Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Vírus pri spustení počítača
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Vírus pri spustení počítača
Ak myslíš či to nehlási vírsy tak už nič nehlási nič, ale neviem či to nieje tým že som odinštaloval Avast. Aký antivírus mi doporučuješ? Ale vyzerá to že je to už v pohode. A prečo sa pýtaš ?
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Vírus pri spustení počítača
Já bych nainstaloval Avast 5, ptám se proto, abych věděl, jak pokračovat.
Odinstalujte ComboFix přes:
Start >> Spustit, zkopírujte do okénka:
ComboFix /Uninstall
stiskněte Enter
Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe
Stáhněte OTC http://oldtimer.geekstogo.com/OTC.exe
Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478
Dejte nový log z RSIT.
Odinstalujte ComboFix přes:Start >> Spustit, zkopírujte do okénka:
ComboFix /Uninstall
stiskněte Enter
Stáhněte T-Cleanerhttp://sweb.cz/Marinus/T-Cleaner.exe
- Spusťte, pro potvrzení volby mačkejte klávesu A, Enter
- Po použití program vymažte. Pozor,antiviry ho mohou falešně označit za vir.
Stáhněte OTC http://oldtimer.geekstogo.com/OTC.exe
- Spusťte.
- Klikněte na "CleanUp!". Potvrďte hlášky stiskem "Yes" (Bude následovat restart)
Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478
- Nainstalujte a v průběhu instalace odškrtněte, že chcete instalovat yahoo toolbar.
Záložka Čistič - Dejte analyzovat, po dokončení dejte Spustit Ccleaner.
Záložka Registry - Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.
OK Zavřít
Dejte nový log z RSIT.
Re: Vírus pri spustení počítača
Všetko spravené ako malo byť.
LOG:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Filip at 2010-03-04 17:44:54
Systém Microsoft Windows XP Professional Service Pack 3, v.3264
System drive C: has 56 GB (80%) free of 70 GB
Total RAM: 1535 MB (63% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:44:59, on 4. 3. 2010
Platform: Windows XP SP3, v.3264 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\Vista Drive Icon\DrvIcon.exe
D:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
D:\PROGRAM FILES\FRAPS\FRAPS.EXE
C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe
D:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Documents and Settings\Filip\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Filip\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Filip\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Filip\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Filip\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Filip\Desktop\RSIT.exe
C:\Program Files\trend micro\Filip.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www3.iamwired.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: PHPNukeEN Toolbar - {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files\PHPNukeEN\tbPHPN.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: gwprimawega - {cb2050a3-32d4-1e64-e92d-087d567b4291} - C:\WINDOWS\system32\t-wvp2xDlt0EM.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: PHPNukeEN Toolbar - {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files\PHPNukeEN\tbPHPN.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: PHPNukeEN Toolbar - {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files\PHPNukeEN\tbPHPN.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [StatusClient] C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup] C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe
O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [uTorrent] "D:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Filip\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Fraps] D:\PROGRAM FILES\FRAPS\FRAPS.EXE
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
--
End of file - 7175 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-1078145449-839522115-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-1078145449-839522115-1003UA.job
C:\WINDOWS\tasks\Úklid 1 kliknutím.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cb2050a3-32d4-1e64-e92d-087d567b4291}]
gwprimawega - C:\WINDOWS\system32\t-wvp2xDlt0EM.dll [2010-02-18 1294336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-14 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dd02a4eb-4afd-4d60-99d8-e67f964ca813}]
PHPNukeEN Toolbar - C:\Program Files\PHPNukeEN\tbPHPN.dll [2009-12-31 2349080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-14 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{dd02a4eb-4afd-4d60-99d8-e67f964ca813} - PHPNukeEN Toolbar - C:\Program Files\PHPNukeEN\tbPHPN.dll [2009-12-31 2349080]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-06-20 77824]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-11-20 12669544]
"StatusClient"=C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe [2002-12-16 36864]
"TomcatStartup"=C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe [2003-03-31 155648]
"DrvIcon"=C:\Program Files\Vista Drive Icon\DrvIcon.exe [2008-04-13 49152]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=D:\Program Files\uTorrent\uTorrent.exe [2010-01-07 289584]
"Google Update"=C:\Documents and Settings\Filip\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-04 135664]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-02-22 26101032]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2007-12-01 15360]
"Fraps"=D:\PROGRAM FILES\FRAPS\FRAPS.EXE [2007-11-21 3182248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"D:\Program Files\GameSpy Arcade\Aphex.exe"="D:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="D:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"D:\Program Files\Activision\Modern Warfare 2\iw4mp.exe"="D:\Program Files\Activision\Modern Warfare 2\iw4mp.exe:*:Enabled:iw4mp"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Program Files\uTorrent\uTorrent.exe"="D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\Ascaron Entertainment\Sacred Gold\gameserver.exe"="D:\Program Files\Ascaron Entertainment\Sacred Gold\gameserver.exe:*:Enabled:Sacred Gameserver"
"D:\Program Files\Ascaron Entertainment\Sacred Gold\sacred.exe"="D:\Program Files\Ascaron Entertainment\Sacred Gold\sacred.exe:*:Enabled:Sacred"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe"="C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe:*:Enabled:javaw"
"D:\Program Files\Mass Effect\Binaries\MassEffect.exe"="D:\Program Files\Mass Effect\Binaries\MassEffect.exe:*:Enabled:Mass Effect Game"
"D:\Program Files\Mass Effect\MassEffectLauncher.exe"="D:\Program Files\Mass Effect\MassEffectLauncher.exe:*:Enabled:Mass Effect Launcher"
"D:\Program Files\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2BetaUpdater.exe"="D:\Program Files\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2BetaUpdater.exe:*:Enabled:Battlefield Bad Company 2 - BETA"
"D:\Program Files\Eidos\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe"="D:\Program Files\Eidos\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe:*:Enabled:Batman: Arkham Asylum"
"D:\Program Files\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2Game.exe"="D:\Program Files\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2Game.exe:*:Enabled:EA Battlefield: Bad Company™ 2 - BETA"
"D:\Program Files\Steam\Steam.exe"="D:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"D:\Program Files\Steam\steamapps\common\aliens vs predator demo\AvP.exe"="D:\Program Files\Steam\steamapps\common\aliens vs predator demo\AvP.exe:*:Enabled:Aliens vs Predator Demo"
"D:\Program Files\Electronic Arts\Dead Space\Dead Space.exe"="D:\Program Files\Electronic Arts\Dead Space\Dead Space.exe:*:Enabled:Dead Space ™"
"D:\Program Files\EA GAMES\Battlefield 2\BF2.exe"="D:\Program Files\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8381a866-22ab-11df-a5b6-0011d8c084b1}]
shell\AutoRun\command - K:\Autorun.exe
======List of files/folders created in the last 1 months======
2010-03-04 17:44:55 ----D---- C:\Program Files\trend micro
2010-03-04 17:44:54 ----D---- C:\rsit
2010-03-03 19:09:20 ----A---- C:\WINDOWS\ALCFDRTM.EXE
