Tak jsem PC projel expresnim scanem, naslo to 1 vir, "bdupdateservice.dll" a oznacilo jej jako "Trojan.Siggen2.6721", byl ve slozce C:\User\Kratkyj\AppData\Local\Temp.
Zjistil jsem dnesjeden problem,potreboval pouzit k notasu projektor ale nesel do nej z PC signal, jeste pred cca 14 dny fungovalo normalne, i doma vystup na TV - nevim jestli to s temi Rootkity souvisi.
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu
1. Smazal jste toho šmejda v Tempech?
2.
2.
Nezdá se mi, že by to s nimi mohlo souviset. Ale pokud je tato nákaza něco nového, netroufám si ani odhadnout, co všechno to může ovlivnit. Většina nákaz nenapadá ovladače hardwaru. Pokud je ten šmejd smazán, udělejte nový sken CF.Zjistil jsem dnesjeden problem,potreboval pouzit k notasu projektor ale nesel do nej z PC signal, jeste pred cca 14 dny fungovalo normalne, i doma vystup na TV - nevim jestli to s temi Rootkity souvisi.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
shorty1963
- Návštěvník
- Příspěvky: 120
- Registrován: 29 led 2008 17:06
Re: Kontrola logu
Smejda jsem samozrejme z tempu smazal.
Posilam novy log z CF - bohuzel ti puvodni smejdi jsou tam porad.
ComboFix 10-12-08.04 - KratkyJ 09.12.2010 20:31:04.5.2 - x86
Microsoft® Windows Vista™ Business 6.0.6002.2.1250.420.1029.18.3070.1738 [GMT 1:00]
Spuštěný z: c:\users\KratkyJ\Desktop\ComboFix.exe
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\64dlls.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\intel64.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\Kernel32.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\localsys64.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\ntos.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\oembios.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\sdra64.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\sdra73.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\swin32.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\twex.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\twext.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\wsnpoema.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-09 do 2010-12-09 )))))))))))))))))))))))))))))))
.
2010-12-09 19:47 . 2010-12-09 19:47 -------- d-----w- c:\users\KratkyJ\AppData\Local\temp
2010-12-09 19:47 . 2010-12-09 19:47 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-12-09 19:47 . 2010-12-09 19:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-12-09 19:04 . 2010-12-09 19:04 -------- d-----w- c:\users\KratkyJ\AppData\Roaming\smkits
2010-12-09 17:23 . 2010-12-09 17:23 -------- d---a-w- c:\windows\rundll16.exe
2010-12-09 17:23 . 2010-12-09 17:23 -------- d---a-w- c:\windows\logo1_.exe
2010-12-09 10:58 . 2010-12-09 10:58 -------- d---a-w- c:\windows\VDLL.DLL
2010-12-09 10:58 . 2010-12-09 10:58 -------- d---a-w- c:\windows\RUNDL132.EXE
2010-12-09 10:58 . 2010-12-09 10:58 -------- d---a-w- c:\windows\logo_1.exe
2010-12-08 13:55 . 2010-12-08 13:55 -------- d-----w- c:\users\KratkyJ\AppData\Roaming\SUPERAntiSpyware.com
2010-12-07 10:26 . 2010-12-07 10:26 -------- d--h--w- c:\windows\PIF
2010-11-29 10:47 . 2010-11-29 10:47 -------- d-----w- c:\users\KratkyJ\AppData\Local\Symantec
2010-11-29 10:46 . 2010-09-10 21:32 167936 ----a-w- c:\windows\system32\drivers\wpshelper.sys
2010-11-29 10:45 . 2010-11-25 10:54 97096 ----a-w- c:\windows\system32\drivers\SysPlant.sys
2010-11-29 10:45 . 2010-11-29 10:45 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-11-29 10:43 . 2010-11-29 10:46 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-11-29 10:43 . 2010-11-29 10:45 -------- d-----w- c:\program files\Symantec
2010-11-26 12:45 . 2010-11-26 12:45 53248 ----a-r- c:\users\KratkyJ\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2010-11-26 12:44 . 2010-11-26 12:44 -------- d-----w- c:\program files\Logitech
2010-11-26 12:39 . 2010-08-25 14:41 263272 ----a-w- c:\windows\system32\drivers\Rtlh86.sys
2010-11-26 12:39 . 2009-12-03 16:27 80416 ----a-w- c:\windows\system32\RtNicProp32.dll
2010-11-26 12:37 . 2010-11-26 12:37 -------- d-----w- c:\windows\system32\RTCOM
2010-11-26 12:35 . 2006-02-07 14:40 204800 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll
2010-11-26 12:35 . 2006-02-07 14:45 757760 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll
2010-11-26 12:35 . 2006-02-07 14:40 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll
2010-11-26 12:35 . 2006-02-07 14:40 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll
2010-11-26 12:35 . 2005-11-13 22:19 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2010-11-26 12:35 . 2010-11-26 12:35 200836 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll
2010-11-26 12:35 . 2010-11-26 12:35 331908 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll
2010-11-26 12:19 . 2010-11-26 12:19 -------- d-----w- C:\NVIDIA
2010-11-26 11:58 . 2010-11-26 11:58 -------- d-----w- c:\program files\Driver-Soft
2010-11-26 05:56 . 2010-11-10 04:33 6273872 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{70827E26-651E-4274-8DE3-BC817622D1AE}\mpengine.dll
2010-11-24 05:00 . 2010-10-19 04:27 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-11-21 07:48 . 2010-11-21 07:48 -------- d-----w- c:\users\KratkyJ\AppData\Roaming\BitComet
2010-11-21 07:44 . 2010-11-21 07:44 -------- d-----w- c:\users\KratkyJ\AppData\Roaming\Zbshareware Lab
2010-11-10 05:58 . 2010-10-07 11:37 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-30 05:20 . 2010-11-30 05:18 22997742 ----a-w- c:\windows\REGBK43.ZIP
2010-11-26 12:45 . 2010-05-09 15:06 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2010-11-26 12:36 . 2008-09-18 07:39 319456 ----a-w- c:\windows\DIFxAPI.dll
2010-10-19 09:41 . 2009-10-03 06:24 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-16 18:55 . 2010-11-26 12:20 10920 ----a-w- c:\windows\system32\drivers\nvBridge.kmd
2010-10-16 18:55 . 2010-07-25 16:26 5473896 ----a-w- c:\windows\system32\nvwgf2um.dll
2010-10-16 18:55 . 2008-06-08 23:23 1719912 ----a-w- c:\windows\system32\nvapi.dll
2010-10-16 18:55 . 2008-06-08 23:23 10023528 ----a-w- c:\windows\system32\nvd3dum.dll
2010-10-16 11:42 . 2010-10-16 11:42 600680 ----a-w- c:\windows\system32\nvvsvc.exe
2010-10-16 11:42 . 2010-10-16 11:42 279144 ----a-w- c:\windows\system32\nvhotkey.dll
2010-10-16 11:42 . 2010-10-16 11:42 1881704 ----a-w- c:\windows\system32\nvsvcr.dll
2010-10-16 11:42 . 2010-10-16 11:42 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-10-16 11:42 . 2010-10-16 11:42 3420776 ----a-w- c:\windows\system32\nvcpl.dll
