Prosím o kontrolu logu.
Windowsy mi zamrznou při vykreslování ikon na ploše. Jedu zatím v Safe modu. Díky za help.
Logfile of random's system information tool 1.06 (written by random/random)
Run by Milan at 2010-01-20 18:32:55
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 5 GB (12%) free of 45 GB
Total RAM: 3070 MB (90% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:33:03, on 20.1.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\rsit\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Milan.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O3 - Toolbar: HopSurf toolbar - {E9FAB13D-4600-49E1-90D1-EE961C859D39} - C:\Program Files\Comodo\HopSurfToolbar\HopSurfToolbar_IE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [COMODO livePCsupport] C:\Program Files\COMODO\livePCsupport\ELPS.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
O4 - HKCU\..\Run: [HotkeyP] C:\Documents and Settings\Milan\Dokumenty\u\HotkeyP.exe 0
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Stáhnout pomocí USD - C:\Documents and Settings\Milan\Dokumenty\abritus\usd-4.2\USD_4.2\Ext\downloadie.html
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: HopSurf - {ED98F8D1-09AC-4107-B2FF-91DBE011B0C5} - C:\Program Files\Comodo\HopSurfToolbar\HopSurfToolbar_IE.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se4009.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E62A8B6B-D91C-457C-B1FB-20CC2D96B4EC} (Comodo AV Scanner ActiveX) - http://downloads.comodo.com/avs/ComodoAVScanner.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{78C6D486-019D-4E8E-AAC9-70656F6568B2}: NameServer = 62.204.224.2,62.204.224.3,62.240.163.170
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodata Limited License Service - Autodata Limited - C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Crypkey License - Unknown owner - crypserv.exe (file missing)
O23 - Service: Služba Google Update (gupdate1ca3c18986f9894) (gupdate1ca3c18986f9894) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP2\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP2\RpcSandraSrv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 11199 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
C:\WINDOWS\tasks\Uniblue SpeedUpMyPC.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{DEDB0CEB-7722-4DF7-855B-103E02D682C4}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}]
Octh Class - C:\Program Files\Orbitdownloader\orbitcth.dll [2009-12-21 240912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\WINDOWS\WebIE.dll [2007-01-19 491520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - c:\program files\real\realplayer\rpbrowserrecordplugin.dll [2009-09-23 329312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-07 263280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-07 764912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-10 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-08-26 405504]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\WINDOWS\WebIE.dll [2007-01-19 491520]
{E9FAB13D-4600-49E1-90D1-EE961C859D39} - HopSurf toolbar - C:\Program Files\Comodo\HopSurfToolbar\HopSurfToolbar_IE.dll [2009-10-31 1122496]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-07 263280]
{C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Grab Pro - C:\Program Files\Orbitdownloader\GrabPro.dll [2009-12-21 662720]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-05-27 16208384]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"DU Meter"=C:\Program Files\DU Meter\DUMeter.exe [2006-12-01 1583644]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2008-03-01 1443072]
"COMODO livePCsupport"=C:\Program Files\COMODO\livePCsupport\ELPS.exe [2009-05-08 689416]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2009-11-18 1800464]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
"MSConfig"=C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE [2006-03-02 159232]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HotkeyP"=C:\Documents and Settings\Milan\Dokumenty\u\HotkeyP.exe [2008-07-15 65536]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2006-03-02 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2004-06-28 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GBB36X Configure]
C:\WINDOWS\system32\JMRaidTool.exe [2006-06-02 385024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Quick Search Box]
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2009-11-14 122880]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\PROGRA~1\ICQ6.5\ICQ.exe [2009-03-01 172792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-03-23 227328]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
C:\WINDOWS\system32\\PSDrvCheck.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2007-06-29 286720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpriteService]
C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe [2006-10-25 544768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-10 136600]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-23 68856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-09-23 198160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue SpeedUpMyPC]
C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe [2007-05-16 8975904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan.lnk]
C:\PROGRA~1\MCAFEE~1\10BCA1~1.150\SSSCHE~1.EXE [2009-07-28 199184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~3\Office\OSA9.EXE [1999-02-17 65588]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Milan^Nabídka Start^Programy^Po spuštění^MRU-Blaster Silent Clean.lnk]
C:\PROGRA~1\MRU-BL~1\MRUBLA~1.EXE [2003-07-19 1200128]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\WINDOWS\system32\guard32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-06-07 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SynchronousMachineGroupPolicy"=0
"SynchronousUserGroupPolicy"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Pinnacle\Studio 10\programs\RM.exe"="C:\Program Files\Pinnacle\Studio 10\programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe"="C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\Program Files\Pinnacle\Studio 10\programs\umi.exe"="C:\Program Files\Pinnacle\Studio 10\programs\umi.exe:*:Enabled:umi"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP2\Win32\RpcDataSrv.exe"="C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP2\Win32\RpcDataSrv.exe:*:Enabled:SiSoftware Database Agent Service"
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP2\RpcSandraSrv.exe"="C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP2\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe"="C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe:*:Disabled:Sprite Backup PC Service"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Foxit Software\PDF Editor\PDFEdit.exe"="C:\Program Files\Foxit Software\PDF Editor\PDFEdit.exe:*:Enabled:Foxit PDF Editor, the first REAL editor for PDF files!"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Orbitdownloader\orbitdm.exe"="C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit"
"C:\Program Files\Orbitdownloader\orbitnet.exe"="C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
======List of files/folders created in the last 1 months======
2010-01-20 15:03:32 ----A---- C:\WINDOWS\ntbtlog.txt
2010-01-20 08:40:04 ----D---- C:\WINDOWS\CSC
2010-01-18 21:20:23 ----D---- C:\Documents and Settings\Milan\Data aplikací\proDAD
2010-01-18 21:20:11 ----D---- C:\Program Files\proDAD
2010-01-18 21:20:02 ----D---- C:\Program Files\LooksBuilderSE
2010-01-18 21:17:42 ----D---- C:\Program Files\Boris FX, Inc
2010-01-18 20:19:44 ----D---- C:\Program Files\Common Files\Pinnacle
2010-01-18 20:19:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio Ultimate
2010-01-18 19:35:49 ----D---- C:\Program Files\Common Files\Yahoo!
