.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/L ... nstall.cab
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader2.cab
O16 - DPF: {B9B38E70-EEF6-4E3A-AE84-DDE59A053B7C} (Daum ActiveX manager Class) - http://mail.daum.net/hanmail-ax/DaumAct ... er=2,0,1,4
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - http://wwwimages.adobe.com/www.adobe.co ... nos/gp.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://games.myspace.com/Gameshell/Game ... meHost.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.12) - http://www.yougamers.com/systeminfo/MSC3.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b56986.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O21 - SSODL: SwUpdate - {003541A1-3BC0-1B1C-AAF3-040114001C01} - (no file)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: VIA Karaoke digital mixer Service (KaraokeService) - VIA Technologies, Inc. - C:\WINDOWS\system32\KaraokeSer.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
--
End of file - 12696 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-HOME-7B402F244E-Kopkovi.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\crocket\Data aplikací\Mozilla\Firefox\Profiles\bwh4f8pa.default
prefs.js - "browser.startup.homepage" - "http://www.tools4arab.com/start"
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.271 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=D:\DivX\DivX Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33]
"Description"=
"Path"=C:\WINDOWS\system32\npdeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]
"Description"=Office Live Update v1.3
"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nosltd.com/getPlus+(R),version=1.6.2.91]
"Description"=getPlus+(R)
"Path"=C:\Program Files\NOS\bin\np_gp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@unity3d.com/UnityPlayer]
"Description"=Unity Player 2.1.0f5
"Path"=C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-06-16 329480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-06-16 59144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-06-16 79624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 931200]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2011-06-20 41101936]
"QuickTime Task"=D:\QuickTime\qttask.exe [2011-10-24 421888]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2012-05-15 15504192]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2012-05-15 108352]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-04-16 3872080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-04-04 843712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-01-25 500208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdVantage]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\amd_dc_opt]
C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
D:\daemon\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DelReg]
C:\Program Files\MSI\DualCoreCenter\DelReg.exe [2008-05-13 196608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DWQueuedReporting]
C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe [2011-07-27 434080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX3800 Series]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE [2005-02-08 98304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\crocket\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-09-07 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2006-03-02 208952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
D:\Program Files\iTunes\iTunesHelper.exe [2012-03-06 421736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2008-04-14 171008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-04-16 3872080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2006-03-02 59392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-03-02 455168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-03-02 455168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
I:\Program Files\PowerISO\PWRISOVM.EXE -startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
D:\QuickTime\qttask.exe [2011-10-24 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2007-05-10 16342528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TBPanel]
C:\Program Files\VDOTool\TBPANEL.exe [2008-01-09 2169384]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
D:\program files\Winamp\winampa.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^DualCoreCenter.lnk]
C:\PROGRA~1\MSI\DUALCO~1\STARTU~1.EXE [2007-09-27 192512]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2009-05-21 275768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^crocket^Nabídka Start^Programy^Po spuštění^Dropbox.lnk]
C:\DOCUME~1\crocket\DATAAP~1\Dropbox\bin\Dropbox.exe [2012-05-24 27112840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^crocket^Nabídka Start^Programy^Po spuštění^OneNote 2007 Screen Clipper and Launcher.lnk]
C:\PROGRA~1\MI1933~1\Office12\ONENOTEM.EXE [2009-02-26 97680]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^crocket^Nabídka Start^Programy^Po spuštění^µTorrent.lnk]
D:\uTorrent\utorrent.exe [2012-05-19 880496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"CiSvc"=3
"WSearch"=2
"RichVideo"=2
"PnkBstrA"=2
"Pml Driver HPZ12"=2
"JavaQuickStarterService"=2
"Bonjour Service"=2
"BBUpdate"=2
"BBSvc"=2
"Apple Mobile Device"=2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2010-10-20 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-12-01 143360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avldr]
avldr.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]
SwUpdate - {003541A1-3BC0-1B1C-AAF3-040114001C01}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2010-10-20 77824]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=
scecli
scecli
scecli
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1
"NoRun"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\uTorrent\utorrent.exe"="D:\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\Kopkovi\Data aplikací\uTorrent\utorrent.exe"="C:\Documents and Settings\Kopkovi\Data aplikací\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"D:\ICQ6\ICQ6.5\ICQ.exe"="D:\ICQ6\ICQ6.5\ICQ.exe:*:Enabled:ICQ"
"C:\WINDOWS\system32\lsass.exe"="C:\WINDOWS\system32\lsass.exe:*:Enabled:LSA Shell"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"D:\program files\Microsoft Games\Zoo Tycoon 2\zt.exe"="D:\program files\Microsoft Games\Zoo Tycoon 2\zt.exe:*:Enabled:Zoo Tycoon 2 Executable"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\rockstar games\Grand Theft Auto IV\GTAIV.exe"="D:\rockstar games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"D:\call of duty\Modern Warfare 2\iw4mp.exe"="D:\call of duty\Modern Warfare 2\iw4mp.exe:*:Enabled:iw4mp"
"C:\Program Files\SecondLife\SecondLife.exe"="C:\Program Files\SecondLife\SecondLife.exe:*:Enabled:SecondLife"
"C:\Documents and Settings\Kopkovi\Local Settings\Temp\alg.exe"="C:\Documents and Settings\Kopkovi\Local Settings\Temp\alg.exe:*:Enabled:Application Layer Gateway Service"
"D:\program files\Dead Space\Dead Space.exe"="D:\program files\Dead Space\Dead Space.exe:*:Enabled:Dead Space ™"
"D:\program files\Codemasters\Worms 4 Mayhem\WORMS 4 MAYHEM.EXE"="D:\program files\Codemasters\Worms 4 Mayhem\WORMS 4 MAYHEM.EXE:*:Enabled:Worms 4 Mayhem"
"D:\program files\Dragon Age\tools\GffEditor.exe"="D:\program files\Dragon Age\tools\GffEditor.exe:*:Enabled:Dragon Age Toolset GFF editor"
"D:\program files\Dragon Age\tools\ErfEditor.exe"="D:\program files\Dragon Age\tools\ErfEditor.exe:*:Enabled:Dragon Age Toolset ERF editor"
"D:\program files\Monte Cristo\CrazyFactory\CrazyFactory.exe"="D:\program files\Monte Cristo\CrazyFactory\CrazyFactory.exe:*:Enabled:CrazyFactory"
"D:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe"="D:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe:*:Enabled:Rosetta Stone Ltd Services"
"D:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe"="D:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe:*:Enabled:Rosetta Stone Version 3 Application"
"D:\program files\Rockstar Games\EFLC\EFLC.exe"="D:\program files\Rockstar Games\EFLC\EFLC.exe:*:Enabled:Grand Theft Auto : Episodes from Liberty City"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"C:\Documents and Settings\Kopkovi\Local Settings\Data aplikací\AFCSBS\afreecastreamer.exe"="C:\Documents and Settings\Kopkovi\Local Settings\Data aplikací\AFCSBS\afreecastreamer.exe:*:Enabled:Afreeca Streamer"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"D:\program files\SEGA\Alpha Protocol\Binaries\APGame.exe"="D:\program files\SEGA\Alpha Protocol\Binaries\APGame.exe:*:Disabled:Alpha Protocol"
"C:\Documents and Settings\Kopkovi\Data aplikací\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\Kopkovi\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"I:\Program Files\EA Games\Alice Madness Returns\Alice2\Binaries\Win32\AliceMadnessReturns.exe"="I:\Program Files\EA Games\Alice Madness Returns\Alice2\Binaries\Win32\AliceMadnessReturns.exe:*:Enabled:AliceMadnessReturns"
"I:\Program Files\EA Games\Alice Madness Returns\Alice1\bin\alice.exe"="I:\Program Files\EA Games\Alice Madness Returns\Alice1\bin\alice.exe:*:Enabled:American McGee's Alice"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"I:\Program Files\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe"="I:\Program Files\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe:*:Enabled:Assassin's Creed Brotherhood Multiplayer"
"I:\Program Files\The Witcher 2 (CZ)\bin\witcher2.exe"="I:\Program Files\The Witcher 2 (CZ)\bin\witcher2.exe:*:Enabled:The Witcher 2: Assasins of Kings"
"C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe"="C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe:*:Enabled:aTube Catcher to download and convert videos."
