VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosim o kontrolu logu, dekuji

https://forum.viry.cz:443/viewtopic.php?t=99021

Stránka 1 z 1

Prosim o kontrolu logu, dekuji

Napsal: 17 bře 2010 19:31
od eellee
Logfile of random's system information

tool 1.06 (written by random/random)
Run by Helca at 2010-03-17 19:26:03
Microsoft Windows XP Home Edition Service

Pack 3
System drive C: has 28 GB (30%) free of 92

GB
Total RAM: 2039 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:26:47, on 17.3.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00

(8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil

Software\Avast4\aswUpdSv.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\Alwil

Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\ASUS\ATK

Hotkey\MsgTranAgt.exe
C:\Program Files\ASUS\ATK

Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATK

Hotkey\HControl.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program

Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\Program Files\Atheros\ACU.exe
C:\Program Files\Wireless Console

2\wcourier.exe
C:\Program Files\ASUS\Power4

Gear\BatteryLife.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\WINDOWS\AsScrPro.exe
C:\Program

Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Protector Suite

QL\psqltray.exe
C:\Program

Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\Program

Files\Canon\MyPrinter\BJMyPrt.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common

Files\LightScribe\LightScribeControlPanel.

exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\T-Mobile\Web'n'walk

Manager\Manager.exe
C:\Program Files\Toshiba\Bluetooth Toshiba

Stack\TosBtMng.exe
C:\Program Files\Windows Desktop

Search\WindowsSearch.exe
C:\Program Files\Microsoft

Office\Office12\ONENOTEM.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Toshiba\Bluetooth Toshiba

Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba

Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba

Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba

Stack\TosAVRC.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common

Files\LightScribe\LSSrvc.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\Program Files\CyberLink\Shared

Files\RichVideo.exe
C:\Program Files\ASUS\NB

Probe\SPM\spmgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba

Stack\TosBtSrv.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Mozilla Firefox 3.6 Beta

5\firefox.exe
C:\Program Files\Alwil

Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil

Software\Avast4\ashWebSv.exe
C:\Program Files\ASUS\ATK

Hotkey\ATKOSD.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\ASUS\ATK

Hotkey\KBFiltr.exe
C:\Program Files\ASUS\ATK Hotkey\WDC.exe
C:\WINDOWS\system32\acovcnt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and

Settings\Helca\Plocha\help\RSIT.exe
C:\Program Files\trend micro\Helca.exe

R0 - HKCU\Software\Microsoft\Internet

Explorer\Main,Start Page =

http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet

Explorer\Main,Default_Page_URL =

http://go.microsoft.com/fwlink/?LinkId=691

57
R1 - HKLM\Software\Microsoft\Internet

Explorer\Main,Default_Search_URL =

http://go.microsoft.com/fwlink/?LinkId=548

96
R1 - HKLM\Software\Microsoft\Internet

Explorer\Main,Search Page =

http://go.microsoft.com/fwlink/?LinkId=548

96
R0 - HKLM\Software\Microsoft\Internet

Explorer\Main,Start Page =

http://go.microsoft.com/fwlink/?LinkId=691

57
R1 - HKCU\Software\Microsoft\Internet

Connection Wizard,ShellNext =

http://r.office.microsoft.com/r/rlidOffice

UserRegSetup?clid=1029
R0 - HKCU\Software\Microsoft\Internet

Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Adobe PDF Reader Link Helper -

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -

C:\Program Files\Common

Files\Adobe\Acrobat\ActiveX\AcroIEHelper.d

ll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper -

{DBC80044-A445-435b-BC74-9C25C1C588A9} -

C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl -

{E7E6F031-17CE-4C07-BC86-EABFE594F69C} -

C:\Program

Files\Java\jre6\lib\deploy\jqs\ie\jqs_plug

in.dll
O4 - HKLM\..\Run: [NvCplDaemon]

RUNDLL32.EXE

C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter]

RUNDLL32.EXE

C:\WINDOWS\system32\NvMcTray.dll,NvTaskbar

Init
O4 - HKLM\..\Run: [IgfxTray]

C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds]

C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence]

C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [MsgTranAgt] C:\Program

Files\ASUS\ATK Hotkey\MsgTranAgt.exe
O4 - HKLM\..\Run: [HControlUser]

C:\Program Files\ASUS\ATK

Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKHOTKEY] C:\Program

Files\ASUS\ATK Hotkey\HControl.exe
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program

Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program

Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PSQLLauncher]

"C:\Program Files\Protector Suite

QL\launcher.exe" /startup
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program

Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ACU] "C:\Program

Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [Wireless Console 2]

"C:\Program Files\Wireless Console

2\wcourier.exe"
O4 - HKLM\..\Run: [ASUS Live Update]

C:\Program Files\ASUS\ASUS Live

Update\ALU.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program

Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ACMON] "C:\Program

Files\ASUS\Splendid\ACMON.exe"
O4 - HKLM\..\Run: [ASUS Screen Saver

Protector] C:\WINDOWS\AsScrPro.exe
O4 - HKLM\..\Run: [CLMLServer] "C:\Program

Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program

Files\CyberLink\Power2Go\MUITransfer\MUISt

artMenu.exe" "C:\Program

Files\CyberLink\Power2Go"

UpdateWithCreateOnce

"SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [ABLKSR]

C:\WINDOWS\ABLKSR\ABLKSR.exe
O4 - HKLM\..\Run: [RemoteControl]

"C:\Program

Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut]

"C:\Program

Files\CyberLink\PowerDVD\Language\Language

.exe"
O4 - HKLM\..\Run: [UpdatePPShortCut]

"C:\Program

Files\CyberLink\PowerProducer\MUITransfer\

MUIStartMenu.exe" "C:\Program

Files\CyberLink\PowerProducer" update

"Software\CyberLink\PowerProducer\4.0"
O4 - HKLM\..\Run: [WinampAgent]

"C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NeroFilterCheck]

C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task]

"C:\Program Files\QuickTime\qttask.exe"

-atboottime
O4 - HKLM\..\Run: [CanonSolutionMenu]

C:\Program

Files\Canon\SolutionMenu\CNSLMAIN.exe

/logon
O4 - HKLM\..\Run: [CanonMyPrinter]

C:\Program

Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [avast!]