2010-10-16 11:42 . 2010-10-16 11:42 2079336 ----a-w- c:\windows\system32\nvsvc.dll
2010-10-15 15:00 . 2010-10-15 14:57 21659212 ----a-w- c:\windows\REGBK42.ZIP
2010-10-04 21:02 . 2008-09-18 07:22 53248 ----a-w- c:\windows\system32\CSVer.dll
2010-09-22 22:47 . 2010-09-22 22:47 49016 ----a-w- c:\windows\system32\sirenacm.dll
2010-09-22 22:32 . 2010-09-22 22:32 301936 ----a-w- c:\windows\WLXPGSS.SCR
2010-09-22 22:21 . 2010-10-23 06:13 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2010-09-13 13:56 . 2010-10-13 05:02 8147456 ----a-w- c:\windows\system32\wmploc.DLL
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2010-05-14 1479680]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2008-01-23 7766016]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-11-16 1029416]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2008-02-01 61440]
"Client Access Service"="c:\program files\IBM\Client Access\cwbsvstr.exe" [2005-06-09 20530]
"Client Access Check Version"="c:\program files\IBM\Client Access\cwbckver.exe" [2005-06-09 45106]
"Client Access Express Welcome"="c:\program files\IBM\Client Access\cwbwlwiz.exe" [2005-06-09 20480]
"Client Access PC5250 Sound"="c:\program files\IBM\Client Access\Emulator\pcssnd.exe" [2005-06-09 40960]
"NetTime"="c:\program files\NetTime\NetTime.exe" [2003-01-30 3791032]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2010-11-25 115560]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
[HKLM\~\startupfolder\C:^Users^KratkyJ^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrace produktu.lnk]
path=c:\users\KratkyJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Registrace produktu.lnk
backup=c:\windows\pss\Logitech . Registrace produktu.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvtMgr6]
2010-10-28 23:32 1352272 ----a-w- c:\program files\Logitech\SetPointP\SetPoint.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2010-01-08 18:56 186904 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2010-05-14 08:32 1479680 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-09-08 09:17 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2010-11-02 18:28 9808488 ------w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 COH_Mon;COH_Mon;c:\windows\system32\Drivers\COH_Mon.sys [2010-11-25 23888]
R3 NETw5v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2010-01-13 6628352]
R3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-01-15 206256]
S2 KVPNCSvc;Kerio VPN Client Service;c:\program files\Kerio\VPN Client\kvpncsvc.exe [2009-10-26 972648]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464]
S2 NetTimeSvc;NetTime;c:\program files\NetTime\NeTmSvNT.exe [2003-01-30 452096]
S2 SCPDFReadSpool;SolidConverterPDFReadSpool;c:\windows\Installer\MSI357.tmp [2010-01-22 189696]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2008-01-29 29736]
S3 DCamUSBET;USB2.0 1.3M UVC WebCam;c:\windows\system32\DRIVERS\etDevice.sys [2008-10-20 138920]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-11-29 102448]
S3 FiltUSBET;ET USB Device Lower Filter;c:\windows\system32\DRIVERS\etFilter.sys [2008-10-20 21544]
S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2007-12-18 54784]
S3 kvnet;Kerio Virtual Network Adapter;c:\windows\system32\DRIVERS\kvnet.sys [2009-03-23 26624]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\Drivers\LEqdUsb.Sys [2010-08-24 40912]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\Drivers\LHidEqd.Sys [2010-08-24 10448]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-04-29 20952]
S3 NETwNv32;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETwNv32.sys [2010-07-14 6680064]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-09-07 123496]
S3 ScanUSBET;ET USB Still Image Capture Device;c:\windows\system32\DRIVERS\etScan.sys [2008-10-20 13224]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-03-17 15:56 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
2010-12-09 c:\windows\Tasks\User_Feed_Synchronization-{5BE08792-9337-42D5-8B1C-76BA4E5D1B15}.job
- c:\windows\system32\msfeedssync.exe [2010-10-13 04:25]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://kompas.hzap.local/
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
Trusted Zone: ntsd01
Trusted Zone: pproi
DPF: {0D221D00-A6ED-477C-8A91-41F3B660A832} - hxxp://ntsd01/ReportServer/Reserved.ReportViewerWebControl.axd?ExecutionID=biaoeojn20c52q45j1yrl5ev&ControlID=97c13acdd6a9479ca40b6e09030bda69&Culture=1029&UICulture=9&ReportStack=1&OpType=PrintCab
DPF: {41861299-EAB2-4DCC-986C-802AE12AC499} - hxxp://ntsd01/ReportServer/Reserved.ReportViewerWebControl.axd?ExecutionID=dmm1sk45nfmtibmthlcb3mi0&ControlID=0292a48b3b4246c3a458c906515d254c&Culture=1029&UICulture=9&ReportStack=1&OpType=PrintCab
FF - ProfilePath -
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKLM-Run-TaskTray - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
SafeBoot-Symantec Antvirus
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-09 20:48
Windows 6.0.6002 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SCPDFReadSpool]
"ImagePath"="c:\windows\Installer\MSI357.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2010-12-09 20:50:34
ComboFix-quarantined-files.txt 2010-12-09 19:50
Před spuštěním: Volných bajtů: 30 205 267 968
Po spuštění: Volných bajtů: 30 476 300 288
Current=1 Default=1 Failed=0 LastKnownGood=46 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46
- - End Of File - - 56A3D70A35729AB633C25FEF2E43C346
Posilam novy log z CF - bohuzel ti puvodni smejdi jsou tam porad.
ComboFix 10-12-08.04 - KratkyJ 09.12.2010 20:31:04.5.2 - x86
Microsoft® Windows Vista™ Business 6.0.6002.2.1250.420.1029.18.3070.1738 [GMT 1:00]
Spuštěný z: c:\users\KratkyJ\Desktop\ComboFix.exe
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\64dlls.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\intel64.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\Kernel32.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\localsys64.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\ntos.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\oembios.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\sdra64.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\sdra73.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\swin32.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\twex.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\twext.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\wsnpoema.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-09 do 2010-12-09 )))))))))))))))))))))))))))))))
.