2010-01-18 19:35:49 ----D---- C:\Documents and Settings\All Users\Data aplikací\Studio 12
2010-01-17 01:43:29 ----D---- C:\Documents and Settings\Milan\Data aplikací\WinRAR
2010-01-17 00:52:57 ----D---- C:\Documents and Settings\Milan\Data aplikací\ESC
2010-01-17 00:50:46 ----D---- C:\WINDOWS\Mobile Hardware Library
2010-01-17 00:50:46 ----D---- C:\Program Files\ESC
2010-01-17 00:50:45 ----D---- C:\Program Files\Mobile Hardware Library
2010-01-17 00:48:20 ----A---- C:\WINDOWS\Mobile Hardware Library Setup Log.txt
2010-01-16 23:31:16 ----D---- C:\Program Files\NHL by blackattack
2010-01-13 09:13:48 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-13 09:13:30 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-01-08 23:49:08 ----D---- C:\Program Files\ReadManiac
2010-01-04 22:14:41 ----D---- C:\Documents and Settings\Milan\Data aplikací\GrabPro
2010-01-04 22:14:35 ----D---- C:\Program Files\Orbitdownloader
2010-01-04 22:14:35 ----D---- C:\Documents and Settings\Milan\Data aplikací\Orbit
2010-01-04 21:41:06 ----N---- C:\WINDOWS\Setup1.exe
2010-01-04 20:51:57 ----A---- C:\WINDOWS\system32\ODBCTL32.dll
2010-01-04 20:51:52 ----D---- C:\WINDOWS\landi ext
2010-01-03 21:09:33 ----A---- C:\WINDOWS\system32\bwmedia1.dll
2010-01-03 21:09:33 ----A---- C:\WINDOWS\system32\bwmedia.dll
2010-01-03 11:22:29 ----D---- C:\Program Files\USBview
2010-01-02 22:43:32 ----D---- C:\Program Files\Emulator java
2010-01-02 20:21:10 ----D---- C:\Program Files\DLPortIO
2010-01-01 13:10:33 ----D---- C:\Documents and Settings\Milan\Data aplikací\GRETECH
2010-01-01 13:09:20 ----D---- C:\Program Files\GRETECH
2010-01-01 13:01:31 ----D---- C:\Program Files\HWiNFO32
2010-01-01 12:24:04 ----D---- C:\Program Files\Combined Community Codec Pack
2010-01-01 12:01:53 ----D---- C:\Program Files\MSECache
2009-12-31 22:31:29 ----D---- C:\Program Files\LCD smartie
2009-12-30 09:13:49 ----A---- C:\WINDOWS\cfplogvw.INI
2009-12-27 20:47:32 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2009-12-27 20:47:30 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2009-12-27 20:47:27 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2009-12-27 20:47:23 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2009-12-27 20:47:23 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2009-12-27 20:47:20 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2009-12-27 20:47:18 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2009-12-27 20:47:14 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2009-12-27 20:47:14 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2009-12-27 20:47:13 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2009-12-27 20:47:10 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2009-12-27 20:47:08 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2009-12-27 20:47:08 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2009-12-27 20:47:06 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2009-12-27 20:47:03 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2009-12-27 20:47:03 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2009-12-27 20:47:01 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2009-12-27 20:47:01 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2009-12-27 20:46:58 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2009-12-27 20:46:55 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2009-12-27 20:46:53 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2009-12-27 20:46:50 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2009-12-27 20:46:50 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2009-12-27 20:46:44 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2009-12-27 20:46:43 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2009-12-27 20:46:42 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2009-12-27 20:46:41 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-12-27 20:46:40 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2009-12-27 20:46:40 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2009-12-27 20:46:39 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2009-12-27 20:46:38 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2009-12-27 20:46:38 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2009-12-27 20:46:37 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2009-12-27 20:46:36 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2009-12-27 20:46:35 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2009-12-27 20:46:20 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2009-12-27 20:46:20 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2009-12-27 20:46:19 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2009-12-27 20:46:17 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2009-12-27 20:46:16 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2009-12-27 20:46:15 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2009-12-27 20:46:14 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2009-12-27 20:46:12 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2009-12-27 20:39:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\Synetic
2009-12-26 23:58:13 ----D---- C:\Program Files\vmt
2009-12-23 22:24:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\McAfee Security Scan
2009-12-23 22:24:32 ----D---- C:\Program Files\McAfee Security Scan
======List of files/folders modified in the last 1 months======
2010-01-20 18:27:46 ----A---- C:\WINDOWS\WINCMD.INI
2010-01-20 18:17:46 ----D---- C:\WINDOWS\Temp
2010-01-20 18:06:58 ----D---- C:\rsit
2010-01-20 16:56:05 ----D---- C:\WINDOWS\system32\CatRoot
2010-01-20 16:55:58 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-20 15:36:28 ----A---- C:\WINDOWS\win.ini
2010-01-20 15:36:28 ----A---- C:\WINDOWS\system.ini
2010-01-20 15:36:28 ----A---- C:\boot.ini
2010-01-20 15:29:20 ----D---- C:\WINDOWS
2010-01-20 14:45:38 ----SHD---- C:\RECYCLER
2010-01-20 09:43:29 ----D---- C:\WINDOWS\system32
2010-01-20 08:36:30 ----D---- C:\WINDOWS\Prefetch
2010-01-19 23:16:06 ----D---- C:\WINDOWS\system32\config
2010-01-19 23:14:59 ----D---- C:\WINDOWS\system32\wbem
2010-01-19 23:14:56 ----D---- C:\WINDOWS\Registration
2010-01-19 23:14:02 ----SHD---- C:\WINDOWS\Installer
2010-01-19 23:13:23 ----HD---- C:\WINDOWS\inf
2010-01-19 20:14:52 ----D---- C:\Program Files\Mozilla Firefox
2010-01-19 17:39:01 ----D---- C:\Program Files\RSL
2010-01-18 21:56:28 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-18 21:20:11 ----RD---- C:\Program Files
2010-01-18 21:17:42 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-18 21:17:08 ----D---- C:\Program Files\Pinnacle
2010-01-18 20:20:07 ----D---- C:\WINDOWS\LastGood
2010-01-18 20:20:06 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-01-18 20:20:04 ----D---- C:\WINDOWS\system32\drivers
2010-01-18 20:19:44 ----D---- C:\Program Files\Common Files
2010-01-18 19:38:42 ----RSD---- C:\WINDOWS\Fonts
2010-01-18 19:36:06 ----D---- C:\WINDOWS\WinSxS
2010-01-17 19:23:16 ----D---- C:\Documents and Settings\Milan\Data aplikací\Canon
2010-01-17 19:12:41 ----A---- C:\WINDOWS\MAILTRAN.INI
2010-01-17 18:07:53 ----D---- C:\Documents and Settings\Milan\Data aplikací\Ancestry
2010-01-17 10:41:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-01-17 10:37:17 ----D---- C:\Program Files\WinRAR
2010-01-17 01:07:44 ----D---- C:\Downloads
2010-01-16 22:17:05 ----D---- C:\WINDOWS\system32\Adobe
2010-01-16 22:16:19 ----D---- C:\Documents and Settings\Milan\Data aplikací\Macromedia
2010-01-16 22:16:19 ----D---- C:\Documents and Settings\Milan\Data aplikací\Adobe
2010-01-16 22:16:17 ----D---- C:\WINDOWS\system32\Macromed
2010-01-16 22:15:29 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-01-14 08:26:54 ----D---- C:\WINDOWS\AppPatch
2010-01-13 09:13:52 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-13 09:13:44 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-13 09:13:39 ----A---- C:\WINDOWS\imsins.BAK
2010-01-11 11:55:41 ----A---- C:\WINDOWS\VFO.INI
2010-01-11 11:55:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\SmartSound Software Inc
2010-01-10 11:09:17 ----D---- C:\Program Files\SpeedFan
2010-01-06 19:53:45 ----A---- C:\WINDOWS\ST6UNST.EXE
2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe
2010-01-04 21:39:08 ----D---- C:\WINDOWS\pss
2010-01-04 21:38:28 ----D---- C:\Program Files\Outlook Express
2010-01-04 20:51:56 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-01-04 17:08:23 ----A---- C:\WINDOWS\pdf2word.INI
2010-01-01 12:18:24 ----SD---- C:\Documents and Settings\Milan\Data aplikací\Microsoft
2010-01-01 12:18:04 ----D---- C:\Program Files\Microsoft Office
2009-12-30 15:17:46 ----A---- C:\WINDOWS\WTRAN32.INI
2009-12-29 23:21:18 ----A---- C:\WINDOWS\RbSystem.ini
2009-12-29 18:12:03 ----A---- C:\WINDOWS\wcx_ftp.ini
2009-12-29 01:42:16 ----D---- C:\Program Files\ICQ6.5
2009-12-27 20:48:27 ----A---- C:\WINDOWS\NeroDigital.ini
2009-12-27 20:47:36 ----D---- C:\WINDOWS\system32\DirectX
2009-12-27 20:46:34 ----RSD---- C:\WINDOWS\assembly
2009-12-27 20:46:25 ----D---- C:\WINDOWS\Microsoft.NET
2009-12-26 23:20:59 ----D---- C:\Program Files\CPUz
2009-12-26 23:14:09 ----D---- C:\Program Files\GIGABYTE
2009-12-23 23:45:08 ----D---- C:\Program Files\OtoCheck
2009-12-21 00:08:05 ----A---- C:\WINDOWS\TRNCOM.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2004-07-06 26240]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2006-03-02 26496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2009-11-26 133064]
S1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2009-11-18 25160]
