prosím Vás o preventívnu kontrolu, minulý víkend PC akosi blbol - po uspatí sa vypol monitor, ale klávesnica stále svietila a PC vrčal. Po resete nabehla tabuľka Server je zaneprázdnený s možnosťami Switch to, Retry, Cancel, ale žiadna z nich nezrušila tabuľku a nedal sa otvoriť štart a reštartovať PC, tak opäť reset. Aj predtým to sem tam urobilo, že po vybratí uspatia sa PC namiesto toho reštartoval.
Okrem toho som si minule všimol pri vypnutí PC tabuľku qtopenglproxytest - ending program. A pár mesiacov dozadu pri nabiehaní PC vyskočilo CHDSK verifying.
Comodo aj Aviru som pred scanom musel vypnúť.
Vopred vďaka
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-05-2017
Ran by Milan (administrator) on MINMI (07-05-2017 12:22:26)
Running from C:\Documents and Settings\Milan\Desktop
Loaded Profiles: Milan (Available Profiles: Milan & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 7 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SoundMan.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(COMODO) C:\Program Files\COMODO\Internet Security Essentials\vkise.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
(COMODO) C:\Program Files\COMODO\Internet Security Essentials\isesrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
(forum.viry.cz) C:\Documents and Settings\Milan\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16875008 2008-06-27] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SoundMan] => C:\WINDOWS\SOUNDMAN.EXE [77824 2008-06-18] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AlcWzrd] => C:\WINDOWS\ALCWZRD.EXE [2808832 2008-06-19] (RealTek Semicoductor Corp.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\WINDOWS\KHALMNPR.EXE [55824 2007-09-21] (Logitech, Inc.)
HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [80896 2007-08-22] (Hewlett-Packard)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [831576 2016-10-28] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1390272 2017-04-23] (COMODO)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [ArcSoft Connection Service] => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2015-07-08] (ArcSoft Inc.)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-08-14] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [IseUI] => C:\Program Files\COMODO\Internet Security Essentials\vkise.exe [3386576 2017-04-11] (COMODO)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2014-01-07] (ATI Technologies Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2007-11-15] (Logitech, Inc.)
HKU\S-1-5-21-1214440339-299502267-839522115-1003\...\Run: [Google Update] => C:\Documents and Settings\Milan\Local Settings\Application Data\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-29] (Google Inc.)
HKU\S-1-5-21-1214440339-299502267-839522115-1003\...\MountPoints2: {6a100ced-345b-11e4-b8b3-001fd08d7ebd} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1214440339-299502267-839522115-1003\...\MountPoints2: {cd8bd1d2-0b3f-11de-b0ba-001fd08d7ebd} - G:\RECYCLER\S-54-6-28-3434476501-1644491937-601003330-1213\Regview.exe
Startup: C:\Documents and Settings\Milan\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3520 series.lnk [2017-05-06]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 3520 series.lnk -> C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
BootExecute: autocheck autochk *
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-22] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-22] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 18 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2014-05-22] (Avira Operations GmbH & Co. KG)
Tcpip\..\Interfaces\{7ACE698D-4720-4025-B087-D0FD22DADB4F}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-19\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-20\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1214440339-299502267-839522115-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1214440339-299502267-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
URLSearchHook: HKLM -> Default = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
URLSearchHook: HKU\S-1-5-21-1214440339-299502267-839522115-1003 - DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll (DeviceVM Inc.)
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "C:\Documents and Settings\All Users\Application Data\ICQ\ICQNewTab\newTab.html" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1214440339-299502267-839522115-1003 -> DefaultScope {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKU\S-1-5-21-1214440339-299502267-839522115-1003 -> {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} URL = hxxp://www.crawler.com/search/dispatcher.aspx? ... tbid=60341
SearchScopes: HKU\S-1-5-21-1214440339-299502267-839522115-1003 -> {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKU\S-1-5-21-1214440339-299502267-839522115-1003 -> {FD63BF63-BFFF-4B8F-9D26-4267DF7F17DD} URL = hxxp://www.google.com/custom?q={searchTerms}&s ... BFORID%3A1
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18] (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-10-18] (Sun Microsystems, Inc.)