2010-12-09 19:47 . 2010-12-09 19:47 -------- d-----w- c:\users\KratkyJ\AppData\Local\temp
2010-12-09 19:47 . 2010-12-09 19:47 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-12-09 19:47 . 2010-12-09 19:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-12-09 19:04 . 2010-12-09 19:04 -------- d-----w- c:\users\KratkyJ\AppData\Roaming\smkits
2010-12-09 17:23 . 2010-12-09 17:23 -------- d---a-w- c:\windows\rundll16.exe
2010-12-09 17:23 . 2010-12-09 17:23 -------- d---a-w- c:\windows\logo1_.exe
2010-12-09 10:58 . 2010-12-09 10:58 -------- d---a-w- c:\windows\VDLL.DLL
2010-12-09 10:58 . 2010-12-09 10:58 -------- d---a-w- c:\windows\RUNDL132.EXE
2010-12-09 10:58 . 2010-12-09 10:58 -------- d---a-w- c:\windows\logo_1.exe
2010-12-08 13:55 . 2010-12-08 13:55 -------- d-----w- c:\users\KratkyJ\AppData\Roaming\SUPERAntiSpyware.com
2010-12-07 10:26 . 2010-12-07 10:26 -------- d--h--w- c:\windows\PIF
2010-11-29 10:47 . 2010-11-29 10:47 -------- d-----w- c:\users\KratkyJ\AppData\Local\Symantec
2010-11-29 10:46 . 2010-09-10 21:32 167936 ----a-w- c:\windows\system32\drivers\wpshelper.sys
2010-11-29 10:45 . 2010-11-25 10:54 97096 ----a-w- c:\windows\system32\drivers\SysPlant.sys
2010-11-29 10:45 . 2010-11-29 10:45 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-11-29 10:43 . 2010-11-29 10:46 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-11-29 10:43 . 2010-11-29 10:45 -------- d-----w- c:\program files\Symantec
2010-11-26 12:45 . 2010-11-26 12:45 53248 ----a-r- c:\users\KratkyJ\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2010-11-26 12:44 . 2010-11-26 12:44 -------- d-----w- c:\program files\Logitech
2010-11-26 12:39 . 2010-08-25 14:41 263272 ----a-w- c:\windows\system32\drivers\Rtlh86.sys
2010-11-26 12:39 . 2009-12-03 16:27 80416 ----a-w- c:\windows\system32\RtNicProp32.dll
2010-11-26 12:37 . 2010-11-26 12:37 -------- d-----w- c:\windows\system32\RTCOM
2010-11-26 12:35 . 2006-02-07 14:40 204800 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll
2010-11-26 12:35 . 2006-02-07 14:45 757760 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll
2010-11-26 12:35 . 2006-02-07 14:40 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll
2010-11-26 12:35 . 2006-02-07 14:40 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll
2010-11-26 12:35 . 2005-11-13 22:19 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2010-11-26 12:35 . 2010-11-26 12:35 200836 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll
2010-11-26 12:35 . 2010-11-26 12:35 331908 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll
2010-11-26 12:19 . 2010-11-26 12:19 -------- d-----w- C:\NVIDIA
2010-11-26 11:58 . 2010-11-26 11:58 -------- d-----w- c:\program files\Driver-Soft
2010-11-26 05:56 . 2010-11-10 04:33 6273872 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{70827E26-651E-4274-8DE3-BC817622D1AE}\mpengine.dll
2010-11-24 05:00 . 2010-10-19 04:27 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-11-21 07:48 . 2010-11-21 07:48 -------- d-----w- c:\users\KratkyJ\AppData\Roaming\BitComet
2010-11-21 07:44 . 2010-11-21 07:44 -------- d-----w- c:\users\KratkyJ\AppData\Roaming\Zbshareware Lab
2010-11-10 05:58 . 2010-10-07 11:37 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-30 05:20 . 2010-11-30 05:18 22997742 ----a-w- c:\windows\REGBK43.ZIP
2010-11-26 12:45 . 2010-05-09 15:06 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2010-11-26 12:36 . 2008-09-18 07:39 319456 ----a-w- c:\windows\DIFxAPI.dll
2010-10-19 09:41 . 2009-10-03 06:24 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-16 18:55 . 2010-11-26 12:20 10920 ----a-w- c:\windows\system32\drivers\nvBridge.kmd
2010-10-16 18:55 . 2010-07-25 16:26 5473896 ----a-w- c:\windows\system32\nvwgf2um.dll
2010-10-16 18:55 . 2008-06-08 23:23 1719912 ----a-w- c:\windows\system32\nvapi.dll
2010-10-16 18:55 . 2008-06-08 23:23 10023528 ----a-w- c:\windows\system32\nvd3dum.dll
2010-10-16 11:42 . 2010-10-16 11:42 600680 ----a-w- c:\windows\system32\nvvsvc.exe
2010-10-16 11:42 . 2010-10-16 11:42 279144 ----a-w- c:\windows\system32\nvhotkey.dll
2010-10-16 11:42 . 2010-10-16 11:42 1881704 ----a-w- c:\windows\system32\nvsvcr.dll
2010-10-16 11:42 . 2010-10-16 11:42 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-10-16 11:42 . 2010-10-16 11:42 3420776 ----a-w- c:\windows\system32\nvcpl.dll
2010-10-16 11:42 . 2010-10-16 11:42 2079336 ----a-w- c:\windows\system32\nvsvc.dll
2010-10-15 15:00 . 2010-10-15 14:57 21659212 ----a-w- c:\windows\REGBK42.ZIP
2010-10-04 21:02 . 2008-09-18 07:22 53248 ----a-w- c:\windows\system32\CSVer.dll
2010-09-22 22:47 . 2010-09-22 22:47 49016 ----a-w- c:\windows\system32\sirenacm.dll
2010-09-22 22:32 . 2010-09-22 22:32 301936 ----a-w- c:\windows\WLXPGSS.SCR
2010-09-22 22:21 . 2010-10-23 06:13 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2010-09-13 13:56 . 2010-10-13 05:02 8147456 ----a-w- c:\windows\system32\wmploc.DLL
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2010-05-14 1479680]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2008-01-23 7766016]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-11-16 1029416]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2008-02-01 61440]
"Client Access Service"="c:\program files\IBM\Client Access\cwbsvstr.exe" [2005-06-09 20530]
"Client Access Check Version"="c:\program files\IBM\Client Access\cwbckver.exe" [2005-06-09 45106]
"Client Access Express Welcome"="c:\program files\IBM\Client Access\cwbwlwiz.exe" [2005-06-09 20480]
"Client Access PC5250 Sound"="c:\program files\IBM\Client Access\Emulator\pcssnd.exe" [2005-06-09 40960]
"NetTime"="c:\program files\NetTime\NetTime.exe" [2003-01-30 3791032]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2010-11-25 115560]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
[HKLM\~\startupfolder\C:^Users^KratkyJ^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrace produktu.lnk]
path=c:\users\KratkyJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Registrace produktu.lnk
backup=c:\windows\pss\Logitech . Registrace produktu.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvtMgr6]
2010-10-28 23:32 1352272 ----a-w- c:\program files\Logitech\SetPointP\SetPoint.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2010-01-08 18:56 186904 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2010-05-14 08:32 1479680 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-09-08 09:17 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2010-11-02 18:28 9808488 ------w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 COH_Mon;COH_Mon;c:\windows\system32\Drivers\COH_Mon.sys [2010-11-25 23888]
R3 NETw5v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2010-01-13 6628352]
R3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-01-15 206256]
S2 KVPNCSvc;Kerio VPN Client Service;c:\program files\Kerio\VPN Client\kvpncsvc.exe [2009-10-26 972648]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464]
S2 NetTimeSvc;NetTime;c:\program files\NetTime\NeTmSvNT.exe [2003-01-30 452096]
S2 SCPDFReadSpool;SolidConverterPDFReadSpool;c:\windows\Installer\MSI357.tmp [2010-01-22 189696]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2008-01-29 29736]
S3 DCamUSBET;USB2.0 1.3M UVC WebCam;c:\windows\system32\DRIVERS\etDevice.sys [2008-10-20 138920]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-11-29 102448]
S3 FiltUSBET;ET USB Device Lower Filter;c:\windows\system32\DRIVERS\etFilter.sys [2008-10-20 21544]
S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2007-12-18 54784]
S3 kvnet;Kerio Virtual Network Adapter;c:\windows\system32\DRIVERS\kvnet.sys [2009-03-23 26624]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\Drivers\LEqdUsb.Sys [2010-08-24 40912]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\Drivers\LHidEqd.Sys [2010-08-24 10448]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-04-29 20952]
S3 NETwNv32;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETwNv32.sys [2010-07-14 6680064]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-09-07 123496]
S3 ScanUSBET;ET USB Still Image Capture Device;c:\windows\system32\DRIVERS\etScan.sys [2008-10-20 13224]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-03-17 15:56 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
2010-12-09 c:\windows\Tasks\User_Feed_Synchronization-{5BE08792-9337-42D5-8B1C-76BA4E5D1B15}.job
- c:\windows\system32\msfeedssync.exe [2010-10-13 04:25]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://kompas.hzap.local/
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
Trusted Zone: ntsd01
Trusted Zone: pproi
DPF: {0D221D00-A6ED-477C-8A91-41F3B660A832} - hxxp://ntsd01/ReportServer/Reserved.ReportViewerWebControl.axd?ExecutionID=biaoeojn20c52q45j1yrl5ev&ControlID=97c13acdd6a9479ca40b6e09030bda69&Culture=1029&UICulture=9&ReportStack=1&OpType=PrintCab
DPF: {41861299-EAB2-4DCC-986C-802AE12AC499} - hxxp://ntsd01/ReportServer/Reserved.ReportViewerWebControl.axd?ExecutionID=dmm1sk45nfmtibmthlcb3mi0&ControlID=0292a48b3b4246c3a458c906515d254c&Culture=1029&UICulture=9&ReportStack=1&OpType=PrintCab
FF - ProfilePath -
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKLM-Run-TaskTray - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
SafeBoot-Symantec Antvirus
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-09 20:48
Windows 6.0.6002 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SCPDFReadSpool]
"ImagePath"="c:\windows\Installer\MSI357.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2010-12-09 20:50:34
ComboFix-quarantined-files.txt 2010-12-09 19:50
Před spuštěním: Volných bajtů: 30 205 267 968
Po spuštění: Volných bajtů: 30 476 300 288
Current=1 Default=1 Failed=0 LastKnownGood=46 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46
- - End Of File - - 56A3D70A35729AB633C25FEF2E43C346
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu
Zkusíme na to jít jinak. Otevřte ovl. panely>uživatelé a koukněte se, zda v něm nemáte profil ReleaseEngineer.MACROVISION . Pokud ano (předpokládám, že jste si jej nezaložil sám), smažte jej.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
shorty1963
- Návštěvník
- Příspěvky: 120
- Registrován: 29 led 2008 17:06
Re: Kontrola logu
V Uzivatelskych uctech zadny takovy neni, je tam pouze muj "KratkyJ".