S1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-03-01 29704]
S1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2008-03-01 54280]
S1 HWiNFO32;HWiNFO32 Kernel Driver; \??\C:\Program Files\HWiNFO32\HWiNFO32.SYS []
S1 hwinterface;hwinterface; C:\WINDOWS\System32\Drivers\hwinterface.sys [2010-01-02 3026]
S1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2006-03-02 39936]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
S1 mbmiodrvr;mbmiodrvr; \??\C:\WINDOWS\system32\mbmiodrvr.sys []
S1 NetworkX;NetworkX; C:\WINDOWS\system32\ckldrv.sys [2006-01-10 31846]
S1 oreans32;oreans32; \??\C:\WINDOWS\system32\drivers\oreans32.sys []
S1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
S1 SSHDRV86;SSHDRV86; \??\C:\WINDOWS\system32\drivers\SSHDRV86.sys []
S1 UserPort;UserPort; \??\C:\WINDOWS\system32\Drivers\UserPort.sys []
S1 vmm;Virtual Machine Monitor; \??\C:\WINDOWS\system32\Drivers\vmm.sys []
S2 DLPortIO;DriverLINX Port I/O Driver; \??\C:\WINDOWS\system32\DRIVERS\DLPortIO.SYS []
S2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-03-01 39944]
S2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2004-07-06 9728]
S2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2008-03-01 71176]
S2 HOSTNT;HOSTNT; C:\WINDOWS\system32\drivers\HOSTNT.sys []
S2 io.sys;IO.DLL Driver; \??\C:\WINDOWS\system32\drivers\io.sys []
S2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-03 87424]
S2 IWPORT;IWPORT; \??\C:\WINDOWS\SYSTEM32\DRIVERS\IWPORT.SYS []
S2 pardrv;pardrv; C:\WINDOWS\system32\drivers\pardrv.sys [2008-01-23 9728]
S2 STM Parallel Driver;STM Parallel Driver; \??\C:\WINDOWS\system32\drivers\parstm.sys []
S2 SVKP;SVKP; \??\C:\WINDOWS\system32\SVKP.sys []
S2 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 aig7okky;aig7okky; C:\WINDOWS\system32\drivers\aig7okky.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2006-03-02 60800]
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-06-07 1580544]
S3 ATIAVAIW;ATI T200 Unified AVStream service; C:\WINDOWS\system32\DRIVERS\atinavt2.sys [2006-05-02 166528]
S3 ATMEGA8USB0;ELCAR USB Programmer Device Driver; C:\WINDOWS\System32\Drivers\usbprog.sys [2005-08-09 8535]
S3 ATMEGA8USB4;NYO4 Hardware Key; C:\WINDOWS\System32\Drivers\nyousb.sys [2006-08-28 8489]
S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2005-08-29 428269]
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2005-08-29 30363]
S3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2005-08-29 853258]
S3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2005-08-29 30221]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2005-08-29 64344]
S3 BulkUsb;FABULK; C:\WINDOWS\System32\Drivers\FABulk.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\Milan\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 CTU2K;CTU2K.SYS CTU2K device driver; C:\WINDOWS\System32\Drivers\CTU2K.sys [2003-01-24 24197]
S3 DMSHLP;Serial Monitor Helper Driver; \??\C:\Program Files\Common Files\HHD Software\Device Monitor\dmshlp.sys []
S3 dsnpfd;DeskSoft Service; C:\WINDOWS\system32\DRIVERS\dsnpfd.sys [2009-02-13 26920]
S3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2008-03-01 30728]
S3 Epiusb;USB Flash; C:\WINDOWS\System32\Drivers\Epiusb.sys [2001-09-05 14940]
S3 ET5Drv;ET5Drv; \??\C:\WINDOWS\system32\Drivers\ET5Drv.sys []
S3 FTD2XX;VAGUSB.sys VAG-Com USB driver; C:\WINDOWS\System32\Drivers\VAGUSB.sys [2003-10-30 25596]
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2008-03-13 57536]
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2008-03-13 72000]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-05-26 4279296]
S3 MarkFun_NT;MarkFun_NT; \??\C:\Program Files\Gigabyte\ET5\markfun.w32 []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-03 15360]
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2004-08-03 22016]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2006-03-02 61824]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2009-03-19 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2009-03-19 8320]
S3 ntportio;ntportio; \??\O:\!Mobil98\!Mobil\!sonyericson\ok semc 22\ntportio.sys []
S3 PCANDIS5;PCANDIS5 Protocol Driver; \??\C:\PROGRA~1\PI\PG2000\PCANDIS5.SYS []
S3 Pg4uUSB;Elnec USB driver; C:\WINDOWS\system32\DRIVERS\pg4uusb.sys [2009-11-09 75776]
S3 ptiusbf;PTI USB Filter; C:\WINDOWS\SYSTEM32\DRIVERS\PTIUSBF.SYS [2001-04-13 22474]
S3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
S3 S5AS511;S5AS511; C:\WINDOWS\system32\drivers\S5AS511.sys [2003-11-11 15360]
S3 S5MCD;S5MCD; C:\WINDOWS\system32\drivers\S5MCD.sys [2003-11-11 188416]
S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP2\Sandra.sys []
S3 Ser2pl;Prolific2 Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2005-06-23 48384]
S3 SerMon;Serial Monitor Filter Driver; \??\C:\Program Files\HHD Software\Serial Monitor 2.0\sermon.sys []
S3 sermouse;Ovladač sériové myši; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2001-10-24 17664]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 STIrUsb;STIrUsb.sys USB-IrDA Adapter; C:\WINDOWS\system32\DRIVERS\irstusb.sys [2001-09-24 30088]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 tt;owonhdsusb.sys, Owon oscilloscope usb Driver; C:\WINDOWS\System32\Drivers\owonhdsusb.sys [2006-04-21 59168]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2005-10-21 12800]
S3 usb2vcom;USB Data Cable; C:\WINDOWS\system32\DRIVERS\usb2vcom.sys [2005-08-06 28704]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2004-08-03 25600]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 USTOR;U-Storage Controller; C:\WINDOWS\system32\DRIVERS\UStork.sys [2004-08-17 20218]
S3 VESTAUSB;VESTAUSB.Sys VESTAUSB Bulk IO driver; C:\WINDOWS\System32\Drivers\VESTAUSB.sys [2004-01-09 12928]
S3 VPCNetS2;Virtual Machine Network Services Driver; C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys [2004-07-14 45568]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-03-15 244608]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-06-07 409600]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-06-07 520192]
S2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2005-08-29 266295]
S2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2005-09-30 96341]
S2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2010-01-07 723632]
S2 Crypkey License;Crypkey License; crypserv.exe []
S2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2006-03-02 14336]
S2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2006-03-02 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodata Limited License Service;Autodata Limited License Service; C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe [2007-02-17 72704]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdate1ca3c18986f9894;Služba Google Update (gupdate1ca3c18986f9894); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-23 133104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-11-07 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-10 152984]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SandraDataSrv;SiSoftware Database Agent Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP2\Win32\RpcDataSrv.exe [2007-05-01 131256]
S3 SandraTheSrv;SiSoftware Sandra Agent Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP2\RpcSandraSrv.exe [2007-05-01 1216704]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-03-26 292864]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2008-03-01 19200]
S4 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2007-12-21 468224]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Nedokončí boot
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119383
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nedokončí boot
Dejte log z Combofix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly
stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet
zadne jine aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci
skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do
Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu
pripadneho malware k nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nedokončí boot
Tak zde je, ale už to vypadá hooodně dobře. Wokna nabíhaj normálně. Díky mooooc.
ComboFix 10-01-19.08 - Milan 20.01.2010 20:43:29.6.2 - x86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.3070.2646 [GMT 1:00]
Spuštěný z: c:\documents and settings\Milan\Plocha\ComboFix.exe
AV: COMODO Antivirus *On-access scanning enabled* (Updated) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
AV: ESET Smart Security 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Milan\Dokumenty\BackupRegistry(20091127).reg
c:\documents and settings\Milan\Dokumenty\cc_20100119_222022.reg
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_OREANS32
-------\Service_oreans32
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-20 do 2010-01-20 )))))))))))))))))))))))))))))))
.
2010-01-20 08:43 . 2010-01-20 08:43 552 ----a-w- c:\windows\system32\d3d8caps.dat
2010-01-19 22:14 . 2010-01-19 22:14 -------- d-----w- c:\windows\system32\wbem\Repository
2010-01-18 20:20 . 2010-01-18 20:20 -------- d-----w- c:\program files\proDAD
2010-01-18 20:20 . 2010-01-19 22:13 -------- d-----w- c:\program files\LooksBuilderSE
2010-01-18 20:17 . 2010-01-18 20:18 -------- d-----w- c:\program files\Boris FX, Inc
2010-01-18 19:19 . 2010-01-18 19:19 -------- d-----w- c:\program files\Common Files\Pinnacle
2010-01-18 18:35 . 2010-01-18 18:35 -------- d-----w- c:\program files\Common Files\Yahoo!