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Documents and Settings\crocket\Data aplikací\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\crocket\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"
"I:\Program Files\Mass Effect 2\Binaries\MassEffect2.exe"="I:\Program Files\Mass Effect 2\Binaries\MassEffect2.exe:*:Enabled:Mass Effect 2 Game"
"I:\Program Files\Mass Effect 2\MassEffect2Launcher.exe"="I:\Program Files\Mass Effect 2\MassEffect2Launcher.exe:*:Enabled:Mass Effect 2 Launcher"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"D:\program files\Ubisoft\Assassin's Creed Revelations\ACRMP.exe"="D:\program files\Ubisoft\Assassin's Creed Revelations\ACRMP.exe:*:Enabled:Assassin's Creed Revelations Multiplayer"
"D:\program files\Ubisoft\Assassin's Creed Revelations\ACRPR.exe"="D:\program files\Ubisoft\Assassin's Creed Revelations\ACRPR.exe:*:Enabled:ACRPR"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"D:\program files\iTunes\iTunes.exe"="D:\program files\iTunes\iTunes.exe:*:Enabled:iTunes"
"I:\Borderlands(DIRECT PLAY with all 4 DLC's)\Borderlands(DIRECT PLAY with all 4 DLC's)\Binaries\Borderlands.exe"="I:\Borderlands(DIRECT PLAY with all 4 DLC's)\Borderlands(DIRECT PLAY with all 4 DLC's)\Binaries\Borderlands.exe:*:Enabled:Borderlands"
"C:\Program Files\PANDORA.TV\PanService\PandoraService.exe"="C:\Program Files\PANDORA.TV\PanService\PandoraService.exe:*:Enabled:PandoraService"
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"
"D:\program files\origingames\Mass Effect 3\Binaries\Win32\MassEffect3.exe"="D:\program files\origingames\Mass Effect 3\Binaries\Win32\MassEffect3.exe:*:Enabled:Mass Effect™ 3"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Documents and Settings\Kopkovi\Local Settings\Temp\alg.exe"="C:\Documents and Settings\Kopkovi\Local Settings\Temp\alg.exe:*:Enabled:Application Layer Gateway Service"
"C:\WINDOWS\system32\lsass.exe"="C:\WINDOWS\system32\lsass.exe:*:Enabled:LSA Shell"
"D:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe"="D:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe:*:Enabled:Rosetta Stone Ltd Services"
"D:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe"="D:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe:*:Enabled:Rosetta Stone Version 3 Application"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=i420vfw.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"msacm.siren"=sirenacm.dll
"msacm.ac3filter"=ac3filter.acm
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"msacm.lhacm"=lhacm.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.DIVX"=divx.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"msacm.avis"=ff_acm.acm
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"VIDC.FMVC"=fmcodec.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======List of files/folders created in the last 1 month======
2012-09-12 20:22:53 ----D---- C:\_OTM
2012-09-12 19:12:49 ----D---- C:\rsit
2012-09-12 19:12:49 ----D---- C:\Program Files\trend micro
2012-09-12 17:06:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2736233$
2012-08-15 09:59:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2712808$
2012-08-15 09:56:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2731847$
2012-08-15 09:49:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2705219$
2012-08-15 09:47:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2723135$
2012-08-14 13:04:23 ----A---- C:\WINDOWS\imsins.BAK
2012-08-14 13:00:41 ----HDC---- C:\WINDOWS\ie8
2012-08-14 11:35:06 ----A---- C:\WINDOWS\system32\cohelper.dll
2012-08-14 11:35:04 ----A---- C:\WINDOWS\system32\nvunrm.exe
======List of files/folders modified in the last 1 month======
2012-09-12 20:26:44 ----D---- C:\WINDOWS\Prefetch
2012-09-12 20:25:57 ----D---- C:\WINDOWS\Temp
2012-09-12 20:25:08 ----D---- C:\WINDOWS\system32\CatRoot2
2012-09-12 20:23:58 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-09-12 20:23:47 ----D---- C:\WINDOWS\system32\drivers\etc
2012-09-12 20:23:45 ----D---- C:\WINDOWS\system32
2012-09-12 20:23:45 ----D---- C:\WINDOWS
2012-09-12 20:22:54 ----SD---- C:\WINDOWS\Tasks
2012-09-12 20:22:54 ----D---- C:\Program Files
2012-09-12 19:46:01 ----D---- C:\Documents and Settings\crocket\Data aplikací\HPAppData
2012-09-12 19:44:44 ----HD---- C:\Program Files\InstallShield Installation Information
2012-09-12 19:44:12 ----D---- C:\Program Files\CyberLink
2012-09-12 19:01:44 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2012-09-12 17:07:18 ----SHD---- C:\WINDOWS\Installer
2012-09-12 17:07:17 ----SHD---- C:\Config.Msi
2012-09-12 17:07:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-09-12 17:06:21 ----HD---- C:\WINDOWS\inf
2012-09-12 17:05:25 ----HD---- C:\WINDOWS\$hf_mig$
2012-09-12 17:00:13 ----A---- C:\WINDOWS\system32\MRT.exe
2012-09-09 20:15:20 ----D---- C:\Documents and Settings\crocket\Data aplikací\uTorrent
2012-09-07 17:36:56 ----D---- C:\WINDOWS\system32\DirectX
2012-09-07 17:35:55 ----RSD---- C:\WINDOWS\assembly
2012-09-03 14:42:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Origin
2012-09-03 14:41:58 ----D---- C:\Documents and Settings\crocket\Data aplikací\Origin
2012-08-18 19:20:56 ----D---- C:\Program Files\Mozilla Firefox
2012-08-15 19:53:13 ----D---- C:\Documents and Settings\crocket\Data aplikací\Ubisoft
2012-08-15 19:39:48 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-08-15 19:39:48 ----D---- C:\Program Files\Microsoft
2012-08-15 19:33:36 ----RSD---- C:\WINDOWS\Fonts
2012-08-15 18:45:19 ----D---- C:\Program Files\DVDVideoSoft
2012-08-15 18:43:29 ----D---- C:\Program Files\Common Files
2012-08-15 17:50:20 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-08-15 17:16:44 ----D---- C:\Documents and Settings\crocket\Data aplikací\Vso
2012-08-15 14:10:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2012-08-15 11:54:35 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-08-15 11:54:14 ----D---- C:\WINDOWS\system32\drivers
2012-08-15 11:54:07 ----D---- C:\Program Files\NVIDIA Corporation
2012-08-15 11:16:26 ----RSH---- C:\boot.ini
2012-08-15 11:16:26 ----A---- C:\WINDOWS\win.ini
2012-08-15 11:16:26 ----A---- C:\WINDOWS\system.ini
2012-08-15 10:50:03 ----D---- C:\WINDOWS\system32\CatRoot
2012-08-15 09:42:16 ----D---- C:\Program Files\Internet Explorer
2012-08-15 09:41:17 ----SHD---- C:\System Volume Information
2012-08-15 09:41:17 ----D---- C:\WINDOWS\system32\Restore
2012-08-14 14:54:57 ----D---- C:\WINDOWS\ie8updates
2012-08-14 14:40:19 ----D---- C:\WINDOWS\system32\cs-cz
2012-08-14 14:40:18 ----D---- C:\WINDOWS\Media
2012-08-14 14:40:18 ----D---- C:\WINDOWS\Help
2012-08-14 13:18:48 ----D---- C:\WINDOWS\Microsoft.NET
2012-08-14 13:16:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-08-14 13:16:00 ----D---- C:\WINDOWS\WinSxS
2012-08-14 12:54:32 ----D---- C:\WINDOWS\Debug
2012-08-14 12:44:08 ----D---- C:\Program Files\SUPERAntiSpyware
2012-08-14 09:56:57 ----D---- C:\NVIDIA
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2012-03-20 171064]
R0 nvgts;nvgts; C:\WINDOWS\system32\DRIVERS\nvgts.sys [2008-08-18 145952]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2006-06-14 58232]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2006-02-21 19968]
R0 sfsync04;StarForce Protection Synchronization Driver (version 4.x); C:\WINDOWS\System32\drivers\sfsync04.sys [2006-06-14 59264]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2006-06-14 78184]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-05-08 721904]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 MpKsl94a48061;MpKsl94a48061; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{77412415-C864-4C59-8587-8FEE1EC1607C}\MpKsl94a48061.sys []
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2011-06-15 60156]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2012-05-09 281760]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2012-05-09 25888]
R2 TBPanel;TBPanel; C:\WINDOWS\system32\drivers\TBPanel.sys [2007-03-16 12256]
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-10-28 49920]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-10-28 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-10-28 21568]
R3 LgBttPort;LGE Bluetooth TransPort; C:\WINDOWS\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]
R3 LGVMODEM;LGE Virtual Modem; C:\WINDOWS\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-05-15 14014656]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2009-07-01 66688]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2009-07-01 13824]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-11-06 47360]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2009-11-11 27744]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-03-02 5888]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2011-06-14 2801904]
S1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys []
S1 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys []
S1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys []
S1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys []
S2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys []
S2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys []
S3 alc7hf95;alc7hf95; C:\WINDOWS\system32\drivers\alc7hf95.sys []
S3 AMBFilt;AMBFilt; C:\WINDOWS\system32\drivers\AMBFilt.sys [2009-06-26 1656960]
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-12-02 3452928]
S3 Cardex;Cardex; \??\C:\WINDOWS\system32\drivers\TBPANEL.SYS []
S3 DualCoreCenter;DualCoreCenter; \??\C:\Program Files\MSI\DualCoreCenter\NTGLM7X.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 GPU-Z;GPU-Z; \??\C:\DOCUME~1\crocket\LOCALS~1\Temp\GPU-Z.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-05-10 4419584]
S3 MonFilt;MonFilt; C:\WINDOWS\system32\drivers\MonFilt.sys [2008-12-02 1389056]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSI_DVD_010507;MSI_DVD_010507; \??\C:\PROGRA~1\MSI\MSIWDev\DVDSYS32_100507.sys []
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; \??\C:\PROGRA~1\MSI\MSIWDev\msibios32_100507.sys []
S3 MSI_VGASYS_010507;MSI_VGASYS_010507; \??\C:\PROGRA~1\MSI\MSIWDev\VGASYS32_100507.sys []
S3 NETIMFLT;PANDA NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\netimflt.sys []
S3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2007-07-12 96384]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2010-07-06 234392]
S3 RushTopDevice2;RushTopDevice2; \??\C:\Program Files\MSI\DualCoreCenter\RushTop.sys []
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 se59bus;Sony Ericsson Device 089 driver (WDM); C:\WINDOWS\system32\DRIVERS\se59bus.sys [2006-09-05 61536]
S3 se59mgmt;Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se59mgmt.sys [2006-09-05 88624]
S3 se59nd5;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (NDIS); C:\WINDOWS\system32\DRIVERS\se59nd5.sys [2006-09-05 18704]
S3 se59obex;Sony Ericsson Device 089 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se59obex.sys [2006-09-05 86432]
S3 se59unic;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM); C:\WINDOWS\system32\DRIVERS\se59unic.sys [2006-09-05 90800]
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-10-24 6784]
S3 tapvpn;TAP VPN Adapter; C:\WINDOWS\system32\DRIVERS\tapvpn.sys [2006-10-26 27136]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2012-02-15 43520]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2010-10-21 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2010-10-21 20864]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2010-10-21 25216]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2009-01-30 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-12-01 598016]
R2 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 KaraokeService;VIA Karaoke digital mixer Service; C:\WINDOWS\system32\KaraokeSer.exe [2011-06-14 88688]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 11552]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2012-05-15 164160]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 sfrem01;SF FrontLine Drivers Auto Removal (v1); C:\WINDOWS\system32\sfrem01.exe [2006-05-10 353912]
S2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-05-16 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-12-20 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Služba Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-04-28 704872]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe []
S3 HssTrayService;Hotspot Shield Tray Service; C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE [2009-06-01 34352]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-03-06 821608]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []
S3 nosGetPlusHelper;getPlus(R) Helper 3004; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-10-11 3369044]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-02-27 55144]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 390504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-06-16 153352]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2012-05-23 66872]
S4 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: počítač padá a zamrzá
Dvouklikem na soubor C:\Program Files\trend micro\crocket.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp<. OTM po sobě uklidí. Nakonec restartujte PC.R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-796845957-115176313-682003330-1009\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Kopkovi\Nabídka Start\Programy\IMVU\Run IMVU.lnk (file missing)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {288CED07-83F7-4077-A3A6-FED1A1707B97} (AFCSbsStarter Control) - http://gorealradown.sbs.co.kr/streamer/ ... tarter.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/ ... 10.115.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader2.cab
O16 - DPF: {B9B38E70-EEF6-4E3A-AE84-DDE59A053B7C} (Daum ActiveX manager Class) - http://mail.daum.net/hanmail-ax/DaumAct ... er=2,0,1,4
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.12) - http://www.yougamers.com/systeminfo/MSC3.cab
O21 - SSODL: SwUpdate - {003541A1-3BC0-1B1C-AAF3-040114001C01} - (no file)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: počítač padá a zamrzá
Děkuju moc, to je všechno? Nemám ještě dát log z rsit nebo tak? Už můžu zkusit jestli to padá nebo ne? :3
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: počítač padá a zamrzá
Smazány všechny zbytečnosti. Nic dalšího nevidím. Vyzkoušejte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: počítač padá a zamrzá
Tak některé věci které mi to předtím shazovaly už fungují (např. stahování větších souborů), ale jiná věc mi hodila docela specifickou modrou obrazovku, kterou jsem předtím neviděla.