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu
ReleaseEngineer.MACROVISION je totiž název profilu, ve kterém jsou ty rootkity. Dosud jsem se s tím nesetkal a ani v ČR žádný takový případ nebyl popsán. Ze zahraničních fór jsem se také řešení nedověděl (cizí jazyky znám dost špatně a ani v překladu nikde není konečné řešení). Ještě toto: Zkuste Avenger: http://www.viry.cz/forum/viewtopic.php?f=15&t=19832 se skriptem:
Poznámka: Vzhledem k tomu, že teď už experimentuji (přiznávám se bez mučení), doporučuji vám udělat zálohu důležitých dat pro případ pádu systému.Folders to delete:
c:\documents and settings\ReleaseEngineer.MACROVISION
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
shorty1963
- Návštěvník
- Příspěvky: 120
- Registrován: 29 led 2008 17:06
Re: Kontrola logu
Tak to je divne s tim profilem...Zajimave je ze tu slozku c:\documents and settings vubec nevidim.
Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com
Platform: Windows Vista
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
Error: folder "c:\documents and settings\ReleaseEngineer.MACROVISION" not found!
Deletion of folder "c:\documents and settings\ReleaseEngineer.MACROVISION" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist
Completed script processing.
*******************
Finished! Terminate.profilem.
Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com
Platform: Windows Vista
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
Error: folder "c:\documents and settings\ReleaseEngineer.MACROVISION" not found!
Deletion of folder "c:\documents and settings\ReleaseEngineer.MACROVISION" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist
Completed script processing.
*******************
Finished! Terminate.profilem.
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu
Nezabralo to. Složku Documents and settings uvidíte, když si zapnete zobrazení skrytých a systémových souborů v možnostech složky (ovl. panely). ReleaseEngineer.MACROVISION je zrovna takový profil, jako KratkyJ, jenže ho vytvořil šmejd. Budeme muset zkusit takovou partyzánštinu. Je jen na vás zda ji podstoupíte. Je to hra s ohněm, systém se může položit. Nastartujte systém z instal média. Z možností zvolte příkazový řádek a zadejte do něj:
potom:cd c:\ (stiskněte >enter<)
nakonec:del C:\Documents and settings\ReleaseEngineer.MACROVISION (stiskněte >enter>)
Tím by měl být ten profil smazán. PC se restartuje a pak už jen zbývá doufat, že systém naskočí. Protože tuto nákazu neznám a nevím, kam až je "zažraná", tak ani nevím, co to provede. Zřejmě, kromě reinstalu systému, není jiná cesta.exit (stiskněte >enter<)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
shorty1963
- Návštěvník
- Příspěvky: 120
- Registrován: 29 led 2008 17:06
Re: Kontrola logu
Prave ze tu slozku nevidim ani kdyz dam zobrazit skryte a systemove soubory...to je divne...
Instalacku doma nemam, musim eventuelne az zitra v praci.
Reinstal bych prave nechtel.
Instalacku doma nemam, musim eventuelne az zitra v praci.
Reinstal bych prave nechtel.
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu
Já také ne, ale tohle je něco tak speciálního, že o tom nevydoluji v celém internetu jednu kloudnou informaci. Nabootováním z instalačky nepoběží systém a tím si můžeme na disk sáhnout, kam chceme. Problém je jediný: neznám projevy této nákazy a ani to, s čím je mazaný adresář svázán.Reinstal bych prave nechtel.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
shorty1963
- Návštěvník
- Příspěvky: 120
- Registrován: 29 led 2008 17:06
Re: Kontrola logu
Tak zatim to jeste zkouset nebudu, treba se na to brzo neco najde, nejaky postup overeny. Ten nefukcni vystup na projektor byl v ovladaci, uz to funguje.
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu
OK. Můžete si to sám pohlídat na google. Sám budu též pátrat.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
shorty1963
- Návštěvník
- Příspěvky: 120
- Registrován: 29 led 2008 17:06
Re: Kontrola logu
Tak jo, samotneho mi to zajima co je to za previta. Kdyby jste na neco narazil, dejte prosim vedet. Pokud bych se rozhodl pro ten vymaz,dam vedet zase ja jak to dopadlo.
Zatim diky.
Zatim diky.
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu
Zatím nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
shorty1963
- Návštěvník
- Příspěvky: 120
- Registrován: 29 led 2008 17:06
Re: Kontrola logu
Tak se mi podařila ta složka a prevíty odstranit, posílám log z RSIT.