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed

Launcher] "C:\Program Files\Adobe\Reader

8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program

Files\Common

Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched]

"C:\Program

Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE]

C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LightScribe Control

Panel] C:\Program Files\Common

Files\LightScribe\LightScribeControlPanel.

exe -hidden
O4 - HKCU\..\Run: [MSMSGS] "C:\Program

Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [T-Mobile Communication

Centre] "C:\Program

Files\T-Mobile\Web'n'walk

Manager\Manager.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE]

C:\WINDOWS\system32\CTFMON.EXE (User

'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE]

C:\WINDOWS\system32\CTFMON.EXE (User

'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE]

C:\WINDOWS\system32\CTFMON.EXE (User

'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE]

C:\WINDOWS\system32\CTFMON.EXE (User

'Default user')
O4 - Startup: Výřezy obrazovky a spuštění

aplikace OneNote 2007.lnk = C:\Program

Files\Microsoft

Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth Manager.lnk

= ?
O4 - Global Startup: Windows Search.lnk =

C:\Program Files\Windows Desktop

Search\WindowsSearch.exe
O8 - Extra context menu item: Add to

Google Photos Screensa&ver -

res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat

do aplikace Microsoft Excel -

res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.

EXE/3000
O9 - Extra button: Odeslat do aplikace

OneNote -

{2670000A-7350-4f3c-8081-5663EE0C6C49} -

C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do

aplikace OneNote -

{2670000A-7350-4f3c-8081-5663EE0C6C49} -

C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research -

{92780B25-18CC-41C8-B9BE-3C9C571A8263} -

C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) -

{e2e2dd38-d088-4134-82b7-f2ba38496583} -

C:\WINDOWS\Network

Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem:

@xpsp3res.dll,-20001 -

{e2e2dd38-d088-4134-82b7-f2ba38496583} -

C:\WINDOWS\Network

Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 -

{E59EB121-F339-4851-A3BA-FE49C35617C2} -

C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 -

{E59EB121-F339-4851-A3BA-FE49C35617C2} -

C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows

Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF:

START_PAGE_URL=http://www.asus.com
O18 - Protocol: skype4com -

{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -

C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Konfigurační služba Atheros

(ACS) - Atheros -

C:\WINDOWS\system32\acs.exe
O23 - Service: avast! iAVS4 Control

Service (aswUpdSv) - ALWIL Software -

C:\Program Files\Alwil

Software\Avast4\aswUpdSv.exe
O23 - Service: ATKGFNEX Service

(ATKGFNEXSrv) - Unknown owner - C:\Program

Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - ALWIL

Software - C:\Program Files\Alwil

Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL

Software - C:\Program Files\Alwil

Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL

Software - C:\Program Files\Alwil

Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service

(gusvc) - Google - C:\Program

Files\Google\Common\Google

Updater\GoogleUpdaterService.exe
O23 - Service: Inkjet Printer/Scanner

Extended Survey Program (IJPLMSVC) -

Unknown owner - C:\Program

Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter

(JavaQuickStarterService) - Sun

Microsystems, Inc. - C:\Program

Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct

Disc Labeling Service (LightScribeService)

- Hewlett-Packard Company - C:\Program

Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver

Service (NVSvc) - NVIDIA Corporation -

C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo

Service(CRVS) (RichVideo) - Unknown owner

- C:\Program Files\CyberLink\Shared

Files\RichVideo.exe
O23 - Service: spmgr - Unknown owner -

C:\Program Files\ASUS\NB

Probe\SPM\spmgr.exe
O23 - Service: TOSHIBA Bluetooth Service -

TOSHIBA CORPORATION - C:\Program

Files\Toshiba\Bluetooth Toshiba

Stack\TosBtSrv.exe

--
End of file - 11535 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\User_Feed_Synchronization

-{354CC9FD-0244-41CB-8CB8-6A9E08B0C3B3}.jo

b

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Win

dows\CurrentVersion\Explorer\Browser

Helper

Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE

0B3}]
Adobe PDF Reader Link Helper - C:\Program

Files\Common

Files\Adobe\Acrobat\ActiveX\AcroIEHelper.d

ll [2009-12-18 61888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Win

dows\CurrentVersion\Explorer\Browser

Helper

Objects\{DBC80044-A445-435b-BC74-9C25C1C58

8A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program

Files\Java\jre6\bin\jp2ssv.dll [2009-10-11

41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Win

dows\CurrentVersion\Explorer\Browser

Helper

Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F

69C}]
JQSIEStartDetectorImpl Class - C:\Program

Files\Java\jre6\lib\deploy\jqs\ie\jqs_plug

in.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Win

dows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dl

l [2008-07-25 13541376]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTr

ay.dll [2008-07-25 86016]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.ex

e [2007-11-08 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.ex

e [2007-11-08 166424]
"Persistence"=C:\WINDOWS\system32\igfxpers

.exe [2007-11-08 137752]
"MsgTranAgt"=C:\Program Files\ASUS\ATK

Hotkey\MsgTranAgt.exe [2007-11-04 106496]
"HControlUser"=C:\Program Files\ASUS\ATK