2010-03-03 19:09:19 ----D---- C:\WINDOWS\system32\Lang
2010-03-03 18:06:50 ----SHD---- C:\RECYCLER
2010-03-03 17:32:14 ----D---- C:\Documents and Settings\Filip\Application Data\skypePM
2010-03-03 17:29:20 ----D---- C:\Documents and Settings\Filip\Application Data\Skype
2010-03-03 17:29:15 ----D---- C:\Program Files\Common Files\Skype
2010-03-03 17:29:13 ----RD---- C:\Program Files\Skype
2010-03-03 17:29:10 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2010-03-03 16:46:43 ----HD---- C:\WINDOWS\PIF
2010-03-03 14:22:21 ----A---- C:\WINDOWS\system32\zi-KclNRQfeWv.exe
2010-03-03 14:15:32 ----A---- C:\Boot.bak
2010-03-03 14:15:29 ----RASHD---- C:\cmdcons
2010-02-26 13:18:16 ----A---- C:\WINDOWS\system32\d3dx9.dll
2010-02-26 13:18:16 ----A---- C:\WINDOWS\system32\D3DX81ab.dll
2010-02-26 12:58:30 ----D---- C:\Documents and Settings\Filip\Application Data\Astroburn Lite
2010-02-26 12:58:22 ----D---- C:\Documents and Settings\All Users\Application Data\Astroburn Lite
2010-02-24 14:29:52 ----A---- C:\WINDOWS\system32\TUKernel.exe
2010-02-24 12:21:19 ----A---- C:\WINDOWS\system32\TUProgSt.exe
2010-02-24 12:21:18 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2010-02-24 12:21:18 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe
2010-02-24 12:09:50 ----D---- C:\Documents and Settings\Filip\Application Data\TuneUp Software
2010-02-24 12:09:29 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2010-02-24 12:09:28 ----D---- C:\Program Files\TuneUp Utilities 2009
2010-02-24 12:09:09 ----SHD---- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2010-02-24 11:29:03 ----D---- C:\Documents and Settings\All Users\Application Data\Fallout3
2010-02-21 10:29:23 ----D---- C:\Documents and Settings\Filip\Application Data\Mozilla
2010-02-20 17:22:20 ----D---- C:\WINDOWS\WBEM
2010-02-20 17:21:46 ----HDC---- C:\WINDOWS\ie8
2010-02-18 09:39:28 ----A---- C:\WINDOWS\system32\t-wvp2xDlt0EM.dll
2010-02-16 17:16:23 ----D---- C:\Documents and Settings\Filip\Application Data\AnvSoft
2010-02-12 13:42:34 ----D---- C:\Documents and Settings\Filip\Application Data\ICQ
2010-02-11 18:02:31 ----D---- C:\Documents and Settings\Filip\Application Data\OpenOffice.org
2010-02-08 17:10:39 ----D---- C:\Documents and Settings\Filip\Application Data\Media Player Classic
2010-02-08 17:10:00 ----A---- C:\WINDOWS\system32\unrar.dll
2010-02-08 17:09:59 ----A---- C:\WINDOWS\avisplitter.ini
2010-02-08 17:09:57 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2010-02-08 17:09:57 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2010-02-08 17:09:57 ----A---- C:\WINDOWS\system32\xvidcore.dll
2010-02-08 17:09:54 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2010-02-08 17:09:54 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2010-02-07 13:16:18 ----D---- C:\Documents and Settings\Filip\Application Data\Ubisoft
2010-02-07 13:08:33 ----D---- C:\Documents and Settings\All Users\Application Data\Ubisoft
2010-02-06 12:53:01 ----D---- C:\Program Files\Conduit
2010-02-06 12:53:00 ----D---- C:\Program Files\PHPNukeEN
======List of files/folders modified in the last 1 months======
2010-03-04 17:44:55 ----RD---- C:\Program Files
2010-03-04 17:42:49 ----D---- C:\WINDOWS\Prefetch
2010-03-04 17:42:48 ----D---- C:\WINDOWS
2010-03-04 17:40:23 ----D---- C:\WINDOWS\Temp
2010-03-04 17:38:02 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-03-04 17:36:44 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-03-04 17:36:33 ----D---- C:\Documents and Settings\Filip\Application Data\uTorrent
2010-03-04 17:36:21 ----D---- C:\WINDOWS\system32
2010-03-04 17:36:18 ----A---- C:\WINDOWS\NeroDigital.ini
2010-03-04 17:28:02 ----SHD---- C:\System Volume Information
2010-03-04 17:28:02 ----D---- C:\WINDOWS\system32\Restore
2010-03-04 17:27:33 ----D---- C:\WINDOWS\Minidump
2010-03-04 15:34:02 ----D---- C:\WINDOWS\system32\drivers
2010-03-03 19:14:50 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-03-03 18:03:11 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-03 18:01:54 ----A---- C:\WINDOWS\system.ini
2010-03-03 17:59:44 ----D---- C:\WINDOWS\AppPatch
2010-03-03 17:59:42 ----D---- C:\Program Files\Common Files
2010-03-03 17:29:17 ----SHD---- C:\WINDOWS\Installer
2010-03-03 16:57:00 ----RSD---- C:\WINDOWS\assembly
2010-03-03 16:56:38 ----HD---- C:\WINDOWS\inf
2010-03-03 16:56:05 ----D---- C:\WINDOWS\system32\DirectX
2010-03-03 16:50:48 ----HD---- C:\Program Files\InstallShield Installation Information
2010-03-03 14:15:32 ----RASH---- C:\boot.ini
2010-03-02 16:36:18 ----D---- C:\WINDOWS\Debug
2010-03-01 17:36:55 ----D---- C:\WINDOWS\system32\config
2010-02-25 09:48:13 ----RSD---- C:\WINDOWS\Fonts
2010-02-24 15:01:59 ----D---- C:\WINDOWS\WinSxS
2010-02-24 12:29:01 ----SD---- C:\WINDOWS\Tasks
2010-02-24 12:27:43 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-02-24 12:27:39 ----D---- C:\WINDOWS\system32\inetsrv
2010-02-21 07:14:18 ----D---- C:\Program Files\Common Files\InstallShield
2010-02-20 18:14:39 ----D---- C:\WINDOWS\network diagnostic
2010-02-20 17:50:10 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-20 17:50:10 ----D---- C:\WINDOWS\Media
2010-02-20 17:50:10 ----D---- C:\WINDOWS\Help
2010-02-20 17:50:10 ----D---- C:\Program Files\Internet Explorer
2010-02-20 17:22:20 ----D---- C:\WINDOWS\system32\en-us
2010-02-14 11:35:09 ----SD---- C:\Documents and Settings\Filip\Application Data\Microsoft
2010-02-08 15:56:38 ----A---- C:\WINDOWS\system32\MsiExec.exe.log
2010-02-06 08:27:22 ----D---- C:\Program Files\Google
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-06-20 2324480]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2007-11-30 60800]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2007-11-30 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2007-11-30 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-11-21 10235968]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-06 33536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-06 12928]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2007-11-30 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2007-11-30 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2007-11-30 17152]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2007-11-30 26368]
S3 Dot4;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2007-11-30 206976]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-08-17 23808]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; D:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-01-14 153376]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-12-02 877864]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-11-20 154216]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-01-04 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-03-03 215128]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2010-02-24 603904]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2007-12-01 14336]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-16 135664]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-01-08 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-12-12 537896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2002-08-01 65536]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2010-02-24 360192]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2007-12-01 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
LOG:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Filip at 2010-03-04 17:44:54
Systém Microsoft Windows XP Professional Service Pack 3, v.3264
System drive C: has 56 GB (80%) free of 70 GB
Total RAM: 1535 MB (63% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:44:59, on 4. 3. 2010
Platform: Windows XP SP3, v.3264 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\Vista Drive Icon\DrvIcon.exe
D:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
D:\PROGRAM FILES\FRAPS\FRAPS.EXE
C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe
D:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Documents and Settings\Filip\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Filip\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Filip\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Filip\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Filip\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Filip\Desktop\RSIT.exe
C:\Program Files\trend micro\Filip.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www3.iamwired.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: PHPNukeEN Toolbar - {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files\PHPNukeEN\tbPHPN.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: gwprimawega - {cb2050a3-32d4-1e64-e92d-087d567b4291} - C:\WINDOWS\system32\t-wvp2xDlt0EM.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: PHPNukeEN Toolbar - {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files\PHPNukeEN\tbPHPN.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: PHPNukeEN Toolbar - {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files\PHPNukeEN\tbPHPN.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [StatusClient] C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup] C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe
O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [uTorrent] "D:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Filip\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Fraps] D:\PROGRAM FILES\FRAPS\FRAPS.EXE
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
--
End of file - 7175 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-1078145449-839522115-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-1078145449-839522115-1003UA.job
C:\WINDOWS\tasks\Úklid 1 kliknutím.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cb2050a3-32d4-1e64-e92d-087d567b4291}]
gwprimawega - C:\WINDOWS\system32\t-wvp2xDlt0EM.dll [2010-02-18 1294336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-14 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dd02a4eb-4afd-4d60-99d8-e67f964ca813}]
PHPNukeEN Toolbar - C:\Program Files\PHPNukeEN\tbPHPN.dll [2009-12-31 2349080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-14 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{dd02a4eb-4afd-4d60-99d8-e67f964ca813} - PHPNukeEN Toolbar - C:\Program Files\PHPNukeEN\tbPHPN.dll [2009-12-31 2349080]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-06-20 77824]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-11-20 12669544]
"StatusClient"=C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe [2002-12-16 36864]
"TomcatStartup"=C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe [2003-03-31 155648]
"DrvIcon"=C:\Program Files\Vista Drive Icon\DrvIcon.exe [2008-04-13 49152]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=D:\Program Files\uTorrent\uTorrent.exe [2010-01-07 289584]
"Google Update"=C:\Documents and Settings\Filip\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-04 135664]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-02-22 26101032]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2007-12-01 15360]
"Fraps"=D:\PROGRAM FILES\FRAPS\FRAPS.EXE [2007-11-21 3182248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"D:\Program Files\GameSpy Arcade\Aphex.exe"="D:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="D:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"D:\Program Files\Activision\Modern Warfare 2\iw4mp.exe"="D:\Program Files\Activision\Modern Warfare 2\iw4mp.exe:*:Enabled:iw4mp"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Program Files\uTorrent\uTorrent.exe"="D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\Ascaron Entertainment\Sacred Gold\gameserver.exe"="D:\Program Files\Ascaron Entertainment\Sacred Gold\gameserver.exe:*:Enabled:Sacred Gameserver"
"D:\Program Files\Ascaron Entertainment\Sacred Gold\sacred.exe"="D:\Program Files\Ascaron Entertainment\Sacred Gold\sacred.exe:*:Enabled:Sacred"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe"="C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe:*:Enabled:javaw"
"D:\Program Files\Mass Effect\Binaries\MassEffect.exe"="D:\Program Files\Mass Effect\Binaries\MassEffect.exe:*:Enabled:Mass Effect Game"
"D:\Program Files\Mass Effect\MassEffectLauncher.exe"="D:\Program Files\Mass Effect\MassEffectLauncher.exe:*:Enabled:Mass Effect Launcher"
"D:\Program Files\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2BetaUpdater.exe"="D:\Program Files\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2BetaUpdater.exe:*:Enabled:Battlefield Bad Company 2 - BETA"
"D:\Program Files\Eidos\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe"="D:\Program Files\Eidos\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe:*:Enabled:Batman: Arkham Asylum"
"D:\Program Files\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2Game.exe"="D:\Program Files\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2Game.exe:*:Enabled:EA Battlefield: Bad Company™ 2 - BETA"
"D:\Program Files\Steam\Steam.exe"="D:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"D:\Program Files\Steam\steamapps\common\aliens vs predator demo\AvP.exe"="D:\Program Files\Steam\steamapps\common\aliens vs predator demo\AvP.exe:*:Enabled:Aliens vs Predator Demo"
"D:\Program Files\Electronic Arts\Dead Space\Dead Space.exe"="D:\Program Files\Electronic Arts\Dead Space\Dead Space.exe:*:Enabled:Dead Space ™"
"D:\Program Files\EA GAMES\Battlefield 2\BF2.exe"="D:\Program Files\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8381a866-22ab-11df-a5b6-0011d8c084b1}]
shell\AutoRun\command - K:\Autorun.exe
======List of files/folders created in the last 1 months======
2010-03-04 17:44:55 ----D---- C:\Program Files\trend micro
2010-03-04 17:44:54 ----D---- C:\rsit
2010-03-03 19:09:20 ----A---- C:\WINDOWS\ALCFDRTM.EXE
2010-03-03 19:09:19 ----D---- C:\WINDOWS\system32\Lang
2010-03-03 18:06:50 ----SHD---- C:\RECYCLER
2010-03-03 17:32:14 ----D---- C:\Documents and Settings\Filip\Application Data\skypePM
2010-03-03 17:29:20 ----D---- C:\Documents and Settings\Filip\Application Data\Skype
2010-03-03 17:29:15 ----D---- C:\Program Files\Common Files\Skype
2010-03-03 17:29:13 ----RD---- C:\Program Files\Skype
2010-03-03 17:29:10 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2010-03-03 16:46:43 ----HD---- C:\WINDOWS\PIF
2010-03-03 14:22:21 ----A---- C:\WINDOWS\system32\zi-KclNRQfeWv.exe
2010-03-03 14:15:32 ----A---- C:\Boot.bak
2010-03-03 14:15:29 ----RASHD---- C:\cmdcons
2010-02-26 13:18:16 ----A---- C:\WINDOWS\system32\d3dx9.dll
2010-02-26 13:18:16 ----A---- C:\WINDOWS\system32\D3DX81ab.dll
2010-02-26 12:58:30 ----D---- C:\Documents and Settings\Filip\Application Data\Astroburn Lite
2010-02-26 12:58:22 ----D---- C:\Documents and Settings\All Users\Application Data\Astroburn Lite
2010-02-24 14:29:52 ----A---- C:\WINDOWS\system32\TUKernel.exe
2010-02-24 12:21:19 ----A---- C:\WINDOWS\system32\TUProgSt.exe
2010-02-24 12:21:18 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2010-02-24 12:21:18 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe
2010-02-24 12:09:50 ----D---- C:\Documents and Settings\Filip\Application Data\TuneUp Software
2010-02-24 12:09:29 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2010-02-24 12:09:28 ----D---- C:\Program Files\TuneUp Utilities 2009
2010-02-24 12:09:09 ----SHD---- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2010-02-24 11:29:03 ----D---- C:\Documents and Settings\All Users\Application Data\Fallout3
2010-02-21 10:29:23 ----D---- C:\Documents and Settings\Filip\Application Data\Mozilla
2010-02-20 17:22:20 ----D---- C:\WINDOWS\WBEM
2010-02-20 17:21:46 ----HDC---- C:\WINDOWS\ie8
2010-02-18 09:39:28 ----A---- C:\WINDOWS\system32\t-wvp2xDlt0EM.dll
2010-02-16 17:16:23 ----D---- C:\Documents and Settings\Filip\Application Data\AnvSoft
2010-02-12 13:42:34 ----D---- C:\Documents and Settings\Filip\Application Data\ICQ
2010-02-11 18:02:31 ----D---- C:\Documents and Settings\Filip\Application Data\OpenOffice.org
2010-02-08 17:10:39 ----D---- C:\Documents and Settings\Filip\Application Data\Media Player Classic