Logfile of random's system information tool 1.07 (written by random/random)
Run by KratkyJ at 2011-01-13 15:07:47
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 42 GB (31%) free of 137 GB
Total RAM: 3070 MB (42% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:46:25, on 7.1.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
C:\Program Files\NetTime\NetTime.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Synaptics\SynTP\SynAsus.exe
C:\notes\NLNOTES.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\notes\ntaskldr.EXE
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Program Files\Microsoft Office\Office12\EXCEL.EXE
C:\Users\KratkyJ\Downloads\PC-udrzba\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://kompas.hzap.local/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.11.9.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Client Access Service] "C:\Program Files\IBM\Client Access\cwbsvstr.exe"
O4 - HKLM\..\Run: [Client Access Check Version] "C:\Program Files\IBM\Client Access\cwbckver.exe" LOGIN
O4 - HKLM\..\Run: [Client Access Express Welcome] "C:\Program Files\IBM\Client Access\cwbwlwiz.exe"
O4 - HKLM\..\Run: [Client Access PC5250 Sound] "C:\Program Files\IBM\Client Access\Emulator\pcssnd.exe"
O4 - HKLM\..\Run: [NetTime] C:\Program Files\NetTime\NetTime.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O15 - Trusted Zone: http://*.pproi
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: iSeries Access for Windows Remote Command (Cwbrxd) - IBM Corporation - C:\Windows\CWBRXD.EXE
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Kerio VPN Client Service (KVPNCSvc) - Kerio Technologies Inc. - C:\Program Files\Kerio\VPN Client\kvpncsvc.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\notes\ntmulti.exe
O23 - Service: NetTime (NetTimeSvc) - Subjective Software - C:\Program Files\NetTime\NeTmSvNT.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SolidConverterPDFReadSpool (SCPDFReadSpool) - Solid Documents, LLC - C:\Windows\Installer\MSI357.tmp
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Aplikace Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
O23 - Service: Aplikace Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
--
End of file - 9149 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2009-04-22 520192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.4.11.9.dll [2010-11-09 766768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-09-22 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-01-05 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2009-04-22 520192]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"=C:\Program Files\ATKOSD2\ATKOSD2.exe [2008-01-23 7766016]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-11-16 1029416]
"Client Access Service"=C:\Program Files\IBM\Client Access\cwbsvstr.exe [2005-06-09 20530]
"Client Access Check Version"=C:\Program Files\IBM\Client Access\cwbckver.exe [2005-06-09 45106]
"Client Access Express Welcome"=C:\Program Files\IBM\Client Access\cwbwlwiz.exe [2005-06-09 20480]
"Client Access PC5250 Sound"=C:\Program Files\IBM\Client Access\Emulator\pcssnd.exe [2005-06-09 40960]
"NetTime"=C:\Program Files\NetTime\NetTime.exe [2003-01-30 3791032]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2010-11-25 115560]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-09-11 218032]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-05-14 1479680]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ccEvtMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ccSetMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmcService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Symantec Antivirus]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoInstrumentation"=0x01
"NoDriveTypeAutoRun"=153
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
"NoDrives"=
"NoDriveTypeAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2011-01-13 15:07:47 ----D---- C:\rsit
2011-01-13 12:29:17 ----D---- C:\Users\KratkyJ\AppData\Roaming\smkits
2011-01-13 07:00:59 ----A---- C:\Windows\system32\odbc32.dll
2011-01-13 07:00:26 ----A---- C:\Windows\system32\sdclt.exe
2011-01-10 06:08:30 ----A---- C:\Windows\system32\PerfStringBackup.TMP
2011-01-09 10:31:57 ----D---- C:\Program Files\SuperCleaner
2011-01-07 13:40:11 ----D---- C:\Program Files\PC Connectivity Solution
2011-01-05 07:12:53 ----A---- C:\Windows\system32\javaws.exe
2011-01-05 07:12:53 ----A---- C:\Windows\system32\deployJava1.dll
2011-01-03 14:45:57 ----D---- C:\Users\KratkyJ\AppData\Roaming\AVG
2011-01-03 07:43:34 ----D---- C:\Windows\temp
2011-01-03 07:42:29 ----SHD---- C:\$RECYCLE.BIN
2010-12-30 17:58:31 ----N---- C:\autoexec.bat
2010-12-30 17:56:03 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-12-15 06:58:20 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-15 06:58:20 ----A---- C:\Windows\system32\taskschd.dll
2010-12-15 06:58:20 ----A---- C:\Windows\system32\taskeng.exe
2010-12-15 06:58:20 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-15 06:58:20 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-15 06:58:19 ----A---- C:\Windows\system32\consent.exe
2010-12-15 06:58:18 ----A---- C:\Windows\system32\fontsub.dll
2010-12-15 06:58:18 ----A---- C:\Windows\system32\atmlib.dll
2010-12-15 06:58:18 ----A---- C:\Windows\system32\atmfd.dll
2010-12-15 06:58:09 ----A---- C:\Windows\system32\iertutil.dll
2010-12-15 06:58:02 ----A---- C:\Windows\system32\mshtml.dll
2010-12-15 06:58:00 ----A---- C:\Windows\system32\mstime.dll
2010-12-15 06:57:59 ----A---- C:\Windows\system32\ieframe.dll
2010-12-15 06:57:58 ----A---- C:\Windows\system32\ie4uinit.exe
2010-12-15 06:57:56 ----A---- C:\Windows\system32\wininet.dll
2010-12-15 06:57:55 ----A---- C:\Windows\system32\urlmon.dll
2010-12-15 06:57:55 ----A---- C:\Windows\system32\msfeeds.dll
2010-12-15 06:57:54 ----A---- C:\Windows\system32\msfeedssync.exe
2010-12-15 06:57:54 ----A---- C:\Windows\system32\iedkcs32.dll
2010-12-15 06:57:51 ----A---- C:\Windows\system32\ieui.dll
2010-12-15 06:57:50 ----A---- C:\Windows\system32\occache.dll
2010-12-15 06:57:50 ----A---- C:\Windows\system32\mshtmled.dll
2010-12-15 06:57:50 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-12-15 06:57:50 ----A---- C:\Windows\system32\licmgr10.dll
2010-12-15 06:57:50 ----A---- C:\Windows\system32\jsproxy.dll
2010-12-15 06:57:50 ----A---- C:\Windows\system32\ieUnatt.exe
2010-12-15 06:57:50 ----A---- C:\Windows\system32\iesysprep.dll
2010-12-15 06:57:50 ----A---- C:\Windows\system32\iesetup.dll
2010-12-15 06:57:50 ----A---- C:\Windows\system32\iernonce.dll
2010-12-15 06:57:50 ----A---- C:\Windows\system32\iepeers.dll
2010-12-15 06:57:31 ----A---- C:\Windows\system32\tzres.dll
======List of files/folders modified in the last 1 months======
2011-01-13 15:07:45 ----D---- C:\Windows\Prefetch
2011-01-13 11:40:31 ----AD---- C:\Windows
2011-01-13 08:14:16 ----D---- C:\Windows\Debug
2011-01-13 07:19:40 ----D---- C:\Windows\System32
2011-01-13 07:15:43 ----A---- C:\Windows\system32\mrt.exe
2011-01-13 07:15:39 ----D---- C:\Windows\winsxs
2011-01-13 07:15:24 ----SHD---- C:\Windows\Installer
2011-01-13 07:15:18 ----D---- C:\ProgramData\Microsoft Help
2011-01-13 07:13:49 ----SHD---- C:\System Volume Information
2011-01-13 07:00:17 ----D---- C:\Windows\system32\catroot2
2011-01-13 07:00:17 ----D---- C:\Windows\system32\catroot
2011-01-12 07:14:18 ----D---- C:\Users\KratkyJ\AppData\Roaming\SolidDocuments
2011-01-12 06:57:01 ----D---- C:\Windows\inf
2011-01-11 15:25:12 ----D---- C:\Program Files
2011-01-09 11:00:24 ----AD---- C:\ProgramData\TEMP
2011-01-08 22:25:24 ----D---- C:\Users\KratkyJ\AppData\Roaming\ICQ
2011-01-08 20:19:30 ----D---- C:\ProgramData\Kaspersky Lab
2011-01-08 19:48:19 ----D---- C:\Program Files\ICQ7.2
2011-01-07 19:39:02 ----D---- C:\ProgramData
2011-01-07 13:40:48 ----D---- C:\Windows\system32\drivers
2011-01-07 13:40:46 ----DC---- C:\Windows\system32\DRVSTORE
2011-01-07 13:39:40 ----D---- C:\Program Files\Nokia
2011-01-07 13:39:40 ----D---- C:\Program Files\Common Files\Nokia
2011-01-06 14:46:06 ----D---- C:\Windows\system32\cs-CZ
2011-01-06 08:16:40 ----D---- C:\ProgramData\Zbshareware Lab
2011-01-05 11:07:45 ----D---- C:\Windows\system32\config
2011-01-05 10:51:44 ----D---- C:\Program Files\PowerArchiver
2011-01-05 10:51:44 ----D---- C:\Program Files\Mozilla Firefox