Hotkey\HControlUser.exe [2008-01-11 98304]
"ATKHOTKEY"=C:\Program Files\ASUS\ATK

Hotkey\HControl.exe [2008-08-04 217088]
"ATKOSD2"=C:\Program

Files\ATKOSD2\ATKOSD2.exe [2008-01-23

7766016]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE

[2008-07-16 16806400]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19

57344]
"SynTPEnh"=C:\Program

Files\Synaptics\SynTP\SynTPEnh.exe

[2006-10-12 815104]
"PSQLLauncher"=C:\Program Files\Protector

Suite QL\launcher.exe [2008-06-19 49928]
"ATKMEDIA"=C:\Program Files\ASUS\ATK

Media\DMEDIA.EXE [2008-02-01 61440]
"ACU"=C:\Program Files\Atheros\ACU.exe

[2008-07-21 450649]
"Wireless Console 2"=C:\Program

Files\Wireless Console 2\wcourier.exe

[2007-07-05 1040384]
"ASUS Live Update"=C:\Program

Files\ASUS\ASUS Live Update\ALU.exe

[2007-11-30 51768]
"Power_Gear"=C:\Program Files\ASUS\Power4

Gear\BatteryLife.exe [2006-07-26 90112]
"ACMON"=C:\Program

Files\ASUS\Splendid\ACMON.exe [2008-01-15

851968]
"ASUS Screen Saver

Protector"=C:\WINDOWS\AsScrPro.exe

[2008-11-06 3054136]
"CLMLServer"=C:\Program

Files\CyberLink\Power2Go\CLMLSvc.exe

[2008-07-18 104936]
"P2Go_Menu"=C:\Program

Files\CyberLink\Power2Go\MUITransfer\MUISt

artMenu.exe [2008-06-13 210216]
"ABLKSR"=C:\WINDOWS\ABLKSR\ABLKSR.exe

[2007-05-31 61440]
"RemoteControl"=C:\Program

Files\CyberLink\PowerDVD\PDVDServ.exe

[2008-04-02 87336]
"LanguageShortcut"=C:\Program

Files\CyberLink\PowerDVD\Language\Language

.exe [2008-02-22 62760]
"UpdatePPShortCut"=C:\Program

Files\CyberLink\PowerProducer\MUITransfer\

MUIStartMenu.exe [2008-01-04 222504]
"WinampAgent"=C:\Program

Files\Winamp\winampa.exe [2008-08-04

36352]
"NeroFilterCheck"=C:\WINDOWS\system32\Nero

Check.exe [2001-07-09 155648]
"QuickTime Task"=C:\Program

Files\QuickTime\qttask.exe [2009-01-05

413696]
"CanonSolutionMenu"=C:\Program

Files\Canon\SolutionMenu\CNSLMAIN.exe

[2008-03-10 689488]
"CanonMyPrinter"=C:\Program

Files\Canon\MyPrinter\BJMyPrt.exe

[2008-03-17 1848648]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDi

sp.exe [2009-11-25 81000]
"Adobe Reader Speed Launcher"=C:\Program

Files\Adobe\Reader

8.0\Reader\Reader_sl.exe [2009-12-18

40368]
"Adobe ARM"=C:\Program Files\Common

Files\Adobe\ARM\1.0\AdobeARM.exe

[2009-12-11 948672]
"SunJavaUpdateSched"=C:\Program

Files\Java\jre6\bin\jusched.exe

[2009-10-11 149280]

[HKEY_CURRENT_USER\Software\Microsoft\Wind

ows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.ex

e [2008-04-14 15360]
"LightScribe Control Panel"=C:\Program

Files\Common

Files\LightScribe\LightScribeControlPanel.

exe [2008-06-09 2363392]
"MSMSGS"=C:\Program

Files\Messenger\msmsgs.exe [2008-04-14

1695232]
"T-Mobile Communication Centre"=C:\Program

Files\T-Mobile\Web'n'walk

Manager\Manager.exe [2007-08-28 955608]

C:\Documents and Settings\All

Users\Nabídka Start\Programy\Po spuštění
Bluetooth Manager.lnk - C:\Program

Files\Toshiba\Bluetooth Toshiba

Stack\TosBtMng.exe
Windows Search.lnk - C:\Program

Files\Windows Desktop

Search\WindowsSearch.exe

C:\Documents and Settings\Helca\Nabídka

Start\Programy\Po spuštění
Výřezy obrazovky a spuštění aplikace

OneNote 2007.lnk - C:\Program

Files\Microsoft

Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Win

dows

NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll

[2007-10-29 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Win

dows

NT\CurrentVersion\Winlogon\Notify\psfus]
C:\WINDOWS\system32\psqlpwd.dll

[2008-06-19 96008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Win

dows\CurrentVersion\ShellServiceObjectDela

yLoad]
WPDShServiceObj -

{AAA288BA-9A4C-45B0-95D7-94D524869DB5} -

C:\WINDOWS\system32\WPDShServiceObj.dll

[2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Win

dows\CurrentVersion\Explorer\ShellExecuteH

ooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C

:\Program Files\Windows Desktop

Search\MSNLNamespaceMgr.dll [2009-05-24

304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlS

et\Control\Lsa]
"notification packages"=scecli
psqlpwd

[HKEY_LOCAL_MACHINE\Software\Microsoft\Win

dows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Wind

ows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Win

dows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrols

et\services\sharedaccess\parameters\firewa

llpolicy\standardprofile\authorizedapplica

tions\list]
"%windir%\system32\sessmgr.exe"="%windir%\

system32\sessmgr.exe:*:enabled:@xpsp2res.d

ll,-22019"
"C:\Program Files\QIP\qip.exe"="C:\Program

Files\QIP\qip.exe:*:Enabled:Quiet Internet

Pager"
"%windir%\Network

Diagnostic\xpnetdiag.exe"="%windir%\Networ

k

Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3r

es.dll,-20000"
"C:\Program

Files\ICQ6\ICQ.exe"="C:\Program

Files\ICQ6\ICQ.exe:*:Enabled:ICQ Library"
"C:\Program Files\Microsoft

Office\Office12\OUTLOOK.EXE"="C:\Program

Files\Microsoft

Office\Office12\OUTLOOK.EXE:*:Enabled:Micr

osoft Office Outlook"
"C:\Program

Files\DC++\DCPlusPlus.exe"="C:\Program

Files\DC++\DCPlusPlus.exe:*:Enabled:DCPlus

Plus"
"C:\Program

Files\ICQ6.5\ICQ.exe"="C:\Program

Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Samsung\Samsung New PC

Studio\npsasvr.exe"="C:\Program

Files\Samsung\Samsung New PC

Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD

Server"
"C:\Program Files\Samsung\Samsung New PC

Studio\npsvsvr.exe"="C:\Program

Files\Samsung\Samsung New PC

Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD

Server"
"C:\Program

Files\Skype\Phone\Skype.exe"="C:\Program

Files\Skype\Phone\Skype.exe:*:Enabled:Skyp

e"

