Hrozne pomalu sjizdi, zadrhava, prosim o jeho kontrolu , dekuji
Logfile of random's system information tool 1.06 (written by random/random)
Run by Lucinka at 2010-02-03 17:22:40
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 11 GB (30%) free of 35 GB
Total RAM: 1022 MB (59% free)
HijackThis download failed
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar3.dll [2007-09-06 2403392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [2007-09-07 325048]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\WINDOWS\system32\eDStoolbar.dll [2006-03-08 106496]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar3.dll [2007-09-06 2403392]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-02-27 16005120]
"LogitechCameraAssistant"=C:\Program Files\Acer\OrbiCam\CameraAssistant.exe [2006-04-06 331776]
"LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2006-03-30 471040]
"LaunchApp"=Alaunch []
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\eRAgent.exe [2006-04-28 401408]
"ePower_DMC"=C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [2006-04-04 421888]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2006-03-17 345088]
"Boot"=C:\Acer\Empowering Technology\ePower\Boot.exe [2006-03-15 579584]
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2005-08-25 53248]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2006-03-16 88204]
"Acer ePresentation HPD"=C:\Acer\Empowering Technology\ePresentation\ePresentation.exe [2006-03-31 204800]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-18 59392]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2006-04-06 225280]
"LogitechVideo[inspector]"=C:\Program Files\Acer\OrbiCam\InstallHelper.exe [2006-04-06 73728]
"LogitechCameraService(E)"=C:\WINDOWS\system32\ElkCtrl.exe [2004-11-01 262144]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-01-08 102491]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-01-08 692315]
"MSConfig"=C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE [2008-04-14 171008]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2009-10-07 323392]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-08-22 94208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange]
C:\WINDOWS\system32\Ati2mdxx.exe [2006-02-22 26112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
C:\WINDOWS\system32\hkcmd.exe [2005-11-28 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
C:\WINDOWS\system32\igfxpers.exe [2005-11-28 118784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
C:\WINDOWS\system32\igfxtray.exe [2005-11-28 98304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-18 208952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-02-22 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-11-28 135168]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\games\Age of Empires II - The Conquerors\age2_x1.exe"="C:\games\Age of Empires II - The Conquerors\age2_x1.exe:*:Disabled:Age of Empires II Expansion"
"C:\Program Files\CZDC-0666[O]\CZDC.exe"="C:\Program Files\CZDC-0666[O]\CZDC.exe:*:Disabled:CZDC"
"C:\Program Files\Maxima-5.17.1\wxMaxima\wxMaxima.exe"="C:\Program Files\Maxima-5.17.1\wxMaxima\wxMaxima.exe:*:Disabled:wxMaxima"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-02-03 17:22:40 ----D---- C:\rsit
2010-02-03 17:22:40 ----D---- C:\Program Files\trend micro
2010-02-03 17:17:09 ----SHD---- C:\Recycled
2010-02-03 16:23:00 ----D---- C:\Program Files\ATI Technologies
2010-02-03 16:16:17 ----A---- C:\WINDOWS\system32\atioglx1.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ativcoxx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\atitvo32.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\atipdlxx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\atioglxx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\atikvmag.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\atiiiexx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ATIDEMGR.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ATIDDC.DLL
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ati3duag.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\Ati2mdxx.exe
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ati2evxx.exe
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ati2evxx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ati2edxx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2010-02-03 14:38:00 ----A---- C:\ComboFix.txt
2010-02-03 13:39:49 ----A---- C:\WINDOWS\system32\SynTPFcs.dll
2010-02-03 13:39:49 ----A---- C:\WINDOWS\system32\SynTPCo2.dll
2010-02-03 13:39:49 ----A---- C:\WINDOWS\system32\SynTPAPI.dll
2010-02-03 13:39:49 ----A---- C:\WINDOWS\system32\SynCtrl.dll
2010-02-03 13:39:49 ----A---- C:\WINDOWS\system32\SynCOM.dll
2010-02-03 12:30:05 ----A---- C:\WINDOWS\zip.exe
2010-02-03 12:30:05 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-02-03 12:30:05 ----A---- C:\WINDOWS\SWSC.exe
2010-02-03 12:30:05 ----A---- C:\WINDOWS\SWREG.exe
2010-02-03 12:30:05 ----A---- C:\WINDOWS\sed.exe
2010-02-03 12:30:05 ----A---- C:\WINDOWS\PEV.exe
2010-02-03 12:30:05 ----A---- C:\WINDOWS\NIRCMD.exe
2010-02-03 12:30:05 ----A---- C:\WINDOWS\MBR.exe
2010-02-03 12:30:05 ----A---- C:\WINDOWS\grep.exe
2010-02-01 09:15:24 ----A---- C:\WINDOWS\wcx_ftp.ini
2010-02-01 09:08:25 ----D---- C:\WINDOWS\pss
2010-02-01 07:22:21 ----A---- C:\WINDOWS\ntbtlog.txt
2010-01-19 20:11:55 ----D---- C:\Documents and Settings\Lucinka\Data aplikací\Mozilla
2010-01-14 10:18:17 ----HD---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-14 10:16:59 ----HD---- C:\WINDOWS\$NtUninstallKB972270$
2010-01-11 12:27:54 ----D---- C:\Program Files\MATLAB
2010-01-11 12:24:15 ----D---- C:\Program Files\Elaborate Bytes
2010-01-05 15:38:17 ----A---- C:\Boot.bak
2010-01-05 15:38:03 ----RASHD---- C:\cmdcons
2010-01-05 15:35:57 ----D---- C:\WINDOWS\ERDNT
2010-01-05 14:49:07 ----D---- C:\Documents and Settings\Lucinka\Data aplikací\Spyware Terminator
======List of files/folders modified in the last 1 months======
2010-02-03 17:22:36 ----A---- C:\WINDOWS\WINCMD.INI
2010-02-03 17:15:46 ----RASH---- C:\boot.ini
2010-02-03 17:15:46 ----A---- C:\WINDOWS\win.ini
2010-02-03 17:15:46 ----A---- C:\WINDOWS\system.ini
2010-02-03 17:13:24 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-03 12:57:40 ----A---- C:\WINDOWS\OEWABLog.txt
2010-02-01 11:13:48 ----A---- C:\WINDOWS\imsins.BAK
2010-02-01 09:15:48 ----A---- C:\AUTOEXEC.BAT
2010-02-01 08:41:50 ----A---- C:\WINDOWS\wininit.ini
2010-02-01 07:41:58 ----A---- C:\WINDOWS\primopdf.ini
2010-01-29 17:40:28 ----A---- C:\WINDOWS\ModemLog_Agere Systems HDA Modem.txt
2010-01-18 22:51:42 ----A---- C:\WINDOWS\WTRAN32.INI
2010-01-16 15:31:20 ----A---- C:\WINDOWS\NeroDigital.ini
2010-01-12 09:48:34 ----A---- C:\WINDOWS\WDICT32.INI
2010-01-06 17:59:52 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-01-05 10:58:04 ----N---- C:\WINDOWS\system32\wininet.dll
2010-01-05 10:58:04 ----A---- C:\WINDOWS\system32\webcheck.dll
2010-01-05 10:58:04 ----A---- C:\WINDOWS\system32\urlmon.dll
2010-01-05 10:58:04 ----A---- C:\WINDOWS\system32\url.dll
2010-01-05 10:58:04 ----A---- C:\WINDOWS\system32\pngfilt.dll
2010-01-05 10:58:04 ----A---- C:\WINDOWS\system32\occache.dll
2010-01-05 10:58:02 ----N---- C:\WINDOWS\system32\mshtml.dll
2010-01-05 10:58:02 ----A---- C:\WINDOWS\system32\mstime.dll
2010-01-05 10:58:02 ----A---- C:\WINDOWS\system32\msrating.dll
2010-01-05 10:58:02 ----A---- C:\WINDOWS\system32\mshtmled.dll
2010-01-05 10:58:02 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2010-01-05 10:58:02 ----A---- C:\WINDOWS\system32\msfeeds.dll
2010-01-05 10:58:00 ----A---- C:\WINDOWS\system32\jsproxy.dll
2010-01-05 10:58:00 ----A---- C:\WINDOWS\system32\iertutil.dll
2010-01-05 10:58:00 ----A---- C:\WINDOWS\system32\iernonce.dll
2010-01-05 10:58:00 ----A---- C:\WINDOWS\system32\iepeers.dll
2010-01-05 10:58:00 ----A---- C:\WINDOWS\system32\ieframe.dll
2010-01-05 10:58:00 ----A---- C:\WINDOWS\system32\ieencode.dll
2010-01-05 10:58:00 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2010-01-05 10:57:58 ----N---- C:\WINDOWS\system32\extmgr.dll
2010-01-05 10:57:58 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2010-01-05 10:57:58 ----A---- C:\WINDOWS\system32\ieaksie.dll
2010-01-05 10:57:58 ----A---- C:\WINDOWS\system32\ieakeng.dll
2010-01-05 10:57:58 ----A---- C:\WINDOWS\system32\icardie.dll
2010-01-05 10:57:58 ----A---- C:\WINDOWS\system32\dxtrans.dll
2010-01-05 10:57:58 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2010-01-05 10:57:58 ----A---- C:\WINDOWS\system32\corpol.dll
2010-01-05 10:57:58 ----A---- C:\WINDOWS\system32\advpack.dll
2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-09-08 21275]
R2 EpmPsd;Acer EPM Power Scheme Driver; \??\C:\WINDOWS\system32\drivers\epm-psd.sys []
R2 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\drivers\epm-shd.sys []
R2 int15;int15; \??\C:\WINDOWS\system32\drivers\int15.sys []
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-11-28 13568]
R2 symlcbrd;symlcbrd; \??\C:\WINDOWS\system32\drivers\symlcbrd.sys []
R2 tvicport;tvicport; \??\C:\WINDOWS\system32\drivers\tvicport.sys []
R2 zntport;zntport; \??\C:\WINDOWS\system32\drivers\zntport.sys []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-02-22 1505792]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 LVPrcMon;Logitech LVPrcMon Driver; \??\C:\WINDOWS\system32\drivers\LVPrcMon.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-04-21 6144]
R3 psdfilter;psdfilter; \??\C:\WINDOWS\system32\Drivers\psdfilter.sys []
R3 psdvdisk;psdvdisk; \??\C:\WINDOWS\system32\Drivers\psdvdisk.sys []
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-01-18 80512]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-01-08 191456]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-09-20 162432]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-11-27 1427968]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-18 14848]
S2 eLock2BurnerLockDriver;eLock2BurnerLockDriver; \??\C:\WINDOWS\system32\eLock2BurnerLockDriver.sys []
S2 eLock2FSCTLDriver;eLock2FSCTLDriver; \??\C:\WINDOWS\system32\eLock2FSCTLDriver.sys []
S3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2006-03-16 1124097]
S3 AVHybrid;AVHybrid service; C:\WINDOWS\system32\DRIVERS\AVHybrid.sys [2005-04-29 999680]
S3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2005-11-02 424320]
S3 catchme;catchme; \??\C:\DOCUME~1\Lucinka\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-08 16896]
S3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys []
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-11-28 1353820]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-02-27 4241920]
S3 lv321av;Logitech USB PC Camera (VC0321); C:\WINDOWS\System32\Drivers\lv321av.sys [2006-04-06 1097472]
S3 lvmvdrv;Logitech Machine Vision Engine Loader; \??\C:\WINDOWS\system32\drivers\lvmvdrv.sys []
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2006-04-06 39424]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\IDS-DI~1\20090519.001\symidsco.sys []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-05-23 29696]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\system32\vsdatant.sys []
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2008-08-28 131856]
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-04-27 717296]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcerMemUsageCheckService;Memory Check Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2006-03-29 28672]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-02-22 405504]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-11-28 114753]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-02-17 73728]
R2 LVPrcSrv;Logitech Process Monitor; c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe [2006-04-06 86016]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-11-28 217164]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-11-28 540745]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-09-06 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero 7\Nero BackItUp\NBService.exe [2006-08-08 208896]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe -d -f C:\Program Files\WinPcap\rpcapd.ini []
S3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2009-05-17 1251720]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola notebooku Acer
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Unlimited_Killer
- Přítel fóra
- Příspěvky: 1969
- Registrován: 24 srp 2009 16:18
Re: Kontrola notebooku Acer
Proč jste dělal ComboFix? Neměl by se dělat bez doporučení. 
Ale když už, tak chci log
Ale když už, tak chci log
Kód: Vybrat vše
C:\ComboFix.txtinactive
Re: Kontrola notebooku Acer
Omlouvam se, drive jsem pouzival ComboFix a tak jsem ho zkusil. Log uz nemam.
Jde neco zjistit z logu RSITu? Dekuji...
Jde neco zjistit z logu RSITu? Dekuji...
-
Unlimited_Killer
- Přítel fóra
- Příspěvky: 1969
- Registrován: 24 srp 2009 16:18
Re: Kontrola notebooku Acer
Vyžádám si nový ComboFix.
~~~
Vložte sem log z ComboFix.
Stáhněte a uložte na Plochu ComboFix, poté ho spusťte s administrátorským oprávněním.
Ještě před spuštěním vypněte rezidentní štít antiviru, či antispywaru.
Po spuštění se Vám zobrazí licenční podmínky, klikněte na 'Ano'. Budete také dotázán na instalaci konzole pro zotavení, klikněte na 'Ano'.
Celý sken bude trvat tak 5-10 minut, v závislosti na tom, kolika soubory se bude CF prodírat. Váš PC bude pravděpodobně restartován, tak se toho neděste. Než úplně skončí sken, nic nedělejte, hlavně neklikejte do spuštěného okna s ComboFixem.
Po skončení skenu na Vás vypadne log, který vkopírujete sem.
~~~
Vložte sem log z ComboFix.
Stáhněte a uložte na Plochu ComboFix, poté ho spusťte s administrátorským oprávněním.
Ještě před spuštěním vypněte rezidentní štít antiviru, či antispywaru.
Po spuštění se Vám zobrazí licenční podmínky, klikněte na 'Ano'. Budete také dotázán na instalaci konzole pro zotavení, klikněte na 'Ano'.
Celý sken bude trvat tak 5-10 minut, v závislosti na tom, kolika soubory se bude CF prodírat. Váš PC bude pravděpodobně restartován, tak se toho neděste. Než úplně skončí sken, nic nedělejte, hlavně neklikejte do spuštěného okna s ComboFixem.
Po skončení skenu na Vás vypadne log, který vkopírujete sem.
inactive
Re: Kontrola notebooku Acer
ComboFix 10-02-02.04 - Lucinka 04.02.2010 8:17.4.2 - FAT32x86
SpuÜt∞n² z: c:\temp\ComboFix.exe
.
Tyto soubory byly b∞hem aplikovßnφ deaktivovßny:
c:\program files\Common Files\Logitech\LVMVFM\LVPrcInj.dll
((((((((((((((((((((((((((((((((((((((( Ostatnφ v²mazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\EventSystem.log
c:\windows\regedit.com
c:\windows\system32\taskmgr.com
.