2010-02-08 17:10:00 ----A---- C:\WINDOWS\system32\unrar.dll
2010-02-08 17:09:59 ----A---- C:\WINDOWS\avisplitter.ini
2010-02-08 17:09:57 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2010-02-08 17:09:57 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2010-02-08 17:09:57 ----A---- C:\WINDOWS\system32\xvidcore.dll
2010-02-08 17:09:54 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2010-02-08 17:09:54 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2010-02-07 13:16:18 ----D---- C:\Documents and Settings\Filip\Application Data\Ubisoft
2010-02-07 13:08:33 ----D---- C:\Documents and Settings\All Users\Application Data\Ubisoft
2010-02-06 12:53:01 ----D---- C:\Program Files\Conduit
2010-02-06 12:53:00 ----D---- C:\Program Files\PHPNukeEN
======List of files/folders modified in the last 1 months======
2010-03-04 17:44:55 ----RD---- C:\Program Files
2010-03-04 17:42:49 ----D---- C:\WINDOWS\Prefetch
2010-03-04 17:42:48 ----D---- C:\WINDOWS
2010-03-04 17:40:23 ----D---- C:\WINDOWS\Temp
2010-03-04 17:38:02 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-03-04 17:36:44 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-03-04 17:36:33 ----D---- C:\Documents and Settings\Filip\Application Data\uTorrent
2010-03-04 17:36:21 ----D---- C:\WINDOWS\system32
2010-03-04 17:36:18 ----A---- C:\WINDOWS\NeroDigital.ini
2010-03-04 17:28:02 ----SHD---- C:\System Volume Information
2010-03-04 17:28:02 ----D---- C:\WINDOWS\system32\Restore
2010-03-04 17:27:33 ----D---- C:\WINDOWS\Minidump
2010-03-04 15:34:02 ----D---- C:\WINDOWS\system32\drivers
2010-03-03 19:14:50 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-03-03 18:03:11 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-03 18:01:54 ----A---- C:\WINDOWS\system.ini
2010-03-03 17:59:44 ----D---- C:\WINDOWS\AppPatch
2010-03-03 17:59:42 ----D---- C:\Program Files\Common Files
2010-03-03 17:29:17 ----SHD---- C:\WINDOWS\Installer
2010-03-03 16:57:00 ----RSD---- C:\WINDOWS\assembly
2010-03-03 16:56:38 ----HD---- C:\WINDOWS\inf
2010-03-03 16:56:05 ----D---- C:\WINDOWS\system32\DirectX
2010-03-03 16:50:48 ----HD---- C:\Program Files\InstallShield Installation Information
2010-03-03 14:15:32 ----RASH---- C:\boot.ini
2010-03-02 16:36:18 ----D---- C:\WINDOWS\Debug
2010-03-01 17:36:55 ----D---- C:\WINDOWS\system32\config
2010-02-25 09:48:13 ----RSD---- C:\WINDOWS\Fonts
2010-02-24 15:01:59 ----D---- C:\WINDOWS\WinSxS
2010-02-24 12:29:01 ----SD---- C:\WINDOWS\Tasks
2010-02-24 12:27:43 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-02-24 12:27:39 ----D---- C:\WINDOWS\system32\inetsrv
2010-02-21 07:14:18 ----D---- C:\Program Files\Common Files\InstallShield
2010-02-20 18:14:39 ----D---- C:\WINDOWS\network diagnostic
2010-02-20 17:50:10 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-20 17:50:10 ----D---- C:\WINDOWS\Media
2010-02-20 17:50:10 ----D---- C:\WINDOWS\Help
2010-02-20 17:50:10 ----D---- C:\Program Files\Internet Explorer
2010-02-20 17:22:20 ----D---- C:\WINDOWS\system32\en-us
2010-02-14 11:35:09 ----SD---- C:\Documents and Settings\Filip\Application Data\Microsoft
2010-02-08 15:56:38 ----A---- C:\WINDOWS\system32\MsiExec.exe.log
2010-02-06 08:27:22 ----D---- C:\Program Files\Google
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-06-20 2324480]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2007-11-30 60800]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2007-11-30 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2007-11-30 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-11-21 10235968]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-06 33536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-06 12928]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2007-11-30 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2007-11-30 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2007-11-30 17152]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2007-11-30 26368]
S3 Dot4;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2007-11-30 206976]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-08-17 23808]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; D:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-01-14 153376]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-12-02 877864]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-11-20 154216]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-01-04 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-03-03 215128]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2010-02-24 603904]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2007-12-01 14336]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-16 135664]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-01-08 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-12-12 537896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2002-08-01 65536]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2010-02-24 360192]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2007-12-01 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Vírus pri spustení počítača
Tohle otestujte na http://www.virustotal.com/cs/ C:\WINDOWS\system32\t-wvp2xDlt0EM.dll
(Soubor nehledejte, jenom vložíte tučně označenou cestu, v případě hlášky "Soubor již byl testován" dejte otestovat znovu. Výsledek analýzy sem v podobě odkazu vložte.)
Podle návodu http://www.viry.cz/forum/viewtopic.php?f=15&t=72743 aplikujte tento skript.
Kód: Vybrat vše
:reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8381a866-22ab-11df-a5b6-0011d8c084b1}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Security Providers]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
:commands
[EmptyTemp]
[Reboot]
D:\Program Files\uTorrent\uTorrent.exe
P2P sítě a jejich klienti jsou potenciálním bezpečnostním rizikem, prakticky neustále jsou zdrojem virů, zbytečně se vystavujete riziku.
V logu nevidím antivir a firewall, doinstalujte 
http://www.viry.cz/forum/viewtopic.php?f=29&t=6152 + http://www.viry.cz/forum/viewtopic.php?f=41&t=6523Re: Vírus pri spustení počítača
Soubor t-wvp2xDlt0EM.dll prijatý 2010.03.04 17:42:33 (UTC)
Soucasný stav: Dokonceno
Výsledek: 2/42 (4.77%)
Formátované
Vytisknout výsledky
Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.03.04 -
AhnLab-V3 5.0.0.2 2010.03.04 -
AntiVir 8.2.1.180 2010.03.04 -
Antiy-AVL 2.0.3.7 2010.03.04 -
Authentium 5.2.0.5 2010.03.04 W32/Zhelatin.K.gen!Eldorado
Avast 4.8.1351.0 2010.03.04 -
Avast5 5.0.332.0 2010.03.04 -
AVG 9.0.0.730 2010.03.04 -
BitDefender 7.2 2010.03.04 -
CAT-QuickHeal 10.00 2010.03.04 -
ClamAV 0.96.0.0-git 2010.03.04 -
Comodo 4091 2010.02.28 -
DrWeb 5.0.1.12222 2010.03.04 -
eSafe 7.0.17.0 2010.03.04 -
eTrust-Vet 35.2.7339 2010.03.04 -
F-Prot 4.5.1.85 2010.03.03 -
F-Secure 9.0.15370.0 2010.03.04 -
Fortinet 4.0.14.0 2010.03.04 -
GData 19 2010.03.04 -
Ikarus T3.1.1.80.0 2010.03.04 -
Jiangmin 13.0.900 2010.03.04 -
K7AntiVirus 7.10.989 2010.03.03 -
Kaspersky 7.0.0.125 2010.03.04 -
McAfee 5909 2010.03.03 -
McAfee+Artemis 5909 2010.03.03 -
McAfee-GW-Edition 6.8.5 2010.03.04 -
Microsoft 1.5502 2010.03.04 -
NOD32 4915 2010.03.04 -
Norman 6.04.08 2010.03.03 -
nProtect 2009.1.8.0 2010.03.04 -
Panda 10.0.2.2 2010.03.03 -
PCTools 7.0.3.5 2010.03.04 -
Prevx 3.0 2010.03.04 -
Rising 22.37.03.04 2010.03.04 -
Sophos 4.51.0 2010.03.04 -
Sunbelt 5748 2010.03.04 -
Symantec 20091.2.0.41 2010.03.04 Suspicious.Insight
TheHacker 6.5.1.7.220 2010.03.04 -
TrendMicro 9.120.0.1004 2010.03.04 -
VBA32 3.12.12.2 2010.03.04 -
ViRobot 2010.3.4.2212 2010.03.04 -
VirusBuster 5.0.27.0 2010.03.04 -
Po vložení skriptu a reštartovaní zobrazilo toto:
All processes killed
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8381a866-22ab-11df-a5b6-0011d8c084b1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8381a866-22ab-11df-a5b6-0011d8c084b1}\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Security Providers\\"SecurityProviders"|"msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" /E : value set successfully!