[HKEY_LOCAL_MACHINE\system\currentcontrols

et\services\sharedaccess\parameters\firewa

llpolicy\domainprofile\authorizedapplicati

ons\list]
"%windir%\system32\sessmgr.exe"="%windir%\

system32\sessmgr.exe:*:enabled:@xpsp2res.d

ll,-22019"
"%windir%\Network

Diagnostic\xpnetdiag.exe"="%windir%\Networ

k

Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3r

es.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\wind

ows\currentversion\explorer\mountpoints2\{

81f153de-02b8-11df-892e-002215f839e8}]
shell\AutoRun\command - "H:\WD

SmartWare.exe" autoplay=true

[HKEY_CURRENT_USER\software\microsoft\wind

ows\currentversion\explorer\mountpoints2\{

e2584504-bc58-11dd-b1c6-002215f839e8}]
shell\AutoRun\command - E:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\wind

ows\currentversion\explorer\mountpoints2\{

e2584505-bc58-11dd-b1c6-002215f839e8}]
shell\AutoRun\command - E:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\wind

ows\currentversion\explorer\mountpoints2\{

e2584506-bc58-11dd-b1c6-002215f839e8}]
shell\AutoRun\command - E:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\wind

ows\currentversion\explorer\mountpoints2\{

e2584507-bc58-11dd-b1c6-002215f839e8}]
shell\AutoRun\command - E:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\wind

ows\currentversion\explorer\mountpoints2\{

e8479289-898c-11de-88e5-002215f839e8}]
shell\AutoRun\command - WDSetup.exe


======List of files/folders created in the

last 2 months======

2010-03-17 19:26:07 ----D---- C:\Program

Files\trend micro
2010-03-17 19:26:03 ----D---- C:\rsit
2010-03-12 03:15:56 ----HD----

C:\WINDOWS\$NtUninstallKB975561$
2010-02-27 17:13:14 ----HD----

C:\WINDOWS\$NtUninstallKB952011$
2010-02-24 10:38:08 ----HD----

C:\WINDOWS\$NtUninstallKB979306$
2010-02-13 00:25:21 ----A----

C:\WINDOWS\spookydisplay.ini
2010-02-13 00:24:48 ----D---- C:\Program

Files\Fragment
2010-02-11 01:09:56 ----HD----

C:\WINDOWS\$NtUninstallKB978262$
2010-02-11 01:09:49 ----HD----

C:\WINDOWS\$NtUninstallKB971468$
2010-02-11 01:07:06 ----HD----

C:\WINDOWS\$NtUninstallKB978037$
2010-02-11 01:06:58 ----HD----

C:\WINDOWS\$NtUninstallKB975713$
2010-02-11 01:06:50 ----HD----

C:\WINDOWS\$NtUninstallKB978251$
2010-02-11 01:06:42 ----HD----

C:\WINDOWS\$NtUninstallKB975560$
2010-02-11 01:05:50 ----HD----

C:\WINDOWS\$NtUninstallKB977914$
2010-02-11 01:05:36 ----HD----

C:\WINDOWS\$NtUninstallKB978706$
2010-02-11 01:05:13 ----HD----

C:\WINDOWS\$NtUninstallKB977165$
2010-01-24 20:20:10 ----D---- C:\Documents

and Settings\Helca\Data

aplikací\Malwarebytes
2010-01-24 20:19:59 ----D---- C:\Documents

and Settings\All Users\Data

aplikací\Malwarebytes
2010-01-24 20:19:58 ----D---- C:\Program

Files\Malwarebytes' Anti-Malware
2010-01-22 16:20:00 ----A----

C:\WINDOWS\system32\javaws.exe
2010-01-22 16:20:00 ----A----

C:\WINDOWS\system32\javaw.exe
2010-01-22 16:19:59 ----A----

C:\WINDOWS\system32\java.exe

======List of files/folders modified in

the last 2 months======

2010-03-17 17:59:56 ----A----

C:\WINDOWS\system32\acovcnt.exe
2010-03-16 07:32:24 ----A----

C:\WINDOWS\SchedLgU.Txt
2010-03-13 12:25:16 ----A----

C:\WINDOWS\NeroDigital.ini
2010-03-02 06:30:12 ----A----

C:\WINDOWS\system32\MRT.exe
2010-02-27 17:13:34 ----A----

C:\WINDOWS\imsins.BAK
2010-01-23 09:11:44 ----N----

C:\WINDOWS\system32\tzchange.exe
2010-01-22 16:18:30 ----A----

C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running,

S=Stopped, 0=Boot, 1=System, 2=Auto,

3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus

Monitor;

C:\WINDOWS\system32\drivers\Aavmker4.sys

[2009-11-25 27408]
R1 aswSP;avast! Self Protection;

C:\WINDOWS\system32\drivers\aswSP.sys

[2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support;

C:\WINDOWS\system32\drivers\aswTdi.sys

[2009-11-25 48560]
R1 intelppm;Řadič procesoru Intel;

C:\WINDOWS\system32\DRIVERS\intelppm.sys

[2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu

HID;

C:\WINDOWS\system32\DRIVERS\kbdhid.sys

[2008-04-14 14592]
R1 Tosrfcom;Bluetooth RFCOMM;

C:\WINDOWS\System32\Drivers\tosrfcom.sys

[2007-05-24 64000]
R2 ASMMAP;ASMMAP; \??\C:\Program

Files\ATKGFNEX\ASMMAP.sys []
R2 aswFsBlk;aswFsBlk;

C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys

[2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support;