((((((((((((((((((((((((( Soubory vytvo°enΘ od 2010-01-04 do 2010-02-04 )))))))))))))))))))))))))))))))
.
2010-02-03 18:04 . 2010-02-03 18:04 -------- d-----w- C:\rsit
2010-02-03 17:33 . 2010-02-03 17:33 1012 ----a-w- c:\temp\cc_20100203_183341.reg
2010-02-03 17:32 . 2010-02-03 17:32 163784 ----a-w- c:\temp\cc_20100203_183241.reg
2010-02-03 17:31 . 2010-02-03 17:31 528182 ----a-w- c:\temp\cc_20100203_183105.reg
2010-02-03 17:28 . 2010-02-03 17:28 27954 ----a-w- c:\temp\cc_20100203_182817.reg
2010-02-03 17:27 . 2010-02-03 17:27 144884 ----a-w- c:\temp\cc_20100203_182721.reg
2010-02-03 17:21 . 2010-02-03 17:21 205034 ----a-w- c:\temp\cc_20100203_182129.reg
2010-02-03 17:07 . 2010-02-03 17:07 -------- d-----w- c:\windows\system32\wbem\Repository
2010-02-03 17:07 . 2010-02-03 17:07 -------- d--h--w- c:\documents and settings\Luci\èablony
2010-02-03 17:07 . 2010-02-03 17:07 -------- d--h--w- c:\documents and settings\Luci\Okolnφ tiskßrny
2010-02-03 17:07 . 2010-02-03 17:07 -------- d-----w- c:\documents and settings\Luci\Plocha
2010-02-03 17:07 . 2010-02-03 17:07 -------- d-----r- c:\documents and settings\Luci\Nabφdka Start
2010-02-03 17:07 . 2010-02-03 17:07 -------- d--h--r- c:\documents and settings\Luci\Data aplikacφ
2010-02-03 17:07 . 2010-02-03 17:07 -------- d-----w- c:\documents and settings\Luci
2010-02-03 16:52 . 2010-02-03 16:52 -------- d---a-w- c:\temp\CCleaner
2010-02-03 16:34 . 2010-02-03 16:36 6567395 ----a-w- c:\windows\REGBK00.ZIP
2010-02-03 16:26 . 2010-02-03 16:26 -------- d---a-w- c:\windows\VDLL.DLL
2010-02-03 16:26 . 2010-02-03 16:26 -------- d---a-w- c:\windows\system32\runouce.exe
2010-02-03 16:26 . 2010-02-03 16:26 -------- d---a-w- c:\windows\rundll16.exe
2010-02-03 16:26 . 2010-02-03 16:26 -------- d---a-w- c:\windows\RUNDL132.EXE
2010-02-03 16:26 . 2010-02-03 16:26 -------- d---a-w- c:\windows\logo1_.exe
2010-02-03 16:26 . 2010-02-03 16:26 -------- d---a-w- c:\windows\logo_1.exe
2010-02-03 16:24 . 2010-02-03 16:24 632064 ----a-w- c:\windows\system32\msvcr80.dll
2010-02-03 16:24 . 2010-02-03 16:24 554240 ----a-w- c:\windows\system32\msvcp80.dll
2010-02-03 16:24 . 2010-02-03 16:24 34048 ----a-w- c:\windows\system32\eEmpty.exe
2010-02-03 16:24 . 2008-04-14 04:22 137216 ----a-w- c:\windows\system32\T.COM
2010-02-03 16:24 . 2008-04-14 04:22 147968 ----a-w- c:\windows\R.COM
2010-02-03 16:24 . 2010-02-03 16:24 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-02-03 16:22 . 2010-02-03 16:22 -------- d-----w- c:\temp\rsit
2010-02-03 16:22 . 2010-02-03 16:22 -------- d-----w- c:\program files\trend micro
2010-02-03 16:18 . 2010-02-03 15:56 781909 ----a-w- c:\temp\RSIT.exe
2010-02-03 16:17 . 2010-02-03 16:02 68866904 ----a-w- c:\temp\mwav.exe
2010-02-03 15:23 . 2010-02-03 15:23 -------- d-----w- c:\program files\ATI Technologies
2010-02-03 12:39 . 2005-01-08 06:19 81920 ----a-w- c:\windows\system32\SynTPCo2.dll
2010-02-03 12:39 . 2005-01-08 06:17 69723 ----a-w- c:\windows\system32\SynTPFcs.dll
2010-02-03 12:39 . 2005-01-08 06:06 90203 ----a-w- c:\windows\system32\SynTPAPI.dll
2010-02-03 12:39 . 2005-01-08 06:06 114688 ----a-w- c:\windows\system32\SynCtrl.dll
2010-02-03 12:39 . 2005-01-08 06:06 82014 ----a-w- c:\windows\system32\SynCOM.dll
2010-02-03 12:39 . 2005-01-08 06:03 191456 ----a-w- c:\windows\system32\drivers\SynTP.sys
2010-02-03 11:28 . 2010-02-03 11:19 3844171 ----a-r- c:\temp\ComboFix.exe
2010-02-02 15:44 . 2010-02-02 15:44 552 ----a-w- c:\windows\system32\d3d8caps.dat
2010-02-01 06:32 . 2010-02-01 06:32 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2010-02-01 06:25 . 2010-02-01 06:25 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-02-01 06:24 . 2006-04-21 11:12 -------- d-----r- c:\documents and settings\Administrator\OblφbenΘ polo₧ky
2010-02-01 06:24 . 2006-04-21 11:12 -------- d-----r- c:\documents and settings\Administrator\Dokumenty
2010-02-01 06:24 . 2006-04-21 10:58 -------- d--h--w- c:\documents and settings\Administrator\Okolnφ tiskßrny
2010-02-01 06:24 . 2006-04-21 10:58 -------- d--h--w- c:\documents and settings\Administrator\Okolnφ sφ¥
2010-02-01 06:24 . 2006-04-21 10:58 -------- d--h--r- c:\documents and settings\Administrator\Data aplikacφ
2010-02-01 06:24 . 2006-04-21 10:58 -------- d-----w- c:\documents and settings\Administrator\Plocha
2010-02-01 06:24 . 2006-04-21 10:58 -------- d--h--w- c:\documents and settings\Administrator\èablony
2010-02-01 06:24 . 2006-04-21 10:58 -------- d-----r- c:\documents and settings\Administrator\Nabφdka Start
2010-02-01 06:23 . 2010-02-01 06:23 -------- d-----w- c:\documents and settings\Administrator
2010-01-29 16:51 . 2004-08-18 19:00 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2010-01-29 16:51 . 2004-08-18 19:00 14848 ----a-w- c:\windows\system32\dllcache\kbdhid.sys
2010-01-13 14:51 . 2009-11-21 16:03 471552 ------w- c:\windows\system32\dllcache\aclayers.dll
2010-01-11 11:27 . 2010-01-11 11:27 -------- d-----w- c:\program files\MATLAB
2010-01-11 11:24 . 2010-01-11 11:24 -------- d-----w- c:\program files\Elaborate Bytes
2010-01-05 13:56 . 2010-01-05 13:56 -------- d-----w- c:\temp\Qoobox
.
(((((((((((((((((((((((((((((((((((((((( Find3M v²pis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-06 16:59 . 2006-05-02 13:00 83586 ----a-w- c:\windows\system32\perfc005.dat
2010-01-06 16:59 . 2006-05-02 13:00 439390 ----a-w- c:\windows\system32\perfh005.dat
2010-01-05 09:58 . 2006-01-09 19:08 832512 ------w- c:\windows\system32\wininet.dll
2010-01-05 09:58 . 2009-11-17 10:19 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-05 09:57 . 2004-08-18 19:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-12-28 18:43 . 2009-12-28 18:43 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-12-28 18:43 . 2009-12-28 18:43 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-12-28 18:34 . 2009-12-28 18:34 -------- d-----w- c:\program files\Common Files\PCSuite
2009-12-28 18:33 . 2009-12-28 18:33 -------- d-----w- c:\program files\Common Files\Nokia
2009-12-28 18:32 . 2009-12-28 18:32 -------- d-----w- c:\program files\PC Connectivity Solution
2009-12-28 17:39 . 2009-12-28 17:39 -------- d-----w- c:\program files\DIFX
2009-12-28 17:38 . 2009-12-28 17:38 -------- d-----w- c:\program files\Nokia
2009-12-07 21:22 . 2009-12-07 21:07 28 ----a-w- c:\windows\popcinfot.dat
2009-11-21 16:03 . 2004-08-18 19:00 471552 ----a-w- c:\windows\AppPatch\AcLayers.dll
2006-11-22 18:44 . 2006-11-22 18:44 4756656 ----a-w- c:\program files\bsplayer212941.exe
2006-10-02 15:32 . 2006-10-02 16:19 3221559 ----a-w- c:\program files\CZDC-0666[O].7z
2006-10-02 13:47 . 2006-10-02 13:47 10331576 ----a-w- c:\program files\SkypeSetup.exe
.
(((((((((((((((((((((((((((((((((( SpouÜt∞cφ body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznßmka* prßzdnΘ zßznamy a legitimnφ v²chozφ ·daje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-10-07 323392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"RTHDCPL"="RTHDCPL.EXE" [2006-02-27 16005120]
"LogitechCameraAssistant"="c:\program files\Acer\OrbiCam\CameraAssistant.exe" [2006-04-06 331776]
"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2006-03-30 471040]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-08-25 53248]
"AGRSMMSG"="AGRSMMSG.exe" [2006-03-16 88204]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-18 59392]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2006-04-06 225280]
"LogitechVideo[inspector]"="c:\program files\Acer\OrbiCam\InstallHelper.exe" [2006-04-06 18:06 73728]
"LogitechCameraService(E)"="c:\windows\system32\ElkCtrl.exe" [2004-11-01 262144]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-01-08 102491]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-01-08 692315]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePresentation HPD]
2006-03-31 15:39 204800 ----a-w- c:\acer\Empowering Technology\ePresentation\ePresentation.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange]
2006-02-22 10:40 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2006-08-22 08:52 94208 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]
2006-03-15 21:12 579584 ----a-w- c:\acer\Empowering Technology\ePower\Boot.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
2006-03-17 14:00 345088 ----a-w- c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
2006-04-04 17:08 421888 ----a-w- c:\acer\Empowering Technology\ePower\ePower_DMC.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService]
2006-04-28 15:43 401408 ----a-w- c:\acer\Empowering Technology\eRecovery\eRAgent.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
2005-11-28 12:52 77824 ----a-w- c:\windows\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
2005-11-28 12:55 118784 ----a-w- c:\windows\system32\igfxpers.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
2005-11-28 12:55 98304 ----a-w- c:\windows\system32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2004-08-18 19:00 208952 ----a-w- c:\windows\ime\imjp8_1\imjpmig.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 04:22 1695232 ------w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 15:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-11-11 09:57 1451520 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
2004-08-18 19:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
2004-08-18 19:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\games\\Age of Empires II - The Conquerors\\age2_x1.exe"=
"c:\\Program Files\\CZDC-0666[O]\\CZDC.exe"=
"c:\\Program Files\\Maxima-5.17.1\\wxMaxima\\wxMaxima.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
R3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\drivers\lv321av.sys [30.11.2005 20:28 1097472]
S2 eLock2BurnerLockDriver;eLock2BurnerLockDriver;\??\c:\windows\system32\eLock2BurnerLockDriver.sys --> c:\windows\system32\eLock2BurnerLockDriver.sys [?]
S2 eLock2FSCTLDriver;eLock2FSCTLDriver;\??\c:\windows\system32\eLock2FSCTLDriver.sys --> c:\windows\system32\eLock2FSCTLDriver.sys [?]
S3 AVHybrid;AVHybrid service;c:\windows\system32\drivers\AVHybrid.sys [11.3.2008 15:03 999680]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27.4.2008 18:59 717296]
.
.
------- Dopl≥kov² sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-04 08:24
Windows 5.1.2600 Service Pack 3 FAT NTAPI
skenovßnφ skryt²ch proces∙ ...
skenovßnφ skryt²ch polo₧ek 'Po spuÜt∞nφ' ...
skenovßnφ skryt²ch soubor∙ ...
sken byl ·speÜn∞ dokonΦen
skrytΘ soubory: 0
**************************************************************************
.
--------------------- Knihovny navßzanΘ na b∞₧φcφ procesy ---------------------
- - - - - - - > 'winlogon.exe'(900)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\igfxdev.dll
.
Celkov² Φas: 2010-02-04 08:28:04
ComboFix-quarantined-files.txt 2010-02-04 07:28
ComboFix2.txt 2010-02-03 13:38
P°ed spuÜt∞nφm: Voln²ch bajt∙: 10á943á692á800
Po spuÜt∞nφ: Voln²ch bajt∙: 10á918á625á280
Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 6CD37200A053413C9E1BB5504EA75A06
SpuÜt∞n² z: c:\temp\ComboFix.exe
.
Tyto soubory byly b∞hem aplikovßnφ deaktivovßny:
c:\program files\Common Files\Logitech\LVMVFM\LVPrcInj.dll
((((((((((((((((((((((((((((((((((((((( Ostatnφ v²mazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\EventSystem.log
c:\windows\regedit.com
c:\windows\system32\taskmgr.com
.
((((((((((((((((((((((((( Soubory vytvo°enΘ od 2010-01-04 do 2010-02-04 )))))))))))))))))))))))))))))))
.