Toolbar: HKU\S-1-5-21-1214440339-299502267-839522115-1003 -> No Name - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
Toolbar: HKU\S-1-5-21-1214440339-299502267-839522115-1003 -> No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKU\S-1-5-21-1214440339-299502267-839522115-1003 -> No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
Toolbar: HKU\S-1-5-21-1214440339-299502267-839522115-1003 -> No Name - {5347542D-5637-006A-76A7-7A786E7484D7} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll [2009-01-04] (Logitech Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2010-03-09] (Skype Technologies)
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\Toolbar\ctbr.dll [2009-03-04] (Crawler.com)
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Milan\Application Data\Mozilla\Firefox\Profiles\hjz52wgd.default [2017-05-07]
FF SelectedSearchEngine: C:\Documents and Settings\Milan\Application Data\Mozilla\Firefox\Profiles\hjz52wgd.default -> Google
FF Homepage: C:\Documents and Settings\Milan\Application Data\Mozilla\Firefox\Profiles\hjz52wgd.default -> hxxp://www.google.sk/
FF Keyword.URL: C:\Documents and Settings\Milan\Application Data\Mozilla\Firefox\Profiles\hjz52wgd.default -> hxxp://search.sweetim.com/search.asp?src=2&q=
FF Extension: (Avira Browser Safety) - C:\Documents and Settings\Milan\Application Data\Mozilla\Firefox\Profiles\hjz52wgd.default\Extensions\abs@avira.com.xpi [2017-04-11]
FF SearchPlugin: C:\Documents and Settings\Milan\Application Data\Mozilla\Firefox\Profiles\hjz52wgd.default\searchplugins\avira-safesearch.xml [2014-08-12]
FF Extension: (ICQ Toolbar) - C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2017-05-05] [not signed]
FF HKLM\...\Firefox\Extensions: [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}] - C:\Program Files\Crawler\Toolbar\firefox
FF Extension: (Crawler Toolbar) - C:\Program Files\Crawler\Toolbar\firefox [2009-03-14] [not signed]
FF HKLM\...\Firefox\Extensions: [bkmrksync@nokia.com] - C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync
FF Extension: (PC Sync 2 Synchronisation Extension) - C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync [2009-06-05] [not signed]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: (Java Quick Starter) - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-01-30] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-28] ()
FF Plugin: @checkpoint.com/FFApi -> C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll [No File]
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-10-03] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1214440339-299502267-839522115-1003: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Documents and Settings\Milan\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1214440339-299502267-839522115-1003: @talk.google.com/GoogleTalkPlugin -> C:\Documents and Settings\Milan\Application Data\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1214440339-299502267-839522115-1003: @talk.google.com/O1DPlugin -> C:\Documents and Settings\Milan\Application Data\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1214440339-299502267-839522115-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Milan\Local Settings\Application Data\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-1214440339-299502267-839522115-1003: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Milan\Local Settings\Application Data\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011-10-03] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Milan\Application Data\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Milan\Application Data\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2015-07-02] (ArcSoft Inc.)
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [970632 2016-10-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [470600 2016-10-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [470600 2016-10-28] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1253352 2016-10-28] (Avira Operations GmbH & Co. KG)
R2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [643072 2015-07-08] (ATI Technologies Inc.) [File not signed]
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2008-06-02] () [File not signed]
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [309384 2016-08-14] (Avira Operations GmbH & Co. KG)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [8152448 2017-04-23] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2080448 2017-04-23] (COMODO)
R2 GEST Service; C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe [80392 2008-07-11] ()
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 isesrv; C:\Program Files\COMODO\Internet Security Essentials\isesrv.exe [118480 2017-04-11] (COMODO)
S2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [43520 2008-01-16] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2008-01-16] (Hewlett-Packard) [File not signed]
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [621056 2009-03-04] (Nokia.) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Afc; C:\WINDOWS\System32\drivers\Afc.sys [18688 2015-07-02] (Arcsoft, Inc.)
R3 ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [7875072 2015-07-21] (ATI Technologies Inc.) [File not signed]
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [115600 2016-08-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [140272 2016-08-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37896 2015-05-07] (Avira Operations GmbH & Co. KG)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [16384 2004-07-09] (Microsoft Corporation)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [17296 2017-03-28] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [657960 2017-03-28] (COMODO)
R1 cmdHlp; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [32760 2017-03-28] (COMODO)
R3 gdrv; C:\WINDOWS\gdrv.sys [16608 2017-05-06] (Windows (R) 2000 DDK provider)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [25280 2009-04-23] (LogMeIn, Inc.)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2007-11-01] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2007-11-01] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2007-11-01] (HP)
R0 Inspect; C:\WINDOWS\System32\DRIVERS\inspect.sys [114248 2017-03-28] (COMODO)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [34176 2017-03-30] (COMODO)
S3 IT9135BDA; C:\WINDOWS\System32\Drivers\IT9135BDA.sys [145920 2015-07-02] (ITE )
R3 LUsbFilt; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [28432 2007-09-21] (Logitech, Inc.)