2010-01-16 23:50 . 2010-01-16 23:50 -------- d-----w- c:\windows\Mobile Hardware Library
2010-01-16 23:50 . 2010-01-16 23:50 -------- d-----w- c:\program files\ESC
2010-01-16 23:50 . 2010-01-16 23:50 -------- d-----w- c:\program files\Mobile Hardware Library
2010-01-16 22:31 . 2010-01-16 22:31 -------- d-----w- c:\program files\NHL by blackattack
2010-01-08 22:49 . 2010-01-08 22:49 -------- d-----w- c:\program files\ReadManiac
2010-01-04 21:14 . 2010-01-04 21:14 -------- d-----w- c:\program files\Orbitdownloader
2010-01-04 20:41 . 2010-01-06 18:53 475136 ------w- c:\windows\Setup1.exe
2010-01-04 19:51 . 1999-11-22 22:15 77824 ----a-w- c:\windows\system32\ODBCTL32.dll
2010-01-04 19:51 . 2010-01-04 19:51 -------- d-----w- c:\windows\landi ext
2010-01-03 20:09 . 2010-01-03 20:09 295424 ----a-w- c:\windows\system32\bwmedia1.dll
2010-01-03 20:09 . 2010-01-03 20:09 150016 ----a-w- c:\windows\system32\bwmedia.dll
2010-01-03 10:22 . 2010-01-03 10:32 -------- d-----w- c:\program files\USBview
2010-01-02 21:43 . 2010-01-02 21:50 -------- d-----w- c:\program files\Emulator java
2010-01-02 19:21 . 1996-08-21 11:13 27136 ----a-w- c:\windows\system32\drivers\Ctl3d32.dll
2010-01-02 19:21 . 2010-01-02 19:21 -------- d-----w- c:\program files\DLPortIO
2010-01-02 18:57 . 2010-01-02 18:57 3026 ----a-w- c:\windows\system32\drivers\hwinterface.sys
2010-01-01 12:09 . 2010-01-01 12:09 -------- d-----w- c:\program files\GRETECH
2010-01-01 12:01 . 2010-01-01 12:01 -------- d-----w- c:\program files\HWiNFO32
2010-01-01 11:24 . 2010-01-01 11:24 -------- d-----w- c:\program files\Combined Community Codec Pack
2010-01-01 11:01 . 2010-01-01 11:17 -------- d-----w- c:\program files\MSECache
2009-12-31 21:31 . 2009-12-31 21:32 -------- d-----w- c:\program files\LCD smartie
2009-12-27 19:46 . 2007-05-16 15:45 3497832 ----a-w- c:\windows\system32\d3dx9_34.dll
2009-12-26 22:58 . 2009-12-26 22:58 -------- d-----w- c:\program files\vmt
2009-12-26 22:13 . 2009-12-26 22:25 4716 ----a-w- c:\windows\gdrv.sys
2009-12-23 21:24 . 2009-12-23 21:24 -------- d-----w- c:\program files\McAfee Security Scan
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-19 21:49 . 2006-03-02 12:00 82372 ----a-w- c:\windows\system32\perfc005.dat
2010-01-19 21:49 . 2006-03-02 12:00 437558 ----a-w- c:\windows\system32\perfh005.dat
2010-01-19 16:39 . 2009-01-05 21:43 -------- d-----w- c:\program files\RSL
2010-01-18 20:17 . 2007-01-05 08:14 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-18 20:17 . 2007-01-27 18:55 -------- d-----w- c:\program files\Pinnacle
2010-01-10 10:09 . 2007-12-25 21:25 -------- d-----w- c:\program files\SpeedFan
2010-01-06 18:53 . 2008-04-14 17:24 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-12-30 14:27 . 2009-10-31 21:13 1474832 ----a-w- c:\windows\system32\drivers\sfi.dat
2009-12-29 00:42 . 2009-03-10 07:14 -------- d-----w- c:\program files\ICQ6.5
2009-12-26 22:20 . 2007-01-13 19:37 -------- d-----w- c:\program files\CPUz
2009-12-26 22:14 . 2007-01-05 08:14 -------- d-----w- c:\program files\GIGABYTE
2009-12-23 22:45 . 2009-12-13 21:01 -------- d-----w- c:\program files\OtoCheck
2009-12-14 11:26 . 2009-12-13 19:53 -------- d-----w- c:\program files\CarTool
2009-12-13 19:13 . 2009-12-11 21:44 -------- d-----w- c:\program files\Immo Cleaner 2
2009-12-11 22:10 . 2009-12-11 22:09 -------- d-----w- c:\program files\DATA_EXPLORER_MANAGER
2009-12-10 21:07 . 2008-11-19 12:02 -------- d-----w- c:\program files\yBook
2009-12-03 07:54 . 2008-05-13 19:13 33824 ----a-w- c:\windows\system32\drivers\oreans32.sys
2009-12-01 11:19 . 2009-12-01 11:19 -------- d-----w- c:\program files\Spellit
2009-11-29 09:19 . 2009-11-26 21:00 -------- d-----w- c:\program files\WinXP Manager
2009-11-27 17:44 . 2009-11-27 17:44 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-11-26 19:51 . 2009-10-31 21:01 171552 ----a-w- c:\windows\system32\guard32.dll
2009-11-26 19:51 . 2009-10-31 21:01 133064 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2009-11-21 16:46 . 2006-03-02 12:00 470528 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-18 07:14 . 2009-10-31 21:01 87104 ----a-w- c:\windows\system32\drivers\inspect.sys
2009-11-18 07:14 . 2009-10-31 21:01 25160 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2009-11-09 15:25 . 2007-01-07 14:20 75776 ----a-w- c:\windows\system32\drivers\Pg4uusb.sys
2009-10-29 07:43 . 2006-03-02 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-08-23 07:52 . 2009-08-23 07:52 0 ----a-w- c:\program files\uziv.dat
2009-02-08 14:01 . 2009-02-08 14:01 5 ----a-w- c:\program files\trl.trl
2008-09-29 19:52 . 2008-09-29 19:52 18 ----a-w- c:\program files\XP Repair Pro 2007ERR_Item1-9-29-2008_21-52-25_9052089.dnp
2008-09-29 19:52 . 2008-09-29 19:52 18 ----a-w- c:\program files\XP Repair Pro 2007ERR_Item1-9-29-2008_21-52-12_2967885.dnp
2008-09-29 19:51 . 2008-09-29 19:51 18 ----a-w- c:\program files\XP Repair Pro 2007ERR_Item1-9-29-2008_21-51-57_6435778.dnp
2008-09-29 19:51 . 2008-09-29 19:51 18 ----a-w- c:\program files\XP Repair Pro 2007ERR_Item1-9-29-2008_21-51-29_2636282.dnp
2008-08-21 19:03 . 2008-08-21 19:03 18 ----a-w- c:\program files\XP Repair Pro 2007ERR_Item0-8-21-2008_21-3-7_4559656.dnp
2004-01-08 10:38 . 2008-02-20 19:23 208896 ----a-w- c:\program files\lame_enc.dll
2001-05-23 13:27 . 2001-05-23 13:27 78730 ----a-w- c:\program files\pcs5easy.htm
2001-05-23 10:25 . 2001-05-23 10:25 900 ----a-w- c:\program files\updateinfo.htm
2001-05-23 09:18 . 2001-05-23 09:18 3735 ----a-w- c:\program files\version.htm
2001-05-23 08:56 . 2001-05-23 08:56 5246 ----a-w- c:\program files\start.htm
2001-02-20 14:36 . 2001-02-20 14:36 44134 ----a-w- c:\program files\oem.bmp
2001-01-25 10:01 . 2001-01-25 10:01 2191 ----a-w- c:\program files\CHANGES.TXT
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotkeyP"="c:\documents and settings\Milan\Dokumenty\u\HotkeyP.exe" [2008-07-15 65536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-05-27 16208384]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"DU Meter"="c:\program files\DU Meter\DUMeter.exe" [2006-12-01 1583644]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-03-01 1443072]
"COMODO livePCsupport"="c:\program files\COMODO\livePCsupport\ELPS.exe" [2009-05-08 689416]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2009-11-18 1800464]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-02 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2005-10-9 610365]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan.lnk
backup=c:\windows\pss\McAfee Security Scan.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Milan^Nabídka Start^Programy^Po spuštění^MRU-Blaster Silent Clean.lnk]
backup=c:\windows\pss\MRU-Blaster Silent Clean.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
2004-06-28 02:33 57344 ----a-w- c:\program files\SlySoft\CloneCD\CloneCDTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GBB36X Configure]
2006-06-02 08:46 385024 ----a-r- c:\windows\system32\JMRaidTool.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Quick Search Box]
2009-11-14 14:59 122880 ----a-w- c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2009-03-01 10:59 172792 ----a-w- c:\progra~1\ICQ6.5\ICQ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2004-10-13 16:24 1694208 ------w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
2007-03-23 12:20 227328 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2007-06-29 04:24 286720 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 10:04 2879488 ------r- c:\windows\SkyTel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpriteService]
2006-10-25 15:11 544768 ----a-w- c:\program files\Sprite Software\Sprite Backup\SpriteService.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2008-11-10 04:43 136600 ----a-w- c:\program files\Java\jre6\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-08-23 05:04 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2009-09-23 06:41 198160 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue SpeedUpMyPC]
2007-05-16 08:45 8975904 ----a-w- c:\program files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XI.SP2\\Win32\\RpcDataSrv.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XI.SP2\\RpcSandraSrv.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Sprite Software\\Sprite Backup\\SpriteService.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Foxit Software\\PDF Editor\\PDFEdit.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitdm.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitnet.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9420:TCP"= 9420:TCP:Red Swoosh
"5000:UDP"= 5000:UDP:Red Swoosh
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R0 PLFF;USB Flash Disk Driver;c:\windows\system32\drivers\plff.sys [14.4.2008 19:02 7040]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [31.10.2009 22:01 133064]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [31.10.2009 22:01 25160]
R1 HWiNFO32;HWiNFO32 Kernel Driver;c:\program files\HWiNFO32\HWiNFO32.SYS [1.1.2010 13:01 19064]
R1 hwinterface;hwinterface;c:\windows\system32\drivers\hwinterface.sys [2.1.2010 19:57 3026]
R1 UserPort;UserPort;c:\windows\system32\drivers\UserPort.sys [12.1.2007 20:35 4256]
R2 DLPortIO;DriverLINX Port I/O Driver;c:\windows\system32\drivers\DLPORTIO.sys [5.7.2005 23:19 3584]
R2 io.sys;IO.DLL Driver;c:\windows\system32\drivers\io.sys [21.3.2009 21:27 5152]
R2 IWPORT;IWPORT;c:\windows\system32\drivers\IWPORT.SYS [2.11.2001 8:21 7896]
R2 pardrv;pardrv;c:\windows\system32\drivers\pardrv.sys [7.1.2007 15:20 9728]
R2 STM Parallel Driver;STM Parallel Driver;c:\windows\system32\drivers\parstm.sys [1.6.2007 19:16 35040]
R2 SVKP;SVKP;c:\windows\system32\SVKP.sys [31.8.2008 13:01 2368]
R2 TVICHW32;TVICHW32;c:\windows\system32\drivers\TVicHW32.sys [29.11.2008 19:34 25040]
R3 dsnpfd;DeskSoft Service;c:\windows\system32\drivers\dsnpfd.sys [13.2.2009 9:47 26920]
S1 SSHDRV86;SSHDRV86;\??\c:\windows\system32\drivers\SSHDRV86.sys --> c:\windows\system32\drivers\SSHDRV86.sys [?]