2010-02-03 18:04 . 2010-02-03 18:04 -------- d-----w- C:\rsit
2010-02-03 17:33 . 2010-02-03 17:33 1012 ----a-w- c:\temp\cc_20100203_183341.reg
2010-02-03 17:32 . 2010-02-03 17:32 163784 ----a-w- c:\temp\cc_20100203_183241.reg
2010-02-03 17:31 . 2010-02-03 17:31 528182 ----a-w- c:\temp\cc_20100203_183105.reg
2010-02-03 17:28 . 2010-02-03 17:28 27954 ----a-w- c:\temp\cc_20100203_182817.reg
2010-02-03 17:27 . 2010-02-03 17:27 144884 ----a-w- c:\temp\cc_20100203_182721.reg
2010-02-03 17:21 . 2010-02-03 17:21 205034 ----a-w- c:\temp\cc_20100203_182129.reg
2010-02-03 17:07 . 2010-02-03 17:07 -------- d-----w- c:\windows\system32\wbem\Repository
2010-02-03 17:07 . 2010-02-03 17:07 -------- d--h--w- c:\documents and settings\Luci\èablony
2010-02-03 17:07 . 2010-02-03 17:07 -------- d--h--w- c:\documents and settings\Luci\Okolnφ tiskßrny
2010-02-03 17:07 . 2010-02-03 17:07 -------- d-----w- c:\documents and settings\Luci\Plocha
2010-02-03 17:07 . 2010-02-03 17:07 -------- d-----r- c:\documents and settings\Luci\Nabφdka Start
2010-02-03 17:07 . 2010-02-03 17:07 -------- d--h--r- c:\documents and settings\Luci\Data aplikacφ
2010-02-03 17:07 . 2010-02-03 17:07 -------- d-----w- c:\documents and settings\Luci
2010-02-03 16:52 . 2010-02-03 16:52 -------- d---a-w- c:\temp\CCleaner
2010-02-03 16:34 . 2010-02-03 16:36 6567395 ----a-w- c:\windows\REGBK00.ZIP
2010-02-03 16:26 . 2010-02-03 16:26 -------- d---a-w- c:\windows\VDLL.DLL
2010-02-03 16:26 . 2010-02-03 16:26 -------- d---a-w- c:\windows\system32\runouce.exe
2010-02-03 16:26 . 2010-02-03 16:26 -------- d---a-w- c:\windows\rundll16.exe
2010-02-03 16:26 . 2010-02-03 16:26 -------- d---a-w- c:\windows\RUNDL132.EXE
2010-02-03 16:26 . 2010-02-03 16:26 -------- d---a-w- c:\windows\logo1_.exe
2010-02-03 16:26 . 2010-02-03 16:26 -------- d---a-w- c:\windows\logo_1.exe
2010-02-03 16:24 . 2010-02-03 16:24 632064 ----a-w- c:\windows\system32\msvcr80.dll
2010-02-03 16:24 . 2010-02-03 16:24 554240 ----a-w- c:\windows\system32\msvcp80.dll
2010-02-03 16:24 . 2010-02-03 16:24 34048 ----a-w- c:\windows\system32\eEmpty.exe
2010-02-03 16:24 . 2008-04-14 04:22 137216 ----a-w- c:\windows\system32\T.COM
2010-02-03 16:24 . 2008-04-14 04:22 147968 ----a-w- c:\windows\R.COM
2010-02-03 16:24 . 2010-02-03 16:24 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-02-03 16:22 . 2010-02-03 16:22 -------- d-----w- c:\temp\rsit
2010-02-03 16:22 . 2010-02-03 16:22 -------- d-----w- c:\program files\trend micro
2010-02-03 16:18 . 2010-02-03 15:56 781909 ----a-w- c:\temp\RSIT.exe
2010-02-03 16:17 . 2010-02-03 16:02 68866904 ----a-w- c:\temp\mwav.exe
2010-02-03 15:23 . 2010-02-03 15:23 -------- d-----w- c:\program files\ATI Technologies
2010-02-03 12:39 . 2005-01-08 06:19 81920 ----a-w- c:\windows\system32\SynTPCo2.dll
2010-02-03 12:39 . 2005-01-08 06:17 69723 ----a-w- c:\windows\system32\SynTPFcs.dll
2010-02-03 12:39 . 2005-01-08 06:06 90203 ----a-w- c:\windows\system32\SynTPAPI.dll
2010-02-03 12:39 . 2005-01-08 06:06 114688 ----a-w- c:\windows\system32\SynCtrl.dll
2010-02-03 12:39 . 2005-01-08 06:06 82014 ----a-w- c:\windows\system32\SynCOM.dll
2010-02-03 12:39 . 2005-01-08 06:03 191456 ----a-w- c:\windows\system32\drivers\SynTP.sys
2010-02-03 11:28 . 2010-02-03 11:19 3844171 ----a-r- c:\temp\ComboFix.exe
2010-02-02 15:44 . 2010-02-02 15:44 552 ----a-w- c:\windows\system32\d3d8caps.dat
2010-02-01 06:32 . 2010-02-01 06:32 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2010-02-01 06:25 . 2010-02-01 06:25 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-02-01 06:24 . 2006-04-21 11:12 -------- d-----r- c:\documents and settings\Administrator\OblφbenΘ polo₧ky
2010-02-01 06:24 . 2006-04-21 11:12 -------- d-----r- c:\documents and settings\Administrator\Dokumenty
2010-02-01 06:24 . 2006-04-21 10:58 -------- d--h--w- c:\documents and settings\Administrator\Okolnφ tiskßrny
2010-02-01 06:24 . 2006-04-21 10:58 -------- d--h--w- c:\documents and settings\Administrator\Okolnφ sφ¥
2010-02-01 06:24 . 2006-04-21 10:58 -------- d--h--r- c:\documents and settings\Administrator\Data aplikacφ
2010-02-01 06:24 . 2006-04-21 10:58 -------- d-----w- c:\documents and settings\Administrator\Plocha
2010-02-01 06:24 . 2006-04-21 10:58 -------- d--h--w- c:\documents and settings\Administrator\èablony
2010-02-01 06:24 . 2006-04-21 10:58 -------- d-----r- c:\documents and settings\Administrator\Nabφdka Start
2010-02-01 06:23 . 2010-02-01 06:23 -------- d-----w- c:\documents and settings\Administrator
2010-01-29 16:51 . 2004-08-18 19:00 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2010-01-29 16:51 . 2004-08-18 19:00 14848 ----a-w- c:\windows\system32\dllcache\kbdhid.sys
2010-01-13 14:51 . 2009-11-21 16:03 471552 ------w- c:\windows\system32\dllcache\aclayers.dll
2010-01-11 11:27 . 2010-01-11 11:27 -------- d-----w- c:\program files\MATLAB
2010-01-11 11:24 . 2010-01-11 11:24 -------- d-----w- c:\program files\Elaborate Bytes
2010-01-05 13:56 . 2010-01-05 13:56 -------- d-----w- c:\temp\Qoobox
.
(((((((((((((((((((((((((((((((((((((((( Find3M v²pis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-06 16:59 . 2006-05-02 13:00 83586 ----a-w- c:\windows\system32\perfc005.dat
2010-01-06 16:59 . 2006-05-02 13:00 439390 ----a-w- c:\windows\system32\perfh005.dat
2010-01-05 09:58 . 2006-01-09 19:08 832512 ------w- c:\windows\system32\wininet.dll
2010-01-05 09:58 . 2009-11-17 10:19 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-05 09:57 . 2004-08-18 19:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-12-28 18:43 . 2009-12-28 18:43 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-12-28 18:43 . 2009-12-28 18:43 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-12-28 18:34 . 2009-12-28 18:34 -------- d-----w- c:\program files\Common Files\PCSuite
2009-12-28 18:33 . 2009-12-28 18:33 -------- d-----w- c:\program files\Common Files\Nokia
2009-12-28 18:32 . 2009-12-28 18:32 -------- d-----w- c:\program files\PC Connectivity Solution
2009-12-28 17:39 . 2009-12-28 17:39 -------- d-----w- c:\program files\DIFX
2009-12-28 17:38 . 2009-12-28 17:38 -------- d-----w- c:\program files\Nokia
2009-12-07 21:22 . 2009-12-07 21:07 28 ----a-w- c:\windows\popcinfot.dat
2009-11-21 16:03 . 2004-08-18 19:00 471552 ----a-w- c:\windows\AppPatch\AcLayers.dll
2006-11-22 18:44 . 2006-11-22 18:44 4756656 ----a-w- c:\program files\bsplayer212941.exe
2006-10-02 15:32 . 2006-10-02 16:19 3221559 ----a-w- c:\program files\CZDC-0666[O].7z
2006-10-02 13:47 . 2006-10-02 13:47 10331576 ----a-w- c:\program files\SkypeSetup.exe
.
(((((((((((((((((((((((((((((((((( SpouÜt∞cφ body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznßmka* prßzdnΘ zßznamy a legitimnφ v²chozφ ·daje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-10-07 323392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"RTHDCPL"="RTHDCPL.EXE" [2006-02-27 16005120]
"LogitechCameraAssistant"="c:\program files\Acer\OrbiCam\CameraAssistant.exe" [2006-04-06 331776]
"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2006-03-30 471040]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-08-25 53248]
"AGRSMMSG"="AGRSMMSG.exe" [2006-03-16 88204]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-18 59392]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2006-04-06 225280]
"LogitechVideo[inspector]"="c:\program files\Acer\OrbiCam\InstallHelper.exe" [2006-04-06 18:06 73728]
"LogitechCameraService(E)"="c:\windows\system32\ElkCtrl.exe" [2004-11-01 262144]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-01-08 102491]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-01-08 692315]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePresentation HPD]
2006-03-31 15:39 204800 ----a-w- c:\acer\Empowering Technology\ePresentation\ePresentation.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange]
2006-02-22 10:40 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2006-08-22 08:52 94208 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]
2006-03-15 21:12 579584 ----a-w- c:\acer\Empowering Technology\ePower\Boot.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
2006-03-17 14:00 345088 ----a-w- c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
2006-04-04 17:08 421888 ----a-w- c:\acer\Empowering Technology\ePower\ePower_DMC.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService]
2006-04-28 15:43 401408 ----a-w- c:\acer\Empowering Technology\eRecovery\eRAgent.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
2005-11-28 12:52 77824 ----a-w- c:\windows\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
2005-11-28 12:55 118784 ----a-w- c:\windows\system32\igfxpers.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
2005-11-28 12:55 98304 ----a-w- c:\windows\system32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2004-08-18 19:00 208952 ----a-w- c:\windows\ime\imjp8_1\imjpmig.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 04:22 1695232 ------w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 15:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-11-11 09:57 1451520 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
2004-08-18 19:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
2004-08-18 19:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\games\\Age of Empires II - The Conquerors\\age2_x1.exe"=
"c:\\Program Files\\CZDC-0666[O]\\CZDC.exe"=
"c:\\Program Files\\Maxima-5.17.1\\wxMaxima\\wxMaxima.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
R3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\drivers\lv321av.sys [30.11.2005 20:28 1097472]
S2 eLock2BurnerLockDriver;eLock2BurnerLockDriver;\??\c:\windows\system32\eLock2BurnerLockDriver.sys --> c:\windows\system32\eLock2BurnerLockDriver.sys [?]
S2 eLock2FSCTLDriver;eLock2FSCTLDriver;\??\c:\windows\system32\eLock2FSCTLDriver.sys --> c:\windows\system32\eLock2FSCTLDriver.sys [?]
S3 AVHybrid;AVHybrid service;c:\windows\system32\drivers\AVHybrid.sys [11.3.2008 15:03 999680]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27.4.2008 18:59 717296]
.
.
------- Dopl≥kov² sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-04 08:24
Windows 5.1.2600 Service Pack 3 FAT NTAPI
skenovßnφ skryt²ch proces∙ ...
skenovßnφ skryt²ch polo₧ek 'Po spuÜt∞nφ' ...
skenovßnφ skryt²ch soubor∙ ...
sken byl ·speÜn∞ dokonΦen
skrytΘ soubory: 0
**************************************************************************
.
--------------------- Knihovny navßzanΘ na b∞₧φcφ procesy ---------------------
- - - - - - - > 'winlogon.exe'(900)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\igfxdev.dll
.
Celkov² Φas: 2010-02-04 08:28:04
ComboFix-quarantined-files.txt 2010-02-04 07:28
ComboFix2.txt 2010-02-03 13:38
P°ed spuÜt∞nφm: Voln²ch bajt∙: 10á943á692á800
Po spuÜt∞nφ: Voln²ch bajt∙: 10á918á625á280
Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 6CD37200A053413C9E1BB5504EA75A06
-
Unlimited_Killer
- Přítel fóra
- Příspěvky: 1969
- Registrován: 24 srp 2009 16:18
Re: Kontrola notebooku Acer
Dobrá, jdeme dál.
~~~
Otevřete si Poznámkový blok a vkopírujte do něj
uložte to na Plochu jako CFScript.txt Pak jej myší přetáhněte nad ComboFix (musí být na Ploše) a pusťte (vizte obrázek).
ComboFix vykoná příkazy ze skriptu, PC může být opět restartován.
Po skončení mi sem vložte log, který na Vás po dočistění vybafne.
~~~
Stáhněte MbAM a postupujte podle popisu. Zatím nic nemažte, MbAM má občas falešné detekce.
Potom mi sem vložte log.
~~~
Poté nový RSIT (samozřejmě i ostatní logy).
~~~
Otevřete si Poznámkový blok a vkopírujte do něj
Kód: Vybrat vše
KillAll::
Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent DNA"=-
DDS::
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: Crawler Search - tbr:iemenu
Extra::
Reboot::ComboFix vykoná příkazy ze skriptu, PC může být opět restartován.
Po skončení mi sem vložte log, který na Vás po dočistění vybafne.
~~~
Stáhněte MbAM a postupujte podle popisu. Zatím nic nemažte, MbAM má občas falešné detekce.
Potom mi sem vložte log.
~~~
Poté nový RSIT (samozřejmě i ostatní logy).
inactive
Re: Kontrola notebooku Acer
ComboFix 10-02-02.04 - Lucinka 05.02.2010 7:20.5.2 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1022.715 [GMT 1:00]
SpuÜt∞n² z: c:\documents and settings\Lucinka\Plocha\ComboFix.exe
Pou₧itΘ ovlßdacφ p°epφnaΦe :: c:\documents and settings\Lucinka\Plocha\CFScript.txt
.
((((((((((((((((((((((((( Soubory vytvo°enΘ od 2010-01-05 do 2010-02-05 )))))))))))))))))))))))))))))))
.