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15104 2004-07-09] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10112 2004-07-09] (Microsoft Corporation)
R2 rspndr; C:\WINDOWS\System32\DRIVERS\rspndr.sys [62336 2007-09-20] (Microsoft Corporation) [File not signed]
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [5248 2006-09-24] (Windows (R) 2000 DDK provider) [File not signed]
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [721904 2009-05-11] () [File not signed]
R1 sp_rsdrv2; C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [32768 2011-06-21] () [File not signed]
S3 usb2vcom; C:\WINDOWS\System32\DRIVERS\usb2vcom.sys [30272 2006-04-03] () [File not signed]
U3 a6x0fr8k; C:\WINDOWS\system32\Drivers\a6x0fr8k.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 AtiHDAudioService; system32\drivers\AtihdXP3.sys [X]
S3 GarenaPEngine; \??\C:\DOCUME~1\Milan\LOCALS~1\Temp\EOU3C76.tmp [X]
S3 GGSAFERDriver; \??\C:\Hry\Garena\safedrv.sys [X]
S4 IntelIde; no ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U5 Sdbus; C:\Windows\System32\Drivers\Sdbus.sys [79232 2008-04-14] (Microsoft Corporation)
U5 Tcpip6; C:\Windows\System32\Drivers\Tcpip6.sys [225664 2008-04-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-07 12:22 - 2017-05-07 12:22 - 00020447 _____ C:\Documents and Settings\Milan\Desktop\FRST.txt
2017-05-07 12:22 - 2017-05-07 12:22 - 00000000 ____D C:\FRST
2017-05-07 12:21 - 2017-05-07 12:21 - 01769984 _____ (Farbar) C:\Documents and Settings\Milan\Desktop\FRST.exe
2017-05-07 12:17 - 2017-05-07 12:17 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Milan\Desktop\FRSTLauncher.exe
2017-05-06 12:29 - 2017-05-06 12:29 - 00000000 ____D C:\Documents and Settings\All Users\Blizzard Entertainment
2017-05-05 19:56 - 2017-05-06 13:33 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-04-14 13:50 - 2017-04-30 13:04 - 00001850 _____ C:\Documents and Settings\All Users\Desktop\COMODO Firewall 10.lnk
2017-04-14 13:50 - 2017-04-14 13:50 - 00056544 ____H C:\WINDOWS\system32\mlfcache.dat
2017-04-14 13:48 - 2017-05-06 13:36 - 00000440 _____ C:\WINDOWS\Tasks\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627}.job
2017-04-11 21:19 - 2017-03-30 05:10 - 00236792 _____ (COMODO) C:\WINDOWS\system32\iseguard32.dll
2017-04-11 21:19 - 2017-03-30 05:09 - 00034176 _____ (COMODO) C:\WINDOWS\system32\Drivers\isedrv.sys
2017-04-11 21:18 - 2017-04-23 00:26 - 00194752 _____ (COMODO) C:\WINDOWS\system32\cmdshim32.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-07 12:23 - 2009-03-08 16:37 - 00000000 ____D C:\Documents and Settings\Milan\Local Settings\temp
2017-05-07 12:13 - 2015-10-23 19:32 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-05-06 23:33 - 2014-06-02 19:21 - 00001016 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-299502267-839522115-1003UA.job
2017-05-06 23:28 - 2012-04-20 18:33 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2017-05-06 22:47 - 2013-06-30 22:42 - 00000998 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1214440339-299502267-839522115-1003UA.job
2017-05-06 22:47 - 2013-06-30 22:42 - 00000976 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1214440339-299502267-839522115-1003Core.job
2017-05-06 20:59 - 2011-08-16 23:22 - 00000000 ____D C:\Program Files\Steam
2017-05-06 20:28 - 2012-04-20 18:33 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2017-05-06 19:56 - 2014-01-15 15:37 - 00000000 ____D C:\Documents and Settings\Milan\Local Settings\Application Data\Battle.net
2017-05-06 19:02 - 2014-04-04 13:08 - 00000440 _____ C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job
2017-05-06 14:06 - 2013-02-02 14:02 - 00000440 _____ C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
2017-05-06 13:34 - 2009-01-04 16:43 - 00016608 _____ (Windows (R) 2000 DDK provider) C:\WINDOWS\gdrv.sys
2017-05-06 13:33 - 2012-05-04 18:34 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-05-06 13:33 - 2009-01-02 16:33 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-06 13:32 - 2009-01-02 16:35 - 00000178 ___SH C:\Documents and Settings\Milan\ntuser.ini
2017-05-06 13:32 - 2009-01-02 16:34 - 00000000 ____D C:\Documents and Settings\Milan