S2 HOSTNT;HOSTNT; [x]
S3 BulkUsb;FABULK;c:\windows\system32\Drivers\FABulk.sys --> c:\windows\system32\Drivers\FABulk.sys [?]
S3 CTU2K;CTU2K.SYS CTU2K device driver;c:\windows\system32\drivers\CTU2K.sys [18.5.2007 15:24 24197]
S3 DMSHLP;Serial Monitor Helper Driver;c:\program files\Common Files\HHD Software\Device Monitor\DMSHLP.sys [2.6.2004 15:40 8240]
S3 gupdate1ca3c18986f9894;Služba Google Update (gupdate1ca3c18986f9894);c:\program files\Google\Update\GoogleUpdate.exe [23.9.2009 7:39 133104]
S3 MarkFun_NT;MarkFun_NT;c:\program files\GIGABYTE\ET5\MARKFUN.W32 [5.1.2007 9:24 6534]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [6.11.2009 10:17 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [6.11.2009 10:17 8320]
S3 Pg4uUSB;Elnec USB driver;c:\windows\system32\drivers\Pg4uusb.sys [7.1.2007 15:20 75776]
S3 ptiusbf;PTI USB Filter;c:\windows\system32\drivers\ptiusbf.sys [13.4.2001 23:22 22474]
S3 S5AS511;S5AS511;c:\windows\system32\drivers\S5AS511.SYS [26.4.2008 20:15 15360]
S3 S5MCD;S5MCD;c:\windows\system32\drivers\S5MCD.SYS [26.4.2008 20:15 188416]
S3 SerMon;Serial Monitor Filter Driver;c:\program files\HHD Software\Serial Monitor 2.0\SERMON.sys [2.6.2004 15:40 17920]
S3 tt;owonhdsusb.sys, Owon oscilloscope usb Driver;c:\windows\system32\drivers\owonhdsusb.sys [21.4.2006 21:03 59168]
S3 usb2vcom;USB Data Cable;c:\windows\system32\drivers\usb2vcom.sys [23.9.2007 9:41 28704]
S3 USTOR;U-Storage Controller;c:\windows\system32\drivers\UStork.sys [14.4.2008 19:04 20218]
S3 VESTAUSB;VESTAUSB.Sys VESTAUSB Bulk IO driver;c:\windows\system32\drivers\VESTAUSB.sys [9.1.2004 9:38 12928]
S4 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [21.12.2007 7:21 468224]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27.6.2007 16:08 639224]
.
Obsah adresáře 'Naplánované úlohy'
2010-01-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-23 06:39]
2010-01-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-23 06:39]
2009-04-06 c:\windows\Tasks\Uniblue SpeedUpMyPC Nag.job
- c:\program files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe [2008-09-08 08:45]
2008-09-08 c:\windows\Tasks\Uniblue SpeedUpMyPC.job
- c:\program files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe [2008-09-08 08:45]
2010-01-19 c:\windows\Tasks\User_Feed_Synchronization-{DEDB0CEB-7722-4DF7-855B-103E02D682C4}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Stáhnout pomocí USD - c:\documents and settings\Milan\Dokumenty\abritus\usd-4.2\USD_4.2\Ext\downloadie.html
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
Trusted Zone: servis24.cz\www
TCP: {78C6D486-019D-4E8E-AAC9-70656F6568B2} = 62.204.224.2,62.204.224.3,62.240.163.170
DPF: {E62A8B6B-D91C-457C-B1FB-20CC2D96B4EC} - hxxp://downloads.comodo.com/avs/ComodoAVScanner.cab
FF - ProfilePath - c:\documents and settings\Milan\Data aplikací\Mozilla\Firefox\Profiles\597qu841.default\
FF - component: c:\documents and settings\Milan\Data aplikací\Mozilla\Firefox\Profiles\597qu841.default\extensions\speedtest@gotomyhelp.com\components\NetDiag.dll
FF - component: c:\program files\Comodo\HopSurfToolbar\hopsurfext_ff3_5\components\hopsurf.dll
FF - component: c:\program files\Orbitdownloader\addons\OneClickYouTubeDownloader\components\GrabXpcom.dll
FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
MSConfigStartUp-PinnacleDriverCheck - c:\windows\system32\\PSDrvCheck.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-20 20:58
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\MarkFun_NT]
"ImagePath"="\??\c:\program files\Gigabyte\ET5\markfun.w32"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1715567821-1979792683-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1704)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(2576)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 6\PCSCM.dll
c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\program files\Microsoft Virtual PC\VPCShExH.DLL
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\COMODO\COMODO Internet Security\cmdagent.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\RTHDCPL.EXE
c:\program files\Microsoft ActiveSync\wcescomm.exe
c:\progra~1\MI3AA1~1\rapimgr.exe
c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
.
**************************************************************************
.
Celkový čas: 2010-01-20 21:04:56 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-01-20 20:04
ComboFix2.txt 2009-11-26 17:48
ComboFix3.txt 2009-03-28 09:09
Před spuštěním: 7 940 804 608
Po spuštění: 7 885 254 656
- - End Of File - - CFDF8987A581B949DEC31AA0C1A9118C
ComboFix 10-01-19.08 - Milan 20.01.2010 20:43:29.6.2 - x86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.3070.2646 [GMT 1:00]
Spuštěný z: c:\documents and settings\Milan\Plocha\ComboFix.exe
AV: COMODO Antivirus *On-access scanning enabled* (Updated) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
AV: ESET Smart Security 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Milan\Dokumenty\BackupRegistry(20091127).reg
c:\documents and settings\Milan\Dokumenty\cc_20100119_222022.reg
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_OREANS32
-------\Service_oreans32
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-20 do 2010-01-20 )))))))))))))))))))))))))))))))
.