2010-02-03 17:33 . 2010-02-03 17:33 1012 ----a-w- c:\temp\cc_20100203_183341.reg
2010-02-03 17:32 . 2010-02-03 17:32 163784 ----a-w- c:\temp\cc_20100203_183241.reg
2010-02-03 17:31 . 2010-02-03 17:31 528182 ----a-w- c:\temp\cc_20100203_183105.reg
2010-02-03 17:28 . 2010-02-03 17:28 27954 ----a-w- c:\temp\cc_20100203_182817.reg
2010-02-03 17:27 . 2010-02-03 17:27 144884 ----a-w- c:\temp\cc_20100203_182721.reg
2010-02-03 17:21 . 2010-02-03 17:21 205034 ----a-w- c:\temp\cc_20100203_182129.reg
2010-02-03 17:07 . 2010-02-03 17:07 -------- d-----w- c:\windows\system32\wbem\Repository
2010-02-03 17:07 . 2010-02-03 17:07 -------- d--h--w- c:\documents and settings\Luci\èablony
2010-02-03 17:07 . 2010-02-03 17:07 -------- d--h--w- c:\documents and settings\Luci\Okolnφ tiskßrny
2010-02-03 17:07 . 2010-02-03 17:07 -------- d-----w- c:\documents and settings\Luci\Plocha
2010-02-03 17:07 . 2010-02-03 17:07 -------- d-----r- c:\documents and settings\Luci\Nabφdka Start
2010-02-03 17:07 . 2010-02-03 17:07 -------- d--h--r- c:\documents and settings\Luci\Data aplikacφ
2010-02-03 17:07 . 2010-02-03 17:07 -------- d-----w- c:\documents and settings\Luci
2010-02-03 16:52 . 2010-02-03 16:52 -------- d---a-w- c:\temp\CCleaner
2010-02-03 16:34 . 2010-02-03 16:36 6567395 ----a-w- c:\windows\REGBK00.ZIP
2010-02-03 16:26 . 2010-02-03 16:26 -------- d---a-w- c:\windows\VDLL.DLL
2010-02-03 16:26 . 2010-02-03 16:26 -------- d---a-w- c:\windows\system32\runouce.exe
2010-02-03 16:26 . 2010-02-03 16:26 -------- d---a-w- c:\windows\rundll16.exe
2010-02-03 16:26 . 2010-02-03 16:26 -------- d---a-w- c:\windows\RUNDL132.EXE
2010-02-03 16:26 . 2010-02-03 16:26 -------- d---a-w- c:\windows\logo1_.exe
2010-02-03 16:26 . 2010-02-03 16:26 -------- d---a-w- c:\windows\logo_1.exe
2010-02-03 16:24 . 2010-02-03 16:24 632064 ----a-w- c:\windows\system32\msvcr80.dll
2010-02-03 16:24 . 2010-02-03 16:24 554240 ----a-w- c:\windows\system32\msvcp80.dll
2010-02-03 16:24 . 2010-02-03 16:24 34048 ----a-w- c:\windows\system32\eEmpty.exe
2010-02-03 16:24 . 2008-04-14 04:22 137216 ----a-w- c:\windows\system32\T.COM
2010-02-03 16:24 . 2008-04-14 04:22 147968 ----a-w- c:\windows\R.COM
2010-02-03 16:24 . 2010-02-03 16:24 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-02-03 16:22 . 2010-02-03 16:22 -------- d-----w- c:\temp\rsit
2010-02-03 16:22 . 2010-02-03 16:22 -------- d-----w- c:\program files\trend micro
2010-02-03 16:18 . 2010-02-03 15:56 781909 ----a-w- c:\temp\RSIT.exe
2010-02-03 16:17 . 2010-02-03 16:02 68866904 ----a-w- c:\temp\mwav.exe
2010-02-03 15:23 . 2010-02-03 15:23 -------- d-----w- c:\program files\ATI Technologies
2010-02-03 12:39 . 2005-01-08 06:19 81920 ----a-w- c:\windows\system32\SynTPCo2.dll
2010-02-03 12:39 . 2005-01-08 06:17 69723 ----a-w- c:\windows\system32\SynTPFcs.dll
2010-02-03 12:39 . 2005-01-08 06:06 90203 ----a-w- c:\windows\system32\SynTPAPI.dll
2010-02-03 12:39 . 2005-01-08 06:06 114688 ----a-w- c:\windows\system32\SynCtrl.dll
2010-02-03 12:39 . 2005-01-08 06:06 82014 ----a-w- c:\windows\system32\SynCOM.dll
2010-02-03 12:39 . 2005-01-08 06:03 191456 ----a-w- c:\windows\system32\drivers\SynTP.sys
2010-02-03 11:28 . 2010-02-03 11:19 3844171 ----a-r- c:\temp\ComboFix.exe
2010-02-02 15:44 . 2010-02-02 15:44 552 ----a-w- c:\windows\system32\d3d8caps.dat
2010-02-01 06:32 . 2010-02-01 06:32 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2010-02-01 06:25 . 2010-02-01 06:25 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-02-01 06:24 . 2006-04-21 11:12 -------- d-----r- c:\documents and settings\Administrator\OblφbenΘ polo₧ky
2010-02-01 06:24 . 2006-04-21 11:12 -------- d-----r- c:\documents and settings\Administrator\Dokumenty
2010-02-01 06:24 . 2006-04-21 10:58 -------- d--h--w- c:\documents and settings\Administrator\Okolnφ tiskßrny
2010-02-01 06:24 . 2006-04-21 10:58 -------- d--h--w- c:\documents and settings\Administrator\Okolnφ sφ¥
2010-02-01 06:24 . 2006-04-21 10:58 -------- d--h--r- c:\documents and settings\Administrator\Data aplikacφ
2010-02-01 06:24 . 2006-04-21 10:58 -------- d-----w- c:\documents and settings\Administrator\Plocha
2010-02-01 06:24 . 2006-04-21 10:58 -------- d--h--w- c:\documents and settings\Administrator\èablony
2010-02-01 06:24 . 2006-04-21 10:58 -------- d-----r- c:\documents and settings\Administrator\Nabφdka Start
2010-02-01 06:23 . 2010-02-01 06:23 -------- d-----w- c:\documents and settings\Administrator
2010-01-29 16:51 . 2004-08-18 19:00 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2010-01-29 16:51 . 2004-08-18 19:00 14848 ----a-w- c:\windows\system32\dllcache\kbdhid.sys
2010-01-13 14:51 . 2009-11-21 16:03 471552 ------w- c:\windows\system32\dllcache\aclayers.dll
2010-01-11 11:27 . 2010-01-11 11:27 -------- d-----w- c:\program files\MATLAB
2010-01-11 11:24 . 2010-01-11 11:24 -------- d-----w- c:\program files\Elaborate Bytes
.
(((((((((((((((((((((((((((((((((((((((( Find3M v²pis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-06 16:59 . 2006-05-02 13:00 83586 ----a-w- c:\windows\system32\perfc005.dat
2010-01-06 16:59 . 2006-05-02 13:00 439390 ----a-w- c:\windows\system32\perfh005.dat
2010-01-05 09:58 . 2006-01-09 19:08 832512 ------w- c:\windows\system32\wininet.dll
2010-01-05 09:58 . 2009-11-17 10:19 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-05 09:57 . 2004-08-18 19:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-12-28 18:43 . 2009-12-28 18:43 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-12-28 18:43 . 2009-12-28 18:43 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-12-28 18:34 . 2009-12-28 18:34 -------- d-----w- c:\program files\Common Files\PCSuite
2009-12-28 18:33 . 2009-12-28 18:33 -------- d-----w- c:\program files\Common Files\Nokia
2009-12-28 18:32 . 2009-12-28 18:32 -------- d-----w- c:\program files\PC Connectivity Solution
2009-12-28 17:39 . 2009-12-28 17:39 -------- d-----w- c:\program files\DIFX
2009-12-28 17:38 . 2009-12-28 17:38 -------- d-----w- c:\program files\Nokia
2009-12-07 21:22 . 2009-12-07 21:07 28 ----a-w- c:\windows\popcinfot.dat
2009-11-21 16:03 . 2004-08-18 19:00 471552 ----a-w- c:\windows\AppPatch\AcLayers.dll
2006-11-22 18:44 . 2006-11-22 18:44 4756656 ----a-w- c:\program files\bsplayer212941.exe
2006-10-02 15:32 . 2006-10-02 16:19 3221559 ----a-w- c:\program files\CZDC-0666[O].7z
2006-10-02 13:47 . 2006-10-02 13:47 10331576 ----a-w- c:\program files\SkypeSetup.exe
.
((((((((((((((((((((((((((((( SnapShot@2010-02-04_07.24.13 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-02-05 06:30 . 2010-02-05 06:30 16384 c:\windows\temp\Perflib_Perfdata_1c8.dat
.
(((((((((((((((((((((((((((((((((( SpouÜt∞cφ body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznßmka* prßzdnΘ zßznamy a legitimnφ v²chozφ ·daje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"RTHDCPL"="RTHDCPL.EXE" [2006-02-27 16005120]
"LogitechCameraAssistant"="c:\program files\Acer\OrbiCam\CameraAssistant.exe" [2006-04-06 331776]
"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2006-03-30 471040]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-08-25 53248]
"AGRSMMSG"="AGRSMMSG.exe" [2006-03-16 88204]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-18 59392]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2006-04-06 225280]
"LogitechVideo[inspector]"="c:\program files\Acer\OrbiCam\InstallHelper.exe" [2006-04-06 18:06 73728]
"LogitechCameraService(E)"="c:\windows\system32\ElkCtrl.exe" [2004-11-01 262144]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-01-08 102491]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-01-08 692315]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePresentation HPD]
2006-03-31 15:39 204800 ----a-w- c:\acer\Empowering Technology\ePresentation\ePresentation.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange]
2006-02-22 10:40 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2006-08-22 08:52 94208 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]
2006-03-15 21:12 579584 ----a-w- c:\acer\Empowering Technology\ePower\Boot.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
2006-03-17 14:00 345088 ----a-w- c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
2006-04-04 17:08 421888 ----a-w- c:\acer\Empowering Technology\ePower\ePower_DMC.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService]
2006-04-28 15:43 401408 ----a-w- c:\acer\Empowering Technology\eRecovery\eRAgent.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
2005-11-28 12:52 77824 ----a-w- c:\windows\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
2005-11-28 12:55 118784 ----a-w- c:\windows\system32\igfxpers.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
2005-11-28 12:55 98304 ----a-w- c:\windows\system32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2004-08-18 19:00 208952 ----a-w- c:\windows\ime\imjp8_1\imjpmig.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 04:22 1695232 ------w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 15:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-11-11 09:57 1451520 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
2004-08-18 19:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
2004-08-18 19:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\games\\Age of Empires II - The Conquerors\\age2_x1.exe"=
"c:\\Program Files\\CZDC-0666[O]\\CZDC.exe"=
"c:\\Program Files\\Maxima-5.17.1\\wxMaxima\\wxMaxima.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
S2 eLock2BurnerLockDriver;eLock2BurnerLockDriver;\??\c:\windows\system32\eLock2BurnerLockDriver.sys --> c:\windows\system32\eLock2BurnerLockDriver.sys [?]
S2 eLock2FSCTLDriver;eLock2FSCTLDriver;\??\c:\windows\system32\eLock2FSCTLDriver.sys --> c:\windows\system32\eLock2FSCTLDriver.sys [?]
S3 AVHybrid;AVHybrid service;c:\windows\system32\drivers\AVHybrid.sys [11.3.2008 15:03 999680]
S3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\drivers\lv321av.sys [30.11.2005 20:28 1097472]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27.4.2008 18:59 717296]
.
.
------- Dopl≥kov² sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-05 07:30
Windows 5.1.2600 Service Pack 3 FAT NTAPI
skenovßnφ skryt²ch proces∙ ...
skenovßnφ skryt²ch polo₧ek 'Po spuÜt∞nφ' ...
skenovßnφ skryt²ch soubor∙ ...
sken byl ·speÜn∞ dokonΦen
skrytΘ soubory: 0
**************************************************************************
.
--------------------- Knihovny navßzanΘ na b∞₧φcφ procesy ---------------------
- - - - - - - > 'winlogon.exe'(1020)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(4108)
c:\program files\Common Files\Logitech\LVMVFM\LVPrcInj.dll
.
------------------------ JinΘ spuÜtenΘ procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
c:\windows\system32\Ati2evxx.exe
c:\acer\Empowering Technology\ePerformance\MemCheck.exe
c:\windows\AGRSMMSG.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\imapi.exe
.
**************************************************************************
.
Celkov² Φas: 2010-02-05 07:34:04 - poΦφtaΦ byl restartovßn
ComboFix-quarantined-files.txt 2010-02-05 06:34
ComboFix2.txt 2010-02-04 07:28
ComboFix3.txt 2010-02-03 13:38
P°ed spuÜt∞nφm: Voln²ch bajt∙: 10á929á963á008
Po spuÜt∞nφ: Voln²ch bajt∙: 10á882á416á640
Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 9CF2D6BA657226010A0AD79F4F7D273A
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1022.715 [GMT 1:00]
SpuÜt∞n² z: c:\documents and settings\Lucinka\Plocha\ComboFix.exe
Pou₧itΘ ovlßdacφ p°epφnaΦe :: c:\documents and settings\Lucinka\Plocha\CFScript.txt
.
((((((((((((((((((((((((( Soubory vytvo°enΘ od 2010-01-05 do 2010-02-05 )))))))))))))))))))))))))))))))
.