2017-05-06 13:32 - 2009-01-02 16:33 - 00032616 _____ C:\WINDOWS\SchedLgU.Txt
2017-05-06 12:33 - 2014-06-02 19:21 - 00000964 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-299502267-839522115-1003Core.job
2017-05-06 12:29 - 2009-01-02 17:10 - 00000000 ____D C:\Documents and Settings\All Users
2017-05-06 12:26 - 2014-01-15 15:37 - 00000000 ____D C:\Documents and Settings\Milan\Application Data\Battle.net
2017-05-06 12:26 - 2014-01-15 15:33 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Battle.net
2017-05-05 19:58 - 2013-01-28 17:04 - 00000000 ____D C:\WINDOWS\system32\NtmsData
2017-05-05 19:56 - 2009-01-02 16:28 - 00000000 ____D C:\WINDOWS\Registration
2017-05-05 19:31 - 2001-08-23 14:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2017-05-01 19:25 - 2009-01-02 17:06 - 00000000 _____ C:\WINDOWS\MEMORY.DMP
2017-05-01 11:58 - 2009-01-02 16:34 - 00000000 ___RD C:\Documents and Settings\Milan\My Documents
2017-05-01 01:02 - 2015-11-15 21:34 - 00000000 ____D C:\firefox_zalohy
2017-04-30 19:37 - 2009-05-23 20:00 - 00000000 ____D C:\Program Files\SpeedFan
2017-04-30 13:19 - 2013-06-20 18:18 - 00004414 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2017-04-28 19:53 - 2014-09-01 16:13 - 00000000 ____D C:\Documents and Settings\Milan\Local Settings\Application Data\Adobe
2017-04-28 19:53 - 2012-04-09 00:26 - 00802904 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2017-04-28 19:53 - 2011-05-16 14:05 - 00144472 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2017-04-28 19:53 - 2009-01-02 17:06 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-04-23 00:31 - 2013-01-24 23:43 - 00044008 _____ (COMODO) C:\WINDOWS\system32\cmdcsr.dll
2017-04-23 00:30 - 2013-01-24 23:43 - 00733456 _____ (COMODO) C:\WINDOWS\system32\guard32.dll
2017-04-23 00:26 - 2013-01-24 23:42 - 00363200 _____ (COMODO) C:\WINDOWS\system32\cmdvrt32.dll
2017-04-17 22:21 - 2012-08-14 21:53 - 00000000 ____D C:\Documents and Settings\Milan\Application Data\TS3Client
2017-04-17 18:30 - 2011-03-19 12:20 - 00000000 ____D C:\Nemcina
2017-04-15 22:22 - 2015-01-05 23:45 - 00000000 ____D C:\knihy
2017-04-11 21:19 - 2013-02-02 13:57 - 00000000 ____D C:\Program Files\COMODO
2017-04-11 21:19 - 2013-02-02 13:57 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Comodo
2017-04-11 20:05 - 2009-01-02 17:11 - 00547960 _____ C:\WINDOWS\system32\PerfStringBackup.INI
==================== Files in the root of some directories =======
2016-05-15 20:58 - 2016-05-15 20:58 - 0003584 _____ () C:\Documents and Settings\Milan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-08-09 14:12 - 2011-08-09 17:41 - 0062662 _____ () C:\Documents and Settings\Milan\Local Settings\Application Data\SRDownloader.err
2011-08-09 14:11 - 2013-01-09 00:49 - 0001048 _____ () C:\Documents and Settings\Milan\Local Settings\Application Data\SRDownloader.nast
2014-10-17 14:21 - 2014-10-17 14:21 - 0000057 _____ () C:\Documents and Settings\All Users\Application Data\Ament.ini
2009-01-06 20:36 - 2014-06-07 14:03 - 0002125 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log
Some files in TEMP:
====================
2013-11-25 20:16 - 2014-08-12 11:03 - 0000000 ____D () C:\Documents and Settings\Milan\Local Settings\temp\avgnt.exe
2015-07-02 17:38 - 2015-07-02 17:38 - 0131072 _____ () C:\Documents and Settings\Milan\Local Settings\temp\DevSetup32.dll
2015-07-02 17:38 - 2015-07-02 17:38 - 0126976 _____ () C:\Documents and Settings\Milan\Local Settings\temp\DevSetup64.dll
2013-02-04 22:09 - 2013-02-04 22:10 - 0889416 _____ (Microsoft Corporation) C:\Documents and Settings\Milan\Local Settings\temp\dotNetFx40_Full_setup.exe
2015-07-02 17:38 - 2015-07-02 17:38 - 0098304 _____ () C:\Documents and Settings\Milan\Local Settings\temp\DriverInstall32.exe
2015-07-02 17:38 - 2015-07-02 17:38 - 0098304 _____ () C:\Documents and Settings\Milan\Local Settings\temp\DriverInstall64.exe
2015-07-02 17:38 - 2015-07-02 17:38 - 0016384 _____ () C:\Documents and Settings\Milan\Local Settings\temp\KillProcess.exe
2014-07-13 14:16 - 2014-07-13 14:16 - 0021888 _____ () C:\Documents and Settings\Milan\Local Settings\temp\ochelper.exe