Potíže pravděpodobně způsobil soubor NDIS.sys
PAGE_FAULT_IN_NONPAGED_AREA
a technické informace :
STOP: 0 x 00000050 ( 0 x BC789CSE, 0 x 00000000, 0 x B7CA9F2E, 0 x 00000002)
NDIS.sys address B7CA9F2E base at B7CA3000 DateStamp 48023d03
možná jsem něco opsala špatně jelikož jsem spěchala :/
co s tím?
Potíže pravděpodobně způsobil soubor NDIS.sys
PAGE_FAULT_IN_NONPAGED_AREA
a technické informace :
STOP: 0 x 00000050 ( 0 x BC789CSE, 0 x 00000000, 0 x B7CA9F2E, 0 x 00000002)
NDIS.sys address B7CA9F2E base at B7CA3000 DateStamp 48023d03
možná jsem něco opsala špatně jelikož jsem spěchala :/
co s tím?
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: počítač padá a zamrzá
Dejte log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: počítač padá a zamrzá
tak tady je xD trvalo to dlouhooo
ComboFix 12-09-12.03 - crocket 12.09.2012 22:05:17.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1791.1097 [GMT 2:00]
Spuštěný z: c:\documents and settings\crocket\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\DPINST.LOG
c:\windows\IsUn0405.exe
c:\windows\msvcr71.dll
c:\windows\system32\BReWErS.dll
c:\windows\system32\dllcache\dlimport.exe
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-08-12 do 2012-09-12 )))))))))))))))))))))))))))))))
.
.
2012-09-12 19:56 . 2012-09-12 19:56 -------- d--h--w- c:\documents and settings\crocket\Okolní tiskárny
2012-09-12 19:17 . 2012-09-12 19:17 29904 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{77412415-C864-4C59-8587-8FEE1EC1607C}\MpKslbf900156.sys
2012-09-12 17:15 . 2012-08-23 07:15 7022536 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{77412415-C864-4C59-8587-8FEE1EC1607C}\mpengine.dll
2012-09-12 17:12 . 2012-09-12 18:48 -------- d-----w- c:\program files\trend micro
2012-09-11 16:56 . 2012-08-23 07:15 7022536 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-08-15 14:45 . 2012-08-15 14:45 -------- d-----w- c:\documents and settings\Kopkovi\Plocha
2012-08-15 09:38 . 2012-08-15 09:38 -------- d-sh--w- c:\documents and settings\crocket\IECompatCache
2012-08-14 11:11 . 2012-07-02 17:38 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
2012-08-14 11:00 . 2012-08-14 11:04 -------- dc-h--w- c:\windows\ie8
2012-08-14 09:35 . 2009-07-01 09:55 701440 ----a-w- c:\windows\system32\cohelper.dll
2012-08-14 09:35 . 2009-06-30 22:42 485920 ----a-w- c:\windows\system32\nvunrm.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-15 15:50 . 2012-05-14 23:55 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-15 15:50 . 2011-06-17 13:29 70344 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-06 13:58 . 2006-03-02 12:00 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05 . 2008-05-15 12:13 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 18:22 . 2006-03-02 12:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:38 . 2006-03-02 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:38 . 2006-03-02 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2012-07-02 17:38 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05 . 2006-03-02 12:00 385024 ------w- c:\windows\system32\html.iec
2012-06-16 00:01 . 2008-05-16 19:49 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-06-16 00:01 . 2012-06-16 00:01 476936 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-06-16 00:01 . 2010-04-20 08:31 472840 ----a-w- c:\windows\system32\deployJava1.dll
2012-01-29 16:10 . 2012-02-03 00:53 134104 -c--a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2010-02-09 09:53 87552 -csh--w- c:\windows\system32\h4x0r.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\crocket\Data aplikací\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\crocket\Data aplikací\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\crocket\Data aplikací\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\crocket\Data aplikací\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2011-06-20 41101936]
"QuickTime Task"="d:\quicktime\qttask.exe" [2011-10-24 421888]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-05-15 15504192]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2012-05-15 108352]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2010-10-20 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2010-10-20 13:19 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^DualCoreCenter.lnk]
backup=c:\windows\pss\DualCoreCenter.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^crocket^Nabídka Start^Programy^Po spuštění^Dropbox.lnk]
path=c:\documents and settings\crocket\Nabídka Start\Programy\Po spuštění\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^crocket^Nabídka Start^Programy^Po spuštění^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\documents and settings\crocket\Nabídka Start\Programy\Po spuštění\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^crocket^Nabídka Start^Programy^Po spuštění^µTorrent.lnk]
path=c:\documents and settings\crocket\Nabídka Start\Programy\Po spuštění\µTorrent.lnk
backup=c:\windows\pss\µTorrent.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdVantage
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-04-04 05:53 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2011-01-25 13:33 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-02-22 03:57 406992 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\amd_dc_opt]
2008-07-22 12:53 77824 ----a-w- c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-02-20 19:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-04-23 13:51 691656 ------w- d:\daemon\DAEMON Tools Lite\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DelReg]
2008-05-13 17:26 196608 -c--a-w- c:\program files\MSI\DualCoreCenter\DelReg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DWQueuedReporting]
2011-07-27 03:13 434080 ----a-w- c:\progra~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX3800 Series]
2005-02-08 04:00 98304 -c--a-w- c:\windows\system32\spool\drivers\w32x86\3\E_FATIACE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-09-07 18:35 136176 ----atw- c:\documents and settings\crocket\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 16:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-05-08 15:24 54840 -c--a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2006-03-02 12:00 208952 -c--a-w- c:\windows\ime\imjp8_1\imjpmig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-03-06 17:05 421736 ----a-w- d:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
2008-04-14 03:22 171008 -c--a-w- c:\windows\pchealth\helpctr\binaries\msconfig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2010-04-16 21:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
2006-03-02 12:00 59392 -c--a-w- c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
2006-03-02 12:00 455168 -c--a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
2006-03-02 12:00 455168 -c--a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 13:28 421888 ----a-w- d:\quicktime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2007-05-10 10:08 16342528 ------r- c:\windows\RTHDCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 13:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 12:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TBPanel]
2008-01-09 13:33 2169384 ----a-w- c:\program files\VDOTool\TBPANEL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2006-11-03 17:20 866584 -c--a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"CiSvc"=3 (0x3)
"WSearch"=2 (0x2)
"RichVideo"=2 (0x2)
"PnkBstrA"=2 (0x2)
"Pml Driver HPZ12"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"Bonjour Service"=2 (0x2)
"BBUpdate"=2 (0x2)
"BBSvc"=2 (0x2)
"Apple Mobile Device"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\uTorrent\\utorrent.exe"=
"d:\\Program Files\\Rosetta Stone\\Rosetta Stone Version 3\\support\\bin\\win\\RosettaStoneLtdServices.exe"=
"d:\\Program Files\\Rosetta Stone\\Rosetta Stone Version 3\\RosettaStoneVersion3.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\DsNET Corp\\aTube Catcher 2.0\\yct.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Documents and Settings\\crocket\\Data aplikací\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"d:\\program files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\PANDORA.TV\\PanService\\PandoraService.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"d:\\program files\\origingames\\Mass Effect 3\\Binaries\\Win32\\MassEffect3.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
"4100:UDP"= 4100:UDP:uPNP Router Control Port
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [8.5.2009 14:16 721904]
R1 MpKslbf900156;MpKslbf900156;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{77412415-C864-4C59-8587-8FEE1EC1607C}\MpKslbf900156.sys [12.9.2012 21:17 29904]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [10.10.2006 12:53 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [27.2.2007 11:39 67656]
R2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe [27.8.2009 18:09 1253376]
R2 KaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\KaraokeSer.exe [9.7.2012 21:14 88688]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [16.3.2012 16:27 1262400]
R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\drivers\lgbtport.sys [29.9.2009 8:11 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\drivers\lgbtbus.sys [29.9.2009 8:11 10496]
R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\drivers\lgvmodem.sys [29.9.2009 8:11 12928]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [6.11.2009 23:50 47360]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [9.7.2012 21:14 2801904]
S1 aswSP;avast! Self Protection; [x]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys --> c:\windows\system32\DRIVERS\aswFsBlk.sys [?]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 19:19 13592]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [15.5.2012 1:55 250056]
S3 AMBFilt;AMBFilt;c:\windows\system32\drivers\Ambfilt.sys [9.7.2012 21:14 1656960]
S3 DualCoreCenter;DualCoreCenter;c:\program files\MSI\DualCoreCenter\NTGLM7X.sys [20.10.2010 15:16 28672]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Common Files\MAGIX Services\Database\bin\fbserver.exe [7.8.2008 12:10 3276800]
S3 GPU-Z;GPU-Z;\??\c:\docume~1\crocket\LOCALS~1\Temp\GPU-Z.sys --> c:\docume~1\crocket\LOCALS~1\Temp\GPU-Z.sys [?]
S3 MSI_DVD_010507;MSI_DVD_010507;c:\progra~1\MSI\MSIWDev\DVDSYS32_100507.sys [10.5.2010 10:44 22328]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\progra~1\MSI\MSIWDev\msibios32_100507.sys [10.5.2010 10:44 25912]
S3 MSI_VGASYS_010507;MSI_VGASYS_010507;c:\progra~1\MSI\MSIWDev\VGASYS32_100507.sys [10.5.2010 10:44 16696]
S3 NETIMFLT;PANDA NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\netimflt.sys --> c:\windows\system32\DRIVERS\netimflt.sys [?]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [2.3.2006 14:00 14336]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 RushTopDevice2;RushTopDevice2;c:\program files\MSI\DualCoreCenter\RushTop.sys [20.10.2010 15:16 55296]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [16.2.2006 16:51 12872]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 14:37 517096]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2012-09-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-14 15:50]
.
2012-09-06 c:\windows\Tasks\AdobeAAMUpdater-1.0-HOME-7B402F244E-Kopkovi.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2011-01-25 13:33]
.