2010-02-03 17:33 . 2010-02-03 17:33 1012 ----a-w- c:\temp\cc_20100203_183341.reg
2010-02-03 17:32 . 2010-02-03 17:32 163784 ----a-w- c:\temp\cc_20100203_183241.reg
2010-02-03 17:31 . 2010-02-03 17:31 528182 ----a-w- c:\temp\cc_20100203_183105.reg
2010-02-03 17:28 . 2010-02-03 17:28 27954 ----a-w- c:\temp\cc_20100203_182817.reg
2010-02-03 17:27 . 2010-02-03 17:27 144884 ----a-w- c:\temp\cc_20100203_182721.reg
2010-02-03 17:21 . 2010-02-03 17:21 205034 ----a-w- c:\temp\cc_20100203_182129.reg
2010-02-03 17:07 . 2010-02-03 17:07 -------- d-----w- c:\windows\system32\wbem\Repository
2010-02-03 17:07 . 2010-02-03 17:07 -------- d--h--w- c:\documents and settings\Luci\èablony
2010-02-03 17:07 . 2010-02-03 17:07 -------- d--h--w- c:\documents and settings\Luci\Okolnφ tiskßrny
2010-02-03 17:07 . 2010-02-03 17:07 -------- d-----w- c:\documents and settings\Luci\Plocha
2010-02-03 17:07 . 2010-02-03 17:07 -------- d-----r- c:\documents and settings\Luci\Nabφdka Start
2010-02-03 17:07 . 2010-02-03 17:07 -------- d--h--r- c:\documents and settings\Luci\Data aplikacφ
2010-02-03 17:07 . 2010-02-03 17:07 -------- d-----w- c:\documents and settings\Luci
2010-02-03 16:52 . 2010-02-03 16:52 -------- d---a-w- c:\temp\CCleaner
2010-02-03 16:34 . 2010-02-03 16:36 6567395 ----a-w- c:\windows\REGBK00.ZIP
2010-02-03 16:26 . 2010-02-03 16:26 -------- d---a-w- c:\windows\VDLL.DLL
2010-02-03 16:26 . 2010-02-03 16:26 -------- d---a-w- c:\windows\system32\runouce.exe
2010-02-03 16:26 . 2010-02-03 16:26 -------- d---a-w- c:\windows\rundll16.exe
2010-02-03 16:26 . 2010-02-03 16:26 -------- d---a-w- c:\windows\RUNDL132.EXE
2010-02-03 16:26 . 2010-02-03 16:26 -------- d---a-w- c:\windows\logo1_.exe
2010-02-03 16:26 . 2010-02-03 16:26 -------- d---a-w- c:\windows\logo_1.exe
2010-02-03 16:24 . 2010-02-03 16:24 632064 ----a-w- c:\windows\system32\msvcr80.dll
2010-02-03 16:24 . 2010-02-03 16:24 554240 ----a-w- c:\windows\system32\msvcp80.dll
2010-02-03 16:24 . 2010-02-03 16:24 34048 ----a-w- c:\windows\system32\eEmpty.exe
2010-02-03 16:24 . 2008-04-14 04:22 137216 ----a-w- c:\windows\system32\T.COM
2010-02-03 16:24 . 2008-04-14 04:22 147968 ----a-w- c:\windows\R.COM
2010-02-03 16:24 . 2010-02-03 16:24 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-02-03 16:22 . 2010-02-03 16:22 -------- d-----w- c:\temp\rsit
2010-02-03 16:22 . 2010-02-03 16:22 -------- d-----w- c:\program files\trend micro
2010-02-03 16:18 . 2010-02-03 15:56 781909 ----a-w- c:\temp\RSIT.exe
2010-02-03 16:17 . 2010-02-03 16:02 68866904 ----a-w- c:\temp\mwav.exe
2010-02-03 15:23 . 2010-02-03 15:23 -------- d-----w- c:\program files\ATI Technologies
2010-02-03 12:39 . 2005-01-08 06:19 81920 ----a-w- c:\windows\system32\SynTPCo2.dll
2010-02-03 12:39 . 2005-01-08 06:17 69723 ----a-w- c:\windows\system32\SynTPFcs.dll
2010-02-03 12:39 . 2005-01-08 06:06 90203 ----a-w- c:\windows\system32\SynTPAPI.dll
2010-02-03 12:39 . 2005-01-08 06:06 114688 ----a-w- c:\windows\system32\SynCtrl.dll
2010-02-03 12:39 . 2005-01-08 06:06 82014 ----a-w- c:\windows\system32\SynCOM.dll
2010-02-03 12:39 . 2005-01-08 06:03 191456 ----a-w- c:\windows\system32\drivers\SynTP.sys
2010-02-03 11:28 . 2010-02-03 11:19 3844171 ----a-r- c:\temp\ComboFix.exe
2010-02-02 15:44 . 2010-02-02 15:44 552 ----a-w- c:\windows\system32\d3d8caps.dat
2010-02-01 06:32 . 2010-02-01 06:32 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2010-02-01 06:25 . 2010-02-01 06:25 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-02-01 06:24 . 2006-04-21 11:12 -------- d-----r- c:\documents and settings\Administrator\OblφbenΘ polo₧ky
2010-02-01 06:24 . 2006-04-21 11:12 -------- d-----r- c:\documents and settings\Administrator\Dokumenty
2010-02-01 06:24 . 2006-04-21 10:58 -------- d--h--w- c:\documents and settings\Administrator\Okolnφ tiskßrny
2010-02-01 06:24 . 2006-04-21 10:58 -------- d--h--w- c:\documents and settings\Administrator\Okolnφ sφ¥
2010-02-01 06:24 . 2006-04-21 10:58 -------- d--h--r- c:\documents and settings\Administrator\Data aplikacφ
2010-02-01 06:24 . 2006-04-21 10:58 -------- d-----w- c:\documents and settings\Administrator\Plocha
2010-02-01 06:24 . 2006-04-21 10:58 -------- d--h--w- c:\documents and settings\Administrator\èablony
2010-02-01 06:24 . 2006-04-21 10:58 -------- d-----r- c:\documents and settings\Administrator\Nabφdka Start
2010-02-01 06:23 . 2010-02-01 06:23 -------- d-----w- c:\documents and settings\Administrator
2010-01-29 16:51 . 2004-08-18 19:00 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2010-01-29 16:51 . 2004-08-18 19:00 14848 ----a-w- c:\windows\system32\dllcache\kbdhid.sys
2010-01-13 14:51 . 2009-11-21 16:03 471552 ------w- c:\windows\system32\dllcache\aclayers.dll
2010-01-11 11:27 . 2010-01-11 11:27 -------- d-----w- c:\program files\MATLAB
2010-01-11 11:24 . 2010-01-11 11:24 -------- d-----w- c:\program files\Elaborate Bytes
.
(((((((((((((((((((((((((((((((((((((((( Find3M v²pis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-06 16:59 . 2006-05-02 13:00 83586 ----a-w- c:\windows\system32\perfc005.dat
2010-01-06 16:59 . 2006-05-02 13:00 439390 ----a-w- c:\windows\system32\perfh005.dat
2010-01-05 09:58 . 2006-01-09 19:08 832512 ------w- c:\windows\system32\wininet.dll
2010-01-05 09:58 . 2009-11-17 10:19 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-05 09:57 . 2004-08-18 19:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-12-28 18:43 . 2009-12-28 18:43 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-12-28 18:43 . 2009-12-28 18:43 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-12-28 18:34 . 2009-12-28 18:34 -------- d-----w- c:\program files\Common Files\PCSuite
2009-12-28 18:33 . 2009-12-28 18:33 -------- d-----w- c:\program files\Common Files\Nokia
2009-12-28 18:32 . 2009-12-28 18:32 -------- d-----w- c:\program files\PC Connectivity Solution
2009-12-28 17:39 . 2009-12-28 17:39 -------- d-----w- c:\program files\DIFX
2009-12-28 17:38 . 2009-12-28 17:38 -------- d-----w- c:\program files\Nokia
2009-12-07 21:22 . 2009-12-07 21:07 28 ----a-w- c:\windows\popcinfot.dat
2009-11-21 16:03 . 2004-08-18 19:00 471552 ----a-w- c:\windows\AppPatch\AcLayers.dll
2006-11-22 18:44 . 2006-11-22 18:44 4756656 ----a-w- c:\program files\bsplayer212941.exe
2006-10-02 15:32 . 2006-10-02 16:19 3221559 ----a-w- c:\program files\CZDC-0666[O].7z
2006-10-02 13:47 . 2006-10-02 13:47 10331576 ----a-w- c:\program files\SkypeSetup.exe
.
((((((((((((((((((((((((((((( SnapShot@2010-02-04_07.24.13 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-02-05 06:30 . 2010-02-05 06:30 16384 c:\windows\temp\Perflib_Perfdata_1c8.dat
.
(((((((((((((((((((((((((((((((((( SpouÜt∞cφ body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznßmka* prßzdnΘ zßznamy a legitimnφ v²chozφ ·daje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"RTHDCPL"="RTHDCPL.EXE" [2006-02-27 16005120]
"LogitechCameraAssistant"="c:\program files\Acer\OrbiCam\CameraAssistant.exe" [2006-04-06 331776]
"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2006-03-30 471040]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-08-25 53248]
"AGRSMMSG"="AGRSMMSG.exe" [2006-03-16 88204]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-18 59392]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2006-04-06 225280]
"LogitechVideo[inspector]"="c:\program files\Acer\OrbiCam\InstallHelper.exe" [2006-04-06 18:06 73728]
"LogitechCameraService(E)"="c:\windows\system32\ElkCtrl.exe" [2004-11-01 262144]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-01-08 102491]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-01-08 692315]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePresentation HPD]
2006-03-31 15:39 204800 ----a-w- c:\acer\Empowering Technology\ePresentation\ePresentation.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange]
2006-02-22 10:40 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2006-08-22 08:52 94208 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]
2006-03-15 21:12 579584 ----a-w- c:\acer\Empowering Technology\ePower\Boot.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
2006-03-17 14:00 345088 ----a-w- c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
2006-04-04 17:08 421888 ----a-w- c:\acer\Empowering Technology\ePower\ePower_DMC.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService]
2006-04-28 15:43 401408 ----a-w- c:\acer\Empowering Technology\eRecovery\eRAgent.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
2005-11-28 12:52 77824 ----a-w- c:\windows\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
2005-11-28 12:55 118784 ----a-w- c:\windows\system32\igfxpers.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
2005-11-28 12:55 98304 ----a-w- c:\windows\system32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2004-08-18 19:00 208952 ----a-w- c:\windows\ime\imjp8_1\imjpmig.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 04:22 1695232 ------w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 15:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-11-11 09:57 1451520 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
2004-08-18 19:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
2004-08-18 19:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\games\\Age of Empires II - The Conquerors\\age2_x1.exe"=
"c:\\Program Files\\CZDC-0666[O]\\CZDC.exe"=
"c:\\Program Files\\Maxima-5.17.1\\wxMaxima\\wxMaxima.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
S2 eLock2BurnerLockDriver;eLock2BurnerLockDriver;\??\c:\windows\system32\eLock2BurnerLockDriver.sys --> c:\windows\system32\eLock2BurnerLockDriver.sys [?]
S2 eLock2FSCTLDriver;eLock2FSCTLDriver;\??\c:\windows\system32\eLock2FSCTLDriver.sys --> c:\windows\system32\eLock2FSCTLDriver.sys [?]
S3 AVHybrid;AVHybrid service;c:\windows\system32\drivers\AVHybrid.sys [11.3.2008 15:03 999680]
S3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\drivers\lv321av.sys [30.11.2005 20:28 1097472]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27.4.2008 18:59 717296]
.
.
------- Dopl≥kov² sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-05 07:30
Windows 5.1.2600 Service Pack 3 FAT NTAPI
skenovßnφ skryt²ch proces∙ ...
skenovßnφ skryt²ch polo₧ek 'Po spuÜt∞nφ' ...
skenovßnφ skryt²ch soubor∙ ...
sken byl ·speÜn∞ dokonΦen
skrytΘ soubory: 0
**************************************************************************
.
--------------------- Knihovny navßzanΘ na b∞₧φcφ procesy ---------------------
- - - - - - - > 'winlogon.exe'(1020)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(4108)
c:\program files\Common Files\Logitech\LVMVFM\LVPrcInj.dll
.
------------------------ JinΘ spuÜtenΘ procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
c:\windows\system32\Ati2evxx.exe
c:\acer\Empowering Technology\ePerformance\MemCheck.exe
c:\windows\AGRSMMSG.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\imapi.exe
.
**************************************************************************
.
Celkov² Φas: 2010-02-05 07:34:04 - poΦφtaΦ byl restartovßn
ComboFix-quarantined-files.txt 2010-02-05 06:34
ComboFix2.txt 2010-02-04 07:28
ComboFix3.txt 2010-02-03 13:38
P°ed spuÜt∞nφm: Voln²ch bajt∙: 10á929á963á008
Po spuÜt∞nφ: Voln²ch bajt∙: 10á882á416á640
Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 9CF2D6BA657226010A0AD79F4F7D273A
-
Unlimited_Killer
- Přítel fóra
- Příspěvky: 1969
- Registrován: 24 srp 2009 16:18
Re: Kontrola notebooku Acer
Test bezel dost dlouho...
Logfile of random's system information tool 1.06 (written by random/random)
Run by Lucinka at 2010-02-05 07:42:47
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 10 GB (29%) free of 35 GB
Total RAM: 1022 MB (72% free)
HijackThis download failed
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar3.dll [2007-09-06 2403392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [2007-09-07 325048]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\WINDOWS\system32\eDStoolbar.dll [2006-03-08 106496]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar3.dll [2007-09-06 2403392]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-02-27 16005120]
"LogitechCameraAssistant"=C:\Program Files\Acer\OrbiCam\CameraAssistant.exe [2006-04-06 331776]
"LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2006-03-30 471040]
"LaunchApp"=Alaunch []
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2005-08-25 53248]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2006-03-16 88204]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-18 59392]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2006-04-06 225280]
"LogitechVideo[inspector]"=C:\Program Files\Acer\OrbiCam\InstallHelper.exe [2006-04-06 73728]
"LogitechCameraService(E)"=C:\WINDOWS\system32\ElkCtrl.exe [2004-11-01 262144]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-01-08 102491]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-01-08 692315]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePresentation HPD]
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe [2006-03-31 204800]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange]
C:\WINDOWS\system32\Ati2mdxx.exe [2006-02-22 26112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-08-22 94208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]
C:\Acer\Empowering Technology\ePower\Boot.exe [2006-03-15 579584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2006-03-17 345088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [2006-04-04 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService]
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe [2006-04-28 401408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
C:\WINDOWS\system32\hkcmd.exe [2005-11-28 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
C:\WINDOWS\system32\igfxpers.exe [2005-11-28 118784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
C:\WINDOWS\system32\igfxtray.exe [2005-11-28 98304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-18 208952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-02-22 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-11-28 135168]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\games\Age of Empires II - The Conquerors\age2_x1.exe"="C:\games\Age of Empires II - The Conquerors\age2_x1.exe:*:Disabled:Age of Empires II Expansion"
"C:\Program Files\CZDC-0666[O]\CZDC.exe"="C:\Program Files\CZDC-0666[O]\CZDC.exe:*:Disabled:CZDC"
"C:\Program Files\Maxima-5.17.1\wxMaxima\wxMaxima.exe"="C:\Program Files\Maxima-5.17.1\wxMaxima\wxMaxima.exe:*:Disabled:wxMaxima"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-02-05 07:42:47 ----D---- C:\rsit
2010-02-05 07:34:28 ----A---- C:\ComboFix.txt
2010-02-05 07:26:44 ----D---- C:\WINDOWS\temp
2010-02-05 07:18:32 ----D---- C:\ComboFix
2010-02-04 08:11:08 ----D---- C:\Qoobox
2010-02-03 17:26:02 ----AD---- C:\WINDOWS\VDLL.DLL
2010-02-03 17:26:02 ----AD---- C:\WINDOWS\system32\runouce.exe
2010-02-03 17:26:02 ----AD---- C:\WINDOWS\rundll16.exe
2010-02-03 17:26:02 ----AD---- C:\WINDOWS\RUNDL132.EXE
2010-02-03 17:26:02 ----AD---- C:\WINDOWS\logo1_.exe
2010-02-03 17:26:02 ----AD---- C:\WINDOWS\logo_1.exe
2010-02-03 17:24:26 ----A---- C:\WINDOWS\system32\msvcr80.dll
2010-02-03 17:24:25 ----A---- C:\WINDOWS\system32\msvcp80.dll
2010-02-03 17:24:24 ----A---- C:\WINDOWS\system32\eEmpty.exe
2010-02-03 17:24:23 ----A---- C:\WINDOWS\system32\T.COM
2010-02-03 17:24:23 ----A---- C:\WINDOWS\R.COM
2010-02-03 17:24:20 ----D---- C:\Program Files\Common Files\MicroWorld
2010-02-03 17:24:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
2010-02-03 17:22:40 ----D---- C:\Program Files\trend micro
2010-02-03 16:23:00 ----D---- C:\Program Files\ATI Technologies
2010-02-03 16:16:17 ----A---- C:\WINDOWS\system32\atioglx1.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ativcoxx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\atitvo32.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\atipdlxx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\atioglxx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\atikvmag.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\atiiiexx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ATIDEMGR.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ATIDDC.DLL
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ati3duag.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\Ati2mdxx.exe
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ati2evxx.exe
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ati2evxx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ati2edxx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2010-02-03 13:39:49 ----A---- C:\WINDOWS\system32\SynTPFcs.dll
2010-02-03 13:39:49 ----A---- C:\WINDOWS\system32\SynTPCo2.dll
2010-02-03 13:39:49 ----A---- C:\WINDOWS\system32\SynTPAPI.dll
2010-02-03 13:39:49 ----A---- C:\WINDOWS\system32\SynCtrl.dll
2010-02-03 13:39:49 ----A---- C:\WINDOWS\system32\SynCOM.dll
2010-02-03 12:30:05 ----A---- C:\WINDOWS\zip.exe
2010-02-03 12:30:05 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-02-03 12:30:05 ----A---- C:\WINDOWS\SWSC.exe