2010-01-20 08:43 . 2010-01-20 08:43 552 ----a-w- c:\windows\system32\d3d8caps.dat
2010-01-19 22:14 . 2010-01-19 22:14 -------- d-----w- c:\windows\system32\wbem\Repository
2010-01-18 20:20 . 2010-01-18 20:20 -------- d-----w- c:\program files\proDAD
2010-01-18 20:20 . 2010-01-19 22:13 -------- d-----w- c:\program files\LooksBuilderSE
2010-01-18 20:17 . 2010-01-18 20:18 -------- d-----w- c:\program files\Boris FX, Inc
2010-01-18 19:19 . 2010-01-18 19:19 -------- d-----w- c:\program files\Common Files\Pinnacle
2010-01-18 18:35 . 2010-01-18 18:35 -------- d-----w- c:\program files\Common Files\Yahoo!
2010-01-16 23:50 . 2010-01-16 23:50 -------- d-----w- c:\windows\Mobile Hardware Library
2010-01-16 23:50 . 2010-01-16 23:50 -------- d-----w- c:\program files\ESC
2010-01-16 23:50 . 2010-01-16 23:50 -------- d-----w- c:\program files\Mobile Hardware Library
2010-01-16 22:31 . 2010-01-16 22:31 -------- d-----w- c:\program files\NHL by blackattack
2010-01-08 22:49 . 2010-01-08 22:49 -------- d-----w- c:\program files\ReadManiac
2010-01-04 21:14 . 2010-01-04 21:14 -------- d-----w- c:\program files\Orbitdownloader
2010-01-04 20:41 . 2010-01-06 18:53 475136 ------w- c:\windows\Setup1.exe
2010-01-04 19:51 . 1999-11-22 22:15 77824 ----a-w- c:\windows\system32\ODBCTL32.dll
2010-01-04 19:51 . 2010-01-04 19:51 -------- d-----w- c:\windows\landi ext
2010-01-03 20:09 . 2010-01-03 20:09 295424 ----a-w- c:\windows\system32\bwmedia1.dll
2010-01-03 20:09 . 2010-01-03 20:09 150016 ----a-w- c:\windows\system32\bwmedia.dll
2010-01-03 10:22 . 2010-01-03 10:32 -------- d-----w- c:\program files\USBview
2010-01-02 21:43 . 2010-01-02 21:50 -------- d-----w- c:\program files\Emulator java
2010-01-02 19:21 . 1996-08-21 11:13 27136 ----a-w- c:\windows\system32\drivers\Ctl3d32.dll
2010-01-02 19:21 . 2010-01-02 19:21 -------- d-----w- c:\program files\DLPortIO
2010-01-02 18:57 . 2010-01-02 18:57 3026 ----a-w- c:\windows\system32\drivers\hwinterface.sys
2010-01-01 12:09 . 2010-01-01 12:09 -------- d-----w- c:\program files\GRETECH
2010-01-01 12:01 . 2010-01-01 12:01 -------- d-----w- c:\program files\HWiNFO32
2010-01-01 11:24 . 2010-01-01 11:24 -------- d-----w- c:\program files\Combined Community Codec Pack
2010-01-01 11:01 . 2010-01-01 11:17 -------- d-----w- c:\program files\MSECache
2009-12-31 21:31 . 2009-12-31 21:32 -------- d-----w- c:\program files\LCD smartie
2009-12-27 19:46 . 2007-05-16 15:45 3497832 ----a-w- c:\windows\system32\d3dx9_34.dll
2009-12-26 22:58 . 2009-12-26 22:58 -------- d-----w- c:\program files\vmt
2009-12-26 22:13 . 2009-12-26 22:25 4716 ----a-w- c:\windows\gdrv.sys
2009-12-23 21:24 . 2009-12-23 21:24 -------- d-----w- c:\program files\McAfee Security Scan
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-19 21:49 . 2006-03-02 12:00 82372 ----a-w- c:\windows\system32\perfc005.dat
2010-01-19 21:49 . 2006-03-02 12:00 437558 ----a-w- c:\windows\system32\perfh005.dat
2010-01-19 16:39 . 2009-01-05 21:43 -------- d-----w- c:\program files\RSL
2010-01-18 20:17 . 2007-01-05 08:14 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-18 20:17 . 2007-01-27 18:55 -------- d-----w- c:\program files\Pinnacle
2010-01-10 10:09 . 2007-12-25 21:25 -------- d-----w- c:\program files\SpeedFan
2010-01-06 18:53 . 2008-04-14 17:24 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-12-30 14:27 . 2009-10-31 21:13 1474832 ----a-w- c:\windows\system32\drivers\sfi.dat
2009-12-29 00:42 . 2009-03-10 07:14 -------- d-----w- c:\program files\ICQ6.5
2009-12-26 22:20 . 2007-01-13 19:37 -------- d-----w- c:\program files\CPUz
2009-12-26 22:14 . 2007-01-05 08:14 -------- d-----w- c:\program files\GIGABYTE
2009-12-23 22:45 . 2009-12-13 21:01 -------- d-----w- c:\program files\OtoCheck
2009-12-14 11:26 . 2009-12-13 19:53 -------- d-----w- c:\program files\CarTool
2009-12-13 19:13 . 2009-12-11 21:44 -------- d-----w- c:\program files\Immo Cleaner 2
2009-12-11 22:10 . 2009-12-11 22:09 -------- d-----w- c:\program files\DATA_EXPLORER_MANAGER
2009-12-10 21:07 . 2008-11-19 12:02 -------- d-----w- c:\program files\yBook
2009-12-03 07:54 . 2008-05-13 19:13 33824 ----a-w- c:\windows\system32\drivers\oreans32.sys
2009-12-01 11:19 . 2009-12-01 11:19 -------- d-----w- c:\program files\Spellit
2009-11-29 09:19 . 2009-11-26 21:00 -------- d-----w- c:\program files\WinXP Manager
2009-11-27 17:44 . 2009-11-27 17:44 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-11-26 19:51 . 2009-10-31 21:01 171552 ----a-w- c:\windows\system32\guard32.dll
2009-11-26 19:51 . 2009-10-31 21:01 133064 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2009-11-21 16:46 . 2006-03-02 12:00 470528 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-18 07:14 . 2009-10-31 21:01 87104 ----a-w- c:\windows\system32\drivers\inspect.sys
2009-11-18 07:14 . 2009-10-31 21:01 25160 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2009-11-09 15:25 . 2007-01-07 14:20 75776 ----a-w- c:\windows\system32\drivers\Pg4uusb.sys
2009-10-29 07:43 . 2006-03-02 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-08-23 07:52 . 2009-08-23 07:52 0 ----a-w- c:\program files\uziv.dat
2009-02-08 14:01 . 2009-02-08 14:01 5 ----a-w- c:\program files\trl.trl
2008-09-29 19:52 . 2008-09-29 19:52 18 ----a-w- c:\program files\XP Repair Pro 2007ERR_Item1-9-29-2008_21-52-25_9052089.dnp
2008-09-29 19:52 . 2008-09-29 19:52 18 ----a-w- c:\program files\XP Repair Pro 2007ERR_Item1-9-29-2008_21-52-12_2967885.dnp
2008-09-29 19:51 . 2008-09-29 19:51 18 ----a-w- c:\program files\XP Repair Pro 2007ERR_Item1-9-29-2008_21-51-57_6435778.dnp
2008-09-29 19:51 . 2008-09-29 19:51 18 ----a-w- c:\program files\XP Repair Pro 2007ERR_Item1-9-29-2008_21-51-29_2636282.dnp
2008-08-21 19:03 . 2008-08-21 19:03 18 ----a-w- c:\program files\XP Repair Pro 2007ERR_Item0-8-21-2008_21-3-7_4559656.dnp
2004-01-08 10:38 . 2008-02-20 19:23 208896 ----a-w- c:\program files\lame_enc.dll
2001-05-23 13:27 . 2001-05-23 13:27 78730 ----a-w- c:\program files\pcs5easy.htm
2001-05-23 10:25 . 2001-05-23 10:25 900 ----a-w- c:\program files\updateinfo.htm
2001-05-23 09:18 . 2001-05-23 09:18 3735 ----a-w- c:\program files\version.htm
2001-05-23 08:56 . 2001-05-23 08:56 5246 ----a-w- c:\program files\start.htm
2001-02-20 14:36 . 2001-02-20 14:36 44134 ----a-w- c:\program files\oem.bmp
2001-01-25 10:01 . 2001-01-25 10:01 2191 ----a-w- c:\program files\CHANGES.TXT
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotkeyP"="c:\documents and settings\Milan\Dokumenty\u\HotkeyP.exe" [2008-07-15 65536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-05-27 16208384]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"DU Meter"="c:\program files\DU Meter\DUMeter.exe" [2006-12-01 1583644]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-03-01 1443072]
"COMODO livePCsupport"="c:\program files\COMODO\livePCsupport\ELPS.exe" [2009-05-08 689416]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2009-11-18 1800464]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-02 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2005-10-9 610365]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan.lnk
backup=c:\windows\pss\McAfee Security Scan.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Milan^Nabídka Start^Programy^Po spuštění^MRU-Blaster Silent Clean.lnk]
backup=c:\windows\pss\MRU-Blaster Silent Clean.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
2004-06-28 02:33 57344 ----a-w- c:\program files\SlySoft\CloneCD\CloneCDTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GBB36X Configure]