2011-01-05 07:13:16 ----D---- C:\Program Files\Common Files\Java
2011-01-05 07:12:40 ----A---- C:\Windows\system32\javaw.exe
2011-01-05 07:12:40 ----A---- C:\Windows\system32\java.exe
2011-01-04 10:55:04 ----D---- C:\Windows\Tasks
2011-01-03 12:33:16 ----D---- C:\Windows\ERDNT
2011-01-03 07:40:17 ----A---- C:\Windows\system.ini
2011-01-03 07:29:10 ----D---- C:\Windows\AppPatch
2011-01-03 07:29:09 ----D---- C:\Program Files\Common Files
2011-01-02 14:03:59 ----D---- C:\Windows\tracing
2011-01-02 10:30:33 ----D---- C:\Program Files\SUPERAntiSpyware
2011-01-01 19:10:53 ----D---- C:\Program Files\CCleaner
2010-12-30 17:58:23 ----D---- C:\Windows\system32\Tasks
2010-12-29 20:01:43 ----D---- C:\Users\KratkyJ\AppData\Roaming\Winamp
2010-12-28 13:22:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-12-25 09:27:06 ----D---- C:\Users\KratkyJ\AppData\Roaming\Zoner
2010-12-25 07:40:50 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-12-23 17:58:23 ----SD---- C:\ProgramData\Microsoft
2010-12-23 11:09:18 ----A---- C:\Windows\system32\CSVer.dll
2010-12-20 17:51:05 ----D---- C:\Program Files\Microsoft Silverlight
2010-12-20 17:25:31 ----D---- C:\Program Files\NVIDIA Corporation
2010-12-20 16:29:49 ----D---- C:\Windows\system32\wbem
2010-12-20 16:28:31 ----D---- C:\Windows\system32\spool
2010-12-20 16:28:30 ----D---- C:\ProgramData\P4G
2010-12-20 16:28:29 ----D---- C:\Windows\registration
2010-12-20 16:28:29 ----D---- C:\notes
2010-12-19 18:58:50 ----HD---- C:\Program Files\InstallShield Installation Information
2010-12-15 13:09:58 ----D---- C:\Program Files\Common Files\Adobe
2010-12-15 13:09:57 ----D---- C:\ProgramData\Adobe
2010-12-15 09:04:16 ----D---- C:\Windows\rescache
2010-12-15 08:44:35 ----D---- C:\Program Files\Windows Mail
2010-12-15 08:44:34 ----D---- C:\Program Files\Internet Explorer
2010-12-15 08:44:33 ----D---- C:\Windows\system32\migration
2010-12-15 07:25:05 ----D---- C:\Boot
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2009-04-11 351744]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2011-01-07 371248]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2008-07-21 24392]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [2010-11-25 421424]
R1 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2010-11-25 283184]
R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2010-11-25 43696]
R1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2010-11-25 188080]
R1 WPS;WPS; \??\C:\Windows\system32\drivers\wpsdrvnt.sys [2010-11-25 43336]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-15 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-03-21 1203776]
R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2008-09-04 99648]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2007-06-16 146824]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-03-17 81960]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2008-03-17 100392]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2008-01-29 29736]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-03-17 17320]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 DCamUSBET;USB2.0 1.3M UVC WebCam; C:\Windows\system32\DRIVERS\etDevice.sys [2008-10-20 138920]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 ElbyDelay;ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [2007-02-16 11984]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-01-07 102448]
R3 FiltUSBET;ET USB Device Lower Filter; C:\Windows\system32\DRIVERS\etFilter.sys [2008-10-20 21544]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2007-12-18 54784]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2008-06-03 15928]
R3 kvnet;Kerio Virtual Network Adapter; C:\Windows\system32\DRIVERS\kvnet.sys [2009-03-23 26624]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\System32\Drivers\LEqdUsb.Sys [2010-08-24 40912]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\System32\Drivers\LHidEqd.Sys [2010-08-24 10448]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2010-08-24 38864]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2010-08-24 37328]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2008-01-21 18432]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20110112.039\NAVENG.SYS [2011-01-13 86008]
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20110112.039\NAVEX15.SYS [2011-01-13 1360760]
R3 NETwNv32;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETwNv32.sys [2010-10-18 6959616]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2010-06-21 105576]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-06-08 10888168]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2010-11-11 305256]
R3 ScanUSBET;ET USB Still Image Capture Device; C:\Windows\system32\DRIVERS\etScan.sys [2008-10-20 13224]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2010-11-29 124976]
R3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2010-11-25 26416]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-11-16 195760]
R3 Teefer2;Teefer2 Miniport; C:\Windows\system32\DRIVERS\teefer2.sys [2010-11-25 67472]
R3 WpsHelper;WpsHelper; \??\C:\Windows\system32\drivers\WpsHelper.sys [2011-01-06 167936]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 COH_Mon;COH_Mon; \??\C:\Windows\system32\Drivers\COH_Mon.sys [2010-11-25 23888]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 DrvAgent32;DrvAgent32; \??\C:\Windows\system32\Drivers\DrvAgent32.sys [2010-12-23 23456]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 39272]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2010-03-18 28624]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NETw5v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2010-01-13 6628352]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 Ser2pl;Prolific2 Serial port driver; C:\Windows\system32\DRIVERS\ser2pl.sys [2005-11-04 48640]
S3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2010-11-25 320944]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2009-04-11 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 SysPlant;SysPlant for NT; C:\Windows\SYSTEM32\Drivers\SysPlant.sys [2010-11-25 97096]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2008-03-18 13312]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-10-02 94208]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-07 94208]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-04-10 518696]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2010-11-25 108392]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2010-11-25 108392]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2009-02-27 870672]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336]
R2 KVPNCSvc;Kerio VPN Client Service; C:\Program Files\Kerio\VPN Client\kvpncsvc.exe [2009-10-26 972648]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-03-17 73728]
R2 Multi-user Cleanup Service;Multi-user Cleanup Service; C:\notes\ntmulti.exe [2009-03-24 53248]
R2 NetTimeSvc;NetTime; C:\Program Files\NetTime\NeTmSvNT.exe [2003-01-30 452096]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-06-07 129640]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2009-02-27 473360]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R2 SCPDFReadSpool;SolidConverterPDFReadSpool; C:\Windows\Installer\MSI357.tmp [2010-01-22 189696]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 SmcService;Aplikace Symantec Management Client; C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe [2010-11-25 1881368]
R2 Symantec AntiVirus;Aplikace Symantec Endpoint Protection; C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe [2010-11-25 1831024]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-10-20 630272]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 Cwbrxd;iSeries Access for Windows Remote Command; C:\Windows\CWBRXD.EXE [2005-06-09 57344]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2008-01-21 523776]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2010-10-28 293456]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2010-02-17 3093880]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-04-11 918528]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S4 SNAC;Aplikace Symantec Network Access Control ; C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE [2010-11-25 349512]
S4 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
-----------------EOF-----------------