2010-02-03 12:30:05 ----A---- C:\WINDOWS\SWREG.exe
2010-02-03 12:30:05 ----A---- C:\WINDOWS\sed.exe
2010-02-03 12:30:05 ----A---- C:\WINDOWS\PEV.exe
2010-02-03 12:30:05 ----A---- C:\WINDOWS\NIRCMD.exe
2010-02-03 12:30:05 ----A---- C:\WINDOWS\MBR.exe
2010-02-03 12:30:05 ----A---- C:\WINDOWS\grep.exe
2010-02-01 09:15:24 ----A---- C:\WINDOWS\wcx_ftp.ini
2010-02-01 09:08:25 ----D---- C:\WINDOWS\pss
2010-02-01 07:22:21 ----A---- C:\WINDOWS\ntbtlog.txt
2010-01-19 20:11:55 ----D---- C:\Documents and Settings\Lucinka\Data aplikací\Mozilla
2010-01-14 10:18:17 ----HD---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-14 10:16:59 ----HD---- C:\WINDOWS\$NtUninstallKB972270$
2010-01-11 12:27:54 ----D---- C:\Program Files\MATLAB
2010-01-11 12:24:15 ----D---- C:\Program Files\Elaborate Bytes
======List of files/folders modified in the last 1 months======
2010-02-05 07:42:48 ----A---- C:\WINDOWS\WINCMD.INI
2010-02-05 07:39:46 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-05 07:30:00 ----A---- C:\WINDOWS\system.ini
2010-02-03 19:02:08 ----RASH---- C:\boot.ini
2010-02-03 19:02:08 ----A---- C:\WINDOWS\win.ini
2010-02-03 12:57:40 ----A---- C:\WINDOWS\OEWABLog.txt
2010-02-01 11:13:48 ----A---- C:\WINDOWS\imsins.BAK
2010-02-01 09:15:48 ----N---- C:\AUTOEXEC.BAT
2010-02-01 08:41:50 ----A---- C:\WINDOWS\wininit.ini
2010-02-01 07:41:58 ----A---- C:\WINDOWS\primopdf.ini
2010-01-29 17:40:28 ----A---- C:\WINDOWS\ModemLog_Agere Systems HDA Modem.txt
2010-01-18 22:51:42 ----A---- C:\WINDOWS\WTRAN32.INI
2010-01-16 15:31:20 ----A---- C:\WINDOWS\NeroDigital.ini
2010-01-12 09:48:34 ----A---- C:\WINDOWS\WDICT32.INI
2010-01-06 17:59:52 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-09-08 21275]
R2 EpmPsd;Acer EPM Power Scheme Driver; \??\C:\WINDOWS\system32\drivers\epm-psd.sys []
R2 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\drivers\epm-shd.sys []
R2 int15;int15; \??\C:\WINDOWS\system32\drivers\int15.sys []
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-11-28 13568]
R2 symlcbrd;symlcbrd; \??\C:\WINDOWS\system32\drivers\symlcbrd.sys []
R2 tvicport;tvicport; \??\C:\WINDOWS\system32\drivers\tvicport.sys []
R2 zntport;zntport; \??\C:\WINDOWS\system32\drivers\zntport.sys []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-02-22 1505792]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 LVPrcMon;Logitech LVPrcMon Driver; \??\C:\WINDOWS\system32\drivers\LVPrcMon.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-04-21 6144]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-01-18 80512]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-01-08 191456]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-09-20 162432]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-11-27 1427968]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-18 14848]
S2 eLock2BurnerLockDriver;eLock2BurnerLockDriver; \??\C:\WINDOWS\system32\eLock2BurnerLockDriver.sys []
S2 eLock2FSCTLDriver;eLock2FSCTLDriver; \??\C:\WINDOWS\system32\eLock2FSCTLDriver.sys []
S3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2006-03-16 1124097]
S3 AVHybrid;AVHybrid service; C:\WINDOWS\system32\DRIVERS\AVHybrid.sys [2005-04-29 999680]
S3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2005-11-02 424320]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-08 16896]
S3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys []
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-11-28 1353820]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-02-27 4241920]
S3 lv321av;Logitech USB PC Camera (VC0321); C:\WINDOWS\System32\Drivers\lv321av.sys [2006-04-06 1097472]
S3 lvmvdrv;Logitech Machine Vision Engine Loader; \??\C:\WINDOWS\system32\drivers\lvmvdrv.sys []
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2006-04-06 39424]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 psdfilter;psdfilter; \??\C:\WINDOWS\system32\Drivers\psdfilter.sys []
S3 psdvdisk;psdvdisk; \??\C:\WINDOWS\system32\Drivers\psdvdisk.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\IDS-DI~1\20090519.001\symidsco.sys []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-05-23 29696]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\system32\vsdatant.sys []
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2008-08-28 131856]
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-04-27 717296]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcerMemUsageCheckService;Memory Check Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2006-03-29 28672]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-02-22 405504]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-11-28 114753]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-02-17 73728]
R2 LVPrcSrv;Logitech Process Monitor; c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe [2006-04-06 86016]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-11-28 217164]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-11-28 540745]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-09-06 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero 7\Nero BackItUp\NBService.exe [2006-08-08 208896]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe -d -f C:\Program Files\WinPcap\rpcapd.ini []
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2009-05-17 1251720]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by Lucinka at 2010-02-05 07:42:47
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 10 GB (29%) free of 35 GB
Total RAM: 1022 MB (72% free)
HijackThis download failed
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar3.dll [2007-09-06 2403392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [2007-09-07 325048]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\WINDOWS\system32\eDStoolbar.dll [2006-03-08 106496]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar3.dll [2007-09-06 2403392]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-02-27 16005120]
"LogitechCameraAssistant"=C:\Program Files\Acer\OrbiCam\CameraAssistant.exe [2006-04-06 331776]
"LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2006-03-30 471040]
"LaunchApp"=Alaunch []
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2005-08-25 53248]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2006-03-16 88204]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-18 59392]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2006-04-06 225280]
"LogitechVideo[inspector]"=C:\Program Files\Acer\OrbiCam\InstallHelper.exe [2006-04-06 73728]
"LogitechCameraService(E)"=C:\WINDOWS\system32\ElkCtrl.exe [2004-11-01 262144]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-01-08 102491]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-01-08 692315]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePresentation HPD]
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe [2006-03-31 204800]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange]
C:\WINDOWS\system32\Ati2mdxx.exe [2006-02-22 26112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-08-22 94208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]
C:\Acer\Empowering Technology\ePower\Boot.exe [2006-03-15 579584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2006-03-17 345088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [2006-04-04 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService]
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe [2006-04-28 401408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
C:\WINDOWS\system32\hkcmd.exe [2005-11-28 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
C:\WINDOWS\system32\igfxpers.exe [2005-11-28 118784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
C:\WINDOWS\system32\igfxtray.exe [2005-11-28 98304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-18 208952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-02-22 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-11-28 135168]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\games\Age of Empires II - The Conquerors\age2_x1.exe"="C:\games\Age of Empires II - The Conquerors\age2_x1.exe:*:Disabled:Age of Empires II Expansion"
"C:\Program Files\CZDC-0666[O]\CZDC.exe"="C:\Program Files\CZDC-0666[O]\CZDC.exe:*:Disabled:CZDC"
"C:\Program Files\Maxima-5.17.1\wxMaxima\wxMaxima.exe"="C:\Program Files\Maxima-5.17.1\wxMaxima\wxMaxima.exe:*:Disabled:wxMaxima"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-02-05 07:42:47 ----D---- C:\rsit
2010-02-05 07:34:28 ----A---- C:\ComboFix.txt
2010-02-05 07:26:44 ----D---- C:\WINDOWS\temp
2010-02-05 07:18:32 ----D---- C:\ComboFix
2010-02-04 08:11:08 ----D---- C:\Qoobox
2010-02-03 17:26:02 ----AD---- C:\WINDOWS\VDLL.DLL
2010-02-03 17:26:02 ----AD---- C:\WINDOWS\system32\runouce.exe
2010-02-03 17:26:02 ----AD---- C:\WINDOWS\rundll16.exe
2010-02-03 17:26:02 ----AD---- C:\WINDOWS\RUNDL132.EXE
2010-02-03 17:26:02 ----AD---- C:\WINDOWS\logo1_.exe
2010-02-03 17:26:02 ----AD---- C:\WINDOWS\logo_1.exe
2010-02-03 17:24:26 ----A---- C:\WINDOWS\system32\msvcr80.dll
2010-02-03 17:24:25 ----A---- C:\WINDOWS\system32\msvcp80.dll
2010-02-03 17:24:24 ----A---- C:\WINDOWS\system32\eEmpty.exe
2010-02-03 17:24:23 ----A---- C:\WINDOWS\system32\T.COM
2010-02-03 17:24:23 ----A---- C:\WINDOWS\R.COM
2010-02-03 17:24:20 ----D---- C:\Program Files\Common Files\MicroWorld
2010-02-03 17:24:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
2010-02-03 17:22:40 ----D---- C:\Program Files\trend micro
2010-02-03 16:23:00 ----D---- C:\Program Files\ATI Technologies
2010-02-03 16:16:17 ----A---- C:\WINDOWS\system32\atioglx1.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ativcoxx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\atitvo32.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\atipdlxx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\atioglxx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\atikvmag.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\atiiiexx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ATIDEMGR.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ATIDDC.DLL
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ati3duag.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\Ati2mdxx.exe
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ati2evxx.exe
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ati2evxx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ati2edxx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2010-02-03 13:39:49 ----A---- C:\WINDOWS\system32\SynTPFcs.dll
2010-02-03 13:39:49 ----A---- C:\WINDOWS\system32\SynTPCo2.dll
2010-02-03 13:39:49 ----A---- C:\WINDOWS\system32\SynTPAPI.dll
2010-02-03 13:39:49 ----A---- C:\WINDOWS\system32\SynCtrl.dll
2010-02-03 13:39:49 ----A---- C:\WINDOWS\system32\SynCOM.dll
2010-02-03 12:30:05 ----A---- C:\WINDOWS\zip.exe
2010-02-03 12:30:05 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-02-03 12:30:05 ----A---- C:\WINDOWS\SWSC.exe
2010-02-03 12:30:05 ----A---- C:\WINDOWS\SWREG.exe
2010-02-03 12:30:05 ----A---- C:\WINDOWS\sed.exe
2010-02-03 12:30:05 ----A---- C:\WINDOWS\PEV.exe
2010-02-03 12:30:05 ----A---- C:\WINDOWS\NIRCMD.exe
2010-02-03 12:30:05 ----A---- C:\WINDOWS\MBR.exe
2010-02-03 12:30:05 ----A---- C:\WINDOWS\grep.exe
2010-02-01 09:15:24 ----A---- C:\WINDOWS\wcx_ftp.ini
2010-02-01 09:08:25 ----D---- C:\WINDOWS\pss
2010-02-01 07:22:21 ----A---- C:\WINDOWS\ntbtlog.txt
2010-01-19 20:11:55 ----D---- C:\Documents and Settings\Lucinka\Data aplikací\Mozilla
2010-01-14 10:18:17 ----HD---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-14 10:16:59 ----HD---- C:\WINDOWS\$NtUninstallKB972270$
2010-01-11 12:27:54 ----D---- C:\Program Files\MATLAB
2010-01-11 12:24:15 ----D---- C:\Program Files\Elaborate Bytes
======List of files/folders modified in the last 1 months======
2010-02-05 07:42:48 ----A---- C:\WINDOWS\WINCMD.INI
2010-02-05 07:39:46 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-05 07:30:00 ----A---- C:\WINDOWS\system.ini
2010-02-03 19:02:08 ----RASH---- C:\boot.ini
2010-02-03 19:02:08 ----A---- C:\WINDOWS\win.ini
2010-02-03 12:57:40 ----A---- C:\WINDOWS\OEWABLog.txt
2010-02-01 11:13:48 ----A---- C:\WINDOWS\imsins.BAK
2010-02-01 09:15:48 ----N---- C:\AUTOEXEC.BAT
2010-02-01 08:41:50 ----A---- C:\WINDOWS\wininit.ini
2010-02-01 07:41:58 ----A---- C:\WINDOWS\primopdf.ini
2010-01-29 17:40:28 ----A---- C:\WINDOWS\ModemLog_Agere Systems HDA Modem.txt
2010-01-18 22:51:42 ----A---- C:\WINDOWS\WTRAN32.INI
2010-01-16 15:31:20 ----A---- C:\WINDOWS\NeroDigital.ini
2010-01-12 09:48:34 ----A---- C:\WINDOWS\WDICT32.INI
2010-01-06 17:59:52 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-09-08 21275]
R2 EpmPsd;Acer EPM Power Scheme Driver; \??\C:\WINDOWS\system32\drivers\epm-psd.sys []
R2 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\drivers\epm-shd.sys []
R2 int15;int15; \??\C:\WINDOWS\system32\drivers\int15.sys []
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-11-28 13568]
R2 symlcbrd;symlcbrd; \??\C:\WINDOWS\system32\drivers\symlcbrd.sys []
R2 tvicport;tvicport; \??\C:\WINDOWS\system32\drivers\tvicport.sys []
R2 zntport;zntport; \??\C:\WINDOWS\system32\drivers\zntport.sys []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-02-22 1505792]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 LVPrcMon;Logitech LVPrcMon Driver; \??\C:\WINDOWS\system32\drivers\LVPrcMon.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-04-21 6144]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-01-18 80512]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-01-08 191456]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-09-20 162432]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-11-27 1427968]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-18 14848]
S2 eLock2BurnerLockDriver;eLock2BurnerLockDriver; \??\C:\WINDOWS\system32\eLock2BurnerLockDriver.sys []
S2 eLock2FSCTLDriver;eLock2FSCTLDriver; \??\C:\WINDOWS\system32\eLock2FSCTLDriver.sys []
S3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2006-03-16 1124097]
S3 AVHybrid;AVHybrid service; C:\WINDOWS\system32\DRIVERS\AVHybrid.sys [2005-04-29 999680]
S3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2005-11-02 424320]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-08 16896]
S3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys []
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-11-28 1353820]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-02-27 4241920]
S3 lv321av;Logitech USB PC Camera (VC0321); C:\WINDOWS\System32\Drivers\lv321av.sys [2006-04-06 1097472]
S3 lvmvdrv;Logitech Machine Vision Engine Loader; \??\C:\WINDOWS\system32\drivers\lvmvdrv.sys []
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2006-04-06 39424]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 psdfilter;psdfilter; \??\C:\WINDOWS\system32\Drivers\psdfilter.sys []
S3 psdvdisk;psdvdisk; \??\C:\WINDOWS\system32\Drivers\psdvdisk.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\IDS-DI~1\20090519.001\symidsco.sys []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-05-23 29696]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\system32\vsdatant.sys []
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2008-08-28 131856]
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-04-27 717296]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcerMemUsageCheckService;Memory Check Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2006-03-29 28672]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-02-22 405504]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-11-28 114753]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-02-17 73728]
R2 LVPrcSrv;Logitech Process Monitor; c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe [2006-04-06 86016]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-11-28 217164]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-11-28 540745]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-09-06 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero 7\Nero BackItUp\NBService.exe [2006-08-08 208896]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe -d -f C:\Program Files\WinPcap\rpcapd.ini []
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2009-05-17 1251720]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Re: Kontrola notebooku Acer
Malwarebytes' Anti-Malware 1.44
Verze databßze: 3510
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
5.2.2010 9:11:10
mbam-log-2010-02-05 (09-10-43).txt
Typ kontroly: Kompletnφ kontrola (C:\|D:\|)
ZkontrolovanΘ objekty: 310259
Uplynul² Φas: 37 minute(s), 22 second(s)
InfikovanΘ procesy v pam∞ti: 0
InfikovanΘ moduly v pam∞ti: 0
InfikovanΘ klφΦe registru: 1
InfikovanΘ hodnoty registru: 0
InfikovanΘ datovΘ polo₧ky registru: 0
InfikovanΘ adresß°e: 0
InfikovanΘ soubory: 3
InfikovanΘ procesy v pam∞ti:
(Nebyly nalezeny ₧ßdnΘ ÜkodlivΘ polo₧ky)
InfikovanΘ moduly v pam∞ti:
(Nebyly nalezeny ₧ßdnΘ ÜkodlivΘ polo₧ky)
InfikovanΘ klφΦe registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3aa42713-5c1e-48e2-b432-d8bf420dd31d} (Rogue.AntiVirus2008) -> No action taken.
