Prosím o kontrolu logu-vir
Napsal: 18 říj 2013 10:51
Ahoj,mám problem,včera jsem zapnul pc a vyskočilo mi okno NT AUTHORITY/system,příkazovým řádkem SHUTWODN/a jsem to dal pryč aby mi to neodpočítávalo,ale počítač je totálně zabržděný,když bych chtěl na něm něco dělat,tak je to lepší v nouzáku,prosím poradte co dál
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:03:54, on 18.10.2013
Platform: Windows 2003 SP1 (WinNT 5.02.3790)
MSIE: Internet Explorer v6.00 SP1 (6.00.3790.1830)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\WebPlayer\FLV Player\WebPlayer.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files (x86)\MagicDisc\MagicDisc.exe
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files (x86)\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Reader_sl.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\xampp\apache\bin\httpd.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\WINDOWS\system32\crypserv.exe
C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S30RP1.EXE
C:\xampp\FileZillaFTP\FileZilla server.exe
C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
C:\Program Files (x86)\Java\jre7\bin\jqs.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\xampp\xampp_service_mercury.exe
C:\xampp\MercuryMail\mercury.exe
C:\Program Files\AVAST Software\Avast\setup\avast.setup
C:\xampp\apache\bin\httpd.exe
C:\Documents and Settings\Administrator\Desktop\HiJackThis.exe
C:\Documents and Settings\Administrator\Desktop\HiJackThis.exe
C:\Program Files (x86)\Steam\steamerrorreporter.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://dts.search.ask.com/sidebar.html? ... stemid=473
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?o=APN10640A& ... 02-138&t=4
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://dts.search.ask.com/sidebar.html? ... stemid=473
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://dts.search.ask.com/sidebar.html? ... stemid=473
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\SysWOW64\dvmurl.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit
O2 - BHO: Movies Toolbar (Dist. by Somoto Ltd.) - {3444c3c5-6c56-4a16-a453-832b05bf6ea4} - C:\PROGRA~2\MOVIES~1\SAFETY~1\SRTOOL~1\IE\searchresultsDx.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: DownloadnSave - {9D063D90-4577-6121-D7E6-AA40443B7F72} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Movies Toolbar (Dist. by Somoto Ltd.) - {3444c3c5-6c56-4a16-a453-832b05bf6ea4} - C:\PROGRA~2\MOVIES~1\SAFETY~1\SRTOOL~1\IE\searchresultsDx.dll
O4 - HKLM\..\Run: [GEST] <B÷w\ü
O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\SysWow64\NeroCheck.exe
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles
O4 - HKLM\..\Run: [NexusServer] "C:\Program Files (x86)\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe" -SelfLaunch
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [Device Detection] C:\Program Files (x86)\HF Designer\dd.exe
O4 - HKCU\..\Run: [EPSON Stylus D92 Series] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_FATIBZE.EXE /FU "C:\WINDOWS\TEMP\E_S39.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [ICQ] ~"C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [SDP] C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe /auto
O4 - HKCU\..\Run: [FLV Player] C:\Documents and Settings\Administrator\Local Settings\Application Data\WebPlayer\FLV Player\WebPlayer.exe
O4 - HKCU\..\Run: [SlimDrivers] "C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe" -boot
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User '?')
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User '?')
O4 - HKUS\S-1-5-21-274209101-1402718703-3755381841-500\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" /automount (User '?')
O4 - HKUS\S-1-5-21-274209101-1402718703-3755381841-500\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-274209101-1402718703-3755381841-500\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User '?')
O4 - HKUS\S-1-5-21-274209101-1402718703-3755381841-500\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent (User '?')
O4 - HKUS\S-1-5-21-274209101-1402718703-3755381841-500\..\Run: [ICQ] ~"C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4 (User '?')
O4 - HKUS\S-1-5-21-274209101-1402718703-3755381841-500\..\Run: [SDP] C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe /auto (User '?')
O4 - HKUS\S-1-5-21-274209101-1402718703-3755381841-500\..\Run: [FLV Player] C:\Documents and Settings\Administrator\Local Settings\Application Data\WebPlayer\FLV Player\WebPlayer.exe (User '?')
O4 - HKUS\S-1-5-21-274209101-1402718703-3755381841-500\..\Run: [SlimDrivers] "C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe" -boot (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - S-1-5-21-274209101-1402718703-3755381841-500 Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (User '?')