C:\WINDOWS\system32\drivers\aswMon2.sys

[2009-11-25 94160]
R2 ghaio;ghaio; \??\C:\Program

Files\ASUS\NB Probe\SPM\ghaio.sys []
R3 AR5416;Atheros AR5008 Wireless Network

Adapter Service;

C:\WINDOWS\system32\DRIVERS\athw.sys

[2008-06-27 1315776]
R3 ASNDIS5;ASNDIS5 Protocol Driver;

\??\C:\PROGRA~1\ASUS\ATKHOT~1\ASNDIS5.SYS

[]
R3 aswRdr;aswRdr;

C:\WINDOWS\system32\drivers\aswRdr.sys

[2009-11-25 23120]
R3 CmBatt;Microsoft ACPI Control Method

Battery Driver;

C:\WINDOWS\system32\DRIVERS\CmBatt.sys

[2008-04-13 13952]
R3 CRFILTER;USB Mass Storage Filter;

C:\WINDOWS\system32\DRIVERS\CRFILTER.sys

[2008-04-06 6656]
R3 HDAudBus;Ovladač Microsoft UAA pro

sběrnici High Definition Audio;

C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

[2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID;

C:\WINDOWS\system32\DRIVERS\hidusb.sys

[2008-04-13 10368]
R3 ialm;ialm;

C:\WINDOWS\system32\DRIVERS\igxpmp32.sys

[2007-10-29 5851488]
R3 IntcAzAudAddService;Service for Realtek

HD Audio (WDM);

C:\WINDOWS\system32\drivers\RtkHDAud.sys

[2008-07-16 4747776]
R3 kbfiltr;Keyboard Filter;

C:\WINDOWS\system32\DRIVERS\kbfiltr.sys

[2007-01-24 5632]
R3 mouhid;Ovladač myši standardu HID;

C:\WINDOWS\system32\DRIVERS\mouhid.sys

[2001-10-24 12160]
R3 MTsensor;ATK0100 ACPI UTILITY;

C:\WINDOWS\system32\DRIVERS\ATKACPI.sys

[2007-08-23 5760]
R3 ROOTMODEM;Microsoft Legacy Modem

Driver;

C:\WINDOWS\System32\Drivers\RootMdm.sys

[2006-03-02 5888]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E

NIC Family NDIS XP Driver;

C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys

[2008-01-02 105856]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC);

C:\WINDOWS\system32\DRIVERS\snp2uvc.sys

[2008-06-09 1748352]
R3 SynTP;Synaptics TouchPad Driver;

C:\WINDOWS\system32\DRIVERS\SynTP.sys

[2006-10-12 198976]
R3 TcUsb;TC USB Kernel Driver;

C:\WINDOWS\System32\Drivers\tcusb.sys

[2008-01-30 50576]
R3 tosporte;Bluetooth COM Port;

C:\WINDOWS\system32\DRIVERS\tosporte.sys

[2006-10-10 41600]
R3 usbehci;Ovladač miniportu rozšířeného

radiče hostitele Microsoft USB 2.0;

C:\WINDOWS\system32\DRIVERS\usbehci.sys

[2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače

USB;

C:\WINDOWS\system32\DRIVERS\usbhub.sys

[2008-04-13 59520]
R3 USBSTOR;Ovladač velkokapacitního

paměťového zařízení USB;

C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

[2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního

hostitelského řadiče USB od společnosti

Microsoft;

C:\WINDOWS\system32\DRIVERS\usbuhci.sys

[2008-04-13 20608]
R3 WSIMD;wsimd Service;

C:\WINDOWS\system32\DRIVERS\wsimd.sys

[2008-02-08 57408]
S3 ASUSProcObsrv;ASUS Process

Creation/Termination Observer;

\??\E:\I386\AsProcOb.sys []
S3 CCDECODE;Dekodér Closed Caption;

C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

[2008-04-13 17024]
S3 FsUsbExDisk;FsUsbExDisk;

\??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 hwdatacard;Huawei DataCard USB Modem

and USB Serial;

C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys

[2007-07-05 101120]
S3 MSTEE;Microsoft Streaming

Tee/Sink-to-Sink Converter;

C:\WINDOWS\system32\drivers\MSTEE.sys

[2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec;

C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

[2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection;

C:\WINDOWS\system32\DRIVERS\NdisIP.sys

[2008-04-13 10880]
S3 nv;nv;

C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

[2008-07-25 6597600]
S3 NVHDA;Service for NVIDIA High

Definition Audio Driver;

C:\WINDOWS\system32\drivers\nvhda32.sys

[2008-06-25 39072]
S3 SLIP;BDA Slip De-Framer;

C:\WINDOWS\system32\DRIVERS\SLIP.sys

[2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver

(SONYPVU1);

C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS

[2001-08-17 7552]
S3 streamip;BDA IPSink;

C:\WINDOWS\system32\DRIVERS\StreamIP.sys

[2008-04-13 15232]
S3 tosrfbd;Bluetooth RFBUS;

C:\WINDOWS\system32\DRIVERS\tosrfbd.sys

[2007-04-24 113920]
S3 tosrfbnp;Bluetooth RFBNEP;

C:\WINDOWS\System32\Drivers\tosrfbnp.sys

[2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID;

C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys

[2007-03-01 73728]
S3 tosrfnds;Bluetooth Personal Area

Network;

C:\WINDOWS\system32\DRIVERS\tosrfnds.sys

[2005-01-07 18612]
S3 tosrfusb;Bluetooth USB Controller;

C:\WINDOWS\system32\DRIVERS\tosrfusb.sys

[2007-06-11 41856]
S3 usbccgp;Obecný nadřazený ovladač

Microsoft USB;

C:\WINDOWS\system32\DRIVERS\usbccgp.sys

[2008-04-13 32128]
S3 usbprint;Třída USB Printer;

C:\WINDOWS\system32\DRIVERS\usbprint.sys

[2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB;

C:\WINDOWS\system32\DRIVERS\usbscan.sys

[2008-04-13 15104]
S3 usbvideo;Zobrazovací zařízení USB

(WDM);