InfikovanΘ hodnoty registru:
(Nebyly nalezeny ₧ßdnΘ ÜkodlivΘ polo₧ky)
InfikovanΘ datovΘ polo₧ky registru:
(Nebyly nalezeny ₧ßdnΘ ÜkodlivΘ polo₧ky)
InfikovanΘ adresß°e:
(Nebyly nalezeny ₧ßdnΘ ÜkodlivΘ polo₧ky)
InfikovanΘ soubory:
C:\System Volume Information\_restore{793131DC-98B3-467C-A275-A14AAA9DB5DE}\RP1\A0000068.sys (Malware.Trace) -> No action taken.
C:\System Volume Information\_restore{793131DC-98B3-467C-A275-A14AAA9DB5DE}\RP5\A0003399.sys (Malware.Trace) -> No action taken.
C:\System Volume Information\_restore{793131DC-98B3-467C-A275-A14AAA9DB5DE}\RP5\A0003596.sys (Malware.Trace) -> No action taken.
Verze databßze: 3510
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
5.2.2010 9:11:10
mbam-log-2010-02-05 (09-10-43).txt
Typ kontroly: Kompletnφ kontrola (C:\|D:\|)
ZkontrolovanΘ objekty: 310259
Uplynul² Φas: 37 minute(s), 22 second(s)
InfikovanΘ procesy v pam∞ti: 0
InfikovanΘ moduly v pam∞ti: 0
InfikovanΘ klφΦe registru: 1
InfikovanΘ hodnoty registru: 0
InfikovanΘ datovΘ polo₧ky registru: 0
InfikovanΘ adresß°e: 0
InfikovanΘ soubory: 3
InfikovanΘ procesy v pam∞ti:
(Nebyly nalezeny ₧ßdnΘ ÜkodlivΘ polo₧ky)
InfikovanΘ moduly v pam∞ti:
(Nebyly nalezeny ₧ßdnΘ ÜkodlivΘ polo₧ky)
InfikovanΘ klφΦe registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3aa42713-5c1e-48e2-b432-d8bf420dd31d} (Rogue.AntiVirus2008) -> No action taken.
InfikovanΘ hodnoty registru:
(Nebyly nalezeny ₧ßdnΘ ÜkodlivΘ polo₧ky)
InfikovanΘ datovΘ polo₧ky registru:
(Nebyly nalezeny ₧ßdnΘ ÜkodlivΘ polo₧ky)
InfikovanΘ adresß°e:
(Nebyly nalezeny ₧ßdnΘ ÜkodlivΘ polo₧ky)
InfikovanΘ soubory:
C:\System Volume Information\_restore{793131DC-98B3-467C-A275-A14AAA9DB5DE}\RP1\A0000068.sys (Malware.Trace) -> No action taken.
C:\System Volume Information\_restore{793131DC-98B3-467C-A275-A14AAA9DB5DE}\RP5\A0003399.sys (Malware.Trace) -> No action taken.
C:\System Volume Information\_restore{793131DC-98B3-467C-A275-A14AAA9DB5DE}\RP5\A0003596.sys (Malware.Trace) -> No action taken.
-
Unlimited_Killer
- Přítel fóra
- Příspěvky: 1969
- Registrován: 24 srp 2009 16:18
Re: Kontrola notebooku Acer
Nechte položky nalezené MbAMem smazat.
~~~
Stáhněte HijackThis (jelikož ho RSIT nestáhl), spusťte ho, v menu klikněte na 'Do a system scan and save logfile'. Po této akci Vám HJT přeskenuje PC a otevře Poznámkový blok s logem, který mi sem vložíte stejně jako RSIT log.
~~~
Stáhněte HijackThis (jelikož ho RSIT nestáhl), spusťte ho, v menu klikněte na 'Do a system scan and save logfile'. Po této akci Vám HJT přeskenuje PC a otevře Poznámkový blok s logem, který mi sem vložíte stejně jako RSIT log.
inactive
Re: Kontrola notebooku Acer
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:16:46, on 5.2.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
c:\Temp\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/techsup ... gctlsr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7683773421
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - https://as.photoprintit.de/ips-opdata/l ... oader4.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
--
End of file - 6983 bytes
Scan saved at 13:16:46, on 5.2.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
c:\Temp\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/techsup ... gctlsr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7683773421
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - https://as.photoprintit.de/ips-opdata/l ... oader4.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
--
End of file - 6983 bytes
-
Unlimited_Killer
- Přítel fóra
- Příspěvky: 1969
- Registrován: 24 srp 2009 16:18
Re: Kontrola notebooku Acer
Dobrá, zdá se mi, že je již čisto.
Následující kroky udělejte všechny a dle pořadí.
~~~
Spusťte přejmenované HijackThis - C:\Program Files\Trend Micro\HijackThis\jmeno_uzivatele.exe
Klikněte na 'Do a system scan only'.
U níže uvedených položek udělejte fajfku do čtverečku a poté klikněte na 'Fix Checked'.
Pokud by tam nějaká položka nebyla, vynechte ji.
~~~
Odinstalujte ComboFix
Start >> Spustit >> vkopírujte do text. pole:
>> stiskněte Enter.
To odinstaluje ComboFix a smaže s ním související soubory a složky.
~~~
Stáhněte OTC a dvojklikem ho spusťte.
Klikněte na 'CleanUp!'. Budete vyzváni k restartu - to proveďte.
~~~
Zkuste pročistit PC pomocí programu CCleaner.
Nainstalujte, jen dávejte pozor a při instalaci odškrtněte položku Instalovat Yahoo! Toolbar.
Spusťte.
Zkuste defragmentovat disk. Buď pomocí integrovaného Windowsáckého nástroje (není moc dobrý), nebo například přes Defraggler. Dobré zkušenosti mám také s jednoduchým JKDefrag, který se nemusí instalovat.
~~~
Po všech těchto krocích prosím o vložení nového RSIT logu.
Následující kroky udělejte všechny a dle pořadí.
~~~
Spusťte přejmenované HijackThis - C:\Program Files\Trend Micro\HijackThis\jmeno_uzivatele.exe
Klikněte na 'Do a system scan only'.
U níže uvedených položek udělejte fajfku do čtverečku a poté klikněte na 'Fix Checked'.
Kód: Vybrat vše
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file)~~~
Odinstalujte ComboFix
Start >> Spustit >> vkopírujte do text. pole:
Kód: Vybrat vše
ComboFix /UninstallTo odinstaluje ComboFix a smaže s ním související soubory a složky.
~~~
Stáhněte OTC a dvojklikem ho spusťte.
Klikněte na 'CleanUp!'. Budete vyzváni k restartu - to proveďte.
~~~
Zkuste pročistit PC pomocí programu CCleaner.
Nainstalujte, jen dávejte pozor a při instalaci odškrtněte položku Instalovat Yahoo! Toolbar.
Spusťte.
- Záložka Čistič -> nechte zatrženo vše, jak je, a klikněte na 'Spustit CCleaner'.
- Záložka Registry -> klikněte na 'Hledej problémy'. Vyhledá problémy v registru, až dokončí analyzování, klikněte na 'Opravit vybrané problémy'. Nabídne Vám vytvoření zálohy - pro jistotu ji vytvořte a uložte například na Plochu.
- CCleaner doporučuji používat pravidelně, celkem rapidně dokáže zrychlit PC.
Zkuste defragmentovat disk. Buď pomocí integrovaného Windowsáckého nástroje (není moc dobrý), nebo například přes Defraggler. Dobré zkušenosti mám také s jednoduchým JKDefrag, který se nemusí instalovat.
~~~
Po všech těchto krocích prosím o vložení nového RSIT logu.
inactive
Re: Kontrola notebooku Acer
Tak jsem udelal vse dle pokynu, ale stav se nijak nezlepsil, uz nevim co s tim, asi je to zrale na preinstalaci, ze?
Logfile of random's system information tool 1.06 (written by random/random)
Run by Lucinka at 2010-02-06 07:14:22
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 10 GB (29%) free of 35 GB
Total RAM: 1022 MB (67% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:14:37, on 6.2.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
c:\Temp\RSIT.exe
c:\Temp\Lucinka.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/techsup ... gctlsr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7683773421
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - https://as.photoprintit.de/ips-opdata/l ... oader4.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
--
End of file - 7080 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar3.dll [2007-09-06 2403392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [2007-09-07 325048]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\WINDOWS\system32\eDStoolbar.dll [2006-03-08 106496]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar3.dll [2007-09-06 2403392]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-02-27 16005120]
"LogitechCameraAssistant"=C:\Program Files\Acer\OrbiCam\CameraAssistant.exe [2006-04-06 331776]
"LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2006-03-30 471040]
"LaunchApp"=Alaunch []
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2005-08-25 53248]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2006-03-16 88204]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-18 59392]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2006-04-06 225280]
"LogitechVideo[inspector]"=C:\Program Files\Acer\OrbiCam\InstallHelper.exe [2006-04-06 73728]
"LogitechCameraService(E)"=C:\WINDOWS\system32\ElkCtrl.exe [2004-11-01 262144]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-01-08 102491]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-01-08 692315]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePresentation HPD]
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe [2006-03-31 204800]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange]
C:\WINDOWS\system32\Ati2mdxx.exe [2006-02-22 26112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-08-22 94208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]
C:\Acer\Empowering Technology\ePower\Boot.exe [2006-03-15 579584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2006-03-17 345088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [2006-04-04 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService]
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe [2006-04-28 401408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
C:\WINDOWS\system32\hkcmd.exe [2005-11-28 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
C:\WINDOWS\system32\igfxpers.exe [2005-11-28 118784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
C:\WINDOWS\system32\igfxtray.exe [2005-11-28 98304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-18 208952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-02-22 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-11-28 135168]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\games\Age of Empires II - The Conquerors\age2_x1.exe"="C:\games\Age of Empires II - The Conquerors\age2_x1.exe:*:Disabled:Age of Empires II Expansion"
"C:\Program Files\CZDC-0666[O]\CZDC.exe"="C:\Program Files\CZDC-0666[O]\CZDC.exe:*:Disabled:CZDC"
"C:\Program Files\Maxima-5.17.1\wxMaxima\wxMaxima.exe"="C:\Program Files\Maxima-5.17.1\wxMaxima\wxMaxima.exe:*:Disabled:wxMaxima"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-02-06 06:51:27 ----D---- C:\rsit
2010-02-06 06:48:02 ----D---- C:\ComboFix
2010-02-05 08:31:16 ----D---- C:\Documents and Settings\Lucinka\Data aplikací\Malwarebytes
2010-02-05 08:31:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-02-05 08:31:08 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-02-05 07:26:44 ----D---- C:\WINDOWS\temp
2010-02-03 17:26:02 ----AD---- C:\WINDOWS\VDLL.DLL
2010-02-03 17:26:02 ----AD---- C:\WINDOWS\system32\runouce.exe
2010-02-03 17:26:02 ----AD---- C:\WINDOWS\rundll16.exe
2010-02-03 17:26:02 ----AD---- C:\WINDOWS\RUNDL132.EXE
2010-02-03 17:26:02 ----AD---- C:\WINDOWS\logo1_.exe
2010-02-03 17:26:02 ----AD---- C:\WINDOWS\logo_1.exe
2010-02-03 17:24:26 ----A---- C:\WINDOWS\system32\msvcr80.dll
2010-02-03 17:24:25 ----A---- C:\WINDOWS\system32\msvcp80.dll
2010-02-03 17:24:24 ----A---- C:\WINDOWS\system32\eEmpty.exe
2010-02-03 17:24:23 ----A---- C:\WINDOWS\system32\T.COM
2010-02-03 17:24:23 ----A---- C:\WINDOWS\R.COM
2010-02-03 17:24:20 ----D---- C:\Program Files\Common Files\MicroWorld
2010-02-03 17:24:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
2010-02-03 17:22:40 ----D---- C:\Program Files\trend micro
2010-02-03 16:23:00 ----D---- C:\Program Files\ATI Technologies
2010-02-03 16:16:17 ----A---- C:\WINDOWS\system32\atioglx1.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ativcoxx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\atitvo32.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\atipdlxx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\atioglxx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\atikvmag.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\atiiiexx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ATIDEMGR.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ATIDDC.DLL
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ati3duag.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\Ati2mdxx.exe
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ati2evxx.exe
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ati2evxx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ati2edxx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2010-02-03 13:39:49 ----A---- C:\WINDOWS\system32\SynTPFcs.dll
2010-02-03 13:39:49 ----A---- C:\WINDOWS\system32\SynTPCo2.dll
2010-02-03 13:39:49 ----A---- C:\WINDOWS\system32\SynTPAPI.dll
2010-02-03 13:39:49 ----A---- C:\WINDOWS\system32\SynCtrl.dll
2010-02-03 13:39:49 ----A---- C:\WINDOWS\system32\SynCOM.dll
2010-02-03 12:30:05 ----A---- C:\WINDOWS\PEV.exe
2010-02-03 12:30:05 ----A---- C:\WINDOWS\MBR.exe
2010-02-01 09:15:24 ----A---- C:\WINDOWS\wcx_ftp.ini
2010-02-01 09:08:25 ----D---- C:\WINDOWS\pss
2010-02-01 07:22:21 ----A---- C:\WINDOWS\ntbtlog.txt
2010-01-19 20:11:55 ----D---- C:\Documents and Settings\Lucinka\Data aplikací\Mozilla
2010-01-14 10:18:17 ----HD---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-14 10:16:59 ----HD---- C:\WINDOWS\$NtUninstallKB972270$
2010-01-11 12:27:54 ----D---- C:\Program Files\MATLAB
2010-01-11 12:24:15 ----D---- C:\Program Files\Elaborate Bytes
======List of files/folders modified in the last 1 months======
2010-02-06 07:14:20 ----A---- C:\WINDOWS\WINCMD.INI
2010-02-06 07:12:22 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-05 07:30:00 ----A---- C:\WINDOWS\system.ini
2010-02-03 19:02:08 ----RASH---- C:\boot.ini
2010-02-03 19:02:08 ----A---- C:\WINDOWS\win.ini
2010-02-03 12:57:40 ----A---- C:\WINDOWS\OEWABLog.txt
2010-02-01 11:13:48 ----A---- C:\WINDOWS\imsins.BAK
2010-02-01 09:15:48 ----N---- C:\AUTOEXEC.BAT
2010-02-01 08:41:50 ----A---- C:\WINDOWS\wininit.ini
2010-02-01 07:41:58 ----A---- C:\WINDOWS\primopdf.ini
2010-01-29 17:40:28 ----A---- C:\WINDOWS\ModemLog_Agere Systems HDA Modem.txt
2010-01-18 22:51:42 ----A---- C:\WINDOWS\WTRAN32.INI
2010-01-16 15:31:20 ----A---- C:\WINDOWS\NeroDigital.ini
2010-01-12 09:48:34 ----A---- C:\WINDOWS\WDICT32.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-09-08 21275]
R2 EpmPsd;Acer EPM Power Scheme Driver; \??\C:\WINDOWS\system32\drivers\epm-psd.sys []
R2 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\drivers\epm-shd.sys []
R2 int15;int15; \??\C:\WINDOWS\system32\drivers\int15.sys []
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-11-28 13568]
R2 symlcbrd;symlcbrd; \??\C:\WINDOWS\system32\drivers\symlcbrd.sys []
R2 tvicport;tvicport; \??\C:\WINDOWS\system32\drivers\tvicport.sys []