O4 - Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{F88698B1-73B5-4777-A238-9B5B2802549C}: NameServer = 208.67.222.222
O20 - AppInit_DLLs: C:\DOCUME~1\ALLUSE~1\APPLIC~1\Wincert\WIN32C~1.DLL C:\PROGRA~2\MOVIES~1\SAFETY~1\SAFETY~2.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\SysWOW64\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\SysWOW64\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apache2.2 - Apache Software Foundation - C:\xampp\apache\bin\httpd.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S30RP1.EXE
O23 - Service: Event Log (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: FileZilla Server - FileZilla Project - C:\xampp\FileZillaFTP\FileZilla server.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe
O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Služba modelu COM pro zápis na disk CD (IMAPI) (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files (x86)\Java\jre7\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Mercury - Apache Friends - C:\xampp\xampp_service_mercury.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Koordinátor DTC (MSDTC) - Unknown owner - C:\WINDOWS\system32\msdtc.exe (file missing)
O23 - Service: MySQL - MySQL AB - C:\xampp\mysql\bin\mysqld.exe
O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Správce relací nápovedy ke vzdálené ploše (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing)
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe (file missing)
O23 - Service: SafetyNut Manager (SafetyNutManager) - SafetyNut Inc. - C:\Program Files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe
O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing)
O23 - Service: Adaptér výkonu služby WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)
O23 - Service: WorkshopDBService - Acresso - C:\PROGRA~2\VIVIDW~1\WORKSH~1.EXE
--
End of file - 13971 bytes
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:03:54, on 18.10.2013
Platform: Windows 2003 SP1 (WinNT 5.02.3790)
MSIE: Internet Explorer v6.00 SP1 (6.00.3790.1830)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\WebPlayer\FLV Player\WebPlayer.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files (x86)\MagicDisc\MagicDisc.exe
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files (x86)\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Reader_sl.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\xampp\apache\bin\httpd.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\WINDOWS\system32\crypserv.exe
C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S30RP1.EXE
C:\xampp\FileZillaFTP\FileZilla server.exe
C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
C:\Program Files (x86)\Java\jre7\bin\jqs.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\xampp\xampp_service_mercury.exe
C:\xampp\MercuryMail\mercury.exe
C:\Program Files\AVAST Software\Avast\setup\avast.setup
C:\xampp\apache\bin\httpd.exe
C:\Documents and Settings\Administrator\Desktop\HiJackThis.exe
C:\Documents and Settings\Administrator\Desktop\HiJackThis.exe
C:\Program Files (x86)\Steam\steamerrorreporter.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://dts.search.ask.com/sidebar.html? ... stemid=473
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?o=APN10640A& ... 02-138&t=4
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://dts.search.ask.com/sidebar.html? ... stemid=473
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://dts.search.ask.com/sidebar.html? ... stemid=473
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\SysWOW64\dvmurl.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit
O2 - BHO: Movies Toolbar (Dist. by Somoto Ltd.) - {3444c3c5-6c56-4a16-a453-832b05bf6ea4} - C:\PROGRA~2\MOVIES~1\SAFETY~1\SRTOOL~1\IE\searchresultsDx.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: DownloadnSave - {9D063D90-4577-6121-D7E6-AA40443B7F72} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Movies Toolbar (Dist. by Somoto Ltd.) - {3444c3c5-6c56-4a16-a453-832b05bf6ea4} - C:\PROGRA~2\MOVIES~1\SAFETY~1\SRTOOL~1\IE\searchresultsDx.dll
O4 - HKLM\..\Run: [GEST] <B÷w\ü
O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\SysWow64\NeroCheck.exe
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles
O4 - HKLM\..\Run: [NexusServer] "C:\Program Files (x86)\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe" -SelfLaunch
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [Device Detection] C:\Program Files (x86)\HF Designer\dd.exe
O4 - HKCU\..\Run: [EPSON Stylus D92 Series] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_FATIBZE.EXE /FU "C:\WINDOWS\TEMP\E_S39.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [ICQ] ~"C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [SDP] C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe /auto
O4 - HKCU\..\Run: [FLV Player] C:\Documents and Settings\Administrator\Local Settings\Application Data\WebPlayer\FLV Player\WebPlayer.exe
O4 - HKCU\..\Run: [SlimDrivers] "C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe" -boot
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User '?')
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User '?')
O4 - HKUS\S-1-5-21-274209101-1402718703-3755381841-500\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" /automount (User '?')
O4 - HKUS\S-1-5-21-274209101-1402718703-3755381841-500\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-274209101-1402718703-3755381841-500\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User '?')
O4 - HKUS\S-1-5-21-274209101-1402718703-3755381841-500\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent (User '?')
O4 - HKUS\S-1-5-21-274209101-1402718703-3755381841-500\..\Run: [ICQ] ~"C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4 (User '?')
O4 - HKUS\S-1-5-21-274209101-1402718703-3755381841-500\..\Run: [SDP] C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe /auto (User '?')
O4 - HKUS\S-1-5-21-274209101-1402718703-3755381841-500\..\Run: [FLV Player] C:\Documents and Settings\Administrator\Local Settings\Application Data\WebPlayer\FLV Player\WebPlayer.exe (User '?')
O4 - HKUS\S-1-5-21-274209101-1402718703-3755381841-500\..\Run: [SlimDrivers] "C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe" -boot (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - S-1-5-21-274209101-1402718703-3755381841-500 Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (User '?')
O4 - Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleil.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{F88698B1-73B5-4777-A238-9B5B2802549C}: NameServer = 208.67.222.222
O20 - AppInit_DLLs: C:\DOCUME~1\ALLUSE~1\APPLIC~1\Wincert\WIN32C~1.DLL C:\PROGRA~2\MOVIES~1\SAFETY~1\SAFETY~2.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\SysWOW64\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\SysWOW64\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apache2.2 - Apache Software Foundation - C:\xampp\apache\bin\httpd.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S30RP1.EXE
O23 - Service: Event Log (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: FileZilla Server - FileZilla Project - C:\xampp\FileZillaFTP\FileZilla server.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe
O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Služba modelu COM pro zápis na disk CD (IMAPI) (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files (x86)\Java\jre7\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Mercury - Apache Friends - C:\xampp\xampp_service_mercury.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Koordinátor DTC (MSDTC) - Unknown owner - C:\WINDOWS\system32\msdtc.exe (file missing)
O23 - Service: MySQL - MySQL AB - C:\xampp\mysql\bin\mysqld.exe
O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)
O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Správce relací nápovedy ke vzdálené ploše (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe (file missing)
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe (file missing)
O23 - Service: SafetyNut Manager (SafetyNutManager) - SafetyNut Inc. - C:\Program Files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe
O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing)
O23 - Service: Adaptér výkonu služby WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)
O23 - Service: WorkshopDBService - Acresso - C:\PROGRA~2\VIVIDW~1\WORKSH~1.EXE
--
End of file - 13971 bytes