2013-11-24 13:02 - 2017-04-30 19:37 - 0192512 _____ () C:\Documents and Settings\Milan\Local Settings\temp\sfamcc00001.dll
2013-02-01 21:59 - 2012-11-22 16:36 - 1187928 _____ (Check Point Software Technologies) C:\Documents and Settings\Milan\Local Settings\temp\Uninstall.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:596.16 GB) (Free:34.84 GB) NTFS ==>[drive with boot components (Windows XP)]
Available physical RAM: 1258.73 MB
Total physical RAM: 3326.42 MB
Percentage of memory in use: 62%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows XP) (Size: 596.2 GB) (Disk ID: 9F779F77)
Partition 1: (Active) - (Size=596.2 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1214440339-299502267-839522115-1003Core.job => C:\Documents and Settings\Milan\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1214440339-299502267-839522115-1003UA.job => C:\Documents and Settings\Milan\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-299502267-839522115-1003Core.job => C:\Documents and Settings\Milan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-299502267-839522115-1003UA.job => C:\Documents and Settings\Milan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\Potvrdenie_Jati_final.rtf:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\amdpcom32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Ati2mdxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiadlxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiapfxx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atibtmon.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIDDC.DLL:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\ATIDEMGX.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atiiiexx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atimpc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODCLI.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ATIODE.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atioglxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\atitvo32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ativcoxx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ativvamv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BdaPlgIn.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iyuv_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MSDvbNP.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msh263.drv:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msyuv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Oemdspif.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PsisDecd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PsisRndr.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tsbyuv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\unicows.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vfwwdm32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\afc.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ati2erec.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ati2mtag.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\BdaSup.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\drmk.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\IT9135BDA.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\kbdhid.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\portcls.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ssmdrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\stream.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\bdaplgin.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\bdasup.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\drmk.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\iyuv_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\kbdhid.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\msdvbnp.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\msyuv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\portcls.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\psisdecd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\psisrndr.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\stream.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\tsbyuv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\vfwwdm32.dll:$CmdTcID [64]