2006-06-02 08:46 385024 ----a-r- c:\windows\system32\JMRaidTool.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Quick Search Box]
2009-11-14 14:59 122880 ----a-w- c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2009-03-01 10:59 172792 ----a-w- c:\progra~1\ICQ6.5\ICQ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2004-10-13 16:24 1694208 ------w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
2007-03-23 12:20 227328 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2007-06-29 04:24 286720 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 10:04 2879488 ------r- c:\windows\SkyTel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpriteService]
2006-10-25 15:11 544768 ----a-w- c:\program files\Sprite Software\Sprite Backup\SpriteService.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2008-11-10 04:43 136600 ----a-w- c:\program files\Java\jre6\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-08-23 05:04 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2009-09-23 06:41 198160 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue SpeedUpMyPC]
2007-05-16 08:45 8975904 ----a-w- c:\program files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XI.SP2\\Win32\\RpcDataSrv.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XI.SP2\\RpcSandraSrv.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Sprite Software\\Sprite Backup\\SpriteService.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Foxit Software\\PDF Editor\\PDFEdit.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitdm.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitnet.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9420:TCP"= 9420:TCP:Red Swoosh
"5000:UDP"= 5000:UDP:Red Swoosh
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R0 PLFF;USB Flash Disk Driver;c:\windows\system32\drivers\plff.sys [14.4.2008 19:02 7040]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [31.10.2009 22:01 133064]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [31.10.2009 22:01 25160]
R1 HWiNFO32;HWiNFO32 Kernel Driver;c:\program files\HWiNFO32\HWiNFO32.SYS [1.1.2010 13:01 19064]
R1 hwinterface;hwinterface;c:\windows\system32\drivers\hwinterface.sys [2.1.2010 19:57 3026]
R1 UserPort;UserPort;c:\windows\system32\drivers\UserPort.sys [12.1.2007 20:35 4256]
R2 DLPortIO;DriverLINX Port I/O Driver;c:\windows\system32\drivers\DLPORTIO.sys [5.7.2005 23:19 3584]
R2 io.sys;IO.DLL Driver;c:\windows\system32\drivers\io.sys [21.3.2009 21:27 5152]
R2 IWPORT;IWPORT;c:\windows\system32\drivers\IWPORT.SYS [2.11.2001 8:21 7896]
R2 pardrv;pardrv;c:\windows\system32\drivers\pardrv.sys [7.1.2007 15:20 9728]
R2 STM Parallel Driver;STM Parallel Driver;c:\windows\system32\drivers\parstm.sys [1.6.2007 19:16 35040]
R2 SVKP;SVKP;c:\windows\system32\SVKP.sys [31.8.2008 13:01 2368]
R2 TVICHW32;TVICHW32;c:\windows\system32\drivers\TVicHW32.sys [29.11.2008 19:34 25040]
R3 dsnpfd;DeskSoft Service;c:\windows\system32\drivers\dsnpfd.sys [13.2.2009 9:47 26920]
S1 SSHDRV86;SSHDRV86;\??\c:\windows\system32\drivers\SSHDRV86.sys --> c:\windows\system32\drivers\SSHDRV86.sys [?]
S2 HOSTNT;HOSTNT; [x]
S3 BulkUsb;FABULK;c:\windows\system32\Drivers\FABulk.sys --> c:\windows\system32\Drivers\FABulk.sys [?]
S3 CTU2K;CTU2K.SYS CTU2K device driver;c:\windows\system32\drivers\CTU2K.sys [18.5.2007 15:24 24197]
S3 DMSHLP;Serial Monitor Helper Driver;c:\program files\Common Files\HHD Software\Device Monitor\DMSHLP.sys [2.6.2004 15:40 8240]
S3 gupdate1ca3c18986f9894;Služba Google Update (gupdate1ca3c18986f9894);c:\program files\Google\Update\GoogleUpdate.exe [23.9.2009 7:39 133104]
S3 MarkFun_NT;MarkFun_NT;c:\program files\GIGABYTE\ET5\MARKFUN.W32 [5.1.2007 9:24 6534]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [6.11.2009 10:17 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [6.11.2009 10:17 8320]
S3 Pg4uUSB;Elnec USB driver;c:\windows\system32\drivers\Pg4uusb.sys [7.1.2007 15:20 75776]
S3 ptiusbf;PTI USB Filter;c:\windows\system32\drivers\ptiusbf.sys [13.4.2001 23:22 22474]
S3 S5AS511;S5AS511;c:\windows\system32\drivers\S5AS511.SYS [26.4.2008 20:15 15360]
S3 S5MCD;S5MCD;c:\windows\system32\drivers\S5MCD.SYS [26.4.2008 20:15 188416]
S3 SerMon;Serial Monitor Filter Driver;c:\program files\HHD Software\Serial Monitor 2.0\SERMON.sys [2.6.2004 15:40 17920]
S3 tt;owonhdsusb.sys, Owon oscilloscope usb Driver;c:\windows\system32\drivers\owonhdsusb.sys [21.4.2006 21:03 59168]
S3 usb2vcom;USB Data Cable;c:\windows\system32\drivers\usb2vcom.sys [23.9.2007 9:41 28704]
S3 USTOR;U-Storage Controller;c:\windows\system32\drivers\UStork.sys [14.4.2008 19:04 20218]
S3 VESTAUSB;VESTAUSB.Sys VESTAUSB Bulk IO driver;c:\windows\system32\drivers\VESTAUSB.sys [9.1.2004 9:38 12928]
S4 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [21.12.2007 7:21 468224]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27.6.2007 16:08 639224]
.
Obsah adresáře 'Naplánované úlohy'
2010-01-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-23 06:39]
2010-01-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-23 06:39]
2009-04-06 c:\windows\Tasks\Uniblue SpeedUpMyPC Nag.job
- c:\program files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe [2008-09-08 08:45]
2008-09-08 c:\windows\Tasks\Uniblue SpeedUpMyPC.job
- c:\program files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe [2008-09-08 08:45]
2010-01-19 c:\windows\Tasks\User_Feed_Synchronization-{DEDB0CEB-7722-4DF7-855B-103E02D682C4}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Stáhnout pomocí USD - c:\documents and settings\Milan\Dokumenty\abritus\usd-4.2\USD_4.2\Ext\downloadie.html
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
Trusted Zone: servis24.cz\www
TCP: {78C6D486-019D-4E8E-AAC9-70656F6568B2} = 62.204.224.2,62.204.224.3,62.240.163.170
DPF: {E62A8B6B-D91C-457C-B1FB-20CC2D96B4EC} - hxxp://downloads.comodo.com/avs/ComodoAVScanner.cab
FF - ProfilePath - c:\documents and settings\Milan\Data aplikací\Mozilla\Firefox\Profiles\597qu841.default\
FF - component: c:\documents and settings\Milan\Data aplikací\Mozilla\Firefox\Profiles\597qu841.default\extensions\speedtest@gotomyhelp.com\components\NetDiag.dll
FF - component: c:\program files\Comodo\HopSurfToolbar\hopsurfext_ff3_5\components\hopsurf.dll
FF - component: c:\program files\Orbitdownloader\addons\OneClickYouTubeDownloader\components\GrabXpcom.dll
FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
MSConfigStartUp-PinnacleDriverCheck - c:\windows\system32\\PSDrvCheck.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-20 20:58
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\MarkFun_NT]
"ImagePath"="\??\c:\program files\Gigabyte\ET5\markfun.w32"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1715567821-1979792683-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1704)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(2576)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 6\PCSCM.dll
c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\program files\Microsoft Virtual PC\VPCShExH.DLL
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\COMODO\COMODO Internet Security\cmdagent.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\RTHDCPL.EXE
c:\program files\Microsoft ActiveSync\wcescomm.exe
c:\progra~1\MI3AA1~1\rapimgr.exe
c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
.
**************************************************************************
.