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41620 bytes
User: Filip
->Temp folder emptied: 135434 bytes
->Temporary Internet Files folder emptied: 584068 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 34197987 bytes
->Google Chrome cache emptied: 315770836 bytes
->Flash cache emptied: 812 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2162283 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 337,00 mb
OTM by OldTimer - Version 3.1.10.0 log created on 03042010_184505
Files moved on Reboot...
Registry entries deleted on Reboot...
uTorrent odinštalovaný
Teraz idem nainštalovaž firewall a antivirák.
Soucasný stav: Dokonceno
Výsledek: 2/42 (4.77%)
Formátované
Vytisknout výsledky
Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.03.04 -
AhnLab-V3 5.0.0.2 2010.03.04 -
AntiVir 8.2.1.180 2010.03.04 -
Antiy-AVL 2.0.3.7 2010.03.04 -
Authentium 5.2.0.5 2010.03.04 W32/Zhelatin.K.gen!Eldorado
Avast 4.8.1351.0 2010.03.04 -
Avast5 5.0.332.0 2010.03.04 -
AVG 9.0.0.730 2010.03.04 -
BitDefender 7.2 2010.03.04 -
CAT-QuickHeal 10.00 2010.03.04 -
ClamAV 0.96.0.0-git 2010.03.04 -
Comodo 4091 2010.02.28 -
DrWeb 5.0.1.12222 2010.03.04 -
eSafe 7.0.17.0 2010.03.04 -
eTrust-Vet 35.2.7339 2010.03.04 -
F-Prot 4.5.1.85 2010.03.03 -
F-Secure 9.0.15370.0 2010.03.04 -
Fortinet 4.0.14.0 2010.03.04 -
GData 19 2010.03.04 -
Ikarus T3.1.1.80.0 2010.03.04 -
Jiangmin 13.0.900 2010.03.04 -
K7AntiVirus 7.10.989 2010.03.03 -
Kaspersky 7.0.0.125 2010.03.04 -
McAfee 5909 2010.03.03 -
McAfee+Artemis 5909 2010.03.03 -
McAfee-GW-Edition 6.8.5 2010.03.04 -
Microsoft 1.5502 2010.03.04 -
NOD32 4915 2010.03.04 -
Norman 6.04.08 2010.03.03 -
nProtect 2009.1.8.0 2010.03.04 -
Panda 10.0.2.2 2010.03.03 -
PCTools 7.0.3.5 2010.03.04 -
Prevx 3.0 2010.03.04 -
Rising 22.37.03.04 2010.03.04 -
Sophos 4.51.0 2010.03.04 -
Sunbelt 5748 2010.03.04 -
Symantec 20091.2.0.41 2010.03.04 Suspicious.Insight
TheHacker 6.5.1.7.220 2010.03.04 -
TrendMicro 9.120.0.1004 2010.03.04 -
VBA32 3.12.12.2 2010.03.04 -
ViRobot 2010.3.4.2212 2010.03.04 -
VirusBuster 5.0.27.0 2010.03.04 -
Po vložení skriptu a reštartovaní zobrazilo toto:
All processes killed
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8381a866-22ab-11df-a5b6-0011d8c084b1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8381a866-22ab-11df-a5b6-0011d8c084b1}\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Security Providers\\"SecurityProviders"|"msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" /E : value set successfully!
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41620 bytes
User: Filip
->Temp folder emptied: 135434 bytes
->Temporary Internet Files folder emptied: 584068 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 34197987 bytes
->Google Chrome cache emptied: 315770836 bytes
->Flash cache emptied: 812 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2162283 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 337,00 mb
OTM by OldTimer - Version 3.1.10.0 log created on 03042010_184505
Files moved on Reboot...
Registry entries deleted on Reboot...
uTorrent odinštalovaný
Teraz idem nainštalovaž firewall a antivirák.
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Vírus pri spustení počítača
LOG:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Filip at 2010-03-04 19:17:10
Systém Microsoft Windows XP Professional Service Pack 3, v.3264
System drive C: has 56 GB (80%) free of 70 GB
Total RAM: 1535 MB (68% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:17:14, on 4. 3. 2010
Platform: Windows XP SP3, v.3264 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
D:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\Vista Drive Icon\DrvIcon.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe
D:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
D:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\TUProgSt.exe
D:\PROGRAM FILES\FRAPS\FRAPS.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Documents and Settings\Filip\Desktop\RSIT.exe
C:\Program Files\trend micro\Filip.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www3.iamwired.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: PHPNukeEN Toolbar - {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files\PHPNukeEN\tbPHPN.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: gwprimawega - {cb2050a3-32d4-1e64-e92d-087d567b4291} - C:\WINDOWS\system32\t-wvp2xDlt0EM.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: PHPNukeEN Toolbar - {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files\PHPNukeEN\tbPHPN.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: PHPNukeEN Toolbar - {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files\PHPNukeEN\tbPHPN.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [StatusClient] C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup] C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe
O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe
O4 - HKLM\..\Run: [avast5] D:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Filip\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Fraps] D:\PROGRAM FILES\FRAPS\FRAPS.EXE
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
--
End of file - 6967 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-1078145449-839522115-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-1078145449-839522115-1003UA.job
C:\WINDOWS\tasks\Úklid 1 kliknutím.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cb2050a3-32d4-1e64-e92d-087d567b4291}]
gwprimawega - C:\WINDOWS\system32\t-wvp2xDlt0EM.dll [2010-02-18 1294336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-14 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dd02a4eb-4afd-4d60-99d8-e67f964ca813}]
PHPNukeEN Toolbar - C:\Program Files\PHPNukeEN\tbPHPN.dll [2009-12-31 2349080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-14 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{dd02a4eb-4afd-4d60-99d8-e67f964ca813} - PHPNukeEN Toolbar - C:\Program Files\PHPNukeEN\tbPHPN.dll [2009-12-31 2349080]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-06-20 77824]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-11-20 12669544]
"StatusClient"=C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe [2002-12-16 36864]
"TomcatStartup"=C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe [2003-03-31 155648]
"DrvIcon"=C:\Program Files\Vista Drive Icon\DrvIcon.exe [2008-04-13 49152]
"avast5"=D:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-02-11 2756488]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Documents and Settings\Filip\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-04 135664]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-02-22 26101032]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2007-12-01 15360]
"Fraps"=D:\PROGRAM FILES\FRAPS\FRAPS.EXE [2007-11-21 3182248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"D:\Program Files\GameSpy Arcade\Aphex.exe"="D:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="D:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"D:\Program Files\Activision\Modern Warfare 2\iw4mp.exe"="D:\Program Files\Activision\Modern Warfare 2\iw4mp.exe:*:Enabled:iw4mp"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Program Files\Ascaron Entertainment\Sacred Gold\gameserver.exe"="D:\Program Files\Ascaron Entertainment\Sacred Gold\gameserver.exe:*:Enabled:Sacred Gameserver"
"D:\Program Files\Ascaron Entertainment\Sacred Gold\sacred.exe"="D:\Program Files\Ascaron Entertainment\Sacred Gold\sacred.exe:*:Enabled:Sacred"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe"="C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe:*:Enabled:javaw"
"D:\Program Files\Mass Effect\Binaries\MassEffect.exe"="D:\Program Files\Mass Effect\Binaries\MassEffect.exe:*:Enabled:Mass Effect Game"
"D:\Program Files\Mass Effect\MassEffectLauncher.exe"="D:\Program Files\Mass Effect\MassEffectLauncher.exe:*:Enabled:Mass Effect Launcher"
"D:\Program Files\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2BetaUpdater.exe"="D:\Program Files\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2BetaUpdater.exe:*:Enabled:Battlefield Bad Company 2 - BETA"
"D:\Program Files\Eidos\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe"="D:\Program Files\Eidos\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe:*:Enabled:Batman: Arkham Asylum"
"D:\Program Files\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2Game.exe"="D:\Program Files\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2Game.exe:*:Enabled:EA Battlefield: Bad Company™ 2 - BETA"
"D:\Program Files\Steam\Steam.exe"="D:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"D:\Program Files\Steam\steamapps\common\aliens vs predator demo\AvP.exe"="D:\Program Files\Steam\steamapps\common\aliens vs predator demo\AvP.exe:*:Enabled:Aliens vs Predator Demo"