AlternateDataStreams: C:\Documents and Settings\Milan\Desktop\Norbekov---Jak-se-zbavit-bryli.pdf:$CmdTcID [130]
AlternateDataStreams: C:\Documents and Settings\Milan\Desktop\transakcia_1506021EQ1IBR.pdf:$CmdTcID [64]
==================== Security Center ==================
AV: Avira Antivirus (Disabled - Up to date) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: COMODO Firewall (Disabled) {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Documents and Settings\Milan\Desktop" je 674 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update
"C:\Documents and Settings\Milan\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Documents and Settings\Milan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray
"C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^fortePivot.lnk
C:\PROGRA~1\LGSOFT~1\FORTEP~1\bin\FORTEP~1.EXE -startup [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^IRMonitor.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\IRMonitor.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^TMMonitor.lnk
C:\PROGRA~1\ArcSoft\TOTALM~1.5\TMMONI~1.EXE
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\ICQ7.2\\ICQ.exe"="C:\\Program Files\\ICQ7.2\\ICQ.exe:*:Enabled:ICQ7.2"
"C:\\Program Files\\ICQ7.2\\aolload.exe"="C:\\Program Files\\ICQ7.2\\aolload.exe:*:Enabled:aolload.exe"
"%windir%\\explorer.exe"="%windir%\\explorer.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\ICQ6.5\\ICQ.exe"="C:\\Program Files\\ICQ6.5\\ICQ.exe:*:Enabled:ICQ6"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Hry\\World of Warcraft\\Repair.exe"="C:\\Hry\\World of Warcraft\\Repair.exe:*:Enabled:Blizzard Repair Utility"
"C:\\Hry\\World of Warcraft\\WoW-3.0.8.9464-to-3.0.8.9506-enGB-downloader.exe"="C:\\Hry\\World of Warcraft\\WoW-3.0.8.9464-to-3.0.8.9506-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Hry\\World of Warcraft\\BackgroundDownloader.exe"="C:\\Hry\\World of Warcraft\\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Hry\\World of Warcraft\\Launcher.exe"="C:\\Hry\\World of Warcraft\\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\\Hry\\LOTR\\game.dat"="C:\\Hry\\LOTR\\game.dat:*:Enabled:The Battle for Middle-earth(tm) II"
"C:\\Program Files\\Hamachi\\hamachi.exe"="C:\\Program Files\\Hamachi\\hamachi.exe:*:Enabled:Hamachi Client"
"C:\\Hry\\World of Warcraft\\WoW-3.1.0.9767-to-3.1.1.9806-enGB-downloader.exe"="C:\\Hry\\World of Warcraft\\WoW-3.1.0.9767-to-3.1.1.9806-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Hry\\World of Warcraft\\WoW-3.1.1.9806-to-3.1.1.9835-enGB-downloader.exe"="C:\\Hry\\World of Warcraft\\WoW-3.1.1.9806-to-3.1.1.9835-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Hry\\Counter-Strike Source\\hl2.exe"="C:\\Hry\\Counter-Strike Source\\hl2.exe:*:Enabled:hl2"
"C:\\Hry\\World of Warcraft\\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"="C:\\Hry\\World of Warcraft\\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\WINDOWS\\system32\\dplaysvr.exe"="C:\\WINDOWS\\system32\\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper"
"C:\\Hry\\KnightsAndMerchants\\KaM_1024.exe"="C:\\Hry\\KnightsAndMerchants\\KaM_1024.exe:*:Enabled:KaM_1024"
"C:\\Hry\\KaM - The Peasants Rebellion\\KM_TPR.exe"="C:\\Hry\\KaM - The Peasants Rebellion\\KM_TPR.exe:*:Enabled:KM_TPR"
"C:\\Hry\\Warcraft III\\Warcraft III.exe"="C:\\Hry\\Warcraft III\\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\\Hry\\Warcraft III\\euroloader.exe"="C:\\Hry\\Warcraft III\\euroloader.exe:*:Enabled:w3l"
"C:\\Hry\\Garena\\Garena.exe"="C:\\Hry\\Garena\\Garena.exe:*:Enabled:Garena"
"C:\\Hry\\World of Warcraft\\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"="C:\\Hry\\World of Warcraft\\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Hry\\World of Warcraft\\WoW-3.2.0-enGB-downloader.exe"="C:\\Hry\\World of Warcraft\\WoW-3.2.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\Teamspeak2_RC2server\\server_windows.exe"="C:\\Program Files\\Teamspeak2_RC2server\\server_windows.exe:*:Enabled:Server"
"C:\\Program Files\\Ventrilo\\Ventrilo.exe"="C:\\Program Files\\Ventrilo\\Ventrilo.exe:*:Enabled:Ventrilo.exe"