Logfile of random's system information tool 1.07 (written by random/random)
Run by KratkyJ at 2011-01-13 15:07:47
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 42 GB (31%) free of 137 GB
Total RAM: 3070 MB (42% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:46:25, on 7.1.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
C:\Program Files\NetTime\NetTime.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Synaptics\SynTP\SynAsus.exe
C:\notes\NLNOTES.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\notes\ntaskldr.EXE
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Program Files\Microsoft Office\Office12\EXCEL.EXE
C:\Users\KratkyJ\Downloads\PC-udrzba\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://kompas.hzap.local/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.11.9.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Client Access Service] "C:\Program Files\IBM\Client Access\cwbsvstr.exe"
O4 - HKLM\..\Run: [Client Access Check Version] "C:\Program Files\IBM\Client Access\cwbckver.exe" LOGIN
O4 - HKLM\..\Run: [Client Access Express Welcome] "C:\Program Files\IBM\Client Access\cwbwlwiz.exe"
O4 - HKLM\..\Run: [Client Access PC5250 Sound] "C:\Program Files\IBM\Client Access\Emulator\pcssnd.exe"
O4 - HKLM\..\Run: [NetTime] C:\Program Files\NetTime\NetTime.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O15 - Trusted Zone: http://*.pproi
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: iSeries Access for Windows Remote Command (Cwbrxd) - IBM Corporation - C:\Windows\CWBRXD.EXE
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Kerio VPN Client Service (KVPNCSvc) - Kerio Technologies Inc. - C:\Program Files\Kerio\VPN Client\kvpncsvc.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\notes\ntmulti.exe
O23 - Service: NetTime (NetTimeSvc) - Subjective Software - C:\Program Files\NetTime\NeTmSvNT.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SolidConverterPDFReadSpool (SCPDFReadSpool) - Solid Documents, LLC - C:\Windows\Installer\MSI357.tmp
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Aplikace Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
O23 - Service: Aplikace Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
--
End of file - 9149 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2009-04-22 520192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.4.11.9.dll [2010-11-09 766768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-09-22 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-01-05 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2009-04-22 520192]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"=C:\Program Files\ATKOSD2\ATKOSD2.exe [2008-01-23 7766016]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-11-16 1029416]
"Client Access Service"=C:\Program Files\IBM\Client Access\cwbsvstr.exe [2005-06-09 20530]
"Client Access Check Version"=C:\Program Files\IBM\Client Access\cwbckver.exe [2005-06-09 45106]
"Client Access Express Welcome"=C:\Program Files\IBM\Client Access\cwbwlwiz.exe [2005-06-09 20480]
"Client Access PC5250 Sound"=C:\Program Files\IBM\Client Access\Emulator\pcssnd.exe [2005-06-09 40960]
"NetTime"=C:\Program Files\NetTime\NetTime.exe [2003-01-30 3791032]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2010-11-25 115560]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-09-11 218032]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-05-14 1479680]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ccEvtMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ccSetMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmcService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Symantec Antivirus]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoInstrumentation"=0x01
"NoDriveTypeAutoRun"=153
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
"NoDrives"=
"NoDriveTypeAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2011-01-13 15:07:47 ----D---- C:\rsit
2011-01-13 12:29:17 ----D---- C:\Users\KratkyJ\AppData\Roaming\smkits
2011-01-13 07:00:59 ----A---- C:\Windows\system32\odbc32.dll
2011-01-13 07:00:26 ----A---- C:\Windows\system32\sdclt.exe
2011-01-10 06:08:30 ----A---- C:\Windows\system32\PerfStringBackup.TMP
2011-01-09 10:31:57 ----D---- C:\Program Files\SuperCleaner
2011-01-07 13:40:11 ----D---- C:\Program Files\PC Connectivity Solution
2011-01-05 07:12:53 ----A---- C:\Windows\system32\javaws.exe
2011-01-05 07:12:53 ----A---- C:\Windows\system32\deployJava1.dll
2011-01-03 14:45:57 ----D---- C:\Users\KratkyJ\AppData\Roaming\AVG
2011-01-03 07:43:34 ----D---- C:\Windows\temp
2011-01-03 07:42:29 ----SHD---- C:\$RECYCLE.BIN
2010-12-30 17:58:31 ----N---- C:\autoexec.bat
2010-12-30 17:56:03 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-12-15 06:58:20 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-15 06:58:20 ----A---- C:\Windows\system32\taskschd.dll
2010-12-15 06:58:20 ----A---- C:\Windows\system32\taskeng.exe
2010-12-15 06:58:20 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-15 06:58:20 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-15 06:58:19 ----A---- C:\Windows\system32\consent.exe
2010-12-15 06:58:18 ----A---- C:\Windows\system32\fontsub.dll
2010-12-15 06:58:18 ----A---- C:\Windows\system32\atmlib.dll
2010-12-15 06:58:18 ----A---- C:\Windows\system32\atmfd.dll
2010-12-15 06:58:09 ----A---- C:\Windows\system32\iertutil.dll
2010-12-15 06:58:02 ----A---- C:\Windows\system32\mshtml.dll
2010-12-15 06:58:00 ----A---- C:\Windows\system32\mstime.dll
2010-12-15 06:57:59 ----A---- C:\Windows\system32\ieframe.dll
2010-12-15 06:57:58 ----A---- C:\Windows\system32\ie4uinit.exe
2010-12-15 06:57:56 ----A---- C:\Windows\system32\wininet.dll
2010-12-15 06:57:55 ----A---- C:\Windows\system32\urlmon.dll
2010-12-15 06:57:55 ----A---- C:\Windows\system32\msfeeds.dll
2010-12-15 06:57:54 ----A---- C:\Windows\system32\msfeedssync.exe
2010-12-15 06:57:54 ----A---- C:\Windows\system32\iedkcs32.dll
2010-12-15 06:57:51 ----A---- C:\Windows\system32\ieui.dll
2010-12-15 06:57:50 ----A---- C:\Windows\system32\occache.dll
2010-12-15 06:57:50 ----A---- C:\Windows\system32\mshtmled.dll
2010-12-15 06:57:50 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-12-15 06:57:50 ----A---- C:\Windows\system32\licmgr10.dll
2010-12-15 06:57:50 ----A---- C:\Windows\system32\jsproxy.dll
2010-12-15 06:57:50 ----A---- C:\Windows\system32\ieUnatt.exe
2010-12-15 06:57:50 ----A---- C:\Windows\system32\iesysprep.dll
2010-12-15 06:57:50 ----A---- C:\Windows\system32\iesetup.dll
2010-12-15 06:57:50 ----A---- C:\Windows\system32\iernonce.dll
2010-12-15 06:57:50 ----A---- C:\Windows\system32\iepeers.dll
2010-12-15 06:57:31 ----A---- C:\Windows\system32\tzres.dll
======List of files/folders modified in the last 1 months======
2011-01-13 15:07:45 ----D---- C:\Windows\Prefetch
2011-01-13 11:40:31 ----AD---- C:\Windows
2011-01-13 08:14:16 ----D---- C:\Windows\Debug
2011-01-13 07:19:40 ----D---- C:\Windows\System32
2011-01-13 07:15:43 ----A---- C:\Windows\system32\mrt.exe
2011-01-13 07:15:39 ----D---- C:\Windows\winsxs
2011-01-13 07:15:24 ----SHD---- C:\Windows\Installer
2011-01-13 07:15:18 ----D---- C:\ProgramData\Microsoft Help
2011-01-13 07:13:49 ----SHD---- C:\System Volume Information
2011-01-13 07:00:17 ----D---- C:\Windows\system32\catroot2
2011-01-13 07:00:17 ----D---- C:\Windows\system32\catroot
2011-01-12 07:14:18 ----D---- C:\Users\KratkyJ\AppData\Roaming\SolidDocuments
2011-01-12 06:57:01 ----D---- C:\Windows\inf
2011-01-11 15:25:12 ----D---- C:\Program Files
2011-01-09 11:00:24 ----AD---- C:\ProgramData\TEMP
2011-01-08 22:25:24 ----D---- C:\Users\KratkyJ\AppData\Roaming\ICQ
2011-01-08 20:19:30 ----D---- C:\ProgramData\Kaspersky Lab
2011-01-08 19:48:19 ----D---- C:\Program Files\ICQ7.2
2011-01-07 19:39:02 ----D---- C:\ProgramData
2011-01-07 13:40:48 ----D---- C:\Windows\system32\drivers
2011-01-07 13:40:46 ----DC---- C:\Windows\system32\DRVSTORE
2011-01-07 13:39:40 ----D---- C:\Program Files\Nokia
2011-01-07 13:39:40 ----D---- C:\Program Files\Common Files\Nokia
2011-01-06 14:46:06 ----D---- C:\Windows\system32\cs-CZ
2011-01-06 08:16:40 ----D---- C:\ProgramData\Zbshareware Lab
2011-01-05 11:07:45 ----D---- C:\Windows\system32\config
2011-01-05 10:51:44 ----D---- C:\Program Files\PowerArchiver
2011-01-05 10:51:44 ----D---- C:\Program Files\Mozilla Firefox
2011-01-05 07:13:16 ----D---- C:\Program Files\Common Files\Java
2011-01-05 07:12:40 ----A---- C:\Windows\system32\javaw.exe
2011-01-05 07:12:40 ----A---- C:\Windows\system32\java.exe
2011-01-04 10:55:04 ----D---- C:\Windows\Tasks
2011-01-03 12:33:16 ----D---- C:\Windows\ERDNT
2011-01-03 07:40:17 ----A---- C:\Windows\system.ini
2011-01-03 07:29:10 ----D---- C:\Windows\AppPatch
2011-01-03 07:29:09 ----D---- C:\Program Files\Common Files
2011-01-02 14:03:59 ----D---- C:\Windows\tracing
2011-01-02 10:30:33 ----D---- C:\Program Files\SUPERAntiSpyware
2011-01-01 19:10:53 ----D---- C:\Program Files\CCleaner
2010-12-30 17:58:23 ----D---- C:\Windows\system32\Tasks
2010-12-29 20:01:43 ----D---- C:\Users\KratkyJ\AppData\Roaming\Winamp
2010-12-28 13:22:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-12-25 09:27:06 ----D---- C:\Users\KratkyJ\AppData\Roaming\Zoner
2010-12-25 07:40:50 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-12-23 17:58:23 ----SD---- C:\ProgramData\Microsoft
2010-12-23 11:09:18 ----A---- C:\Windows\system32\CSVer.dll
2010-12-20 17:51:05 ----D---- C:\Program Files\Microsoft Silverlight
2010-12-20 17:25:31 ----D---- C:\Program Files\NVIDIA Corporation
2010-12-20 16:29:49 ----D---- C:\Windows\system32\wbem
2010-12-20 16:28:31 ----D---- C:\Windows\system32\spool
2010-12-20 16:28:30 ----D---- C:\ProgramData\P4G
2010-12-20 16:28:29 ----D---- C:\Windows\registration
2010-12-20 16:28:29 ----D---- C:\notes
2010-12-19 18:58:50 ----HD---- C:\Program Files\InstallShield Installation Information
2010-12-15 13:09:58 ----D---- C:\Program Files\Common Files\Adobe
2010-12-15 13:09:57 ----D---- C:\ProgramData\Adobe
2010-12-15 09:04:16 ----D---- C:\Windows\rescache
2010-12-15 08:44:35 ----D---- C:\Program Files\Windows Mail
2010-12-15 08:44:34 ----D---- C:\Program Files\Internet Explorer
2010-12-15 08:44:33 ----D---- C:\Windows\system32\migration
2010-12-15 07:25:05 ----D---- C:\Boot
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2009-04-11 351744]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2011-01-07 371248]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2008-07-21 24392]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [2010-11-25 421424]
R1 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2010-11-25 283184]
R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2010-11-25 43696]
R1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2010-11-25 188080]
R1 WPS;WPS; \??\C:\Windows\system32\drivers\wpsdrvnt.sys [2010-11-25 43336]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-15 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-03-21 1203776]
R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2008-09-04 99648]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2007-06-16 146824]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-03-17 81960]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2008-03-17 100392]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2008-01-29 29736]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-03-17 17320]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 DCamUSBET;USB2.0 1.3M UVC WebCam; C:\Windows\system32\DRIVERS\etDevice.sys [2008-10-20 138920]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 ElbyDelay;ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [2007-02-16 11984]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-01-07 102448]
R3 FiltUSBET;ET USB Device Lower Filter; C:\Windows\system32\DRIVERS\etFilter.sys [2008-10-20 21544]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2007-12-18 54784]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2008-06-03 15928]
R3 kvnet;Kerio Virtual Network Adapter; C:\Windows\system32\DRIVERS\kvnet.sys [2009-03-23 26624]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\System32\Drivers\LEqdUsb.Sys [2010-08-24 40912]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\System32\Drivers\LHidEqd.Sys [2010-08-24 10448]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2010-08-24 38864]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2010-08-24 37328]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2008-01-21 18432]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20110112.039\NAVENG.SYS [2011-01-13 86008]
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20110112.039\NAVEX15.SYS [2011-01-13 1360760]
R3 NETwNv32;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETwNv32.sys [2010-10-18 6959616]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2010-06-21 105576]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-06-08 10888168]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2010-11-11 305256]
R3 ScanUSBET;ET USB Still Image Capture Device; C:\Windows\system32\DRIVERS\etScan.sys [2008-10-20 13224]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2010-11-29 124976]
R3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2010-11-25 26416]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-11-16 195760]
R3 Teefer2;Teefer2 Miniport; C:\Windows\system32\DRIVERS\teefer2.sys [2010-11-25 67472]
R3 WpsHelper;WpsHelper; \??\C:\Windows\system32\drivers\WpsHelper.sys [2011-01-06 167936]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 COH_Mon;COH_Mon; \??\C:\Windows\system32\Drivers\COH_Mon.sys [2010-11-25 23888]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 DrvAgent32;DrvAgent32; \??\C:\Windows\system32\Drivers\DrvAgent32.sys [2010-12-23 23456]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 39272]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2010-03-18 28624]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NETw5v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2010-01-13 6628352]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 Ser2pl;Prolific2 Serial port driver; C:\Windows\system32\DRIVERS\ser2pl.sys [2005-11-04 48640]
S3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2010-11-25 320944]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2009-04-11 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 SysPlant;SysPlant for NT; C:\Windows\SYSTEM32\Drivers\SysPlant.sys [2010-11-25 97096]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2008-03-18 13312]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-10-02 94208]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-07 94208]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-04-10 518696]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2010-11-25 108392]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2010-11-25 108392]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2009-02-27 870672]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336]
R2 KVPNCSvc;Kerio VPN Client Service; C:\Program Files\Kerio\VPN Client\kvpncsvc.exe [2009-10-26 972648]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-03-17 73728]
R2 Multi-user Cleanup Service;Multi-user Cleanup Service; C:\notes\ntmulti.exe [2009-03-24 53248]
R2 NetTimeSvc;NetTime; C:\Program Files\NetTime\NeTmSvNT.exe [2003-01-30 452096]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-06-07 129640]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2009-02-27 473360]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R2 SCPDFReadSpool;SolidConverterPDFReadSpool; C:\Windows\Installer\MSI357.tmp [2010-01-22 189696]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 SmcService;Aplikace Symantec Management Client; C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe [2010-11-25 1881368]
R2 Symantec AntiVirus;Aplikace Symantec Endpoint Protection; C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe [2010-11-25 1831024]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-10-20 630272]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 Cwbrxd;iSeries Access for Windows Remote Command; C:\Windows\CWBRXD.EXE [2005-06-09 57344]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2008-01-21 523776]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2010-10-28 293456]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2010-02-17 3093880]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-04-11 918528]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S4 SNAC;Aplikace Symantec Network Access Control ; C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE [2010-11-25 349512]
S4 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
-----------------EOF-----------------
Přispějete na provoz fóra?