"D:\Program Files\Electronic Arts\Dead Space\Dead Space.exe"="D:\Program Files\Electronic Arts\Dead Space\Dead Space.exe:*:Enabled:Dead Space ™"
"D:\Program Files\EA GAMES\Battlefield 2\BF2.exe"="D:\Program Files\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-03-04 19:01:53 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-03-04 19:01:49 ----D---- C:\Documents and Settings\All Users\Application Data\Alwil Software
2010-03-04 18:45:05 ----D---- C:\_OTM
2010-03-04 17:44:55 ----D---- C:\Program Files\trend micro
2010-03-04 17:44:54 ----D---- C:\rsit
2010-03-03 19:09:20 ----A---- C:\WINDOWS\ALCFDRTM.EXE
2010-03-03 19:09:19 ----D---- C:\WINDOWS\system32\Lang
2010-03-03 18:06:50 ----SHD---- C:\RECYCLER
2010-03-03 17:32:14 ----D---- C:\Documents and Settings\Filip\Application Data\skypePM
2010-03-03 17:29:20 ----D---- C:\Documents and Settings\Filip\Application Data\Skype
2010-03-03 17:29:15 ----D---- C:\Program Files\Common Files\Skype
2010-03-03 17:29:13 ----RD---- C:\Program Files\Skype
2010-03-03 17:29:10 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2010-03-03 16:46:43 ----HD---- C:\WINDOWS\PIF
2010-03-03 14:22:21 ----A---- C:\WINDOWS\system32\zi-KclNRQfeWv.exe
2010-03-03 14:15:32 ----A---- C:\Boot.bak
2010-03-03 14:15:29 ----RASHD---- C:\cmdcons
2010-02-26 13:18:16 ----A---- C:\WINDOWS\system32\d3dx9.dll
2010-02-26 13:18:16 ----A---- C:\WINDOWS\system32\D3DX81ab.dll
2010-02-26 12:58:30 ----D---- C:\Documents and Settings\Filip\Application Data\Astroburn Lite
2010-02-26 12:58:22 ----D---- C:\Documents and Settings\All Users\Application Data\Astroburn Lite
2010-02-24 14:29:52 ----A---- C:\WINDOWS\system32\TUKernel.exe
2010-02-24 12:21:19 ----A---- C:\WINDOWS\system32\TUProgSt.exe
2010-02-24 12:21:18 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2010-02-24 12:21:18 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe
2010-02-24 12:09:50 ----D---- C:\Documents and Settings\Filip\Application Data\TuneUp Software
2010-02-24 12:09:29 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2010-02-24 12:09:28 ----D---- C:\Program Files\TuneUp Utilities 2009
2010-02-24 12:09:09 ----SHD---- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2010-02-24 11:29:03 ----D---- C:\Documents and Settings\All Users\Application Data\Fallout3
2010-02-21 10:29:23 ----D---- C:\Documents and Settings\Filip\Application Data\Mozilla
2010-02-20 17:22:20 ----D---- C:\WINDOWS\WBEM
2010-02-20 17:21:46 ----HDC---- C:\WINDOWS\ie8
2010-02-18 09:39:28 ----A---- C:\WINDOWS\system32\t-wvp2xDlt0EM.dll
2010-02-16 17:16:23 ----D---- C:\Documents and Settings\Filip\Application Data\AnvSoft
2010-02-12 13:42:34 ----D---- C:\Documents and Settings\Filip\Application Data\ICQ
2010-02-11 18:02:31 ----D---- C:\Documents and Settings\Filip\Application Data\OpenOffice.org
2010-02-08 17:10:39 ----D---- C:\Documents and Settings\Filip\Application Data\Media Player Classic
2010-02-08 17:10:00 ----A---- C:\WINDOWS\system32\unrar.dll
2010-02-08 17:09:59 ----A---- C:\WINDOWS\avisplitter.ini
2010-02-08 17:09:57 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2010-02-08 17:09:57 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2010-02-08 17:09:57 ----A---- C:\WINDOWS\system32\xvidcore.dll
2010-02-08 17:09:54 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2010-02-08 17:09:54 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2010-02-07 13:16:18 ----D---- C:\Documents and Settings\Filip\Application Data\Ubisoft
2010-02-07 13:08:33 ----D---- C:\Documents and Settings\All Users\Application Data\Ubisoft
2010-02-06 12:53:01 ----D---- C:\Program Files\Conduit
2010-02-06 12:53:00 ----D---- C:\Program Files\PHPNukeEN
======List of files/folders modified in the last 1 months======
2010-03-04 19:16:59 ----D---- C:\WINDOWS\Prefetch
2010-03-04 19:16:58 ----D---- C:\WINDOWS\Temp
2010-03-04 19:16:06 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-04 19:15:47 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-03-04 19:14:15 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-04 19:13:10 ----D---- C:\WINDOWS\system32\drivers
2010-03-04 19:01:59 ----SHD---- C:\WINDOWS\Installer
2010-03-04 19:01:58 ----D---- C:\WINDOWS\WinSxS
2010-03-04 19:01:53 ----D---- C:\WINDOWS\system32
2010-03-04 18:46:46 ----D---- C:\WINDOWS
2010-03-04 18:42:07 ----A---- C:\WINDOWS\NeroDigital.ini
2010-03-04 17:44:55 ----RD---- C:\Program Files
2010-03-04 17:28:02 ----SHD---- C:\System Volume Information
2010-03-04 17:28:02 ----D---- C:\WINDOWS\system32\Restore
2010-03-04 17:27:33 ----D---- C:\WINDOWS\Minidump
2010-03-03 19:14:50 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-03-03 18:01:54 ----A---- C:\WINDOWS\system.ini
2010-03-03 17:59:44 ----D---- C:\WINDOWS\AppPatch
2010-03-03 17:59:42 ----D---- C:\Program Files\Common Files
2010-03-03 16:57:00 ----RSD---- C:\WINDOWS\assembly
2010-03-03 16:56:38 ----HD---- C:\WINDOWS\inf
2010-03-03 16:56:05 ----D---- C:\WINDOWS\system32\DirectX
2010-03-03 16:50:48 ----HD---- C:\Program Files\InstallShield Installation Information
2010-03-03 14:15:32 ----RASH---- C:\boot.ini
2010-03-02 16:36:18 ----D---- C:\WINDOWS\Debug
2010-03-01 17:36:55 ----D---- C:\WINDOWS\system32\config
2010-02-25 09:48:13 ----RSD---- C:\WINDOWS\Fonts
2010-02-24 12:29:01 ----SD---- C:\WINDOWS\Tasks
2010-02-24 12:27:43 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-02-24 12:27:39 ----D---- C:\WINDOWS\system32\inetsrv
2010-02-21 07:14:18 ----D---- C:\Program Files\Common Files\InstallShield
2010-02-20 18:14:39 ----D---- C:\WINDOWS\network diagnostic
2010-02-20 17:50:10 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-20 17:50:10 ----D---- C:\WINDOWS\Media
2010-02-20 17:50:10 ----D---- C:\WINDOWS\Help
2010-02-20 17:50:10 ----D---- C:\Program Files\Internet Explorer
2010-02-20 17:22:20 ----D---- C:\WINDOWS\system32\en-us
2010-02-14 11:35:09 ----SD---- C:\Documents and Settings\Filip\Application Data\Microsoft
2010-02-08 15:56:38 ----A---- C:\WINDOWS\system32\MsiExec.exe.log
2010-02-06 08:27:22 ----D---- C:\Program Files\Google
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-02-11 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-02-11 162512]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-02-11 46672]
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-02-11 19024]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-02-11 100432]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-06-20 2324480]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2007-11-30 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-02-11 23376]
R3 Dot4;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2007-11-30 206976]
R3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-08-17 23808]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2007-11-30 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2007-11-30 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-11-21 10235968]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-06 33536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-06 12928]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2007-11-30 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2007-11-30 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2007-11-30 17152]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2007-11-30 26368]
S3 ASFWHide;ASFWHide; \??\C:\Documents and Settings\Filip\Local Settings\TEMP\ASFWHide []
S3 DrvFltIp;DrvFltIp; \??\C:\Documents and Settings\Filip\Local Settings\TEMP\DrvFltIp []
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; D:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-02-11 40384]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; D:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-01-14 153376]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-12-02 877864]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-11-20 154216]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-01-04 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-03-03 215128]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2010-02-24 603904]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2007-12-01 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; D:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-02-11 40384]
R3 avast! Web Scanner;avast! Web Scanner; D:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-02-11 40384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-16 135664]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-01-08 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-12-12 537896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2002-08-01 65536]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2010-02-24 360192]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2007-12-01 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Nevadí že je Windowsácka firewallka? Ak hej tak napíš akú doporučuješ, lebo som si dal Ashampoo firewall a tá je len na 30 dní.