"C:\\Hry\\World of Warcraft\\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"="C:\\Hry\\World of Warcraft\\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Hry\\World of Warcraft\\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"="C:\\Hry\\World of Warcraft\\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\Program Files\\Java\\jre6\\bin\\java.exe"="C:\\Program Files\\Java\\jre6\\bin\\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"="C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\ICQ7.2\\ICQ.exe"="C:\\Program Files\\ICQ7.2\\ICQ.exe:*:Enabled:ICQ7.2"
"C:\\Program Files\\ICQ7.2\\aolload.exe"="C:\\Program Files\\ICQ7.2\\aolload.exe:*:Enabled:aolload.exe"
"C:\\Downloads\\SweetImSetup.exe"="C:\\Downloads\\SweetImSetup.exe:*:Enabled:SweetIM Installer"
"C:\\Hry\\Warcraft III\\war3.exe"="C:\\Hry\\Warcraft III\\war3.exe:*:Enabled:war3"
"C:\\Hry\\Warcraft III\\Frozen Throne.exe"="C:\\Hry\\Warcraft III\\Frozen Throne.exe:*:Enabled:Warcraft III - Ledový trùn"
"C:\\Hry\\OpenTTD\\openttd.exe"="C:\\Hry\\OpenTTD\\openttd.exe:*:Enabled:OpenTTD"
"C:\\Hry\\Counter Strike\\hl.exe"="C:\\Hry\\Counter Strike\\hl.exe:*:Enabled:hl"
"%windir%\\explorer.exe"="%windir%\\explorer.exe"
"C:\\Program Files\\Steam\\Steam.exe"="C:\\Program Files\\Steam\\Steam.exe:*:Enabled:Steam"
"C:\\Program Files\\Steam\\steamapps\\common\\dota 2 beta\\dota.exe"="C:\\Program Files\\Steam\\steamapps\\common\\dota 2 beta\\dota.exe:*:Enabled:Dota 2"
"C:\\Documents and Settings\\Milan\\Local Settings\\Application Data\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"="C:\\Documents and Settings\\Milan\\Local Settings\\Application Data\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"
"C:\\Program Files\\Steam\\bin\\steamwebhelper.exe"="C:\\Program Files\\Steam\\bin\\steamwebhelper.exe:*:Enabled:Steam Web Helper"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\HP\\HP Deskjet 3520 series\\Bin\\DeviceSetup.exe"="C:\\Program Files\\HP\\HP Deskjet 3520 series\\Bin\\DeviceSetup.exe:LocalSubNet:Enabled:HP Device Setup (HP Deskjet 3520 series)"
"C:\\Program Files\\HP\\HP Deskjet 3520 series\\Bin\\HPNetworkCommunicator.exe"="C:\\Program Files\\HP\\HP Deskjet 3520 series\\Bin\\HPNetworkCommunicator.exe:LocalSubNet:Enabled:HP Network Communicator (HP Deskjet 3520 series)"
"C:\\Program Files\\HP\\HP Deskjet 3520 series\\Bin\\HPNetworkCommunicatorCom.exe"="C:\\Program Files\\HP\\HP Deskjet 3520 series\\Bin\\HPNetworkCommunicatorCom.exe:LocalSubNet:Enabled:HP Network Communicator COM (HP Deskjet 3520 series)"
"C:\\Program Files\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win32\\dota2.exe"="C:\\Program Files\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win32\\dota2.exe:*:Enabled:Dota 2"
"C:\\Program Files\\ArcSoft\\TotalMedia 3.5\\TotalMedia.exe"="C:\\Program Files\\ArcSoft\\TotalMedia 3.5\\TotalMedia.exe:LocalSubNet:Enabled:ArcSoft TotalMedia 3.5"
"C:\\Program Files\\Steam\\bin\\cef\\cef.winxp\\steamwebhelper.exe"="C:\\Program Files\\Steam\\bin\\cef\\cef.winxp\\steamwebhelper.exe:*:Enabled:Steam Web Helper"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox (C:\\Program Files\\Mozilla Firefox)"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP"="139:TCP:*:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:*:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:*:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:*:Enabled:@xpsp2res.dll,-22002"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP"="139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002"
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
"3724:TCP"="3724:TCP:*:Enabled:Blizzard Downloader"
"6112:TCP"="6112:TCP:*:Enabled:Blizzard Downloader"
"6881:TCP"="6881:TCP:*:Enabled:Blizzard Downloader: 6881"
"6112:UDP"="6112:UDP:*:Enabled:W3 Hoster"
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
==================== End Of Log ==============================
aj tam bolo niečo čo to spôsobovalo, alebo sa nejedná o vírový problém? + ešte Avira našla v System volume information 2 nálezy, neviem či sa to mohlo týkať FRST Launchera, ktorý po obnovení ochrany zlikvidovala
Přispějete na provoz fóra?