C:\WINDOWS\System32\Drivers\usbvideo.sys

[2008-04-13 121984]
S3 WSTCODEC;Dálnopisný kodek světového

standardu;

C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

[2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation -

User-mode Driver Framework Platform

Driver;

C:\WINDOWS\system32\DRIVERS\WudfPf.sys

[2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation -

User-mode Driver Framework Reflector;

C:\WINDOWS\system32\DRIVERS\wudfrd.sys

[2006-09-28 82944]
S4 IntelIde;IntelIde;

C:\WINDOWS\system32\drivers\IntelIde.sys

[]

======List of services (R=Running,

S=Stopped, 0=Boot, 1=System, 2=Auto,

3=Demand, 4=Disabled)======

R2 ACS;Konfigurační služba Atheros;

C:\WINDOWS\system32\acs.exe [2008-07-21

467029]
R2 aswUpdSv;avast! iAVS4 Control Service;

C:\Program Files\Alwil

Software\Avast4\aswUpdSv.exe [2009-11-25

18752]
R2 ATKGFNEXSrv;ATKGFNEX Service;

C:\Program Files\ATKGFNEX\GFNEXSrv.exe

[2007-08-08 94208]
R2 avast! Antivirus;avast! Antivirus;

C:\Program Files\Alwil

Software\Avast4\ashServ.exe [2009-11-25

138680]
R2 IJPLMSVC;Inkjet Printer/Scanner

Extended Survey Program; C:\Program

Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22

103808]
R2 JavaQuickStarterService;Java Quick

Starter; C:\Program

Files\Java\jre6\bin\jqs.exe [2009-10-11

153376]
R2 LightScribeService;LightScribeService

Direct Disc Labeling Service; C:\Program

Files\Common Files\LightScribe\LSSrvc.exe

[2008-06-09 73728]
R2 RichVideo;Cyberlink RichVideo

Service(CRVS); C:\Program

Files\CyberLink\Shared Files\RichVideo.exe

[2007-01-09 272024]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB

Probe\SPM\spmgr.exe [2007-08-03 125496]
R2 TOSHIBA Bluetooth Service;TOSHIBA

Bluetooth Service; C:\Program

Files\Toshiba\Bluetooth Toshiba

Stack\TosBtSrv.exe [2007-02-25 125048]
R2 WSearch;Windows Search;

C:\WINDOWS\system32\SearchIndexer.exe

[2008-05-26 439808]
R3 avast! Mail Scanner;avast! Mail

Scanner; C:\Program Files\Alwil

Software\Avast4\ashMaiSv.exe [2009-11-25

254040]
R3 avast! Web Scanner;avast! Web Scanner;

C:\Program Files\Alwil

Software\Avast4\ashWebSv.exe [2009-11-25

352920]
S2 NVSvc;NVIDIA Display Driver Service;

C:\WINDOWS\system32\nvsvc32.exe

[2008-07-25 159812]
S3 aspnet_state;ASP.NET State Service;

C:\WINDOWS\Microsoft.NET\Framework\v1.1.43

22\aspnet_state.exe [2004-07-15 32768]
S3 gusvc;Google Updater Service;

C:\Program Files\Google\Common\Google

Updater\GoogleUpdaterService.exe

[2008-11-20 136120]
S3 odserv;Microsoft Office Diagnostics

Service; C:\Program Files\Common

Files\Microsoft Shared\OFFICE12\ODSERV.EXE

[2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program

Files\Common Files\Microsoft Shared\Source

Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media

Player Network Sharing; C:\Program

Files\Windows Media Player\WMPNetwk.exe

[2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation -

User-mode Driver Framework;

C:\WINDOWS\system32\svchost.exe

[2008-04-14 14336]

-----------------EOF-----------------

Re: Prosim o kontrolu logu, dekuji

Napsal: 17 bře 2010 19:34
od Caroprd111
Zdravím :)

Vložte sem log bez zalamování řádků.

Re: Prosim o kontrolu logu, dekuji

Napsal: 17 bře 2010 19:38
od eellee
Zkusim znovu, snad se mi to povede, dala jsem pouze CTRL A + CTRL C a zrejme se to odradkovalo vsechno samo ach jo

Re: Prosim o kontrolu logu, dekuji

Napsal: 17 bře 2010 19:41
od Caroprd111
OK :)

Re: Prosim o kontrolu logu, dekuji

Napsal: 17 bře 2010 19:49
od eellee
Nejde mi to prekopirovat aniz by si to automaticky nepridalo radkovani, zkousim poslat v pripojenem souboru, dekuji

PS tak to mi take nejde, pise mi to ze pripona txt neni povolena, muzete mi poradit jak log odeslat?

Re: Prosim o kontrolu logu, dekuji

Napsal: 17 bře 2010 19:51
od Caroprd111
Vypněte v poznámkovém bloku zalamování řádků. :)