R2 zntport;zntport; \??\C:\WINDOWS\system32\drivers\zntport.sys []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-02-22 1505792]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 LVPrcMon;Logitech LVPrcMon Driver; \??\C:\WINDOWS\system32\drivers\LVPrcMon.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-04-21 6144]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-01-18 80512]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-01-08 191456]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-09-20 162432]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-11-27 1427968]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-18 14848]
S2 eLock2BurnerLockDriver;eLock2BurnerLockDriver; \??\C:\WINDOWS\system32\eLock2BurnerLockDriver.sys []
S2 eLock2FSCTLDriver;eLock2FSCTLDriver; \??\C:\WINDOWS\system32\eLock2FSCTLDriver.sys []
S3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2006-03-16 1124097]
S3 AVHybrid;AVHybrid service; C:\WINDOWS\system32\DRIVERS\AVHybrid.sys [2005-04-29 999680]
S3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2005-11-02 424320]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-08 16896]
S3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys []
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-11-28 1353820]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-02-27 4241920]
S3 lv321av;Logitech USB PC Camera (VC0321); C:\WINDOWS\System32\Drivers\lv321av.sys [2006-04-06 1097472]
S3 lvmvdrv;Logitech Machine Vision Engine Loader; \??\C:\WINDOWS\system32\drivers\lvmvdrv.sys []
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2006-04-06 39424]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 psdfilter;psdfilter; \??\C:\WINDOWS\system32\Drivers\psdfilter.sys []
S3 psdvdisk;psdvdisk; \??\C:\WINDOWS\system32\Drivers\psdvdisk.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\IDS-DI~1\20090519.001\symidsco.sys []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-05-23 29696]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\system32\vsdatant.sys []
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2008-08-28 131856]
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-04-27 717296]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcerMemUsageCheckService;Memory Check Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2006-03-29 28672]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-02-22 405504]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-11-28 114753]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-02-17 73728]
R2 LVPrcSrv;Logitech Process Monitor; c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe [2006-04-06 86016]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-11-28 217164]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-11-28 540745]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-09-06 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero 7\Nero BackItUp\NBService.exe [2006-08-08 208896]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe -d -f C:\Program Files\WinPcap\rpcapd.ini []
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2009-05-17 1251720]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by Lucinka at 2010-02-06 07:14:22
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 10 GB (29%) free of 35 GB
Total RAM: 1022 MB (67% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:14:37, on 6.2.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
c:\Temp\RSIT.exe
c:\Temp\Lucinka.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/techsup ... gctlsr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7683773421
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - https://as.photoprintit.de/ips-opdata/l ... oader4.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
--
End of file - 7080 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar3.dll [2007-09-06 2403392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [2007-09-07 325048]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\WINDOWS\system32\eDStoolbar.dll [2006-03-08 106496]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar3.dll [2007-09-06 2403392]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-02-27 16005120]
"LogitechCameraAssistant"=C:\Program Files\Acer\OrbiCam\CameraAssistant.exe [2006-04-06 331776]
"LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2006-03-30 471040]
"LaunchApp"=Alaunch []
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2005-08-25 53248]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2006-03-16 88204]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-18 59392]
"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2006-04-06 225280]
"LogitechVideo[inspector]"=C:\Program Files\Acer\OrbiCam\InstallHelper.exe [2006-04-06 73728]
"LogitechCameraService(E)"=C:\WINDOWS\system32\ElkCtrl.exe [2004-11-01 262144]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-01-08 102491]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-01-08 692315]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePresentation HPD]
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe [2006-03-31 204800]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange]
C:\WINDOWS\system32\Ati2mdxx.exe [2006-02-22 26112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-08-22 94208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]
C:\Acer\Empowering Technology\ePower\Boot.exe [2006-03-15 579584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2006-03-17 345088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [2006-04-04 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService]
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe [2006-04-28 401408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
C:\WINDOWS\system32\hkcmd.exe [2005-11-28 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
C:\WINDOWS\system32\igfxpers.exe [2005-11-28 118784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
C:\WINDOWS\system32\igfxtray.exe [2005-11-28 98304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-18 208952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-02-22 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-11-28 135168]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\games\Age of Empires II - The Conquerors\age2_x1.exe"="C:\games\Age of Empires II - The Conquerors\age2_x1.exe:*:Disabled:Age of Empires II Expansion"
"C:\Program Files\CZDC-0666[O]\CZDC.exe"="C:\Program Files\CZDC-0666[O]\CZDC.exe:*:Disabled:CZDC"
"C:\Program Files\Maxima-5.17.1\wxMaxima\wxMaxima.exe"="C:\Program Files\Maxima-5.17.1\wxMaxima\wxMaxima.exe:*:Disabled:wxMaxima"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-02-06 06:51:27 ----D---- C:\rsit
2010-02-06 06:48:02 ----D---- C:\ComboFix
2010-02-05 08:31:16 ----D---- C:\Documents and Settings\Lucinka\Data aplikací\Malwarebytes
2010-02-05 08:31:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-02-05 08:31:08 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-02-05 07:26:44 ----D---- C:\WINDOWS\temp
2010-02-03 17:26:02 ----AD---- C:\WINDOWS\VDLL.DLL
2010-02-03 17:26:02 ----AD---- C:\WINDOWS\system32\runouce.exe
2010-02-03 17:26:02 ----AD---- C:\WINDOWS\rundll16.exe
2010-02-03 17:26:02 ----AD---- C:\WINDOWS\RUNDL132.EXE
2010-02-03 17:26:02 ----AD---- C:\WINDOWS\logo1_.exe
2010-02-03 17:26:02 ----AD---- C:\WINDOWS\logo_1.exe
2010-02-03 17:24:26 ----A---- C:\WINDOWS\system32\msvcr80.dll
2010-02-03 17:24:25 ----A---- C:\WINDOWS\system32\msvcp80.dll
2010-02-03 17:24:24 ----A---- C:\WINDOWS\system32\eEmpty.exe
2010-02-03 17:24:23 ----A---- C:\WINDOWS\system32\T.COM
2010-02-03 17:24:23 ----A---- C:\WINDOWS\R.COM
2010-02-03 17:24:20 ----D---- C:\Program Files\Common Files\MicroWorld
2010-02-03 17:24:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
2010-02-03 17:22:40 ----D---- C:\Program Files\trend micro
2010-02-03 16:23:00 ----D---- C:\Program Files\ATI Technologies
2010-02-03 16:16:17 ----A---- C:\WINDOWS\system32\atioglx1.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ativcoxx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\atitvo32.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\atipdlxx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\atioglxx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\atikvmag.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\atiiiexx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ATIDEMGR.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ATIDDC.DLL
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ati3duag.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\Ati2mdxx.exe
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ati2evxx.exe
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ati2evxx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ati2edxx.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2010-02-03 16:16:16 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2010-02-03 13:39:49 ----A---- C:\WINDOWS\system32\SynTPFcs.dll
2010-02-03 13:39:49 ----A---- C:\WINDOWS\system32\SynTPCo2.dll
2010-02-03 13:39:49 ----A---- C:\WINDOWS\system32\SynTPAPI.dll
2010-02-03 13:39:49 ----A---- C:\WINDOWS\system32\SynCtrl.dll
2010-02-03 13:39:49 ----A---- C:\WINDOWS\system32\SynCOM.dll
2010-02-03 12:30:05 ----A---- C:\WINDOWS\PEV.exe
2010-02-03 12:30:05 ----A---- C:\WINDOWS\MBR.exe
2010-02-01 09:15:24 ----A---- C:\WINDOWS\wcx_ftp.ini
2010-02-01 09:08:25 ----D---- C:\WINDOWS\pss
2010-02-01 07:22:21 ----A---- C:\WINDOWS\ntbtlog.txt
2010-01-19 20:11:55 ----D---- C:\Documents and Settings\Lucinka\Data aplikací\Mozilla
2010-01-14 10:18:17 ----HD---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-14 10:16:59 ----HD---- C:\WINDOWS\$NtUninstallKB972270$
2010-01-11 12:27:54 ----D---- C:\Program Files\MATLAB
2010-01-11 12:24:15 ----D---- C:\Program Files\Elaborate Bytes
======List of files/folders modified in the last 1 months======
2010-02-06 07:14:20 ----A---- C:\WINDOWS\WINCMD.INI
2010-02-06 07:12:22 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-05 07:30:00 ----A---- C:\WINDOWS\system.ini
2010-02-03 19:02:08 ----RASH---- C:\boot.ini
2010-02-03 19:02:08 ----A---- C:\WINDOWS\win.ini
2010-02-03 12:57:40 ----A---- C:\WINDOWS\OEWABLog.txt
2010-02-01 11:13:48 ----A---- C:\WINDOWS\imsins.BAK
2010-02-01 09:15:48 ----N---- C:\AUTOEXEC.BAT
2010-02-01 08:41:50 ----A---- C:\WINDOWS\wininit.ini
2010-02-01 07:41:58 ----A---- C:\WINDOWS\primopdf.ini
2010-01-29 17:40:28 ----A---- C:\WINDOWS\ModemLog_Agere Systems HDA Modem.txt
2010-01-18 22:51:42 ----A---- C:\WINDOWS\WTRAN32.INI
2010-01-16 15:31:20 ----A---- C:\WINDOWS\NeroDigital.ini
2010-01-12 09:48:34 ----A---- C:\WINDOWS\WDICT32.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.9.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-09-08 21275]
R2 EpmPsd;Acer EPM Power Scheme Driver; \??\C:\WINDOWS\system32\drivers\epm-psd.sys []
R2 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\drivers\epm-shd.sys []
R2 int15;int15; \??\C:\WINDOWS\system32\drivers\int15.sys []
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2005-11-28 13568]
R2 symlcbrd;symlcbrd; \??\C:\WINDOWS\system32\drivers\symlcbrd.sys []
R2 tvicport;tvicport; \??\C:\WINDOWS\system32\drivers\tvicport.sys []
R2 zntport;zntport; \??\C:\WINDOWS\system32\drivers\zntport.sys []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-02-22 1505792]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 LVPrcMon;Logitech LVPrcMon Driver; \??\C:\WINDOWS\system32\drivers\LVPrcMon.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-04-21 6144]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-01-18 80512]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-01-08 191456]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-09-20 162432]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-11-27 1427968]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-18 14848]
S2 eLock2BurnerLockDriver;eLock2BurnerLockDriver; \??\C:\WINDOWS\system32\eLock2BurnerLockDriver.sys []
S2 eLock2FSCTLDriver;eLock2FSCTLDriver; \??\C:\WINDOWS\system32\eLock2FSCTLDriver.sys []
S3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2006-03-16 1124097]
S3 AVHybrid;AVHybrid service; C:\WINDOWS\system32\DRIVERS\AVHybrid.sys [2005-04-29 999680]
S3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2005-11-02 424320]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-08 16896]
S3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys []
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-11-28 1353820]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-02-27 4241920]
S3 lv321av;Logitech USB PC Camera (VC0321); C:\WINDOWS\System32\Drivers\lv321av.sys [2006-04-06 1097472]
S3 lvmvdrv;Logitech Machine Vision Engine Loader; \??\C:\WINDOWS\system32\drivers\lvmvdrv.sys []
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2006-04-06 39424]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 psdfilter;psdfilter; \??\C:\WINDOWS\system32\Drivers\psdfilter.sys []
S3 psdvdisk;psdvdisk; \??\C:\WINDOWS\system32\Drivers\psdvdisk.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\IDS-DI~1\20090519.001\symidsco.sys []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-05-23 29696]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\system32\vsdatant.sys []
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2008-08-28 131856]
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-04-27 717296]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcerMemUsageCheckService;Memory Check Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2006-03-29 28672]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-02-22 405504]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2005-11-28 114753]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-02-17 73728]
R2 LVPrcSrv;Logitech Process Monitor; c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe [2006-04-06 86016]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2005-11-28 217164]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2005-11-28 540745]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-09-06 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero 7\Nero BackItUp\NBService.exe [2006-08-08 208896]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe -d -f C:\Program Files\WinPcap\rpcapd.ini []
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2009-05-17 1251720]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
-
Unlimited_Killer
- Přítel fóra
- Příspěvky: 1969
- Registrován: 24 srp 2009 16:18
Re: Kontrola notebooku Acer
Prosím, podívejte se na běžící procesy, a řekněte, co 'žere' nejvíce.
inactive
Přispějete na provoz fóra?