2012-08-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = 210.176.171.237:8080
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} - hxxp://www.myheritage.cz/Genoogle/Components/A ... eQuery.dll
FF - ProfilePath - c:\documents and settings\crocket\Data aplikací\Mozilla\Firefox\Profiles\bwh4f8pa.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.tools4arab.com/start
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKU-Default-Run-iLike - c:\program files\iLike\1.2.12\ilikesidebar.exe
Notify-avldr - avldr.dll
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe
MSConfigStartUp-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
MSConfigStartUp-LanguageShortcut - c:\program files\CyberLink\PowerDVD\Language\Language.exe
MSConfigStartUp-NeroFilterCheck - c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
MSConfigStartUp-PWRISOVM - i:\program files\PowerISO\PWRISOVM.EXE
MSConfigStartUp-RemoteControl - c:\program files\CyberLink\PowerDVD\PDVDServ.exe
MSConfigStartUp-WinampAgent - d:\program files\Winamp\winampa.exe
AddRemove-Free Studio_is1 - c:\program files\Common Files\DVDVideoSoft\Uninstall.exe
AddRemove-PowerISO - i:\program files\PowerISO\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-09-12 22:15
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-796845957-115176313-682003330-1007\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-796845957-115176313-682003330-1007\Software\SecuROM\License information*]
"datasecu"=hex:77,47,10,de,cf,0e,6b,65,e9,b8,1d,99,e3,0c,a9,94,12,57,2c,8e,5b,
f5,01,58,bc,55,ea,6c,22,02,04,15,d1,b5,95,bc,05,a9,7d,90,d9,20,1d,c8,b9,fa,\
"rkeysecu"=hex:12,34,aa,e5,d2,de,2e,13,5a,57,d6,23,52,33,38,62
.
[HKEY_LOCAL_MACHINE\software\AI-Net\ĘNf‡eW[á“U*n*i*c*o*d*e*E*d*i*t*i*o*n*\1.0]
@=""
"InstallDir"="c:\\Program Files\\?????UnicodeEdition\\"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(844)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(2512)
c:\documents and settings\crocket\Data aplikací\Dropbox\bin\DropboxExt.14.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2012-09-12 22:24:15 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-09-12 20:23
.
Před spuštěním: 9 654 415 360
Po spuštění: 9 408 884 736
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /usepmtimer
.
- - End Of File - - 9BD14EDE6B6B711B2D94DD6A87C1CF53
ComboFix 12-09-12.03 - crocket 12.09.2012 22:05:17.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1791.1097 [GMT 2:00]
Spuštěný z: c:\documents and settings\crocket\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\DPINST.LOG
c:\windows\IsUn0405.exe
c:\windows\msvcr71.dll
c:\windows\system32\BReWErS.dll
c:\windows\system32\dllcache\dlimport.exe
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-08-12 do 2012-09-12 )))))))))))))))))))))))))))))))
.
.
2012-09-12 19:56 . 2012-09-12 19:56 -------- d--h--w- c:\documents and settings\crocket\Okolní tiskárny
2012-09-12 19:17 . 2012-09-12 19:17 29904 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{77412415-C864-4C59-8587-8FEE1EC1607C}\MpKslbf900156.sys
2012-09-12 17:15 . 2012-08-23 07:15 7022536 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{77412415-C864-4C59-8587-8FEE1EC1607C}\mpengine.dll
2012-09-12 17:12 . 2012-09-12 18:48 -------- d-----w- c:\program files\trend micro
2012-09-11 16:56 . 2012-08-23 07:15 7022536 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-08-15 14:45 . 2012-08-15 14:45 -------- d-----w- c:\documents and settings\Kopkovi\Plocha
2012-08-15 09:38 . 2012-08-15 09:38 -------- d-sh--w- c:\documents and settings\crocket\IECompatCache
2012-08-14 11:11 . 2012-07-02 17:38 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
2012-08-14 11:00 . 2012-08-14 11:04 -------- dc-h--w- c:\windows\ie8
2012-08-14 09:35 . 2009-07-01 09:55 701440 ----a-w- c:\windows\system32\cohelper.dll
2012-08-14 09:35 . 2009-06-30 22:42 485920 ----a-w- c:\windows\system32\nvunrm.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-15 15:50 . 2012-05-14 23:55 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-15 15:50 . 2011-06-17 13:29 70344 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-06 13:58 . 2006-03-02 12:00 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05 . 2008-05-15 12:13 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 18:22 . 2006-03-02 12:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:38 . 2006-03-02 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:38 . 2006-03-02 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2012-07-02 17:38 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05 . 2006-03-02 12:00 385024 ------w- c:\windows\system32\html.iec
2012-06-16 00:01 . 2008-05-16 19:49 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-06-16 00:01 . 2012-06-16 00:01 476936 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-06-16 00:01 . 2010-04-20 08:31 472840 ----a-w- c:\windows\system32\deployJava1.dll
2012-01-29 16:10 . 2012-02-03 00:53 134104 -c--a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2010-02-09 09:53 87552 -csh--w- c:\windows\system32\h4x0r.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\crocket\Data aplikací\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\crocket\Data aplikací\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\crocket\Data aplikací\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\crocket\Data aplikací\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2011-06-20 41101936]
"QuickTime Task"="d:\quicktime\qttask.exe" [2011-10-24 421888]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-05-15 15504192]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2012-05-15 108352]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2010-10-20 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2010-10-20 13:19 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^DualCoreCenter.lnk]
backup=c:\windows\pss\DualCoreCenter.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^crocket^Nabídka Start^Programy^Po spuštění^Dropbox.lnk]
path=c:\documents and settings\crocket\Nabídka Start\Programy\Po spuštění\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^crocket^Nabídka Start^Programy^Po spuštění^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\documents and settings\crocket\Nabídka Start\Programy\Po spuštění\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^crocket^Nabídka Start^Programy^Po spuštění^µTorrent.lnk]
path=c:\documents and settings\crocket\Nabídka Start\Programy\Po spuštění\µTorrent.lnk
backup=c:\windows\pss\µTorrent.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdVantage
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-04-04 05:53 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2011-01-25 13:33 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-02-22 03:57 406992 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\amd_dc_opt]
2008-07-22 12:53 77824 ----a-w- c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-02-20 19:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-04-23 13:51 691656 ------w- d:\daemon\DAEMON Tools Lite\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DelReg]
2008-05-13 17:26 196608 -c--a-w- c:\program files\MSI\DualCoreCenter\DelReg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DWQueuedReporting]
2011-07-27 03:13 434080 ----a-w- c:\progra~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX3800 Series]
2005-02-08 04:00 98304 -c--a-w- c:\windows\system32\spool\drivers\w32x86\3\E_FATIACE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-09-07 18:35 136176 ----atw- c:\documents and settings\crocket\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 16:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-05-08 15:24 54840 -c--a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2006-03-02 12:00 208952 -c--a-w- c:\windows\ime\imjp8_1\imjpmig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-03-06 17:05 421736 ----a-w- d:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
2008-04-14 03:22 171008 -c--a-w- c:\windows\pchealth\helpctr\binaries\msconfig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2010-04-16 21:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
2006-03-02 12:00 59392 -c--a-w- c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
2006-03-02 12:00 455168 -c--a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
2006-03-02 12:00 455168 -c--a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 13:28 421888 ----a-w- d:\quicktime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2007-05-10 10:08 16342528 ------r- c:\windows\RTHDCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 13:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 12:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TBPanel]
2008-01-09 13:33 2169384 ----a-w- c:\program files\VDOTool\TBPANEL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2006-11-03 17:20 866584 -c--a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"CiSvc"=3 (0x3)
"WSearch"=2 (0x2)
"RichVideo"=2 (0x2)
"PnkBstrA"=2 (0x2)
"Pml Driver HPZ12"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"Bonjour Service"=2 (0x2)
"BBUpdate"=2 (0x2)
"BBSvc"=2 (0x2)
"Apple Mobile Device"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\uTorrent\\utorrent.exe"=
"d:\\Program Files\\Rosetta Stone\\Rosetta Stone Version 3\\support\\bin\\win\\RosettaStoneLtdServices.exe"=
"d:\\Program Files\\Rosetta Stone\\Rosetta Stone Version 3\\RosettaStoneVersion3.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\DsNET Corp\\aTube Catcher 2.0\\yct.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Documents and Settings\\crocket\\Data aplikací\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"d:\\program files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\PANDORA.TV\\PanService\\PandoraService.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"d:\\program files\\origingames\\Mass Effect 3\\Binaries\\Win32\\MassEffect3.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
"4100:UDP"= 4100:UDP:uPNP Router Control Port
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [8.5.2009 14:16 721904]
R1 MpKslbf900156;MpKslbf900156;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{77412415-C864-4C59-8587-8FEE1EC1607C}\MpKslbf900156.sys [12.9.2012 21:17 29904]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [10.10.2006 12:53 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [27.2.2007 11:39 67656]
R2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe [27.8.2009 18:09 1253376]
R2 KaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\KaraokeSer.exe [9.7.2012 21:14 88688]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [16.3.2012 16:27 1262400]
R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\drivers\lgbtport.sys [29.9.2009 8:11 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\drivers\lgbtbus.sys [29.9.2009 8:11 10496]
R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\drivers\lgvmodem.sys [29.9.2009 8:11 12928]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [6.11.2009 23:50 47360]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [9.7.2012 21:14 2801904]
S1 aswSP;avast! Self Protection; [x]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys --> c:\windows\system32\DRIVERS\aswFsBlk.sys [?]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 19:19 13592]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [15.5.2012 1:55 250056]
S3 AMBFilt;AMBFilt;c:\windows\system32\drivers\Ambfilt.sys [9.7.2012 21:14 1656960]
S3 DualCoreCenter;DualCoreCenter;c:\program files\MSI\DualCoreCenter\NTGLM7X.sys [20.10.2010 15:16 28672]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Common Files\MAGIX Services\Database\bin\fbserver.exe [7.8.2008 12:10 3276800]
S3 GPU-Z;GPU-Z;\??\c:\docume~1\crocket\LOCALS~1\Temp\GPU-Z.sys --> c:\docume~1\crocket\LOCALS~1\Temp\GPU-Z.sys [?]
S3 MSI_DVD_010507;MSI_DVD_010507;c:\progra~1\MSI\MSIWDev\DVDSYS32_100507.sys [10.5.2010 10:44 22328]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\progra~1\MSI\MSIWDev\msibios32_100507.sys [10.5.2010 10:44 25912]
S3 MSI_VGASYS_010507;MSI_VGASYS_010507;c:\progra~1\MSI\MSIWDev\VGASYS32_100507.sys [10.5.2010 10:44 16696]
S3 NETIMFLT;PANDA NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\netimflt.sys --> c:\windows\system32\DRIVERS\netimflt.sys [?]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [2.3.2006 14:00 14336]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 RushTopDevice2;RushTopDevice2;c:\program files\MSI\DualCoreCenter\RushTop.sys [20.10.2010 15:16 55296]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [16.2.2006 16:51 12872]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 14:37 517096]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2012-09-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-14 15:50]
.
2012-09-06 c:\windows\Tasks\AdobeAAMUpdater-1.0-HOME-7B402F244E-Kopkovi.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2011-01-25 13:33]
.