Re: Prosim o kontrolu logu, dekuji

Napsal: 17 bře 2010 20:03
od eellee
Dekuji moc, konecne tady:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Helca at 2010-03-17 19:26:03
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 28 GB (30%) free of 92 GB
Total RAM: 2039 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:26:47, on 17.3.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATK Hotkey\HControl.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\Program Files\Atheros\ACU.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\WINDOWS\AsScrPro.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Mozilla Firefox 3.6 Beta 5\firefox.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
C:\Program Files\ASUS\ATK Hotkey\WDC.exe
C:\WINDOWS\system32\acovcnt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Helca\Plocha\help\RSIT.exe
C:\Program Files\trend micro\Helca.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://r.office.microsoft.com/r/rlidOff ... ?clid=1029
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [MsgTranAgt] C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKHOTKEY] C:\Program Files\ASUS\ATK Hotkey\HControl.exe
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [Wireless Console 2] "C:\Program Files\Wireless Console 2\wcourier.exe"
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ACMON] "C:\Program Files\ASUS\Splendid\ACMON.exe"
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\WINDOWS\AsScrPro.exe
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [UpdatePPShortCut] "C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerProducer" update "Software\CyberLink\PowerProducer\4.0"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Konfigurační služba Atheros (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 11535 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\User_Feed_Synchronization-{354CC9FD-0244-41CB-8CB8-6A9E08B0C3B3}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-12-18 61888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-07-25 13541376]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-07-25 86016]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-11-08 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-11-08 166424]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-11-08 137752]
"MsgTranAgt"=C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe [2007-11-04 106496]
"HControlUser"=C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [2008-01-11 98304]
"ATKHOTKEY"=C:\Program Files\ASUS\ATK Hotkey\HControl.exe [2008-08-04 217088]
"ATKOSD2"=C:\Program Files\ATKOSD2\ATKOSD2.exe [2008-01-23 7766016]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-07-16 16806400]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-10-12 815104]
"PSQLLauncher"=C:\Program Files\Protector Suite QL\launcher.exe [2008-06-19 49928]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2008-02-01 61440]
"ACU"=C:\Program Files\Atheros\ACU.exe [2008-07-21 450649]
"Wireless Console 2"=C:\Program Files\Wireless Console 2\wcourier.exe [2007-07-05 1040384]
"ASUS Live Update"=C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-11-30 51768]
"Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2006-07-26 90112]
"ACMON"=C:\Program Files\ASUS\Splendid\ACMON.exe [2008-01-15 851968]
"ASUS Screen Saver Protector"=C:\WINDOWS\AsScrPro.exe [2008-11-06 3054136]
"CLMLServer"=C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [2008-07-18 104936]
"P2Go_Menu"=C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-13 210216]
"ABLKSR"=C:\WINDOWS\ABLKSR\ABLKSR.exe [2007-05-31 61440]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2008-04-02 87336]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2008-02-22 62760]
"UpdatePPShortCut"=C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [2008-01-04 222504]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2008-08-04 36352]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-10 689488]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-17 1848648]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2009-12-18 40368]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-06-09 2363392]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"T-Mobile Communication Centre"=C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe [2007-08-28 955608]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\Documents and Settings\Helca\Nabídka Start\Programy\Po spuštění
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-10-29 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\WINDOWS\system32\psqlpwd.dll [2008-06-19 96008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
psqlpwd

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ Library"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\DC++\DCPlusPlus.exe"="C:\Program Files\DC++\DCPlusPlus.exe:*:Enabled:DCPlusPlus"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{81f153de-02b8-11df-892e-002215f839e8}]
shell\AutoRun\command - "H:\WD SmartWare.exe" autoplay=true

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e2584504-bc58-11dd-b1c6-002215f839e8}]
shell\AutoRun\command - E:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e2584505-bc58-11dd-b1c6-002215f839e8}]
shell\AutoRun\command - E:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e2584506-bc58-11dd-b1c6-002215f839e8}]
shell\AutoRun\command - E:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e2584507-bc58-11dd-b1c6-002215f839e8}]
shell\AutoRun\command - E:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e8479289-898c-11de-88e5-002215f839e8}]
shell\AutoRun\command - WDSetup.exe


======List of files/folders created in the last 2 months======

2010-03-17 19:26:07 ----D---- C:\Program Files\trend micro
2010-03-17 19:26:03 ----D---- C:\rsit
2010-03-12 03:15:56 ----HD---- C:\WINDOWS\$NtUninstallKB975561$
2010-02-27 17:13:14 ----HD---- C:\WINDOWS\$NtUninstallKB952011$
2010-02-24 10:38:08 ----HD---- C:\WINDOWS\$NtUninstallKB979306$
2010-02-13 00:25:21 ----A---- C:\WINDOWS\spookydisplay.ini
2010-02-13 00:24:48 ----D---- C:\Program Files\Fragment
2010-02-11 01:09:56 ----HD---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-11 01:09:49 ----HD---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-11 01:07:06 ----HD---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-11 01:06:58 ----HD---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-11 01:06:50 ----HD---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-11 01:06:42 ----HD---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-11 01:05:50 ----HD---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-11 01:05:36 ----HD---- C:\WINDOWS\$NtUninstallKB978706$
2010-02-11 01:05:13 ----HD---- C:\WINDOWS\$NtUninstallKB977165$
2010-01-24 20:20:10 ----D---- C:\Documents and Settings\Helca\Data aplikací\Malwarebytes
2010-01-24 20:19:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-01-24 20:19:58 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-01-22 16:20:00 ----A---- C:\WINDOWS\system32\javaws.exe
2010-01-22 16:20:00 ----A---- C:\WINDOWS\system32\javaw.exe
2010-01-22 16:19:59 ----A---- C:\WINDOWS\system32\java.exe

======List of files/folders modified in the last 2 months======

2010-03-17 17:59:56 ----A---- C:\WINDOWS\system32\acovcnt.exe
2010-03-16 07:32:24 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-13 12:25:16 ----A---- C:\WINDOWS\NeroDigital.ini
2010-03-02 06:30:12 ----A---- C:\WINDOWS\system32\MRT.exe
2010-02-27 17:13:34 ----A---- C:\WINDOWS\imsins.BAK
2010-01-23 09:11:44 ----N---- C:\WINDOWS\system32\tzchange.exe
2010-01-22 16:18:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 Tosrfcom;Bluetooth RFCOMM; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2007-05-24 64000]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys []
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2008-06-27 1315776]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\PROGRA~1\ASUS\ATKHOT~1\ASNDIS5.SYS []
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 CRFILTER;USB Mass Storage Filter; C:\WINDOWS\system32\DRIVERS\CRFILTER.sys [2008-04-06 6656]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-10-29 5851488]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-07-16 4747776]
R3 kbfiltr;Keyboard Filter; C:\WINDOWS\system32\DRIVERS\kbfiltr.sys [2007-01-24 5632]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2007-08-23 5760]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-03-02 5888]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-01-02 105856]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2008-06-09 1748352]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-10-12 198976]
R3 TcUsb;TC USB Kernel Driver; C:\WINDOWS\System32\Drivers\tcusb.sys [2008-01-30 50576]
R3 tosporte;Bluetooth COM Port; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2008-02-08 57408]
S3 ASUSProcObsrv;ASUS Process Creation/Termination Observer; \??\E:\I386\AsProcOb.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2007-07-05 101120]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-07-25 6597600]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2008-06-25 39072]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 tosrfbd;Bluetooth RFBUS; C:\WINDOWS\system32\DRIVERS\tosrfbd.sys [2007-04-24 113920]
S3 tosrfbnp;Bluetooth RFBNEP; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2007-03-01 73728]
S3 tosrfnds;Bluetooth Personal Area Network; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-07 18612]
S3 tosrfusb;Bluetooth USB Controller; C:\WINDOWS\system32\DRIVERS\tosrfusb.sys [2007-06-11 41856]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACS;Konfigurační služba Atheros; C:\WINDOWS\system32\acs.exe [2008-07-21 467029]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 125048]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-07-25 159812]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