Logfile of random's system information tool 1.06 (written by random/random)
Run by Filip at 2010-03-04 19:17:10
Systém Microsoft Windows XP Professional Service Pack 3, v.3264
System drive C: has 56 GB (80%) free of 70 GB
Total RAM: 1535 MB (68% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:17:14, on 4. 3. 2010
Platform: Windows XP SP3, v.3264 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
D:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\Vista Drive Icon\DrvIcon.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe
D:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
D:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\TUProgSt.exe
D:\PROGRAM FILES\FRAPS\FRAPS.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Documents and Settings\Filip\Desktop\RSIT.exe
C:\Program Files\trend micro\Filip.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www3.iamwired.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: PHPNukeEN Toolbar - {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files\PHPNukeEN\tbPHPN.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: gwprimawega - {cb2050a3-32d4-1e64-e92d-087d567b4291} - C:\WINDOWS\system32\t-wvp2xDlt0EM.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: PHPNukeEN Toolbar - {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files\PHPNukeEN\tbPHPN.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: PHPNukeEN Toolbar - {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - C:\Program Files\PHPNukeEN\tbPHPN.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [StatusClient] C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup] C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe
O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe
O4 - HKLM\..\Run: [avast5] D:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Filip\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Fraps] D:\PROGRAM FILES\FRAPS\FRAPS.EXE
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
--
End of file - 6967 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-1078145449-839522115-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-1078145449-839522115-1003UA.job
C:\WINDOWS\tasks\Úklid 1 kliknutím.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cb2050a3-32d4-1e64-e92d-087d567b4291}]
gwprimawega - C:\WINDOWS\system32\t-wvp2xDlt0EM.dll [2010-02-18 1294336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-14 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dd02a4eb-4afd-4d60-99d8-e67f964ca813}]
PHPNukeEN Toolbar - C:\Program Files\PHPNukeEN\tbPHPN.dll [2009-12-31 2349080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-14 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{dd02a4eb-4afd-4d60-99d8-e67f964ca813} - PHPNukeEN Toolbar - C:\Program Files\PHPNukeEN\tbPHPN.dll [2009-12-31 2349080]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-06-20 77824]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-11-20 12669544]
"StatusClient"=C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe [2002-12-16 36864]
"TomcatStartup"=C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe [2003-03-31 155648]
"DrvIcon"=C:\Program Files\Vista Drive Icon\DrvIcon.exe [2008-04-13 49152]
"avast5"=D:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-02-11 2756488]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Documents and Settings\Filip\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-04 135664]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-02-22 26101032]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2007-12-01 15360]
"Fraps"=D:\PROGRAM FILES\FRAPS\FRAPS.EXE [2007-11-21 3182248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"D:\Program Files\GameSpy Arcade\Aphex.exe"="D:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="D:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"D:\Program Files\Activision\Modern Warfare 2\iw4mp.exe"="D:\Program Files\Activision\Modern Warfare 2\iw4mp.exe:*:Enabled:iw4mp"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Program Files\Ascaron Entertainment\Sacred Gold\gameserver.exe"="D:\Program Files\Ascaron Entertainment\Sacred Gold\gameserver.exe:*:Enabled:Sacred Gameserver"
"D:\Program Files\Ascaron Entertainment\Sacred Gold\sacred.exe"="D:\Program Files\Ascaron Entertainment\Sacred Gold\sacred.exe:*:Enabled:Sacred"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe"="C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe:*:Enabled:javaw"
"D:\Program Files\Mass Effect\Binaries\MassEffect.exe"="D:\Program Files\Mass Effect\Binaries\MassEffect.exe:*:Enabled:Mass Effect Game"
"D:\Program Files\Mass Effect\MassEffectLauncher.exe"="D:\Program Files\Mass Effect\MassEffectLauncher.exe:*:Enabled:Mass Effect Launcher"
"D:\Program Files\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2BetaUpdater.exe"="D:\Program Files\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2BetaUpdater.exe:*:Enabled:Battlefield Bad Company 2 - BETA"
"D:\Program Files\Eidos\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe"="D:\Program Files\Eidos\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe:*:Enabled:Batman: Arkham Asylum"
"D:\Program Files\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2Game.exe"="D:\Program Files\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2Game.exe:*:Enabled:EA Battlefield: Bad Company™ 2 - BETA"
"D:\Program Files\Steam\Steam.exe"="D:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"D:\Program Files\Steam\steamapps\common\aliens vs predator demo\AvP.exe"="D:\Program Files\Steam\steamapps\common\aliens vs predator demo\AvP.exe:*:Enabled:Aliens vs Predator Demo"
"D:\Program Files\Electronic Arts\Dead Space\Dead Space.exe"="D:\Program Files\Electronic Arts\Dead Space\Dead Space.exe:*:Enabled:Dead Space ™"
"D:\Program Files\EA GAMES\Battlefield 2\BF2.exe"="D:\Program Files\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-03-04 19:01:53 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-03-04 19:01:49 ----D---- C:\Documents and Settings\All Users\Application Data\Alwil Software
2010-03-04 18:45:05 ----D---- C:\_OTM
2010-03-04 17:44:55 ----D---- C:\Program Files\trend micro
2010-03-04 17:44:54 ----D---- C:\rsit
2010-03-03 19:09:20 ----A---- C:\WINDOWS\ALCFDRTM.EXE
2010-03-03 19:09:19 ----D---- C:\WINDOWS\system32\Lang
2010-03-03 18:06:50 ----SHD---- C:\RECYCLER
2010-03-03 17:32:14 ----D---- C:\Documents and Settings\Filip\Application Data\skypePM
2010-03-03 17:29:20 ----D---- C:\Documents and Settings\Filip\Application Data\Skype
2010-03-03 17:29:15 ----D---- C:\Program Files\Common Files\Skype
2010-03-03 17:29:13 ----RD---- C:\Program Files\Skype
2010-03-03 17:29:10 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2010-03-03 16:46:43 ----HD---- C:\WINDOWS\PIF
2010-03-03 14:22:21 ----A---- C:\WINDOWS\system32\zi-KclNRQfeWv.exe
2010-03-03 14:15:32 ----A---- C:\Boot.bak
2010-03-03 14:15:29 ----RASHD---- C:\cmdcons
2010-02-26 13:18:16 ----A---- C:\WINDOWS\system32\d3dx9.dll
2010-02-26 13:18:16 ----A---- C:\WINDOWS\system32\D3DX81ab.dll
2010-02-26 12:58:30 ----D---- C:\Documents and Settings\Filip\Application Data\Astroburn Lite
2010-02-26 12:58:22 ----D---- C:\Documents and Settings\All Users\Application Data\Astroburn Lite
2010-02-24 14:29:52 ----A---- C:\WINDOWS\system32\TUKernel.exe
2010-02-24 12:21:19 ----A---- C:\WINDOWS\system32\TUProgSt.exe
2010-02-24 12:21:18 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2010-02-24 12:21:18 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe
2010-02-24 12:09:50 ----D---- C:\Documents and Settings\Filip\Application Data\TuneUp Software
2010-02-24 12:09:29 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2010-02-24 12:09:28 ----D---- C:\Program Files\TuneUp Utilities 2009
2010-02-24 12:09:09 ----SHD---- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2010-02-24 11:29:03 ----D---- C:\Documents and Settings\All Users\Application Data\Fallout3
2010-02-21 10:29:23 ----D---- C:\Documents and Settings\Filip\Application Data\Mozilla
2010-02-20 17:22:20 ----D---- C:\WINDOWS\WBEM
2010-02-20 17:21:46 ----HDC---- C:\WINDOWS\ie8
2010-02-18 09:39:28 ----A---- C:\WINDOWS\system32\t-wvp2xDlt0EM.dll
2010-02-16 17:16:23 ----D---- C:\Documents and Settings\Filip\Application Data\AnvSoft
2010-02-12 13:42:34 ----D---- C:\Documents and Settings\Filip\Application Data\ICQ
2010-02-11 18:02:31 ----D---- C:\Documents and Settings\Filip\Application Data\OpenOffice.org
2010-02-08 17:10:39 ----D---- C:\Documents and Settings\Filip\Application Data\Media Player Classic
2010-02-08 17:10:00 ----A---- C:\WINDOWS\system32\unrar.dll
2010-02-08 17:09:59 ----A---- C:\WINDOWS\avisplitter.ini
2010-02-08 17:09:57 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2010-02-08 17:09:57 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2010-02-08 17:09:57 ----A---- C:\WINDOWS\system32\xvidcore.dll
2010-02-08 17:09:54 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2010-02-08 17:09:54 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2010-02-07 13:16:18 ----D---- C:\Documents and Settings\Filip\Application Data\Ubisoft
2010-02-07 13:08:33 ----D---- C:\Documents and Settings\All Users\Application Data\Ubisoft
2010-02-06 12:53:01 ----D---- C:\Program Files\Conduit
2010-02-06 12:53:00 ----D---- C:\Program Files\PHPNukeEN
======List of files/folders modified in the last 1 months======
2010-03-04 19:16:59 ----D---- C:\WINDOWS\Prefetch
2010-03-04 19:16:58 ----D---- C:\WINDOWS\Temp
2010-03-04 19:16:06 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-04 19:15:47 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-03-04 19:14:15 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-04 19:13:10 ----D---- C:\WINDOWS\system32\drivers
2010-03-04 19:01:59 ----SHD---- C:\WINDOWS\Installer
2010-03-04 19:01:58 ----D---- C:\WINDOWS\WinSxS
2010-03-04 19:01:53 ----D---- C:\WINDOWS\system32
2010-03-04 18:46:46 ----D---- C:\WINDOWS
2010-03-04 18:42:07 ----A---- C:\WINDOWS\NeroDigital.ini
2010-03-04 17:44:55 ----RD---- C:\Program Files
2010-03-04 17:28:02 ----SHD---- C:\System Volume Information
2010-03-04 17:28:02 ----D---- C:\WINDOWS\system32\Restore
2010-03-04 17:27:33 ----D---- C:\WINDOWS\Minidump
2010-03-03 19:14:50 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-03-03 18:01:54 ----A---- C:\WINDOWS\system.ini
2010-03-03 17:59:44 ----D---- C:\WINDOWS\AppPatch
2010-03-03 17:59:42 ----D---- C:\Program Files\Common Files
2010-03-03 16:57:00 ----RSD---- C:\WINDOWS\assembly
2010-03-03 16:56:38 ----HD---- C:\WINDOWS\inf
2010-03-03 16:56:05 ----D---- C:\WINDOWS\system32\DirectX
2010-03-03 16:50:48 ----HD---- C:\Program Files\InstallShield Installation Information
2010-03-03 14:15:32 ----RASH---- C:\boot.ini
2010-03-02 16:36:18 ----D---- C:\WINDOWS\Debug
2010-03-01 17:36:55 ----D---- C:\WINDOWS\system32\config
2010-02-25 09:48:13 ----RSD---- C:\WINDOWS\Fonts
2010-02-24 12:29:01 ----SD---- C:\WINDOWS\Tasks
2010-02-24 12:27:43 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-02-24 12:27:39 ----D---- C:\WINDOWS\system32\inetsrv
2010-02-21 07:14:18 ----D---- C:\Program Files\Common Files\InstallShield
2010-02-20 18:14:39 ----D---- C:\WINDOWS\network diagnostic
2010-02-20 17:50:10 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-20 17:50:10 ----D---- C:\WINDOWS\Media
2010-02-20 17:50:10 ----D---- C:\WINDOWS\Help
2010-02-20 17:50:10 ----D---- C:\Program Files\Internet Explorer
2010-02-20 17:22:20 ----D---- C:\WINDOWS\system32\en-us
2010-02-14 11:35:09 ----SD---- C:\Documents and Settings\Filip\Application Data\Microsoft
2010-02-08 15:56:38 ----A---- C:\WINDOWS\system32\MsiExec.exe.log
2010-02-06 08:27:22 ----D---- C:\Program Files\Google
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-02-11 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-02-11 162512]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-02-11 46672]
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-02-11 19024]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-02-11 100432]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-06-20 2324480]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2007-11-30 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-02-11 23376]
R3 Dot4;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2007-11-30 206976]
R3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-08-17 23808]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2007-11-30 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2007-11-30 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-11-21 10235968]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-06 33536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-06 12928]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2007-11-30 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2007-11-30 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2007-11-30 17152]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2007-11-30 26368]
S3 ASFWHide;ASFWHide; \??\C:\Documents and Settings\Filip\Local Settings\TEMP\ASFWHide []
S3 DrvFltIp;DrvFltIp; \??\C:\Documents and Settings\Filip\Local Settings\TEMP\DrvFltIp []
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; D:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-02-11 40384]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; D:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-01-14 153376]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-12-02 877864]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-11-20 154216]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-01-04 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-03-03 215128]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2010-02-24 603904]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2007-12-01 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; D:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-02-11 40384]
R3 avast! Web Scanner;avast! Web Scanner; D:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-02-11 40384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-16 135664]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-01-08 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-12-12 537896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2002-08-01 65536]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2010-02-24 360192]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2007-12-01 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Nevadí že je Windowsácka firewallka? Ak hej tak napíš akú doporučuješ, lebo som si dal Ashampoo firewall a tá je len na 30 dní.
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Vírus pri spustení počítača
Tak už som to všetko spravil. Avast už nič pri spustení počítača nepíše. Ďakujem za rady. 
Naposledy upravil(a) BruShEr dne 05 bře 2010 21:06, celkem upraveno 1 x.
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Přispějete na provoz fóra?