2012-08-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = 210.176.171.237:8080
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} - hxxp://www.myheritage.cz/Genoogle/Components/A ... eQuery.dll
FF - ProfilePath - c:\documents and settings\crocket\Data aplikací\Mozilla\Firefox\Profiles\bwh4f8pa.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.tools4arab.com/start
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKU-Default-Run-iLike - c:\program files\iLike\1.2.12\ilikesidebar.exe
Notify-avldr - avldr.dll
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe
MSConfigStartUp-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
MSConfigStartUp-LanguageShortcut - c:\program files\CyberLink\PowerDVD\Language\Language.exe
MSConfigStartUp-NeroFilterCheck - c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
MSConfigStartUp-PWRISOVM - i:\program files\PowerISO\PWRISOVM.EXE
MSConfigStartUp-RemoteControl - c:\program files\CyberLink\PowerDVD\PDVDServ.exe
MSConfigStartUp-WinampAgent - d:\program files\Winamp\winampa.exe
AddRemove-Free Studio_is1 - c:\program files\Common Files\DVDVideoSoft\Uninstall.exe
AddRemove-PowerISO - i:\program files\PowerISO\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-09-12 22:15
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-796845957-115176313-682003330-1007\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-796845957-115176313-682003330-1007\Software\SecuROM\License information*]
"datasecu"=hex:77,47,10,de,cf,0e,6b,65,e9,b8,1d,99,e3,0c,a9,94,12,57,2c,8e,5b,
f5,01,58,bc,55,ea,6c,22,02,04,15,d1,b5,95,bc,05,a9,7d,90,d9,20,1d,c8,b9,fa,\
"rkeysecu"=hex:12,34,aa,e5,d2,de,2e,13,5a,57,d6,23,52,33,38,62
.
[HKEY_LOCAL_MACHINE\software\AI-Net\ĘNf‡eW[á“U*n*i*c*o*d*e*E*d*i*t*i*o*n*\1.0]
@=""
"InstallDir"="c:\\Program Files\\?????UnicodeEdition\\"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(844)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(2512)
c:\documents and settings\crocket\Data aplikací\Dropbox\bin\DropboxExt.14.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2012-09-12 22:24:15 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-09-12 20:23
.
Před spuštěním: 9 654 415 360
Po spuštění: 9 408 884 736
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /usepmtimer
.
- - End Of File - - 9BD14EDE6B6B711B2D94DD6A87C1CF53
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: počítač padá a zamrzá
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.KillAll::
Driver::
aswSP
aswFsBlk
Firefox::
FF - ProfilePath - c:\documents and settings\crocket\Data aplikací\Mozilla\Firefox\Profiles\bwh4f8pa.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.tools4arab.com/start
Regnull::
[HKEY_USERS\S-1-5-21-796845957-115176313-682003330-1007\Software\Microsoft\SystemCertificates\AddressBook*]
[HKEY_USERS\S-1-5-21-796845957-115176313-682003330-1007\Software\SecuROM\License information*]
RegLock::
[HKEY_LOCAL_MACHINE\software\AI-Net\ĘNf‡eW[á“U*n*i*c*o*d*e*E*d*i*t*i*o*n*\1.0]
Reboot::
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: počítač padá a zamrzá
tak tady je log, ještě vyzkouším jestli to pořád padá
ComboFix 12-09-12.03 - crocket 12.09.2012 22:48:14.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1791.1067 [GMT 2:00]
Spuštěný z: c:\documents and settings\crocket\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\crocket\Plocha\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ASWFSBLK
-------\Service_aswFsBlk
-------\Service_aswSP
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-08-12 do 2012-09-12 )))))))))))))))))))))))))))))))
.
.
2012-09-12 20:24 . 2012-08-23 07:15 7022536 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{290181AD-992B-46E1-9508-62D1F53D6474}\mpengine.dll
2012-09-12 19:56 . 2012-09-12 19:56 -------- d--h--w- c:\documents and settings\crocket\Okolní tiskárny
2012-09-12 17:12 . 2012-09-12 18:48 -------- d-----w- c:\program files\trend micro
2012-09-11 16:56 . 2012-08-23 07:15 7022536 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-08-15 14:45 . 2012-08-15 14:45 -------- d-----w- c:\documents and settings\Kopkovi\Plocha
2012-08-15 09:38 . 2012-08-15 09:38 -------- d-sh--w- c:\documents and settings\crocket\IECompatCache
2012-08-14 11:11 . 2012-07-02 17:38 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
2012-08-14 11:00 . 2012-08-14 11:04 -------- dc-h--w- c:\windows\ie8
2012-08-14 09:35 . 2009-07-01 09:55 701440 ----a-w- c:\windows\system32\cohelper.dll
2012-08-14 09:35 . 2009-06-30 22:42 485920 ----a-w- c:\windows\system32\nvunrm.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-15 15:50 . 2012-05-14 23:55 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-15 15:50 . 2011-06-17 13:29 70344 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-06 13:58 . 2006-03-02 12:00 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05 . 2008-05-15 12:13 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 18:22 . 2006-03-02 12:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:38 . 2006-03-02 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:38 . 2006-03-02 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2012-07-02 17:38 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05 . 2006-03-02 12:00 385024 ------w- c:\windows\system32\html.iec
2012-06-16 00:01 . 2008-05-16 19:49 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-06-16 00:01 . 2012-06-16 00:01 476936 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-06-16 00:01 . 2010-04-20 08:31 472840 ----a-w- c:\windows\system32\deployJava1.dll
2012-01-29 16:10 . 2012-02-03 00:53 134104 -c--a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2010-02-09 09:53 87552 -csh--w- c:\windows\system32\h4x0r.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\crocket\Data aplikací\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\crocket\Data aplikací\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\crocket\Data aplikací\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\crocket\Data aplikací\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2011-06-20 41101936]
"QuickTime Task"="d:\quicktime\qttask.exe" [2011-10-24 421888]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-05-15 15504192]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2012-05-15 108352]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2010-10-20 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2010-10-20 13:19 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^DualCoreCenter.lnk]
backup=c:\windows\pss\DualCoreCenter.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^crocket^Nabídka Start^Programy^Po spuštění^Dropbox.lnk]
path=c:\documents and settings\crocket\Nabídka Start\Programy\Po spuštění\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^crocket^Nabídka Start^Programy^Po spuštění^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\documents and settings\crocket\Nabídka Start\Programy\Po spuštění\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^crocket^Nabídka Start^Programy^Po spuštění^µTorrent.lnk]
path=c:\documents and settings\crocket\Nabídka Start\Programy\Po spuštění\µTorrent.lnk
backup=c:\windows\pss\µTorrent.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-04-04 05:53 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2011-01-25 13:33 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-02-22 03:57 406992 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\amd_dc_opt]
2008-07-22 12:53 77824 ----a-w- c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-02-20 19:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-04-23 13:51 691656 ------w- d:\daemon\DAEMON Tools Lite\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DelReg]
2008-05-13 17:26 196608 -c--a-w- c:\program files\MSI\DualCoreCenter\DelReg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DWQueuedReporting]
2011-07-27 03:13 434080 ----a-w- c:\progra~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX3800 Series]
2005-02-08 04:00 98304 -c--a-w- c:\windows\system32\spool\drivers\w32x86\3\E_FATIACE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-09-07 18:35 136176 ----atw- c:\documents and settings\crocket\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 16:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-05-08 15:24 54840 -c--a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2006-03-02 12:00 208952 -c--a-w- c:\windows\ime\imjp8_1\imjpmig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-03-06 17:05 421736 ----a-w- d:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
2008-04-14 03:22 171008 -c--a-w- c:\windows\pchealth\helpctr\binaries\msconfig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2010-04-16 21:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
2006-03-02 12:00 59392 -c--a-w- c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
2006-03-02 12:00 455168 -c--a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
2006-03-02 12:00 455168 -c--a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 13:28 421888 ----a-w- d:\quicktime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2007-05-10 10:08 16342528 ------r- c:\windows\RTHDCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 13:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 12:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TBPanel]
2008-01-09 13:33 2169384 ----a-w- c:\program files\VDOTool\TBPANEL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2006-11-03 17:20 866584 -c--a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"CiSvc"=3 (0x3)
"WSearch"=2 (0x2)
"RichVideo"=2 (0x2)
"PnkBstrA"=2 (0x2)
"Pml Driver HPZ12"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"Bonjour Service"=2 (0x2)
"BBUpdate"=2 (0x2)
"BBSvc"=2 (0x2)
"Apple Mobile Device"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\uTorrent\\utorrent.exe"=
"d:\\Program Files\\Rosetta Stone\\Rosetta Stone Version 3\\support\\bin\\win\\RosettaStoneLtdServices.exe"=
"d:\\Program Files\\Rosetta Stone\\Rosetta Stone Version 3\\RosettaStoneVersion3.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\DsNET Corp\\aTube Catcher 2.0\\yct.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Documents and Settings\\crocket\\Data aplikací\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"d:\\program files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\PANDORA.TV\\PanService\\PandoraService.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"d:\\program files\\origingames\\Mass Effect 3\\Binaries\\Win32\\MassEffect3.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
"4100:UDP"= 4100:UDP:uPNP Router Control Port
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [8.5.2009 14:16 721904]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [10.10.2006 12:53 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [27.2.2007 11:39 67656]
R2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe [27.8.2009 18:09 1253376]
R2 KaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\KaraokeSer.exe [9.7.2012 21:14 88688]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [16.3.2012 16:27 1262400]
R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\drivers\lgbtport.sys [29.9.2009 8:11 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\drivers\lgbtbus.sys [29.9.2009 8:11 10496]
R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\drivers\lgvmodem.sys [29.9.2009 8:11 12928]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [6.11.2009 23:50 47360]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [9.7.2012 21:14 2801904]
S1 MpKslbf900156;MpKslbf900156;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{77412415-C864-4C59-8587-8FEE1EC1607C}\MpKslbf900156.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{77412415-C864-4C59-8587-8FEE1EC1607C}\MpKslbf900156.sys [?]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 19:19 13592]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [15.5.2012 1:55 250056]
S3 AMBFilt;AMBFilt;c:\windows\system32\drivers\Ambfilt.sys [9.7.2012 21:14 1656960]
S3 DualCoreCenter;DualCoreCenter;c:\program files\MSI\DualCoreCenter\NTGLM7X.sys [20.10.2010 15:16 28672]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Common Files\MAGIX Services\Database\bin\fbserver.exe [7.8.2008 12:10 3276800]
S3 GPU-Z;GPU-Z;\??\c:\docume~1\crocket\LOCALS~1\Temp\GPU-Z.sys --> c:\docume~1\crocket\LOCALS~1\Temp\GPU-Z.sys [?]
S3 MSI_DVD_010507;MSI_DVD_010507;c:\progra~1\MSI\MSIWDev\DVDSYS32_100507.sys [10.5.2010 10:44 22328]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\progra~1\MSI\MSIWDev\msibios32_100507.sys [10.5.2010 10:44 25912]
S3 MSI_VGASYS_010507;MSI_VGASYS_010507;c:\progra~1\MSI\MSIWDev\VGASYS32_100507.sys [10.5.2010 10:44 16696]
S3 NETIMFLT;PANDA NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\netimflt.sys --> c:\windows\system32\DRIVERS\netimflt.sys [?]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [2.3.2006 14:00 14336]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 RushTopDevice2;RushTopDevice2;c:\program files\MSI\DualCoreCenter\RushTop.sys [20.10.2010 15:16 55296]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [16.2.2006 16:51 12872]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 14:37 517096]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2012-09-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-14 15:50]
.
2012-09-06 c:\windows\Tasks\AdobeAAMUpdater-1.0-HOME-7B402F244E-Kopkovi.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2011-01-25 13:33]
.
2012-08-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = 210.176.171.237:8080
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} - hxxp://www.myheritage.cz/Genoogle/Components/A ... eQuery.dll
FF - ProfilePath - c:\documents and settings\crocket\Data aplikací\Mozilla\Firefox\Profiles\bwh4f8pa.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-09-12 23:00
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-796845957-115176313-682003330-1007\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\AI-Net\ĘNf‡eW[á“U*n*i*c*o*d*e*E*d*i*t*i*o*n*\1.0]
@=""
"InstallDir"="c:\\Program Files\\?????UnicodeEdition\\"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(844)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(2640)
c:\documents and settings\crocket\Data aplikací\Dropbox\bin\DropboxExt.14.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\RUNDLL32.EXE
.
**************************************************************************
.
Celkový čas: 2012-09-12 23:07:33 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-09-12 21:07
ComboFix2.txt 2012-09-12 20:24
.
Před spuštěním: 9 412 771 840
Po spuštění: 9 380 020 224
.
- - End Of File - - 906A7FE8EC9C3A90741732A2407FCF7E
ComboFix 12-09-12.03 - crocket 12.09.2012 22:48:14.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1791.1067 [GMT 2:00]
Spuštěný z: c:\documents and settings\crocket\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\crocket\Plocha\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ASWFSBLK
-------\Service_aswFsBlk
-------\Service_aswSP
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-08-12 do 2012-09-12 )))))))))))))))))))))))))))))))
.
.
2012-09-12 20:24 . 2012-08-23 07:15 7022536 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{290181AD-992B-46E1-9508-62D1F53D6474}\mpengine.dll
2012-09-12 19:56 . 2012-09-12 19:56 -------- d--h--w- c:\documents and settings\crocket\Okolní tiskárny
2012-09-12 17:12 . 2012-09-12 18:48 -------- d-----w- c:\program files\trend micro
2012-09-11 16:56 . 2012-08-23 07:15 7022536 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-08-15 14:45 . 2012-08-15 14:45 -------- d-----w- c:\documents and settings\Kopkovi\Plocha
2012-08-15 09:38 . 2012-08-15 09:38 -------- d-sh--w- c:\documents and settings\crocket\IECompatCache
2012-08-14 11:11 . 2012-07-02 17:38 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
2012-08-14 11:00 . 2012-08-14 11:04 -------- dc-h--w- c:\windows\ie8
2012-08-14 09:35 . 2009-07-01 09:55 701440 ----a-w- c:\windows\system32\cohelper.dll
2012-08-14 09:35 . 2009-06-30 22:42 485920 ----a-w- c:\windows\system32\nvunrm.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-15 15:50 . 2012-05-14 23:55 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-15 15:50 . 2011-06-17 13:29 70344 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-06 13:58 . 2006-03-02 12:00 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05 . 2008-05-15 12:13 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 18:22 . 2006-03-02 12:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:38 . 2006-03-02 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:38 . 2006-03-02 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2012-07-02 17:38 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05 . 2006-03-02 12:00 385024 ------w- c:\windows\system32\html.iec
2012-06-16 00:01 . 2008-05-16 19:49 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-06-16 00:01 . 2012-06-16 00:01 476936 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-06-16 00:01 . 2010-04-20 08:31 472840 ----a-w- c:\windows\system32\deployJava1.dll
2012-01-29 16:10 . 2012-02-03 00:53 134104 -c--a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2010-02-09 09:53 87552 -csh--w- c:\windows\system32\h4x0r.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\crocket\Data aplikací\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\crocket\Data aplikací\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\crocket\Data aplikací\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\crocket\Data aplikací\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2011-06-20 41101936]
"QuickTime Task"="d:\quicktime\qttask.exe" [2011-10-24 421888]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-05-15 15504192]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2012-05-15 108352]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2010-10-20 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2010-10-20 13:19 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^DualCoreCenter.lnk]
backup=c:\windows\pss\DualCoreCenter.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^crocket^Nabídka Start^Programy^Po spuštění^Dropbox.lnk]
path=c:\documents and settings\crocket\Nabídka Start\Programy\Po spuštění\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^crocket^Nabídka Start^Programy^Po spuštění^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\documents and settings\crocket\Nabídka Start\Programy\Po spuštění\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^crocket^Nabídka Start^Programy^Po spuštění^µTorrent.lnk]
path=c:\documents and settings\crocket\Nabídka Start\Programy\Po spuštění\µTorrent.lnk
backup=c:\windows\pss\µTorrent.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-04-04 05:53 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2011-01-25 13:33 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-02-22 03:57 406992 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\amd_dc_opt]
2008-07-22 12:53 77824 ----a-w- c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-02-20 19:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-04-23 13:51 691656 ------w- d:\daemon\DAEMON Tools Lite\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DelReg]
2008-05-13 17:26 196608 -c--a-w- c:\program files\MSI\DualCoreCenter\DelReg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DWQueuedReporting]
2011-07-27 03:13 434080 ----a-w- c:\progra~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX3800 Series]
2005-02-08 04:00 98304 -c--a-w- c:\windows\system32\spool\drivers\w32x86\3\E_FATIACE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-09-07 18:35 136176 ----atw- c:\documents and settings\crocket\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 16:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-05-08 15:24 54840 -c--a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2006-03-02 12:00 208952 -c--a-w- c:\windows\ime\imjp8_1\imjpmig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-03-06 17:05 421736 ----a-w- d:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
2008-04-14 03:22 171008 -c--a-w- c:\windows\pchealth\helpctr\binaries\msconfig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2010-04-16 21:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
2006-03-02 12:00 59392 -c--a-w- c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
2006-03-02 12:00 455168 -c--a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
2006-03-02 12:00 455168 -c--a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 13:28 421888 ----a-w- d:\quicktime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2007-05-10 10:08 16342528 ------r- c:\windows\RTHDCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 13:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 12:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TBPanel]
2008-01-09 13:33 2169384 ----a-w- c:\program files\VDOTool\TBPANEL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2006-11-03 17:20 866584 -c--a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"CiSvc"=3 (0x3)
"WSearch"=2 (0x2)
"RichVideo"=2 (0x2)
"PnkBstrA"=2 (0x2)
"Pml Driver HPZ12"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"Bonjour Service"=2 (0x2)
"BBUpdate"=2 (0x2)
"BBSvc"=2 (0x2)
"Apple Mobile Device"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\uTorrent\\utorrent.exe"=
"d:\\Program Files\\Rosetta Stone\\Rosetta Stone Version 3\\support\\bin\\win\\RosettaStoneLtdServices.exe"=
"d:\\Program Files\\Rosetta Stone\\Rosetta Stone Version 3\\RosettaStoneVersion3.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\DsNET Corp\\aTube Catcher 2.0\\yct.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Documents and Settings\\crocket\\Data aplikací\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"d:\\program files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\PANDORA.TV\\PanService\\PandoraService.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"d:\\program files\\origingames\\Mass Effect 3\\Binaries\\Win32\\MassEffect3.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
"4100:UDP"= 4100:UDP:uPNP Router Control Port
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [8.5.2009 14:16 721904]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [10.10.2006 12:53 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [27.2.2007 11:39 67656]
R2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe [27.8.2009 18:09 1253376]
R2 KaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\KaraokeSer.exe [9.7.2012 21:14 88688]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [16.3.2012 16:27 1262400]
R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\drivers\lgbtport.sys [29.9.2009 8:11 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\drivers\lgbtbus.sys [29.9.2009 8:11 10496]
R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\drivers\lgvmodem.sys [29.9.2009 8:11 12928]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [6.11.2009 23:50 47360]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [9.7.2012 21:14 2801904]
S1 MpKslbf900156;MpKslbf900156;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{77412415-C864-4C59-8587-8FEE1EC1607C}\MpKslbf900156.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{77412415-C864-4C59-8587-8FEE1EC1607C}\MpKslbf900156.sys [?]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 19:19 13592]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [15.5.2012 1:55 250056]
S3 AMBFilt;AMBFilt;c:\windows\system32\drivers\Ambfilt.sys [9.7.2012 21:14 1656960]
S3 DualCoreCenter;DualCoreCenter;c:\program files\MSI\DualCoreCenter\NTGLM7X.sys [20.10.2010 15:16 28672]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Common Files\MAGIX Services\Database\bin\fbserver.exe [7.8.2008 12:10 3276800]
S3 GPU-Z;GPU-Z;\??\c:\docume~1\crocket\LOCALS~1\Temp\GPU-Z.sys --> c:\docume~1\crocket\LOCALS~1\Temp\GPU-Z.sys [?]
S3 MSI_DVD_010507;MSI_DVD_010507;c:\progra~1\MSI\MSIWDev\DVDSYS32_100507.sys [10.5.2010 10:44 22328]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\progra~1\MSI\MSIWDev\msibios32_100507.sys [10.5.2010 10:44 25912]
S3 MSI_VGASYS_010507;MSI_VGASYS_010507;c:\progra~1\MSI\MSIWDev\VGASYS32_100507.sys [10.5.2010 10:44 16696]
S3 NETIMFLT;PANDA NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\netimflt.sys --> c:\windows\system32\DRIVERS\netimflt.sys [?]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [2.3.2006 14:00 14336]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 RushTopDevice2;RushTopDevice2;c:\program files\MSI\DualCoreCenter\RushTop.sys [20.10.2010 15:16 55296]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [16.2.2006 16:51 12872]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 14:37 517096]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2012-09-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-14 15:50]
.
2012-09-06 c:\windows\Tasks\AdobeAAMUpdater-1.0-HOME-7B402F244E-Kopkovi.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2011-01-25 13:33]
.
2012-08-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = 210.176.171.237:8080
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} - hxxp://www.myheritage.cz/Genoogle/Components/A ... eQuery.dll
FF - ProfilePath - c:\documents and settings\crocket\Data aplikací\Mozilla\Firefox\Profiles\bwh4f8pa.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-09-12 23:00
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-796845957-115176313-682003330-1007\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\AI-Net\ĘNf‡eW[á“U*n*i*c*o*d*e*E*d*i*t*i*o*n*\1.0]
@=""
"InstallDir"="c:\\Program Files\\?????UnicodeEdition\\"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(844)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(2640)
c:\documents and settings\crocket\Data aplikací\Dropbox\bin\DropboxExt.14.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\RUNDLL32.EXE
.
**************************************************************************
.
Celkový čas: 2012-09-12 23:07:33 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-09-12 21:07
ComboFix2.txt 2012-09-12 20:24
.
Před spuštěním: 9 412 771 840
Po spuštění: 9 380 020 224
.
- - End Of File - - 906A7FE8EC9C3A90741732A2407FCF7E
Re: počítač padá a zamrzá
takže to spadlo :/ myslíte, že to může být něco so hardwarem? začalo to dělat poté, co jsem vyměnila základní desku
tentokrát mi to hodilo
IRQL_NOT_LESS_OR EQUAL
techn.inf.:
*** STOP: 0x0000000A ( 0X00000000 , 0x00000002 , 0x00000001 , 0x806E7ACA)
tentokrát mi to hodilo
IRQL_NOT_LESS_OR EQUAL
techn.inf.:
*** STOP: 0x0000000A ( 0X00000000 , 0x00000002 , 0x00000001 , 0x806E7ACA)
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: počítač padá a zamrzá
CF smazal pár šmejdů. Nicméně pravděpodobně nebude problém se zavirovaným systémem. Zkuste rpovést:
1. Kontrolu pamětí RAM: http://forum.viry.cz/viewtopic.php?f=53&t=106788.
2. Kontrolu disku pomocí CrystalDiskInfo: http://www.stahuj.centrum.cz/utility_a_ ... ldiskinfo/ . Přes Úpravy>kopírovat sem dejte log.
Vlákno bude přesunuto do sekce, kde jsou problémy s BSOD řešeny.
1. Kontrolu pamětí RAM: http://forum.viry.cz/viewtopic.php?f=53&t=106788.
2. Kontrolu disku pomocí CrystalDiskInfo: http://www.stahuj.centrum.cz/utility_a_ ... ldiskinfo/ . Přes Úpravy>kopírovat sem dejte log.
Vlákno bude přesunuto do sekce, kde jsou problémy s BSOD řešeny.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: počítač padá a zamrzá
ram test mi nic nenašel, nechala jsem to projít dvakrát;
a to vlákno se přesune jak? >.< já nechci porušit pravidla nebo tak, nevím jak to chodí
jinak tady je ten log
----------------------------------------------------------------------------
CrystalDiskInfo 5.0.4 Shizuku Edition (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows XP Home Edition SP3 [5.1 Build 2600] (x86)
Date : 2012/09/13 19:34:59
-- Controller Map ----------------------------------------------------------
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ Primární kanál IDE (0)
- LITE-ON DVDRW LH-20A1H
- SAMSUNG SP0411N
- Sekundární kanál IDE (1)
+ NVIDIA nForce Serial ATA Controller [ATA]
- ST316081 5AS SCSI Disk Device
+ NVIDIA nForce Serial ATA Controller [ATA]
- ASUS DRW-24B1ST SCSI CdRom Device
+ AOVNWBUU IDE Controller [SCSI]
- UBMJSZK 0X2N0TYNK SCSI CdRom Device
-- Disk List ---------------------------------------------------------------
(1) SAMSUNG SP0411N : 40,0 GB [0/0/0, pd1]
(2) ST3160815AS : 160,0 GB [1/2/0, pd1] - st
----------------------------------------------------------------------------
(1) SAMSUNG SP0411N
----------------------------------------------------------------------------
Model : SAMSUNG SP0411N
Firmware : TW100-11
Serial Number : S01JJ10Y434055
Disk Size : 40,0 GB (8,4/40,0/40,0)
Buffer Size : 2048 KB
Queue Depth : 1
# of Sectors : 78242976
Rotation Rate : Neznámy údaj
Interface : Parallel ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA/ATAPI-7 T13 1532D version 0
Transfer Mode : Ultra DMA/100
Power On Hours : 26500 hod.
Power On Count : 3810 krát
Temparature : 32 C (89 F)
Health Status : Pozor
Features : S.M.A.R.T., AAM, 48bit LBA
APM Level : ----
AAM Level : FE00h [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000004 Počet chyb čtení
03 _81 _60 __0 000000000EC0 Čas na roztočení ploten
04 _94 _94 __0 000000001A5F Počet spuštění/zastavení
05 253 253 _10 000000000000 Počet přemapovaných sektorů
07 253 253 _51 000000000000 Počet chybných hledání
08 253 253 __0 000000000000 Čas potřebný na vyhledání
09 _95 _95 __0 000000308603 Hodin v činnosti
0A 253 253 _49 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _97 _97 __0 000000000EE2 Počet cyklů zapnutí zařízení
C2 142 _40 __0 000000000020 Teplota
C3 100 100 __0 0000168BFC5B Počet oprav chybného čtení
C4 _97 _97 __0 000000000008 Počet udalostí s číslem realokování sektorů
C5 253 253 _10 000000000000 Počet podezřelých sektorů
C6 _97 _97 _10 000000000008 Počet neopravitelných sektorů
C7 100 100 _51 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 _51 000000000000 Počet chyb při zápisu sektorů
C9 100 100 _51 000000000000 Počet chyb při čtení programů z disku
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 8856 022A 003F FFFF 0000 0000
010: 5330 314A 4A31 3059 3433 3430 3535 2020 2020 2020
020: 0003 1000 0004 5457 3130 302D 3131 5341 4D53 554E
030: 4720 5350 3034 3131 4E20 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: E4A0 04A9 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
080: 00FE 001E 346B 7F01 4003 3C69 3C01 4003 203F 0008
090: 0008 0000 FFFE 603B FE00 0000 0000 0000 0000 0000
100: E4A0 04A9 0000 0000 0000 0000 0000 0000 50F0 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 6FA5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0B 00 64 64 04 00 00 00 00 00 00 03 07
010: 00 51 3C C0 0E 00 00 00 00 00 04 32 00 5E 5E 5F
020: 1A 00 00 00 00 00 05 33 00 FD FD 00 00 00 00 00
030: 00 00 07 0B 00 FD FD 00 00 00 00 00 00 00 08 24
040: 00 FD FD 00 00 00 00 00 00 00 09 32 00 5F 5F 03
050: 86 30 00 00 00 00 0A 13 00 FD FD 00 00 00 00 00
060: 00 00 0C 32 00 61 61 E2 0E 00 00 00 00 00 C2 22
070: 00 8E 28 20 00 00 00 00 00 00 C3 0A 00 64 64 5B
080: FC 8B 16 00 00 00 C4 12 00 61 61 08 00 00 00 00
090: 00 00 C5 33 00 FD FD 00 00 00 00 00 00 00 C6 31
0A0: 00 61 61 08 00 00 00 00 00 00 C7 0B 00 64 64 00
0B0: 00 00 00 00 00 00 C8 0B 00 64 64 00 00 00 00 00
0C0: 00 00 C9 0B 00 64 64 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 84 03 00 1B
170: 03 00 01 7F 01 0F 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 8B
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 33 00 00 00 00 00 00 00 00 00 00 08 00
040: 00 00 00 00 00 00 00 00 00 00 09 00 00 00 00 00
050: 00 00 00 00 00 00 0A 31 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C2 00
070: 00 00 00 00 00 00 00 00 00 00 C3 00 00 00 00 00
080: 00 00 00 00 00 00 C4 00 00 00 00 00 00 00 00 00
090: 00 00 C5 0A 00 00 00 00 00 00 00 00 00 00 C6 0A
0A0: 00 00 00 00 00 00 00 00 00 00 C7 33 00 00 00 00
0B0: 00 00 00 00 00 00 C8 33 00 00 00 00 00 00 00 00
0C0: 00 00 C9 33 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3B
----------------------------------------------------------------------------
(2) ST3160815AS
----------------------------------------------------------------------------
Model : ST3160815AS
Firmware : 3.AAC
Serial Number : 9RA0A3V2
Disk Size : 160,0 GB (8,4/137,4/160,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 312581808
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 22771 hod.
Power On Count : 2942 krát
Temparature : 38 C (100 F)
Health Status : Pozor
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 117 _94 __6 00000847846B Počet chyb čtení
03 _97 _97 __0 000000000000 Čas na roztočení ploten
04 _98 _98 _20 000000000B2B Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _87 _60 _30 00002268C874 Počet chybných hledání
09 _75 _75 __0 0000000058F3 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _98 _98 _20 000000000B7E Počet cyklů zapnutí zařízení
BB _94 _94 __0 000000000006 Ohlášeno neopravitelných chyb
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _62 _35 _45 00002A190026 Teplota toku vzduchu
C2 _38 _65 __0 001200000026 Teplota
C3 _90 _61 __0 000002974ED6 Počet oprav chybného čtení
C5 100 __1 __0 000000000003 Počet podezřelých sektorů
C6 100 __1 __0 000000000003 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů
CA 100 253 __0 000000000000 Počet chyb při směrování údajů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 3952 4130 4133 5632
020: 0000 4000 0004 332E 4141 4320 2020 5354 3331 3630
030: 3831 3541 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0506 0000 0048 0040
080: 00FE 0000 346B 7D01 4023 3468 3C01 4023 407F 0000
090: 0000 FEFE FFFE 0000 D000 0000 0000 0000 0000 0000
100: 9EB0 12A1 0000 0000 0000 0000 4000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0100 0000 0002
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 9EB0
130: 12A1 9EB0 12A1 2020 0002 02B6 0002 008A 3C06 3C0A
140: 0000 07C6 0100 0800 1314 1200 0002 0080 0000 0000
150: 00A0 0202 0000 0404 0000 0000 0000 0000 1B00 000B
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 8BA5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 75 5E 6B 84 47 08 00 00 00 03 03
010: 00 61 61 00 00 00 00 00 00 00 04 32 00 62 62 2B
020: 0B 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 57 3C 74 C8 68 22 00 00 00 09 32
040: 00 4B 4B F3 58 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 62 62 7E 0B 00 00 00
060: 00 00 BB 32 00 5E 5E 06 00 00 00 00 00 00 BD 3A
070: 00 64 64 00 00 00 00 00 00 00 BE 22 00 3E 23 26
080: 00 19 2A 00 00 00 C2 22 00 26 41 26 00 00 00 12
090: 00 00 C3 1A 00 5A 3D D6 4E 97 02 00 00 00 C5 12
0A0: 00 64 01 03 00 00 00 00 00 00 C6 10 00 64 01 03
0B0: 00 00 00 00 00 00 C7 3E 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 00 00 64 FD 00 00 00 00 00 00 00 CA 32
0D0: 00 64 FD 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 82 00 AE 01 00 5B
170: 03 00 01 00 01 36 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 03 03 03 03 03 03 03 03 00
190: 00 00 00 00 00 00 00 01 29 69 6B 0B 00 00 00 00
1A0: 01 00 9C D0 7F 3F BD 09 00 00 03 00 00 00 00 00
1B0: 00 00 00 00 29 69 6B 0B 00 00 00 00 00 00 00 00
1C0: 02 00 01 00 00 00 00 00 00 00 96 31 F5 5A 02 00
1D0: 00 00 04 BC BC 06 00 00 00 00 F3 58 00 00 00 00
1E0: AD 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 24 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 BB 00 00 00 00 00 00 00 00 00 00 00 BD 00
070: 00 00 00 00 00 00 00 00 00 00 BE 2D 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C3 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 00 00 00 00 00 00 00 00 00 00 CA 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 26
a to vlákno se přesune jak? >.< já nechci porušit pravidla nebo tak, nevím jak to chodí
jinak tady je ten log
----------------------------------------------------------------------------
CrystalDiskInfo 5.0.4 Shizuku Edition (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows XP Home Edition SP3 [5.1 Build 2600] (x86)
Date : 2012/09/13 19:34:59
-- Controller Map ----------------------------------------------------------
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ Primární kanál IDE (0)
- LITE-ON DVDRW LH-20A1H
- SAMSUNG SP0411N
- Sekundární kanál IDE (1)
+ NVIDIA nForce Serial ATA Controller [ATA]
- ST316081 5AS SCSI Disk Device
+ NVIDIA nForce Serial ATA Controller [ATA]
- ASUS DRW-24B1ST SCSI CdRom Device
+ AOVNWBUU IDE Controller [SCSI]
- UBMJSZK 0X2N0TYNK SCSI CdRom Device
-- Disk List ---------------------------------------------------------------
(1) SAMSUNG SP0411N : 40,0 GB [0/0/0, pd1]
(2) ST3160815AS : 160,0 GB [1/2/0, pd1] - st
----------------------------------------------------------------------------
(1) SAMSUNG SP0411N
----------------------------------------------------------------------------
Model : SAMSUNG SP0411N
Firmware : TW100-11
Serial Number : S01JJ10Y434055
Disk Size : 40,0 GB (8,4/40,0/40,0)
Buffer Size : 2048 KB
Queue Depth : 1
# of Sectors : 78242976
Rotation Rate : Neznámy údaj
Interface : Parallel ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA/ATAPI-7 T13 1532D version 0
Transfer Mode : Ultra DMA/100
Power On Hours : 26500 hod.
Power On Count : 3810 krát
Temparature : 32 C (89 F)
Health Status : Pozor
Features : S.M.A.R.T., AAM, 48bit LBA
APM Level : ----
AAM Level : FE00h [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000004 Počet chyb čtení
03 _81 _60 __0 000000000EC0 Čas na roztočení ploten
04 _94 _94 __0 000000001A5F Počet spuštění/zastavení
05 253 253 _10 000000000000 Počet přemapovaných sektorů
07 253 253 _51 000000000000 Počet chybných hledání
08 253 253 __0 000000000000 Čas potřebný na vyhledání
09 _95 _95 __0 000000308603 Hodin v činnosti
0A 253 253 _49 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _97 _97 __0 000000000EE2 Počet cyklů zapnutí zařízení
C2 142 _40 __0 000000000020 Teplota
C3 100 100 __0 0000168BFC5B Počet oprav chybného čtení
C4 _97 _97 __0 000000000008 Počet udalostí s číslem realokování sektorů
C5 253 253 _10 000000000000 Počet podezřelých sektorů
C6 _97 _97 _10 000000000008 Počet neopravitelných sektorů
C7 100 100 _51 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 _51 000000000000 Počet chyb při zápisu sektorů
C9 100 100 _51 000000000000 Počet chyb při čtení programů z disku
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 8856 022A 003F FFFF 0000 0000
010: 5330 314A 4A31 3059 3433 3430 3535 2020 2020 2020
020: 0003 1000 0004 5457 3130 302D 3131 5341 4D53 554E
030: 4720 5350 3034 3131 4E20 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: E4A0 04A9 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
080: 00FE 001E 346B 7F01 4003 3C69 3C01 4003 203F 0008
090: 0008 0000 FFFE 603B FE00 0000 0000 0000 0000 0000
100: E4A0 04A9 0000 0000 0000 0000 0000 0000 50F0 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 6FA5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0B 00 64 64 04 00 00 00 00 00 00 03 07
010: 00 51 3C C0 0E 00 00 00 00 00 04 32 00 5E 5E 5F
020: 1A 00 00 00 00 00 05 33 00 FD FD 00 00 00 00 00
030: 00 00 07 0B 00 FD FD 00 00 00 00 00 00 00 08 24
040: 00 FD FD 00 00 00 00 00 00 00 09 32 00 5F 5F 03
050: 86 30 00 00 00 00 0A 13 00 FD FD 00 00 00 00 00
060: 00 00 0C 32 00 61 61 E2 0E 00 00 00 00 00 C2 22
070: 00 8E 28 20 00 00 00 00 00 00 C3 0A 00 64 64 5B
080: FC 8B 16 00 00 00 C4 12 00 61 61 08 00 00 00 00
090: 00 00 C5 33 00 FD FD 00 00 00 00 00 00 00 C6 31
0A0: 00 61 61 08 00 00 00 00 00 00 C7 0B 00 64 64 00
0B0: 00 00 00 00 00 00 C8 0B 00 64 64 00 00 00 00 00
0C0: 00 00 C9 0B 00 64 64 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 84 03 00 1B
170: 03 00 01 7F 01 0F 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 8B
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 33 00 00 00 00 00 00 00 00 00 00 08 00
040: 00 00 00 00 00 00 00 00 00 00 09 00 00 00 00 00
050: 00 00 00 00 00 00 0A 31 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C2 00
070: 00 00 00 00 00 00 00 00 00 00 C3 00 00 00 00 00
080: 00 00 00 00 00 00 C4 00 00 00 00 00 00 00 00 00
090: 00 00 C5 0A 00 00 00 00 00 00 00 00 00 00 C6 0A
0A0: 00 00 00 00 00 00 00 00 00 00 C7 33 00 00 00 00
0B0: 00 00 00 00 00 00 C8 33 00 00 00 00 00 00 00 00
0C0: 00 00 C9 33 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3B
----------------------------------------------------------------------------
(2) ST3160815AS
----------------------------------------------------------------------------
Model : ST3160815AS
Firmware : 3.AAC
Serial Number : 9RA0A3V2
Disk Size : 160,0 GB (8,4/137,4/160,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 312581808
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 22771 hod.
Power On Count : 2942 krát
Temparature : 38 C (100 F)
Health Status : Pozor
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 117 _94 __6 00000847846B Počet chyb čtení
03 _97 _97 __0 000000000000 Čas na roztočení ploten
04 _98 _98 _20 000000000B2B Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _87 _60 _30 00002268C874 Počet chybných hledání
09 _75 _75 __0 0000000058F3 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _98 _98 _20 000000000B7E Počet cyklů zapnutí zařízení
BB _94 _94 __0 000000000006 Ohlášeno neopravitelných chyb
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _62 _35 _45 00002A190026 Teplota toku vzduchu
C2 _38 _65 __0 001200000026 Teplota
C3 _90 _61 __0 000002974ED6 Počet oprav chybného čtení
C5 100 __1 __0 000000000003 Počet podezřelých sektorů
C6 100 __1 __0 000000000003 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů
CA 100 253 __0 000000000000 Počet chyb při směrování údajů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 3952 4130 4133 5632
020: 0000 4000 0004 332E 4141 4320 2020 5354 3331 3630
030: 3831 3541 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0506 0000 0048 0040
080: 00FE 0000 346B 7D01 4023 3468 3C01 4023 407F 0000
090: 0000 FEFE FFFE 0000 D000 0000 0000 0000 0000 0000
100: 9EB0 12A1 0000 0000 0000 0000 4000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0100 0000 0002
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 9EB0
130: 12A1 9EB0 12A1 2020 0002 02B6 0002 008A 3C06 3C0A
140: 0000 07C6 0100 0800 1314 1200 0002 0080 0000 0000
150: 00A0 0202 0000 0404 0000 0000 0000 0000 1B00 000B
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 8BA5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 75 5E 6B 84 47 08 00 00 00 03 03
010: 00 61 61 00 00 00 00 00 00 00 04 32 00 62 62 2B
020: 0B 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 57 3C 74 C8 68 22 00 00 00 09 32
040: 00 4B 4B F3 58 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 62 62 7E 0B 00 00 00
060: 00 00 BB 32 00 5E 5E 06 00 00 00 00 00 00 BD 3A
070: 00 64 64 00 00 00 00 00 00 00 BE 22 00 3E 23 26
080: 00 19 2A 00 00 00 C2 22 00 26 41 26 00 00 00 12
090: 00 00 C3 1A 00 5A 3D D6 4E 97 02 00 00 00 C5 12
0A0: 00 64 01 03 00 00 00 00 00 00 C6 10 00 64 01 03
0B0: 00 00 00 00 00 00 C7 3E 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 00 00 64 FD 00 00 00 00 00 00 00 CA 32
0D0: 00 64 FD 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 82 00 AE 01 00 5B
170: 03 00 01 00 01 36 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 03 03 03 03 03 03 03 03 00
190: 00 00 00 00 00 00 00 01 29 69 6B 0B 00 00 00 00
1A0: 01 00 9C D0 7F 3F BD 09 00 00 03 00 00 00 00 00
1B0: 00 00 00 00 29 69 6B 0B 00 00 00 00 00 00 00 00
1C0: 02 00 01 00 00 00 00 00 00 00 96 31 F5 5A 02 00
1D0: 00 00 04 BC BC 06 00 00 00 00 F3 58 00 00 00 00
1E0: AD 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 24 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 BB 00 00 00 00 00 00 00 00 00 00 00 BD 00
070: 00 00 00 00 00 00 00 00 00 00 BE 2D 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C3 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 00 00 00 00 00 00 00 00 00 00 CA 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 26
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: počítač padá a zamrzá
Zato oba disky mají chyby, v obou případech chybné sektory. Budete muset, bohužel, disk zformatovat, což je spojeno s kompletním reinstalem PC. Pokud by se i potom vyskytly problémy, bude třeba disk vyměnit.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?