Re: Prosim o kontrolu logu, dekuji

Napsal: 17 bře 2010 20:12
od Caroprd111
Obrázek K čemu používáte jednotku E: :???:


Obrázek Doporučuji odinstalovat:
C:\Program Files\DC++\DCPlusPlus.exe

P2P sítě a jejich klienti jsou potenciálním bezpečnostním rizikem, prakticky neustále jsou zdrojem virů, zbytečně se vystavujete riziku.



Obrázek Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478
  • Nainstalujte a v průběhu instalace odškrtněte, že chcete instalovat yahoo toolbar.

    Obrázek Záložka Čistič
  • Dejte analyzovat, po dokončení dejte Spustit Ccleaner.

    Obrázek Záložka Registry
  • Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.
    Obrázek OK Obrázek Zavřít


Obrázek V logu nevidím firewall, doinstalujte :!: Přehled: http://www.viry.cz/forum/viewtopic.php?f=41&t=6523


Obrázek Jsou s PC nějaké problémy :???:

Re: Prosim o kontrolu logu, dekuji

Napsal: 17 bře 2010 20:30
od eellee
Dekuji za zpravu, jednotky E: a jednotka F: jsou externi disky po cca 270 GB, mam je stale pripojene oba dva.

Cleanser nainstaluji a zkusim pustit, antivir pouzivam Avast, firewall na pocitacich nemame ale mel by byt zapnuty v routeru pres ktery jedou vsechny pocitace v domacnosti.

Notebook se mi zda posledni cas cim dal tim pomalejsi, kdyz zapnu spravce uloh systemu, tak mi bezi nejakych 76 procesu !!! drive jich bylo daleko mene, kdyz byl notas uplne novy, bezelo jich tam ze zacatku snad pouze pet.
Take se mi dost dlouho otvira pokud ho zavru a ne jen uspim, dalsi problem je asi, ze prestal zvladat kdyz jsou spusteny jeste nejake programy prehravani videi, treba na youtube, klepe se hlas, rezonuje, lepsi je vse vypnout, to drive nedelalo.

Napadlo mi jestli jsem nestahla nejake skryty vir nebo spyware, stahla jsem si program Malware ale ten nic nenachazi.

Jde mi velice pomalu Mozila firefox, ale mam pocit, ze ji zatezuje hlavne Facebook a jeho aplikace, jinak treba seznam a mail tak pomalu nenabiha.

Zdravim a dekuji.

Dekuji za rady.

Re: Prosim o kontrolu logu, dekuji

Napsal: 17 bře 2010 20:39
od Caroprd111
Obrázek Otevřete si Poznámkový blok a zkopírujte do něj text (z bílého políčka):

Kód: Vybrat vše

REGEDIT4

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e2584504-bc58-11dd-b1c6-002215f839e8}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e2584505-bc58-11dd-b1c6-002215f839e8}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e2584506-bc58-11dd-b1c6-002215f839e8}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e2584507-bc58-11dd-b1c6-002215f839e8}]
Nyní uložte jako (typ: všechny soubory) kde za název souboru zadáte "smazani.reg" bez uvozovek, klik na uložit, pak na soubor standardně 2X kliknete a potvrďte dialogové okno.


Obrázek Použijte StartUpLite Stáhnete zde: http://www.malwarebytes.org/StartUpLite.exe vypíše seznam zbytečně spouštěných programů po startu, vyberete které chcete zastavit, u nich zaškrtnete Disable a klikněte na Continue.


Obrázek Spusťte CCleaner, přepněte se na položku "Nástroje" a v ní na "Start". Zde deaktivujte nepotřebné programy spouštěné po startu.

Re: Prosim o kontrolu logu, dekuji

Napsal: 17 bře 2010 21:19
od eellee
Dekuji, vse se povedlo, jen jsem si nebyla jista co bych mela v CCleanseru vlastne nakonec deaktivovat za programy, neopsala jsem si ten seznam co nasel StartupLite, jeste se na to musim podivat.

Take bych se jeste zeptala, po dlouhe dobe jsem provadela defragmentaci C: disku presunula jsem soubory na externi disky tak aby tam bylo vice nez 15% mista potrebnych k defragmentaci, napred analyza doporucila disk defragmentovat, nechala jsem tedy probehnout a nic moc se nezmenilo, presunulo se tak par souboru a vubec ne do souvisleho modreho bloku, znova mi to vybizi ze je disk treba defrgmentovat, presunula jsem jeste dalsi soubory aby bylo jeste vice mista a vse se opakovalo, opet modre bloky nejsou spojene, je tam spousta cervenych k defragmentovani a opet mi PC vybizi ze disk je treba defragmentovat. Tak nevim jestli mam provest jeste nekolikrat nebo je chyba nekde jinde.
Dekuji.

Re: Prosim o kontrolu logu, dekuji

Napsal: 17 bře 2010 21:22
od Caroprd111
Zkuste použít na defragmentaci jiný program, než ten ve Windows.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz