Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

pomale a zamrzajici PC

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
apill01
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 21 dub 2009 11:01

pomale a zamrzajici PC

#1 Příspěvek od apill01 »

Dobry den, potreboval bych poradit s odvirovanim pc, ktery se chova nestandartne (rychlost, zamrzavani, dlouhe vypinani a nabihani atd.). Standartni antivir jako avast a podobne nic nenalezly. predem diky d.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119402
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: pomale a zamrzajici PC

#2 Příspěvek od Rudy »

Problém nemusí způsobovat pouze vir. Je to jen jedna z možností. Derjte log z RSIT: http://viry.cz/forum/viewtopic.php?f=24&t=81939 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
apill01
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 21 dub 2009 11:01

Re: pomale a zamrzajici PC

#3 Příspěvek od apill01 »

Logfile of random's system information tool 1.06 (written by random/random)
Run by vepr at 2010-01-16 20:06:57
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 9 GB (9%) free of 104 GB
Total RAM: 2006 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:08:12, on 16.1.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Windows\System32\TpShocks.exe
C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe
C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Winamp3\winampa.exe
C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\AnyDATA\Ufonuv fofr internet\EasyWirelessNet.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\vepr\Downloads\RSIT.exe
C:\Program Files\trend micro\vepr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShareTb\BearShareDx.dll
O2 - BHO: Ask Search Assistant BHO - {0A94B111-4504-4e26-AB05-E61E474AA38B} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {F4D76F09-7896-458a-890F-E1F05C46069F} - (no file)
O3 - Toolbar: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShareTb\BearShareDx.dll
O3 - Toolbar: Lenovo ThinkVantage Toolbox - {86B9B5DD-FB75-4035-BD52-3C94F7849CAF} - C:\Program Files\PC-Doctor\ATLPcdToolbar544936.dll
O4 - HKLM\..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe /r
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BTVLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [LenovoOobeOffers] c:\SWTOOLS\LenovoWelcome\LenovoOobeOffers.exe /filePath="c:\swshare\firstrun.txt"
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\winampa.exe"
O4 - HKLM\..\Run: [Message Center Plus] C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe /start
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: LenovoRegistration.lnk = C:\SWTOOLS\LenovoWelcome\LenovoRegistration.cmd
O8 - Extra context menu item: &Windows Live Search - res://c:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1057DB4D-94AF-49AA-AE76-653C434A2192}: NameServer = 78.136.128.4 78.136.128.12
O17 - HKLM\System\CS1\Services\Tcpip\..\{1057DB4D-94AF-49AA-AE76-653C434A2192}: NameServer = 78.136.128.4 78.136.128.12
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\Windows\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group Limited - C:\Windows\system32\IPSSVC.EXE
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - C:\Program Files\Lenovo\System Update\SUService.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\Windows\System32\TPHDEXLG.exe
O23 - Service: On Screen Display (TPHKSVC) - Unknown owner - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
O23 - Service: TVT Backup Protection Service - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 13644 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Check Updates for Windows Live Toolbar.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
C:\Windows\tasks\SystemToolsDailyTest.job
C:\Windows\tasks\User_Feed_Synchronization-{7FB51E8E-F57E-4D8A-916A-1207E2509139}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-02-27 61816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}]
MediaBar - C:\Program Files\BearShareTb\BearShareDx.dll [2009-08-10 91576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0A94B111-4504-4e26-AB05-E61E474AA38B}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - c:\Program Files\Windows Live Toolbar\msntb.dll [2007-02-12 546672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F040E541-A427-4CF7-85D8-75E3E0F476C5}]
CPwmIEBrowserHelper Object - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll [2007-08-09 795960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4D76F01-7896-458a-890F-E1F05C46069F}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - c:\Program Files\Windows Live Toolbar\msntb.dll [2007-02-12 546672]
{F4D76F09-7896-458a-890F-E1F05C46069F}
{0974BA1E-64EC-11DE-B2A5-E43756D89593} - MediaBar - C:\Program Files\BearShareTb\BearShareDx.dll [2009-08-10 91576]
{86B9B5DD-FB75-4035-BD52-3C94F7849CAF} - Lenovo ThinkVantage Toolbox - C:\Program Files\PC-Doctor\ATLPcdToolbar544936.dll [2009-11-22 137712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TPFNF7"=C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe [2007-04-09 58416]
"PWMTRV"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor []
"BLOG"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BTVLogEx.DLL,StartBattLog []
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-07-05 820520]
"TPHOTKEY"=C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [2007-03-09 66176]
"TpShocks"=C:\Windows\system32\TpShocks.exe [2007-09-28 181544]
"EZEJMNAP"=C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [2007-03-28 243248]
"LenovoOobeOffers"=c:\SWTOOLS\LenovoWelcome\LenovoOobeOffers.exe [2007-09-25 28672]
"TVT Scheduler Proxy"=C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [2008-03-04 487424]
"DiskeeperSystray"=C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe [2006-11-16 217176]
"AwaySch"=C:\Program Files\Lenovo\AwayTask\AwaySch.EXE [2006-11-07 91688]
"LPManager"=C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe [2007-04-26 120368]
"ACTray"=C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe [2007-07-06 419112]
"ACWLIcon"=C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe [2007-07-06 124200]
"cssauth"=C:\Program Files\Lenovo\Client Security Solution\cssauth.exe [2007-08-09 2630968]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-11 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-11 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-11 133656]
"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-06-13 528384]
"WinampAgent"=C:\Program Files\Winamp3\winampa.exe [2003-10-06 12288]
"Message Center Plus"=C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-27 49976]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2007-07-09 1282048]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2007-12-29 486856]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe
LenovoRegistration.lnk - C:\SWTOOLS\LenovoWelcome\LenovoRegistration.cmd

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-02-11 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Windows\system32\psqlpwd.dll [2007-03-15 89600]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
psqlpwd
ACGina

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ae17e9d6-c6be-11dc-988c-001cbf828feb}]
shell\AutoRun\command - F:\SETUP.EXE /AUTORUN
shell\configure\command - F:\SETUP.EXE
shell\install\command - F:\SETUP.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bc95af75-01ba-11de-8f46-001c251e9fcf}]
shell\AutoRun\command - setup.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2010-01-16 20:06:57 ----D---- C:\rsit
2010-01-15 10:19:36 ----D---- C:\ProgramData\PC-Doctor for Windows
2010-01-15 10:19:30 ----D---- C:\ProgramData\PCDr
2010-01-15 10:14:29 ----D---- C:\Program Files\PC-Doctor
2010-01-13 16:41:43 ----A---- C:\Windows\system32\t2embed.dll
2010-01-13 16:41:43 ----A---- C:\Windows\system32\fontsub.dll
2010-01-06 19:08:12 ----D---- C:\films
2010-01-02 17:45:08 ----D---- C:\Users\vepr\AppData\Roaming\GRETECH
2009-12-31 17:40:40 ----D---- C:\NYC MajklSan
2009-12-30 19:18:51 ----D---- C:\Users\vepr\AppData\Roaming\dvdcss
2009-12-30 19:18:22 ----D---- C:\Users\vepr\AppData\Roaming\vlc
2009-12-30 19:16:58 ----D---- C:\Program Files\VideoLAN
2009-12-30 18:51:04 ----D---- C:\Program Files\The KMPlayer
2009-12-19 12:58:20 ----D---- C:\SQUASH
2009-12-10 11:26:22 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-12-10 11:00:41 ----D---- C:\ProgramData\Symantec
2009-12-10 11:00:41 ----D---- C:\ProgramData\Norton
2009-12-10 11:00:39 ----D---- C:\ProgramData\NortonInstaller
2009-12-10 07:48:14 ----D---- C:\Program Files\Common Files\Adobe AIR
2009-12-09 07:53:06 ----A---- C:\Windows\system32\nshhttp.dll
2009-12-09 07:52:59 ----A---- C:\Windows\system32\httpapi.dll
2009-12-09 07:40:15 ----A---- C:\Windows\system32\winhttp.dll
2009-12-09 07:40:10 ----A---- C:\Windows\system32\mshtml.dll
2009-12-09 07:40:09 ----A---- C:\Windows\system32\ieframe.dll
2009-12-09 07:40:07 ----A---- C:\Windows\system32\wininet.dll
2009-12-09 07:40:07 ----A---- C:\Windows\system32\urlmon.dll
2009-12-09 07:40:07 ----A---- C:\Windows\system32\iertutil.dll
2009-12-09 07:40:06 ----A---- C:\Windows\system32\occache.dll
2009-12-09 07:40:06 ----A---- C:\Windows\system32\msfeeds.dll
2009-12-09 07:40:06 ----A---- C:\Windows\system32\iedkcs32.dll
2009-12-09 07:40:05 ----A---- C:\Windows\system32\ieui.dll
2009-12-09 07:40:04 ----A---- C:\Windows\system32\msfeedssync.exe
2009-12-09 07:40:04 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-12-09 07:40:04 ----A---- C:\Windows\system32\jsproxy.dll
2009-12-09 07:40:04 ----A---- C:\Windows\system32\ieUnatt.exe
2009-12-09 07:40:04 ----A---- C:\Windows\system32\iesysprep.dll
2009-12-09 07:40:04 ----A---- C:\Windows\system32\iesetup.dll
2009-12-09 07:40:04 ----A---- C:\Windows\system32\iernonce.dll
2009-12-09 07:40:04 ----A---- C:\Windows\system32\iepeers.dll
2009-12-09 07:40:04 ----A---- C:\Windows\system32\ie4uinit.exe
2009-12-09 07:39:24 ----A---- C:\Windows\system32\rastls.dll
2009-11-24 19:46:52 ----A---- C:\Windows\system32\tzres.dll
2009-11-24 19:42:54 ----A---- C:\Windows\system32\msxml6.dll
2009-11-24 19:42:52 ----A---- C:\Windows\system32\msxml3.dll
2009-11-18 22:29:27 ----D---- C:\ProgramData\LogMeIn
2009-11-17 13:55:03 ----D---- C:\Program Files\Windows Portable Devices
2009-11-17 13:52:18 ----A---- C:\Windows\system32\UIAnimation.dll
2009-11-17 13:52:17 ----A---- C:\Windows\system32\UIRibbonRes.dll
2009-11-17 13:52:16 ----A---- C:\Windows\system32\UIRibbon.dll
2009-11-17 13:51:39 ----A---- C:\Windows\system32\WMPhoto.dll
2009-11-17 13:51:38 ----A---- C:\Windows\system32\cdd.dll
2009-11-17 13:51:37 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-11-17 13:51:37 ----A---- C:\Windows\system32\d3d10warp.dll
2009-11-17 13:51:36 ----A---- C:\Windows\system32\XpsRasterService.dll
2009-11-17 13:51:36 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2009-11-17 13:51:36 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-11-17 13:51:36 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-11-17 13:51:36 ----A---- C:\Windows\system32\d2d1.dll
2009-11-17 13:51:35 ----A---- C:\Windows\system32\xpsservices.dll
2009-11-17 13:51:35 ----A---- C:\Windows\system32\XpsPrint.dll
2009-11-17 13:51:35 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-11-17 13:51:35 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-11-17 13:51:35 ----A---- C:\Windows\system32\OpcServices.dll
2009-11-17 13:51:35 ----A---- C:\Windows\system32\dxdiagn.dll
2009-11-17 13:51:35 ----A---- C:\Windows\system32\dxdiag.exe
2009-11-17 13:51:34 ----A---- C:\Windows\system32\FntCache.dll
2009-11-17 13:51:34 ----A---- C:\Windows\system32\dxgi.dll
2009-11-17 13:51:34 ----A---- C:\Windows\system32\DWrite.dll
2009-11-17 13:51:34 ----A---- C:\Windows\system32\d3d11.dll
2009-11-17 13:51:34 ----A---- C:\Windows\system32\d3d10level9.dll
2009-11-17 13:51:34 ----A---- C:\Windows\system32\d3d10core.dll
2009-11-17 13:51:34 ----A---- C:\Windows\system32\d3d10_1core.dll
2009-11-17 13:51:33 ----A---- C:\Windows\system32\d3d10_1.dll
2009-11-17 13:51:33 ----A---- C:\Windows\system32\d3d10.dll
2009-11-17 13:51:00 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2009-11-17 13:51:00 ----A---- C:\Windows\system32\wpdbusenum.dll
2009-11-17 13:51:00 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2009-11-17 13:50:57 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2009-11-17 13:50:52 ----A---- C:\Windows\system32\WpdConns.dll
2009-11-17 13:50:51 ----A---- C:\Windows\system32\wpdshext.dll
2009-11-17 13:50:51 ----A---- C:\Windows\system32\WpdMtpUS.dll
2009-11-17 13:50:50 ----A---- C:\Windows\system32\WPDSp.dll
2009-11-17 13:50:50 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2009-11-17 13:50:50 ----A---- C:\Windows\system32\WpdMtp.dll
2009-11-17 13:50:50 ----A---- C:\Windows\system32\wpd_ci.dll
2009-11-17 13:50:50 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2009-11-17 13:50:50 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-11-17 13:50:50 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-11-17 13:50:50 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-11-17 13:49:10 ----A---- C:\Windows\system32\oleaccrc.dll
2009-11-17 13:49:09 ----A---- C:\Windows\system32\UIAutomationCore.dll
2009-11-17 13:49:09 ----A---- C:\Windows\system32\oleacc.dll
2009-11-11 09:32:42 ----A---- C:\Windows\system32\WSDApi.dll
2009-11-09 21:36:52 ----A---- C:\Windows\system32\javaws.exe
2009-11-09 21:36:52 ----A---- C:\Windows\system32\javaw.exe
2009-11-09 21:36:52 ----A---- C:\Windows\system32\java.exe
2009-11-06 22:04:22 ----A---- C:\Windows\system32\GEARAspi.dll
2009-11-06 22:03:19 ----D---- C:\Program Files\iPod
2009-11-06 22:03:18 ----D---- C:\Program Files\iTunes
2009-11-06 21:32:58 ----D---- C:\Program Files\Common Files\DESIGNER
2009-11-06 21:32:53 ----D---- C:\Program Files\Microsoft Works
2009-11-06 21:31:07 ----D---- C:\Program Files\Microsoft.NET
2009-11-06 21:28:30 ----RHD---- C:\MSOCache
2009-11-06 20:40:12 ----D---- C:\Program Files\Microsoft Visual Studio
2009-10-28 20:56:17 ----A---- C:\Windows\system32\wmp.dll
2009-10-28 20:56:13 ----A---- C:\Windows\system32\unregmp2.exe
2009-10-28 20:56:11 ----A---- C:\Windows\system32\wmploc.DLL
2009-10-20 16:03:13 ----D---- C:\ProgramData\Boss Media
2009-10-20 16:02:57 ----D---- C:\Program Files\ParadisePoker

======List of files/folders modified in the last 3 months======

2010-01-16 20:07:37 ----D---- C:\Program Files\trend micro
2010-01-16 20:07:11 ----D---- C:\Windows\temp
2010-01-16 20:00:11 ----SHD---- C:\System Volume Information
2010-01-16 19:58:49 ----A---- C:\Windows\system32\PROCDB.INI
2010-01-16 19:58:34 ----D---- C:\Windows\System32
2010-01-16 19:58:34 ----A---- C:\Windows\system32\IPSCtrl.INI
2010-01-16 17:38:58 ----D---- C:\Windows\system32\Tasks
2010-01-15 17:01:27 ----SHD---- C:\Windows\Installer
2010-01-15 17:01:25 ----D---- C:\Windows\winsxs
2010-01-15 17:01:01 ----D---- C:\Windows\Prefetch
2010-01-15 16:14:55 ----RD---- C:\Program Files
2010-01-15 16:14:55 ----HD---- C:\ProgramData
2010-01-15 10:20:14 ----D---- C:\Windows\Tasks
2010-01-14 16:51:01 ----D---- C:\SWSHARE
2010-01-13 18:29:38 ----D---- C:\Users\vepr\AppData\Roaming\ICQ
2010-01-13 16:46:05 ----D---- C:\Windows\system32\catroot
2010-01-13 16:45:57 ----D---- C:\Program Files\Windows Mail
2010-01-13 16:43:29 ----D---- C:\Windows\Debug
2010-01-13 16:33:53 ----D---- C:\Windows\system32\catroot2
2010-01-12 15:20:42 ----D---- C:\Windows\inf
2010-01-12 15:20:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-01-11 19:51:48 ----D---- C:\Windows\system32\FxsTmp
2010-01-06 16:54:44 ----D---- C:\Program Files\Mozilla Firefox
2010-01-06 15:01:42 ----SD---- C:\Windows\Downloaded Program Files
2010-01-06 09:47:00 ----D---- C:\Program Files\Google
2010-01-06 07:06:43 ----D---- C:\Windows
2010-01-05 01:17:46 ----A---- C:\Windows\system32\mrt.exe
2010-01-02 17:42:04 ----D---- C:\Program Files\GRETECH
2009-12-30 18:36:04 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-12-30 18:07:58 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-12-30 17:49:11 ----SD---- C:\Users\vepr\AppData\Roaming\Microsoft
2009-12-29 12:21:01 ----D---- C:\Program Files\ICQ6.5
2009-12-28 21:01:51 ----D---- C:\ProgramData\NOS
2009-12-10 14:49:53 ----D---- C:\Windows\system32\drivers
2009-12-10 14:43:32 ----D---- C:\Program Files\Common Files
2009-12-10 07:57:57 ----D---- C:\Windows\system32\Adobe
2009-12-10 07:49:44 ----D---- C:\Program Files\Common Files\Adobe
2009-12-10 07:49:38 ----D---- C:\ProgramData\Adobe
2009-12-10 07:49:09 ----D---- C:\Program Files\Adobe
2009-12-09 08:17:01 ----D---- C:\Windows\rescache
2009-12-09 07:57:13 ----D---- C:\Windows\system32\migration
2009-12-09 07:57:10 ----D---- C:\Program Files\Internet Explorer
2009-12-09 07:57:09 ----D---- C:\Windows\system32\cs-CZ
2009-11-25 00:54:29 ----A---- C:\Windows\system32\aswBoot.exe
2009-11-17 13:55:03 ----D---- C:\Windows\system32\wbem
2009-11-17 13:55:00 ----D---- C:\Windows\system32\zh-TW
2009-11-17 13:55:00 ----D---- C:\Windows\system32\zh-HK
2009-11-17 13:55:00 ----D---- C:\Windows\system32\zh-CN
2009-11-17 13:55:00 ----D---- C:\Windows\system32\uk-UA
2009-11-17 13:55:00 ----D---- C:\Windows\system32\tr-TR
2009-11-17 13:55:00 ----D---- C:\Windows\system32\th-TH
2009-11-17 13:55:00 ----D---- C:\Windows\system32\sv-SE
2009-11-17 13:55:00 ----D---- C:\Windows\system32\sr-Latn-CS
2009-11-17 13:55:00 ----D---- C:\Windows\system32\sl-SI
2009-11-17 13:55:00 ----D---- C:\Windows\system32\sk-SK
2009-11-17 13:55:00 ----D---- C:\Windows\system32\ru-RU
2009-11-17 13:55:00 ----D---- C:\Windows\system32\ro-RO
2009-11-17 13:55:00 ----D---- C:\Windows\system32\pt-PT
2009-11-17 13:55:00 ----D---- C:\Windows\system32\pt-BR
2009-11-17 13:55:00 ----D---- C:\Windows\system32\pl-PL
2009-11-17 13:55:00 ----D---- C:\Windows\system32\nl-NL
2009-11-17 13:55:00 ----D---- C:\Windows\system32\nb-NO
2009-11-17 13:55:00 ----D---- C:\Windows\system32\lv-LV
2009-11-17 13:55:00 ----D---- C:\Windows\system32\lt-LT
2009-11-17 13:55:00 ----D---- C:\Windows\system32\ko-KR
2009-11-17 13:55:00 ----D---- C:\Windows\system32\ja-JP
2009-11-17 13:55:00 ----D---- C:\Windows\system32\it-IT
2009-11-17 13:55:00 ----D---- C:\Windows\system32\hu-HU
2009-11-17 13:55:00 ----D---- C:\Windows\system32\hr-HR
2009-11-17 13:55:00 ----D---- C:\Windows\system32\he-IL
2009-11-17 13:55:00 ----D---- C:\Windows\system32\fr-FR
2009-11-17 13:55:00 ----D---- C:\Windows\system32\fi-FI
2009-11-17 13:55:00 ----D---- C:\Windows\system32\et-EE
2009-11-17 13:55:00 ----D---- C:\Windows\system32\es-ES
2009-11-17 13:55:00 ----D---- C:\Windows\system32\en-US
2009-11-17 13:55:00 ----D---- C:\Windows\system32\el-GR
2009-11-17 13:55:00 ----D---- C:\Windows\system32\de-DE
2009-11-17 13:55:00 ----D---- C:\Windows\system32\da-DK
2009-11-17 13:55:00 ----D---- C:\Windows\system32\bg-BG
2009-11-17 13:55:00 ----D---- C:\Windows\system32\ar-SA
2009-11-11 10:43:40 ----A---- C:\Windows\win.ini
2009-11-09 21:36:50 ----D---- C:\Program Files\Java
2009-11-07 15:57:06 ----RSD---- C:\Windows\assembly
2009-11-07 15:23:54 ----RSD---- C:\Windows\Fonts
2009-11-07 15:23:06 ----D---- C:\Program Files\Common Files\microsoft shared
2009-11-06 22:48:42 ----D---- C:\Users\vepr\AppData\Roaming\Apple Computer
2009-11-06 22:06:31 ----D---- C:\ProgramData\Apple
2009-11-06 22:04:22 ----DC---- C:\Windows\system32\DRVSTORE
2009-11-06 22:03:19 ----D---- C:\Program Files\Common Files\Apple
2009-11-06 21:38:47 ----A---- C:\Windows\ODBC.INI
2009-11-06 21:34:33 ----D---- C:\Windows\ShellNew
2009-11-06 21:33:02 ----D---- C:\Program Files\Microsoft Office
2009-11-06 21:31:50 ----D---- C:\Windows\Help
2009-11-06 21:28:35 ----D---- C:\Windows\system
2009-11-06 21:26:20 ----D---- C:\ProgramData\Microsoft Help
2009-11-06 21:10:39 ----D---- C:\Windows\registration
2009-11-06 21:05:07 ----SD---- C:\ProgramData\Microsoft
2009-11-06 20:42:50 ----D---- C:\Windows\IME
2009-11-02 20:42:06 ----N---- C:\Windows\system32\MpSigStub.exe
2009-10-28 21:38:12 ----D---- C:\Program Files\Windows Media Player
2009-10-22 22:23:47 ----D---- C:\KBCertifikat
2009-10-21 17:25:33 ----D---- C:\Danovo

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2009-04-11 351744]
R1 lenovo.smi;Lenovo System Interface Driver; C:\Windows\system32\DRIVERS\smiif32.sys [2006-08-30 13744]
R1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr32v.sys [2007-09-05 12080]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-09-15 53328]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 PROCDD;IPS Helper Driver; C:\Windows\system32\DRIVERS\PROCDD.SYS [2006-11-06 12080]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-08-08 45568]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R2 smihlp;SMI Helper Driver (smihlp); \??\C:\Program Files\Common Files\ThinkVantage Fingerprint Software\Drivers\smihlp.sys [2007-03-15 11152]
R2 tvtfilter;tvtfilter; C:\Windows\system32\DRIVERS\tvtfilter.sys [2007-12-15 33536]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-11-28 8192]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2007-07-24 348160]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\adusbser.sys [2006-12-20 97920]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2007-04-26 225152]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-12-22 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-12-22 207360]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2007-05-31 21424]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
R3 NETw4v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-04-29 2219520]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2009-06-01 30144]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-07-05 181168]
R3 TcUsb;TC USB Kernel Driver; C:\Windows\System32\Drivers\tcusb.sys [2007-03-15 40848]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2008-01-19 45624]
R3 TVTI2C;Lenovo SM bus driver; C:\Windows\system32\DRIVERS\Tvti2c.sys [2007-05-23 30336]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-12-22 659968]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
S3 adh9q7ny;adh9q7ny; C:\Windows\system32\drivers\adh9q7ny.sys []
S3 aofhfz2o;aofhfz2o; C:\Windows\system32\drivers\aofhfz2o.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2006-11-02 167936]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2007-03-29 79664]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-02-27 81200]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-02-27 16432]
S3 catchme;catchme; \??\C:\Users\vepr\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 hwcdcmdm0;HUAWEI Mobile Connect - 3G Modem; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2007-01-09 92032]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2007-01-09 92032]
S3 hwusbapp;HUAWEI Mobile Connect - 3G PC UI Interface; C:\Windows\system32\DRIVERS\ewusbapp.sys [2005-07-26 65152]
S3 hwusbser;HUAWEI Mobile Connect - 3G Application Interface; C:\Windows\system32\DRIVERS\ewusbser.sys [2005-07-26 65152]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\Windows\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 s816bus;Sony Ericsson Device 816 driver (WDM); C:\Windows\system32\DRIVERS\s816bus.sys [2007-06-19 81832]
S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s816mdfl.sys [2007-06-19 13864]
S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s816mdm.sys [2007-06-19 107304]
S3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s816mgmt.sys [2007-06-19 99112]
S3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS); C:\Windows\system32\DRIVERS\s816nd5.sys [2007-06-19 21928]
S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s816obex.sys [2007-06-19 97320]
S3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM); C:\Windows\system32\DRIVERS\s816unic.sys [2007-06-19 97704]
S3 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS []
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2007-01-09 128104]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcPrfMgrSvc;Ac Profile Manager Service; C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe [2007-07-06 91432]
R2 AcSvc;Access Connections Main Service; C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe [2007-07-06 206120]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2007-02-05 69632]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 Diskeeper;Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [2006-11-16 634988]
R2 IBMPMSVC;ThinkPad PM Service; C:\Windows\system32\ibmpmsvc.exe [2007-05-31 36400]
R2 IPSSVC;IPS Core Service; C:\Windows\system32\IPSSVC.EXE [2007-01-30 108080]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-08-14 809296]
R2 StarWindService;StarWind iSCSI Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe [2005-04-02 217600]
R2 SUService;System Update; C:\Program Files\Lenovo\System Update\SUService.exe [2009-02-06 28672]
R2 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2007-08-09 644408]
R2 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG.exe [2007-09-29 37424]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2007-03-02 55936]
R2 TSSCoreService;TSS Core Service; C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe [2007-08-09 722232]
R2 TVT Backup Protection Service;TVT Backup Protection Service; C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe [2007-01-09 569344]
R2 TVT Backup Service;TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [2007-01-09 950272]
R2 TVT Scheduler;TVT Scheduler; c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [2008-03-04 1122304]
R2 tvtnetwk;tvtnetwk; C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe [2007-01-09 45056]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-11-28 386560]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-06 135664]
S2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2008-01-19 523776]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-04 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 usnjsvc;Služba Čtení deníku USN sdílených složek programu Messenger; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-04-11 918528]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------
Nahoru
apill01
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 21 dub 2009 11:01

Re: pomale a zamrzajici PC

#4 Příspěvek od apill01 »

Logfile of random's system information tool 1.06 (written by random/random)
Run by vepr at 2010-01-16 20:06:57
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 9 GB (9%) free of 104 GB
Total RAM: 2006 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:08:12, on 16.1.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Windows\System32\TpShocks.exe
C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe
C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
C:\Program Files\ThinkVantage\PrdCtr\LPMGR.EXE
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Winamp3\winampa.exe
C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\AnyDATA\Ufonuv fofr internet\EasyWirelessNet.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\vepr\Downloads\RSIT.exe
C:\Program Files\trend micro\vepr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShareTb\BearShareDx.dll
O2 - BHO: Ask Search Assistant BHO - {0A94B111-4504-4e26-AB05-E61E474AA38B} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {F4D76F09-7896-458a-890F-E1F05C46069F} - (no file)
O3 - Toolbar: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Program Files\BearShareTb\BearShareDx.dll
O3 - Toolbar: Lenovo ThinkVantage Toolbox - {86B9B5DD-FB75-4035-BD52-3C94F7849CAF} - C:\Program Files\PC-Doctor\ATLPcdToolbar544936.dll
O4 - HKLM\..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe /r
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BTVLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [LenovoOobeOffers] c:\SWTOOLS\LenovoWelcome\LenovoOobeOffers.exe /filePath="c:\swshare\firstrun.txt"
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\winampa.exe"
O4 - HKLM\..\Run: [Message Center Plus] C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe /start
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: LenovoRegistration.lnk = C:\SWTOOLS\LenovoWelcome\LenovoRegistration.cmd
O8 - Extra context menu item: &Windows Live Search - res://c:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1057DB4D-94AF-49AA-AE76-653C434A2192}: NameServer = 78.136.128.4 78.136.128.12
O17 - HKLM\System\CS1\Services\Tcpip\..\{1057DB4D-94AF-49AA-AE76-653C434A2192}: NameServer = 78.136.128.4 78.136.128.12
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\Windows\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group Limited - C:\Windows\system32\IPSSVC.EXE
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - C:\Program Files\Lenovo\System Update\SUService.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\Windows\System32\TPHDEXLG.exe
O23 - Service: On Screen Display (TPHKSVC) - Unknown owner - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
O23 - Service: TVT Backup Protection Service - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 13644 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Check Updates for Windows Live Toolbar.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
C:\Windows\tasks\SystemToolsDailyTest.job
C:\Windows\tasks\User_Feed_Synchronization-{7FB51E8E-F57E-4D8A-916A-1207E2509139}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-02-27 61816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}]
MediaBar - C:\Program Files\BearShareTb\BearShareDx.dll [2009-08-10 91576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0A94B111-4504-4e26-AB05-E61E474AA38B}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - c:\Program Files\Windows Live Toolbar\msntb.dll [2007-02-12 546672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F040E541-A427-4CF7-85D8-75E3E0F476C5}]
CPwmIEBrowserHelper Object - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll [2007-08-09 795960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4D76F01-7896-458a-890F-E1F05C46069F}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - c:\Program Files\Windows Live Toolbar\msntb.dll [2007-02-12 546672]
{F4D76F09-7896-458a-890F-E1F05C46069F}
{0974BA1E-64EC-11DE-B2A5-E43756D89593} - MediaBar - C:\Program Files\BearShareTb\BearShareDx.dll [2009-08-10 91576]
{86B9B5DD-FB75-4035-BD52-3C94F7849CAF} - Lenovo ThinkVantage Toolbox - C:\Program Files\PC-Doctor\ATLPcdToolbar544936.dll [2009-11-22 137712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TPFNF7"=C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe [2007-04-09 58416]
"PWMTRV"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor []
"BLOG"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BTVLogEx.DLL,StartBattLog []
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-07-05 820520]
"TPHOTKEY"=C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [2007-03-09 66176]
"TpShocks"=C:\Windows\system32\TpShocks.exe [2007-09-28 181544]
"EZEJMNAP"=C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe [2007-03-28 243248]
"LenovoOobeOffers"=c:\SWTOOLS\LenovoWelcome\LenovoOobeOffers.exe [2007-09-25 28672]
"TVT Scheduler Proxy"=C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [2008-03-04 487424]
"DiskeeperSystray"=C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe [2006-11-16 217176]
"AwaySch"=C:\Program Files\Lenovo\AwayTask\AwaySch.EXE [2006-11-07 91688]
"LPManager"=C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe [2007-04-26 120368]
"ACTray"=C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe [2007-07-06 419112]
"ACWLIcon"=C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe [2007-07-06 124200]
"cssauth"=C:\Program Files\Lenovo\Client Security Solution\cssauth.exe [2007-08-09 2630968]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-11 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-11 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-11 133656]
"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-06-13 528384]
"WinampAgent"=C:\Program Files\Winamp3\winampa.exe [2003-10-06 12288]
"Message Center Plus"=C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-27 49976]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2007-07-09 1282048]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2007-12-29 486856]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe
LenovoRegistration.lnk - C:\SWTOOLS\LenovoWelcome\LenovoRegistration.cmd

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-02-11 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Windows\system32\psqlpwd.dll [2007-03-15 89600]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
psqlpwd
ACGina

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ae17e9d6-c6be-11dc-988c-001cbf828feb}]
shell\AutoRun\command - F:\SETUP.EXE /AUTORUN
shell\configure\command - F:\SETUP.EXE
shell\install\command - F:\SETUP.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bc95af75-01ba-11de-8f46-001c251e9fcf}]
shell\AutoRun\command - setup.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2010-01-16 20:06:57 ----D---- C:\rsit
2010-01-15 10:19:36 ----D---- C:\ProgramData\PC-Doctor for Windows
2010-01-15 10:19:30 ----D---- C:\ProgramData\PCDr
2010-01-15 10:14:29 ----D---- C:\Program Files\PC-Doctor
2010-01-13 16:41:43 ----A---- C:\Windows\system32\t2embed.dll
2010-01-13 16:41:43 ----A---- C:\Windows\system32\fontsub.dll
2010-01-06 19:08:12 ----D---- C:\films
2010-01-02 17:45:08 ----D---- C:\Users\vepr\AppData\Roaming\GRETECH
2009-12-31 17:40:40 ----D---- C:\NYC MajklSan
2009-12-30 19:18:51 ----D---- C:\Users\vepr\AppData\Roaming\dvdcss
2009-12-30 19:18:22 ----D---- C:\Users\vepr\AppData\Roaming\vlc
2009-12-30 19:16:58 ----D---- C:\Program Files\VideoLAN
2009-12-30 18:51:04 ----D---- C:\Program Files\The KMPlayer
2009-12-19 12:58:20 ----D---- C:\SQUASH
2009-12-10 11:26:22 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-12-10 11:00:41 ----D---- C:\ProgramData\Symantec
2009-12-10 11:00:41 ----D---- C:\ProgramData\Norton
2009-12-10 11:00:39 ----D---- C:\ProgramData\NortonInstaller
2009-12-10 07:48:14 ----D---- C:\Program Files\Common Files\Adobe AIR
2009-12-09 07:53:06 ----A---- C:\Windows\system32\nshhttp.dll
2009-12-09 07:52:59 ----A---- C:\Windows\system32\httpapi.dll
2009-12-09 07:40:15 ----A---- C:\Windows\system32\winhttp.dll
2009-12-09 07:40:10 ----A---- C:\Windows\system32\mshtml.dll
2009-12-09 07:40:09 ----A---- C:\Windows\system32\ieframe.dll
2009-12-09 07:40:07 ----A---- C:\Windows\system32\wininet.dll
2009-12-09 07:40:07 ----A---- C:\Windows\system32\urlmon.dll
2009-12-09 07:40:07 ----A---- C:\Windows\system32\iertutil.dll
2009-12-09 07:40:06 ----A---- C:\Windows\system32\occache.dll
2009-12-09 07:40:06 ----A---- C:\Windows\system32\msfeeds.dll
2009-12-09 07:40:06 ----A---- C:\Windows\system32\iedkcs32.dll
2009-12-09 07:40:05 ----A---- C:\Windows\system32\ieui.dll
2009-12-09 07:40:04 ----A---- C:\Windows\system32\msfeedssync.exe
2009-12-09 07:40:04 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-12-09 07:40:04 ----A---- C:\Windows\system32\jsproxy.dll
2009-12-09 07:40:04 ----A---- C:\Windows\system32\ieUnatt.exe
2009-12-09 07:40:04 ----A---- C:\Windows\system32\iesysprep.dll
2009-12-09 07:40:04 ----A---- C:\Windows\system32\iesetup.dll
2009-12-09 07:40:04 ----A---- C:\Windows\system32\iernonce.dll
2009-12-09 07:40:04 ----A---- C:\Windows\system32\iepeers.dll
2009-12-09 07:40:04 ----A---- C:\Windows\system32\ie4uinit.exe
2009-12-09 07:39:24 ----A---- C:\Windows\system32\rastls.dll
2009-11-24 19:46:52 ----A---- C:\Windows\system32\tzres.dll
2009-11-24 19:42:54 ----A---- C:\Windows\system32\msxml6.dll
2009-11-24 19:42:52 ----A---- C:\Windows\system32\msxml3.dll
2009-11-18 22:29:27 ----D---- C:\ProgramData\LogMeIn
2009-11-17 13:55:03 ----D---- C:\Program Files\Windows Portable Devices
2009-11-17 13:52:18 ----A---- C:\Windows\system32\UIAnimation.dll
2009-11-17 13:52:17 ----A---- C:\Windows\system32\UIRibbonRes.dll
2009-11-17 13:52:16 ----A---- C:\Windows\system32\UIRibbon.dll
2009-11-17 13:51:39 ----A---- C:\Windows\system32\WMPhoto.dll
2009-11-17 13:51:38 ----A---- C:\Windows\system32\cdd.dll
2009-11-17 13:51:37 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-11-17 13:51:37 ----A---- C:\Windows\system32\d3d10warp.dll
2009-11-17 13:51:36 ----A---- C:\Windows\system32\XpsRasterService.dll
2009-11-17 13:51:36 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2009-11-17 13:51:36 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-11-17 13:51:36 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-11-17 13:51:36 ----A---- C:\Windows\system32\d2d1.dll
2009-11-17 13:51:35 ----A---- C:\Windows\system32\xpsservices.dll
2009-11-17 13:51:35 ----A---- C:\Windows\system32\XpsPrint.dll
2009-11-17 13:51:35 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-11-17 13:51:35 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-11-17 13:51:35 ----A---- C:\Windows\system32\OpcServices.dll
2009-11-17 13:51:35 ----A---- C:\Windows\system32\dxdiagn.dll
2009-11-17 13:51:35 ----A---- C:\Windows\system32\dxdiag.exe
2009-11-17 13:51:34 ----A---- C:\Windows\system32\FntCache.dll
2009-11-17 13:51:34 ----A---- C:\Windows\system32\dxgi.dll
2009-11-17 13:51:34 ----A---- C:\Windows\system32\DWrite.dll
2009-11-17 13:51:34 ----A---- C:\Windows\system32\d3d11.dll
2009-11-17 13:51:34 ----A---- C:\Windows\system32\d3d10level9.dll
2009-11-17 13:51:34 ----A---- C:\Windows\system32\d3d10core.dll
2009-11-17 13:51:34 ----A---- C:\Windows\system32\d3d10_1core.dll
2009-11-17 13:51:33 ----A---- C:\Windows\system32\d3d10_1.dll
2009-11-17 13:51:33 ----A---- C:\Windows\system32\d3d10.dll
2009-11-17 13:51:00 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2009-11-17 13:51:00 ----A---- C:\Windows\system32\wpdbusenum.dll
2009-11-17 13:51:00 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2009-11-17 13:50:57 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2009-11-17 13:50:52 ----A---- C:\Windows\system32\WpdConns.dll
2009-11-17 13:50:51 ----A---- C:\Windows\system32\wpdshext.dll
2009-11-17 13:50:51 ----A---- C:\Windows\system32\WpdMtpUS.dll
2009-11-17 13:50:50 ----A---- C:\Windows\system32\WPDSp.dll
2009-11-17 13:50:50 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2009-11-17 13:50:50 ----A---- C:\Windows\system32\WpdMtp.dll
2009-11-17 13:50:50 ----A---- C:\Windows\system32\wpd_ci.dll
2009-11-17 13:50:50 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2009-11-17 13:50:50 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-11-17 13:50:50 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-11-17 13:50:50 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-11-17 13:49:10 ----A---- C:\Windows\system32\oleaccrc.dll
2009-11-17 13:49:09 ----A---- C:\Windows\system32\UIAutomationCore.dll
2009-11-17 13:49:09 ----A---- C:\Windows\system32\oleacc.dll
2009-11-11 09:32:42 ----A---- C:\Windows\system32\WSDApi.dll
2009-11-09 21:36:52 ----A---- C:\Windows\system32\javaws.exe
2009-11-09 21:36:52 ----A---- C:\Windows\system32\javaw.exe
2009-11-09 21:36:52 ----A---- C:\Windows\system32\java.exe
2009-11-06 22:04:22 ----A---- C:\Windows\system32\GEARAspi.dll
2009-11-06 22:03:19 ----D---- C:\Program Files\iPod
2009-11-06 22:03:18 ----D---- C:\Program Files\iTunes
2009-11-06 21:32:58 ----D---- C:\Program Files\Common Files\DESIGNER
2009-11-06 21:32:53 ----D---- C:\Program Files\Microsoft Works
2009-11-06 21:31:07 ----D---- C:\Program Files\Microsoft.NET
2009-11-06 21:28:30 ----RHD---- C:\MSOCache
2009-11-06 20:40:12 ----D---- C:\Program Files\Microsoft Visual Studio
2009-10-28 20:56:17 ----A---- C:\Windows\system32\wmp.dll
2009-10-28 20:56:13 ----A---- C:\Windows\system32\unregmp2.exe
2009-10-28 20:56:11 ----A---- C:\Windows\system32\wmploc.DLL
2009-10-20 16:03:13 ----D---- C:\ProgramData\Boss Media
2009-10-20 16:02:57 ----D---- C:\Program Files\ParadisePoker

======List of files/folders modified in the last 3 months======

2010-01-16 20:07:37 ----D---- C:\Program Files\trend micro
2010-01-16 20:07:11 ----D---- C:\Windows\temp
2010-01-16 20:00:11 ----SHD---- C:\System Volume Information
2010-01-16 19:58:49 ----A---- C:\Windows\system32\PROCDB.INI
2010-01-16 19:58:34 ----D---- C:\Windows\System32
2010-01-16 19:58:34 ----A---- C:\Windows\system32\IPSCtrl.INI
2010-01-16 17:38:58 ----D---- C:\Windows\system32\Tasks
2010-01-15 17:01:27 ----SHD---- C:\Windows\Installer
2010-01-15 17:01:25 ----D---- C:\Windows\winsxs
2010-01-15 17:01:01 ----D---- C:\Windows\Prefetch
2010-01-15 16:14:55 ----RD---- C:\Program Files
2010-01-15 16:14:55 ----HD---- C:\ProgramData
2010-01-15 10:20:14 ----D---- C:\Windows\Tasks
2010-01-14 16:51:01 ----D---- C:\SWSHARE
2010-01-13 18:29:38 ----D---- C:\Users\vepr\AppData\Roaming\ICQ
2010-01-13 16:46:05 ----D---- C:\Windows\system32\catroot
2010-01-13 16:45:57 ----D---- C:\Program Files\Windows Mail
2010-01-13 16:43:29 ----D---- C:\Windows\Debug
2010-01-13 16:33:53 ----D---- C:\Windows\system32\catroot2
2010-01-12 15:20:42 ----D---- C:\Windows\inf
2010-01-12 15:20:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-01-11 19:51:48 ----D---- C:\Windows\system32\FxsTmp
2010-01-06 16:54:44 ----D---- C:\Program Files\Mozilla Firefox
2010-01-06 15:01:42 ----SD---- C:\Windows\Downloaded Program Files
2010-01-06 09:47:00 ----D---- C:\Program Files\Google
2010-01-06 07:06:43 ----D---- C:\Windows
2010-01-05 01:17:46 ----A---- C:\Windows\system32\mrt.exe
2010-01-02 17:42:04 ----D---- C:\Program Files\GRETECH
2009-12-30 18:36:04 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-12-30 18:07:58 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-12-30 17:49:11 ----SD---- C:\Users\vepr\AppData\Roaming\Microsoft
2009-12-29 12:21:01 ----D---- C:\Program Files\ICQ6.5
2009-12-28 21:01:51 ----D---- C:\ProgramData\NOS
2009-12-10 14:49:53 ----D---- C:\Windows\system32\drivers
2009-12-10 14:43:32 ----D---- C:\Program Files\Common Files
2009-12-10 07:57:57 ----D---- C:\Windows\system32\Adobe
2009-12-10 07:49:44 ----D---- C:\Program Files\Common Files\Adobe
2009-12-10 07:49:38 ----D---- C:\ProgramData\Adobe
2009-12-10 07:49:09 ----D---- C:\Program Files\Adobe
2009-12-09 08:17:01 ----D---- C:\Windows\rescache
2009-12-09 07:57:13 ----D---- C:\Windows\system32\migration
2009-12-09 07:57:10 ----D---- C:\Program Files\Internet Explorer
2009-12-09 07:57:09 ----D---- C:\Windows\system32\cs-CZ
2009-11-25 00:54:29 ----A---- C:\Windows\system32\aswBoot.exe
2009-11-17 13:55:03 ----D---- C:\Windows\system32\wbem
2009-11-17 13:55:00 ----D---- C:\Windows\system32\zh-TW
2009-11-17 13:55:00 ----D---- C:\Windows\system32\zh-HK
2009-11-17 13:55:00 ----D---- C:\Windows\system32\zh-CN
2009-11-17 13:55:00 ----D---- C:\Windows\system32\uk-UA
2009-11-17 13:55:00 ----D---- C:\Windows\system32\tr-TR
2009-11-17 13:55:00 ----D---- C:\Windows\system32\th-TH
2009-11-17 13:55:00 ----D---- C:\Windows\system32\sv-SE
2009-11-17 13:55:00 ----D---- C:\Windows\system32\sr-Latn-CS
2009-11-17 13:55:00 ----D---- C:\Windows\system32\sl-SI
2009-11-17 13:55:00 ----D---- C:\Windows\system32\sk-SK
2009-11-17 13:55:00 ----D---- C:\Windows\system32\ru-RU
2009-11-17 13:55:00 ----D---- C:\Windows\system32\ro-RO
2009-11-17 13:55:00 ----D---- C:\Windows\system32\pt-PT
2009-11-17 13:55:00 ----D---- C:\Windows\system32\pt-BR
2009-11-17 13:55:00 ----D---- C:\Windows\system32\pl-PL
2009-11-17 13:55:00 ----D---- C:\Windows\system32\nl-NL
2009-11-17 13:55:00 ----D---- C:\Windows\system32\nb-NO
2009-11-17 13:55:00 ----D---- C:\Windows\system32\lv-LV
2009-11-17 13:55:00 ----D---- C:\Windows\system32\lt-LT
2009-11-17 13:55:00 ----D---- C:\Windows\system32\ko-KR
2009-11-17 13:55:00 ----D---- C:\Windows\system32\ja-JP
2009-11-17 13:55:00 ----D---- C:\Windows\system32\it-IT
2009-11-17 13:55:00 ----D---- C:\Windows\system32\hu-HU
2009-11-17 13:55:00 ----D---- C:\Windows\system32\hr-HR
2009-11-17 13:55:00 ----D---- C:\Windows\system32\he-IL
2009-11-17 13:55:00 ----D---- C:\Windows\system32\fr-FR
2009-11-17 13:55:00 ----D---- C:\Windows\system32\fi-FI
2009-11-17 13:55:00 ----D---- C:\Windows\system32\et-EE
2009-11-17 13:55:00 ----D---- C:\Windows\system32\es-ES
2009-11-17 13:55:00 ----D---- C:\Windows\system32\en-US
2009-11-17 13:55:00 ----D---- C:\Windows\system32\el-GR
2009-11-17 13:55:00 ----D---- C:\Windows\system32\de-DE
2009-11-17 13:55:00 ----D---- C:\Windows\system32\da-DK
2009-11-17 13:55:00 ----D---- C:\Windows\system32\bg-BG
2009-11-17 13:55:00 ----D---- C:\Windows\system32\ar-SA
2009-11-11 10:43:40 ----A---- C:\Windows\win.ini
2009-11-09 21:36:50 ----D---- C:\Program Files\Java
2009-11-07 15:57:06 ----RSD---- C:\Windows\assembly
2009-11-07 15:23:54 ----RSD---- C:\Windows\Fonts
2009-11-07 15:23:06 ----D---- C:\Program Files\Common Files\microsoft shared
2009-11-06 22:48:42 ----D---- C:\Users\vepr\AppData\Roaming\Apple Computer
2009-11-06 22:06:31 ----D---- C:\ProgramData\Apple
2009-11-06 22:04:22 ----DC---- C:\Windows\system32\DRVSTORE
2009-11-06 22:03:19 ----D---- C:\Program Files\Common Files\Apple
2009-11-06 21:38:47 ----A---- C:\Windows\ODBC.INI
2009-11-06 21:34:33 ----D---- C:\Windows\ShellNew
2009-11-06 21:33:02 ----D---- C:\Program Files\Microsoft Office
2009-11-06 21:31:50 ----D---- C:\Windows\Help
2009-11-06 21:28:35 ----D---- C:\Windows\system
2009-11-06 21:26:20 ----D---- C:\ProgramData\Microsoft Help
2009-11-06 21:10:39 ----D---- C:\Windows\registration
2009-11-06 21:05:07 ----SD---- C:\ProgramData\Microsoft
2009-11-06 20:42:50 ----D---- C:\Windows\IME
2009-11-02 20:42:06 ----N---- C:\Windows\system32\MpSigStub.exe
2009-10-28 21:38:12 ----D---- C:\Program Files\Windows Media Player
2009-10-22 22:23:47 ----D---- C:\KBCertifikat
2009-10-21 17:25:33 ----D---- C:\Danovo

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2009-04-11 351744]
R1 lenovo.smi;Lenovo System Interface Driver; C:\Windows\system32\DRIVERS\smiif32.sys [2006-08-30 13744]
R1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr32v.sys [2007-09-05 12080]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-09-15 53328]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 PROCDD;IPS Helper Driver; C:\Windows\system32\DRIVERS\PROCDD.SYS [2006-11-06 12080]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-08-08 45568]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R2 smihlp;SMI Helper Driver (smihlp); \??\C:\Program Files\Common Files\ThinkVantage Fingerprint Software\Drivers\smihlp.sys [2007-03-15 11152]
R2 tvtfilter;tvtfilter; C:\Windows\system32\DRIVERS\tvtfilter.sys [2007-12-15 33536]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-11-28 8192]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2007-07-24 348160]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\adusbser.sys [2006-12-20 97920]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2007-04-26 225152]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-12-22 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-12-22 207360]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2007-05-31 21424]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
R3 NETw4v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-04-29 2219520]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2009-06-01 30144]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-07-05 181168]
R3 TcUsb;TC USB Kernel Driver; C:\Windows\System32\Drivers\tcusb.sys [2007-03-15 40848]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2008-01-19 45624]
R3 TVTI2C;Lenovo SM bus driver; C:\Windows\system32\DRIVERS\Tvti2c.sys [2007-05-23 30336]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-12-22 659968]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
S3 adh9q7ny;adh9q7ny; C:\Windows\system32\drivers\adh9q7ny.sys []
S3 aofhfz2o;aofhfz2o; C:\Windows\system32\drivers\aofhfz2o.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2006-11-02 167936]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2007-03-29 79664]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-02-27 81200]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-02-27 16432]
S3 catchme;catchme; \??\C:\Users\vepr\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 hwcdcmdm0;HUAWEI Mobile Connect - 3G Modem; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2007-01-09 92032]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2007-01-09 92032]
S3 hwusbapp;HUAWEI Mobile Connect - 3G PC UI Interface; C:\Windows\system32\DRIVERS\ewusbapp.sys [2005-07-26 65152]
S3 hwusbser;HUAWEI Mobile Connect - 3G Application Interface; C:\Windows\system32\DRIVERS\ewusbser.sys [2005-07-26 65152]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\Windows\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 s816bus;Sony Ericsson Device 816 driver (WDM); C:\Windows\system32\DRIVERS\s816bus.sys [2007-06-19 81832]
S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s816mdfl.sys [2007-06-19 13864]
S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s816mdm.sys [2007-06-19 107304]
S3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s816mgmt.sys [2007-06-19 99112]
S3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS); C:\Windows\system32\DRIVERS\s816nd5.sys [2007-06-19 21928]
S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s816obex.sys [2007-06-19 97320]
S3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM); C:\Windows\system32\DRIVERS\s816unic.sys [2007-06-19 97704]
S3 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS []
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2007-01-09 128104]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcPrfMgrSvc;Ac Profile Manager Service; C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe [2007-07-06 91432]
R2 AcSvc;Access Connections Main Service; C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe [2007-07-06 206120]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2007-02-05 69632]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 Diskeeper;Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [2006-11-16 634988]
R2 IBMPMSVC;ThinkPad PM Service; C:\Windows\system32\ibmpmsvc.exe [2007-05-31 36400]
R2 IPSSVC;IPS Core Service; C:\Windows\system32\IPSSVC.EXE [2007-01-30 108080]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-08-14 809296]
R2 StarWindService;StarWind iSCSI Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe [2005-04-02 217600]
R2 SUService;System Update; C:\Program Files\Lenovo\System Update\SUService.exe [2009-02-06 28672]
R2 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2007-08-09 644408]
R2 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG.exe [2007-09-29 37424]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2007-03-02 55936]
R2 TSSCoreService;TSS Core Service; C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe [2007-08-09 722232]
R2 TVT Backup Protection Service;TVT Backup Protection Service; C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe [2007-01-09 569344]
R2 TVT Backup Service;TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [2007-01-09 950272]
R2 TVT Scheduler;TVT Scheduler; c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [2008-03-04 1122304]
R2 tvtnetwk;tvtnetwk; C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe [2007-01-09 45056]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-11-28 386560]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-06 135664]
S2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2008-01-19 523776]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-04 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 usnjsvc;Služba Čtení deníku USN sdílených složek programu Messenger; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-04-11 918528]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119402
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: pomale a zamrzajici PC

#5 Příspěvek od Rudy »

Máte tam minimálně AdWare. Dejte log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
apill01
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 21 dub 2009 11:01

Re: pomale a zamrzajici PC

#6 Příspěvek od apill01 »

bohuzel z toho odkazu combofix stahnu, rozbali se a to je vse, nejsem ho pak schopen v pc najit natoz spustit
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119402
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: pomale a zamrzajici PC

#7 Příspěvek od Rudy »

Při stahování si přece můžete zvolit, kam ho chcete uložit. Uložte ho na plochu a po stažení ho spusťte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
apill01
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 21 dub 2009 11:01

Re: pomale a zamrzajici PC

#8 Příspěvek od apill01 »

ano diky, to uz se mi podarilo po rozbaleni exe souboru probehne instalace a dal nic.....neotevre se, zadna tabulka ani nic jinyho co by ukazovalo, ze program bezi
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119402
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: pomale a zamrzajici PC

#9 Příspěvek od Rudy »

Zkuste to v nouz. režimu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
apill01
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 21 dub 2009 11:01

Re: pomale a zamrzajici PC

#10 Příspěvek od apill01 »

omlouvam se, ale v tomhle sem natvrdlej a jen uzivatel.....)) jak prosim vas, nastavim nouzovy rezim?
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119402
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: pomale a zamrzajici PC

#11 Příspěvek od Rudy »

Ke konci úvodních postů (těsně před začátkem startu Win) tiskněte F8. Objeví se menu, v němž se budete pohybovat kurzorovými šipkami. Zvýrazníte stav nouze a stisknete >Enter<.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
apill01
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 21 dub 2009 11:01

Re: pomale a zamrzajici PC

#12 Příspěvek od apill01 »

ComboFix 10-01-16.03 - vepr 17.01.2010 12:46:01.8.2 - x86
Microsoft® Windows Vista™ Business 6.0.6002.2.1250.420.1029.18.2006.669 [GMT 1:00]
Spuštěný z: c:\users\vepr\Downloads\ComboFix.exe
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-1304231247-996512537-2952034068-500
c:\$recycle.bin\S-1-5-21-2352288461-954959840-994521942-500
c:\$recycle.bin\S-1-5-21-918056312-2952985149-2686913973-500
c:\program files\ICQ6.5\ICQLRun.exe
c:\program files\QIP
c:\program files\QIP\LI\Czech\_cntry.lng
c:\program files\QIP\LI\Czech\_intrsts.lng
c:\program files\QIP\LI\Czech\_langs.lng
c:\program files\QIP\LI\Czech\_marital.lng
c:\program files\QIP\LI\Czech\_occup.lng
c:\program files\QIP\LI\Czech\_orgs.lng
c:\program files\QIP\LI\Czech\_past.lng
c:\program files\QIP\LI\Czech\_rndchat.lng
c:\program files\QIP\LI\Czech\desc.txt
c:\program files\QIP\LI\Czech\chars_r.ini
c:\program files\QIP\LI\Czech\chars_t.ini
c:\program files\QIP\LI\Czech\lang.ini
c:\program files\QIP\Users\208108032\_birth.txt
c:\program files\QIP\Users\208108032\_botq.txt
c:\program files\QIP\Users\208108032\_events.txt
c:\program files\QIP\Users\208108032\_eye.txt
c:\program files\QIP\Users\208108032\_groups.txt
c:\program files\QIP\Users\208108032\_m_away.txt
c:\program files\QIP\Users\208108032\_m_depr.txt
c:\program files\QIP\Users\208108032\_m_dnd.txt
c:\program files\QIP\Users\208108032\_m_evil.txt
c:\program files\QIP\Users\208108032\_m_ffc.txt
c:\program files\QIP\Users\208108032\_m_home.txt
c:\program files\QIP\Users\208108032\_m_lunch.txt
c:\program files\QIP\Users\208108032\_m_na.txt
c:\program files\QIP\Users\208108032\_m_occup.txt
c:\program files\QIP\Users\208108032\_m_work.txt
c:\program files\QIP\Users\208108032\_premsg.txt
c:\program files\QIP\Users\208108032\_st_away.txt
c:\program files\QIP\Users\208108032\_st_cust.txt
c:\program files\QIP\Users\208108032\208108032.cl
c:\program files\QIP\Users\208108032\208108032.clg
c:\program files\QIP\Users\208108032\208108032.cli
c:\program files\QIP\Users\208108032\208108032.clv
c:\program files\QIP\Users\208108032\208108032.lcl
c:\program files\QIP\Users\208108032\208108032.nil
c:\program files\QIP\Users\208108032\BackupCL\208108032_2008_03.cl
c:\program files\QIP\Users\208108032\BackupCL\208108032_2008_03.clg
c:\program files\QIP\Users\208108032\BackupCL\208108032_2008_03.cli
c:\program files\QIP\Users\208108032\BackupCL\208108032_2008_03.clv
c:\program files\QIP\Users\208108032\BackupCL\208108032_2008_08.cl
c:\program files\QIP\Users\208108032\BackupCL\208108032_2008_08.clg
c:\program files\QIP\Users\208108032\BackupCL\208108032_2008_08.cli
c:\program files\QIP\Users\208108032\BackupCL\208108032_2008_08.clv
c:\program files\QIP\Users\208108032\BackupCL\208108032_2008_12.cl
c:\program files\QIP\Users\208108032\BackupCL\208108032_2008_12.clg
c:\program files\QIP\Users\208108032\BackupCL\208108032_2008_12.cli
c:\program files\QIP\Users\208108032\BackupCL\208108032_2008_12.clv
c:\program files\QIP\Users\208108032\BackupCL\208108032_2009_03.cl
c:\program files\QIP\Users\208108032\BackupCL\208108032_2009_03.clg
c:\program files\QIP\Users\208108032\BackupCL\208108032_2009_03.cli
c:\program files\QIP\Users\208108032\BackupCL\208108032_2009_03.clv
c:\program files\QIP\Users\208108032\Config.ini
c:\program files\QIP\Users\208108032\Devils\145165169.jpg
c:\program files\QIP\Users\208108032\Devils\158270451.jpg
c:\program files\QIP\Users\208108032\Devils\195111672.gif
c:\program files\QIP\Users\208108032\Devils\198900973.jpg
c:\program files\QIP\Users\208108032\Devils\204537710.jpg
c:\program files\QIP\Users\208108032\Devils\208108032.jpg
c:\program files\QIP\Users\208108032\Devils\210308504.jpg
c:\program files\QIP\Users\208108032\Devils\216506467.jpg
c:\program files\QIP\Users\208108032\Devils\225328034.jpg
c:\program files\QIP\Users\208108032\Devils\228248804.jpg
c:\program files\QIP\Users\208108032\Devils\229062977.jpg
c:\program files\QIP\Users\208108032\Devils\231487037.jpg
c:\program files\QIP\Users\208108032\Devils\243573242.jpg
c:\program files\QIP\Users\208108032\Devils\251271859.jpg
c:\program files\QIP\Users\208108032\Devils\252253567.jpg
c:\program files\QIP\Users\208108032\Devils\252276273.jpg
c:\program files\QIP\Users\208108032\Devils\256428274.jpg
c:\program files\QIP\Users\208108032\Devils\264723081.jpg
c:\program files\QIP\Users\208108032\Devils\269357500.jpg
c:\program files\QIP\Users\208108032\Devils\276765991.gif
c:\program files\QIP\Users\208108032\Devils\286512136.jpg
c:\program files\QIP\Users\208108032\Devils\301262233.jpg
c:\program files\QIP\Users\208108032\Devils\301655320.jpg
c:\program files\QIP\Users\208108032\Devils\303534111.jpg
c:\program files\QIP\Users\208108032\Devils\315333752.jpg
c:\program files\QIP\Users\208108032\Devils\327619728.gif
c:\program files\QIP\Users\208108032\Devils\336864352.jpg
c:\program files\QIP\Users\208108032\Devils\337178548.jpg
c:\program files\QIP\Users\208108032\Devils\378545920.jpg
c:\program files\QIP\Users\208108032\Devils\389255483.jpg
c:\program files\QIP\Users\208108032\Devils\406807531.jpg
c:\program files\QIP\Users\208108032\Devils\415161321.jpg
c:\program files\QIP\Users\208108032\Devils\430632214.jpg
c:\program files\QIP\Users\208108032\Devils\437028582.jpg
c:\program files\QIP\Users\208108032\Devils\449902351.jpg
c:\program files\QIP\Users\208108032\History\_srvlog.txt
c:\program files\QIP\Users\208108032\History\162337880.txt
c:\program files\QIP\Users\208108032\History\198900973.txt
c:\program files\QIP\Users\208108032\History\210308504.txt
c:\program files\QIP\Users\208108032\History\225328034.txt
c:\program files\QIP\Users\208108032\History\252253567.txt
c:\program files\QIP\Users\208108032\History\256428274.txt
c:\program files\QIP\Users\208108032\History\268637179.txt
c:\program files\QIP\Users\208108032\History\269357500.txt
c:\program files\QIP\Users\208108032\History\286512136.txt
c:\program files\QIP\Users\208108032\History\301262233.txt
c:\program files\QIP\Users\208108032\History\301279520.txt
c:\program files\QIP\Users\208108032\History\318736596.txt
c:\program files\QIP\Users\208108032\History\389255483.txt
c:\program files\QIP\Users\208108032\History\422301458.txt
c:\program files\QIP\Users\208108032\History\456938314.txt
c:\program files\QIP\Users\208108032\History\485141396.txt
c:\program files\QIP\Users\Accounts.cfg
c:\program files\QIP\Users\Config.ini
c:\program files\QIP\Users\Default.cfg
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-17 do 2010-01-17 )))))))))))))))))))))))))))))))
.

2010-01-17 12:04 . 2010-01-17 12:04 -------- d-----w- C:\A
2010-01-17 11:58 . 2010-01-17 12:04 -------- d-----w- c:\users\vepr\AppData\Local\temp
2010-01-17 11:58 . 2010-01-17 11:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-01-16 19:06 . 2010-01-16 19:08 -------- d-----w- C:\rsit
2010-01-15 09:19 . 2010-01-15 09:19 -------- d-----w- c:\programdata\PC-Doctor for Windows
2010-01-15 09:19 . 2010-01-15 09:22 -------- d-----w- c:\programdata\PCDr
2010-01-15 09:14 . 2010-01-15 09:20 -------- d-----w- c:\program files\PC-Doctor
2010-01-13 15:41 . 2009-10-19 13:38 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-01-13 15:41 . 2009-10-19 13:35 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-01-06 18:08 . 2010-01-16 22:00 -------- d-----w- C:\films
2010-01-02 16:45 . 2010-01-02 16:45 -------- d-----w- c:\users\vepr\AppData\Roaming\GRETECH
2009-12-31 16:40 . 2010-01-06 17:55 -------- d-----w- C:\NYC MajklSan
2009-12-30 18:18 . 2009-12-30 18:18 -------- d-----w- c:\users\vepr\AppData\Roaming\dvdcss
2009-12-30 18:18 . 2010-01-02 16:30 -------- d-----w- c:\users\vepr\AppData\Roaming\vlc
2009-12-30 18:16 . 2009-12-30 18:16 -------- d-----w- c:\program files\VideoLAN
2009-12-30 17:51 . 2009-12-30 17:55 -------- d-----w- c:\program files\The KMPlayer
2009-12-19 11:58 . 2009-12-19 12:14 -------- d-----w- C:\SQUASH

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-17 11:59 . 2007-12-15 17:00 12 ----a-w- c:\windows\bthservsdp.dat
2010-01-17 11:57 . 2009-07-19 19:28 -------- d-----w- c:\program files\ICQ6.5
2010-01-16 21:56 . 2009-09-10 17:06 -------- d-----w- c:\users\vepr\AppData\Roaming\Moto assistant
2010-01-16 19:07 . 2009-04-21 10:26 -------- d-----w- c:\program files\trend micro
2010-01-13 17:29 . 2008-05-28 11:11 -------- d-----w- c:\users\vepr\AppData\Roaming\ICQ
2010-01-13 15:45 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-01-12 14:20 . 2007-12-15 16:31 598838 ----a-w- c:\windows\system32\perfh005.dat
2010-01-12 14:20 . 2007-12-15 16:31 115014 ----a-w- c:\windows\system32\perfc005.dat
2010-01-06 08:47 . 2007-12-15 18:08 -------- d-----w- c:\program files\Google
2010-01-02 16:42 . 2008-06-07 18:29 -------- d-----w- c:\program files\GRETECH
2009-12-30 17:36 . 2008-03-19 22:56 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-12-30 17:07 . 2008-03-19 22:56 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-12-28 20:01 . 2009-09-10 15:32 -------- d-----w- c:\programdata\NOS
2009-12-10 14:15 . 2008-01-19 12:19 1356 ----a-w- c:\users\vepr\AppData\Local\d3d9caps.dat
2009-12-10 13:49 . 2009-12-10 10:00 -------- d-----w- c:\programdata\Norton
2009-12-10 13:49 . 2009-12-10 10:00 -------- d-----w- c:\programdata\Symantec
2009-12-10 13:14 . 2009-12-10 10:26 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-12-10 10:00 . 2009-12-10 10:00 -------- d-----w- c:\programdata\NortonInstaller
2009-12-10 06:49 . 2008-01-20 13:13 -------- d-----w- c:\program files\Common Files\Adobe
2009-11-24 23:54 . 2009-09-08 09:18 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:49 . 2009-09-08 09:20 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-09-08 09:20 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-09-08 09:20 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-21 06:40 . 2009-12-09 06:40 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-21 06:34 . 2009-12-09 06:40 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-11-21 06:34 . 2009-12-09 06:40 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-11-21 04:59 . 2009-12-09 06:40 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-11-18 21:29 . 2009-11-18 21:29 -------- d-----w- c:\programdata\LogMeIn
2009-11-15 17:39 . 2008-01-19 12:25 99864 ----a-w- c:\users\vepr\AppData\Local\GDIPFONTCACHEV1.DAT
2009-11-09 12:31 . 2009-12-09 06:53 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-11-09 12:30 . 2009-12-09 06:52 30720 ----a-w- c:\windows\system32\httpapi.dll
2009-11-09 10:36 . 2009-12-09 06:52 411648 ----a-w- c:\windows\system32\drivers\http.sys
2009-11-02 19:42 . 2009-10-03 09:27 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-10-29 09:17 . 2009-11-24 18:46 2048 ----a-w- c:\windows\system32\tzres.dll
2007-08-09 12:08 . 2008-01-27 17:32 8784 ----a-w- c:\program files\mozilla firefox\plugins\ractrlkeyhook.dll
2007-08-09 12:10 . 2008-01-27 17:32 245408 ----a-w- c:\program files\mozilla firefox\plugins\unicows.dll
2007-12-15 16:40 . 2007-12-15 16:32 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}]
2009-08-10 14:06 91576 ----a-w- c:\program files\BearShareTb\BearShareDx.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{0974BA1E-64EC-11DE-B2A5-E43756D89593}"= "c:\program files\BearShareTb\BearShareDx.dll" [2009-08-10 91576]

[HKEY_CLASSES_ROOT\clsid\{0974ba1e-64ec-11de-b2a5-e43756d89593}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2007-12-29 486856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TPFNF7"="c:\program files\Lenovo\NPDIRECT\TPFNF7SP.exe" [2007-04-09 58416]
"PWMTRV"="c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL" [2007-09-05 319488]
"BLOG"="c:\progra~1\ThinkPad\UTILIT~1\BTVLogEx.DLL" [2007-09-05 214576]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-07-05 820520]
"TPHOTKEY"="c:\program files\Lenovo\HOTKEY\TPOSDSVC.exe" [2007-03-09 66176]
"TpShocks"="TpShocks.exe" [2007-09-28 181544]
"EZEJMNAP"="c:\progra~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe" [2007-03-28 243248]
"LenovoOobeOffers"="c:\swtools\LenovoWelcome\LenovoOobeOffers.exe" [2007-09-25 28672]
"TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2008-03-04 487424]
"DiskeeperSystray"="c:\program files\Diskeeper Corporation\Diskeeper\DkIcon.exe" [2006-11-16 217176]
"AwaySch"="c:\program files\Lenovo\AwayTask\AwaySch.EXE" [2006-11-07 91688]
"LPManager"="c:\progra~1\THINKV~2\PrdCtr\LPMGR.exe" [2007-04-26 120368]
"ACTray"="c:\program files\ThinkPad\ConnectUtilities\ACTray.exe" [2007-07-05 419112]
"ACWLIcon"="c:\program files\ThinkPad\ConnectUtilities\ACWLIcon.exe" [2007-07-05 124200]
"cssauth"="c:\program files\Lenovo\Client Security Solution\cssauth.exe" [2007-08-09 2630968]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-11 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-11 133656]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-06-13 528384]
"WinampAgent"="c:\program files\Winamp3\winampa.exe" [2003-10-06 12288]
"Message Center Plus"="c:\program files\LENOVO\Message Center Plus\MCPLaunch.exe" [2009-05-27 49976]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-07-09 1282048]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-10-28 141600]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acrobat Assistant.lnk - c:\program files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe [2008-1-20 49254]
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-1-20 113664]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2007-12-15 50688]
LenovoRegistration.lnk - c:\swtools\LenovoWelcome\LenovoRegistration.cmd [2007-10-4 166]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableCAD"= 1 (0x1)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2007-03-15 06:17 89600 ----a-w- c:\windows\System32\psqlpwd.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli psqlpwd

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):07,bf,ca,b5,c7,32,ca,01

R0 TPDIGIMN;TPDIGIMN;c:\windows\System32\drivers\ApsHM86.sys [29.9.2007 1:28 19504]
R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [8.9.2009 10:20 114768]
R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\System32\drivers\smiif32.sys [19.2.2007 5:12 13744]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [8.9.2009 10:20 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [8.9.2009 10:18 53328]
R2 smihlp;SMI Helper Driver (smihlp);c:\program files\Common Files\ThinkVantage Fingerprint Software\Drivers\smihlp.sys [15.3.2007 7:10 11152]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\System32\drivers\adusbser.sys [4.11.2008 9:29 97920]
R3 TVTI2C;Lenovo SM bus driver;c:\windows\System32\drivers\tvti2c.sys [23.5.2007 0:59 30336]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [2.11.2006 11:25 167936]
S3 hwcdcmdm0;HUAWEI Mobile Connect - 3G Modem;c:\windows\System32\drivers\ewusbmdm.sys [26.1.2008 21:50 92032]
S3 hwusbapp;HUAWEI Mobile Connect - 3G PC UI Interface;c:\windows\System32\drivers\ewusbapp.sys [26.1.2008 20:29 65152]
S3 hwusbser;HUAWEI Mobile Connect - 3G Application Interface;c:\windows\System32\drivers\ewusbser.sys [26.1.2008 20:29 65152]
S3 s816bus;Sony Ericsson Device 816 driver (WDM);c:\windows\System32\drivers\s816bus.sys [19.2.2009 18:31 81832]
S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter;c:\windows\System32\drivers\s816mdfl.sys [19.2.2009 18:31 13864]
S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver;c:\windows\System32\drivers\s816mdm.sys [19.2.2009 18:31 107304]
S3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM);c:\windows\System32\drivers\s816mgmt.sys [19.2.2009 18:33 99112]
S3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS);c:\windows\System32\drivers\s816nd5.sys [19.2.2009 18:32 21928]
S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface;c:\windows\System32\drivers\s816obex.sys [19.2.2009 18:32 97320]
S3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM);c:\windows\System32\drivers\s816unic.sys [19.2.2009 18:33 97704]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'

2010-01-17 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-02-12 14:54]

2010-01-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 08:44]

2010-01-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 08:44]

2010-01-15 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PC-Doctor\pcdlauncher.exe [2009-11-20 10:12]

2010-01-15 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\PC-Doctor\pcdr5cuiw32.exe [2010-01-05 07:16]

2010-01-16 c:\windows\Tasks\User_Feed_Synchronization-{7FB51E8E-F57E-4D8A-916A-1207E2509139}.job
- c:\windows\system32\msfeedssync.exe [2009-12-09 04:59]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://search.qip.ru
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
FF - ProfilePath - c:\users\vepr\AppData\Roaming\Mozilla\Firefox\Profiles\8xzpl9cf.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npRACtrl.dll
FF - plugin: c:\users\vepr\AppData\Roaming\Mozilla\Firefox\Profiles\8xzpl9cf.default\extensions\LogMeInClient@logmein.com\plugins\npRACtrl.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-17 13:02
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys spqm.sys >>UNKNOWN [0x84F8D944]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0x885cad24
\Driver\ACPI -> acpi.sys @ 0x807c0d68
\Driver\atapi -> 0x84fd61f8
\Driver\iaStor -> iaStor.sys @ 0x87ee8d30
IoDeviceObjectType ->\Device\Harddisk0\DR0 ->Warning: possible MBR rootkit infection !
user & kernel MBR OK

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'lsass.exe'(768)
c:\windows\system32\psqlpwd.dll
c:\program files\ThinkVantage Fingerprint Software\homefus2.dll
c:\program files\ThinkVantage Fingerprint Software\infra.dll

- - - - - - - > 'Explorer.exe'(5416)
c:\windows\system32\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\ibmpmsvc.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\ThinkVantage Fingerprint Software\upeksvr.exe
c:\windows\system32\IPSSVC.EXE
c:\program files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
c:\windows\system32\AEADISRV.EXE
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Diskeeper Corporation\Diskeeper\DkService.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
c:\program files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
c:\windows\System32\TPHDEXLG.exe
c:\program files\LENOVO\HOTKEY\TPHKSVC.exe
c:\program files\Lenovo\Client Security Solution\tvttcsd.exe
c:\program files\Lenovo\Rescue and Recovery\rrpservice.exe
c:\program files\Lenovo\Rescue and Recovery\rrservice.exe
c:\program files\Common Files\Lenovo\Scheduler\tvtsched.exe
c:\program files\Lenovo\Rescue and Recovery\ADM\IUService.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\ThinkPad\ConnectUtilities\AcSvc.exe
c:\program files\Lenovo\System Update\SUService.exe
c:\program files\Common Files\Lenovo\Logger\logmon.exe
c:\program files\Spybot - Search & Destroy\SDWinSec.exe
c:\program files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\conime.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\TpShocks.exe
c:\program files\ThinkPad\Utilities\EZEJMNAP.EXE
c:\program files\ThinkVantage\PrdCtr\LPMGR.EXE
c:\program files\Alwil Software\Avast4\ashDisp.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Lenovo\HOTKEY\TPONSCR.exe
c:\program files\Lenovo\Zoom\TpScrex.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Common Files\Teleca Shared\Generic.exe
c:\program files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
.
**************************************************************************
.
Celkový čas: 2010-01-17 13:16:24 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-01-17 12:16
ComboFix2.txt 2009-04-21 14:34

Před spuštěním: 7 410 155 520
Po spuštění: 6 960 537 600

- - End Of File - - 9B4BDC2931901904D4C2B092D9CCC974
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119402
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: pomale a zamrzajici PC

#13 Příspěvek od Rudy »

Něco bylo smazáno. Ještě proveďte:

1. Odinstalujte BearShare.
2. Udělejte sken MBR: http://www2.gmer.net/mbr/mbr.exe a dejte log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
apill01
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 21 dub 2009 11:01

Re: pomale a zamrzajici PC

#14 Příspěvek od apill01 »

mbr jsem stahl, ale kdyz chci spustit jen na cca pul vteriny blikne okno a to je vse, program dal nic nedela
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119402
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: pomale a zamrzajici PC

#15 Příspěvek od Rudy »

Zkuste to v nouz. režimu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“