Celkový čas: 2010-01-20 21:04:56 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-01-20 20:04
ComboFix2.txt 2009-11-26 17:48
ComboFix3.txt 2009-03-28 09:09
Před spuštěním: 7 940 804 608
Po spuštění: 7 885 254 656
- - End Of File - - CFDF8987A581B949DEC31AA0C1A9118C
-
Rudy
- Site Admin
- Příspěvky: 119383
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nedokončí boot
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. Cf se spustí a vykoná příkaz ze skriptu.Driver::
HOSTNT
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nedokončí boot
Tak jsem se unáhlil. PC je stále zamrzlé při bootu. Ten teda naběhne, ale asi až po 15 minutách
a Comodo přitom dost žere výkon dvoujádra. To snad takhle nenažraný Comodo nebylo.
Zde je výpis z Combofixu po tom pročištění.
=====================================================
ComboFix 10-01-19.08 - Milan 21.01.2010 17:10:29.9.2 - x86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.3070.2765 [GMT 1:00]
Spuštěný z: c:\documents and settings\Milan\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Milan\Plocha\CFScript.txt
AV: COMODO Antivirus *On-access scanning enabled* (Updated) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
AV: ESET Smart Security 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_HOSTNT
-------\Service_HOSTNT
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-21 do 2010-01-21 )))))))))))))))))))))))))))))))
.
2010-01-20 08:43 . 2010-01-20 08:43 552 ----a-w- c:\windows\system32\d3d8caps.dat
2010-01-19 22:14 . 2010-01-19 22:14 -------- d-----w- c:\windows\system32\wbem\Repository
2010-01-18 20:20 . 2010-01-18 20:20 -------- d-----w- c:\program files\proDAD
2010-01-18 20:20 . 2010-01-19 22:13 -------- d-----w- c:\program files\LooksBuilderSE
2010-01-18 20:17 . 2010-01-18 20:18 -------- d-----w- c:\program files\Boris FX, Inc
2010-01-18 19:19 . 2010-01-18 19:19 -------- d-----w- c:\program files\Common Files\Pinnacle
2010-01-18 18:35 . 2010-01-18 18:35 -------- d-----w- c:\program files\Common Files\Yahoo!
2010-01-16 23:50 . 2010-01-16 23:50 -------- d-----w- c:\windows\Mobile Hardware Library
2010-01-16 23:50 . 2010-01-16 23:50 -------- d-----w- c:\program files\ESC
2010-01-16 23:50 . 2010-01-16 23:50 -------- d-----w- c:\program files\Mobile Hardware Library
2010-01-16 22:31 . 2010-01-16 22:31 -------- d-----w- c:\program files\NHL by blackattack
2010-01-08 22:49 . 2010-01-08 22:49 -------- d-----w- c:\program files\ReadManiac
2010-01-04 21:14 . 2010-01-04 21:14 -------- d-----w- c:\program files\Orbitdownloader
2010-01-04 20:41 . 2010-01-06 18:53 475136 ------w- c:\windows\Setup1.exe
2010-01-04 19:51 . 1999-11-22 22:15 77824 ----a-w- c:\windows\system32\ODBCTL32.dll
2010-01-04 19:51 . 2010-01-04 19:51 -------- d-----w- c:\windows\landi ext
2010-01-03 20:09 . 2010-01-03 20:09 295424 ----a-w- c:\windows\system32\bwmedia1.dll
2010-01-03 20:09 . 2010-01-03 20:09 150016 ----a-w- c:\windows\system32\bwmedia.dll
2010-01-03 10:22 . 2010-01-03 10:32 -------- d-----w- c:\program files\USBview
2010-01-02 21:43 . 2010-01-02 21:50 -------- d-----w- c:\program files\Emulator java
2010-01-02 19:21 . 1996-08-21 11:13 27136 ----a-w- c:\windows\system32\drivers\Ctl3d32.dll
2010-01-02 19:21 . 2010-01-02 19:21 -------- d-----w- c:\program files\DLPortIO
2010-01-02 18:57 . 2010-01-02 18:57 3026 ----a-w- c:\windows\system32\drivers\hwinterface.sys
2010-01-01 12:09 . 2010-01-01 12:09 -------- d-----w- c:\program files\GRETECH
2010-01-01 12:01 . 2010-01-01 12:01 -------- d-----w- c:\program files\HWiNFO32
2010-01-01 11:24 . 2010-01-01 11:24 -------- d-----w- c:\program files\Combined Community Codec Pack
2010-01-01 11:01 . 2010-01-01 11:17 -------- d-----w- c:\program files\MSECache
2009-12-31 21:31 . 2009-12-31 21:32 -------- d-----w- c:\program files\LCD smartie
2009-12-27 19:46 . 2007-05-16 15:45 3497832 ----a-w- c:\windows\system32\d3dx9_34.dll
2009-12-26 22:58 . 2009-12-26 22:58 -------- d-----w- c:\program files\vmt
2009-12-26 22:13 . 2009-12-26 22:25 4716 ----a-w- c:\windows\gdrv.sys
2009-12-23 21:24 . 2009-12-23 21:24 -------- d-----w- c:\program files\McAfee Security Scan
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-19 21:49 . 2006-03-02 12:00 82372 ----a-w- c:\windows\system32\perfc005.dat
2010-01-19 21:49 . 2006-03-02 12:00 437558 ----a-w- c:\windows\system32\perfh005.dat
2010-01-19 16:39 . 2009-01-05 21:43 -------- d-----w- c:\program files\RSL
2010-01-18 20:17 . 2007-01-05 08:14 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-18 20:17 . 2007-01-27 18:55 -------- d-----w- c:\program files\Pinnacle
2010-01-10 10:09 . 2007-12-25 21:25 -------- d-----w- c:\program files\SpeedFan
2010-01-06 18:53 . 2008-04-14 17:24 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-12-30 14:27 . 2009-10-31 21:13 1474832 ----a-w- c:\windows\system32\drivers\sfi.dat
2009-12-29 00:42 . 2009-03-10 07:14 -------- d-----w- c:\program files\ICQ6.5
2009-12-26 22:20 . 2007-01-13 19:37 -------- d-----w- c:\program files\CPUz
2009-12-26 22:14 . 2007-01-05 08:14 -------- d-----w- c:\program files\GIGABYTE
2009-12-11 22:10 . 2009-12-11 22:09 -------- d-----w- c:\program files\DATA_EXPLORER_MANAGER
2009-12-10 21:07 . 2008-11-19 12:02 -------- d-----w- c:\program files\yBook
2009-12-03 07:54 . 2008-05-13 19:13 33824 ----a-w- c:\windows\system32\drivers\oreans32.sys
2009-12-01 11:19 . 2009-12-01 11:19 -------- d-----w- c:\program files\Spellit
2009-11-29 09:19 . 2009-11-26 21:00 -------- d-----w- c:\program files\WinXP Manager
2009-11-27 17:44 . 2009-11-27 17:44 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-11-26 19:51 . 2009-10-31 21:01 171552 ----a-w- c:\windows\system32\guard32.dll
2009-11-26 19:51 . 2009-10-31 21:01 133064 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2009-11-21 16:46 . 2006-03-02 12:00 470528 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-18 07:14 . 2009-10-31 21:01 87104 ----a-w- c:\windows\system32\drivers\inspect.sys
2009-11-18 07:14 . 2009-10-31 21:01 25160 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2009-11-09 15:25 . 2007-01-07 14:20 75776 ----a-w- c:\windows\system32\drivers\Pg4uusb.sys
2009-10-29 07:43 . 2006-03-02 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-08-23 07:52 . 2009-08-23 07:52 0 ----a-w- c:\program files\uziv.dat
2009-02-08 14:01 . 2009-02-08 14:01 5 ----a-w- c:\program files\trl.trl
2008-09-29 19:52 . 2008-09-29 19:52 18 ----a-w- c:\program files\XP Repair Pro 2007ERR_Item1-9-29-2008_21-52-25_9052089.dnp
2008-09-29 19:52 . 2008-09-29 19:52 18 ----a-w- c:\program files\XP Repair Pro 2007ERR_Item1-9-29-2008_21-52-12_2967885.dnp
2008-09-29 19:51 . 2008-09-29 19:51 18 ----a-w- c:\program files\XP Repair Pro 2007ERR_Item1-9-29-2008_21-51-57_6435778.dnp
2008-09-29 19:51 . 2008-09-29 19:51 18 ----a-w- c:\program files\XP Repair Pro 2007ERR_Item1-9-29-2008_21-51-29_2636282.dnp
2008-08-21 19:03 . 2008-08-21 19:03 18 ----a-w- c:\program files\XP Repair Pro 2007ERR_Item0-8-21-2008_21-3-7_4559656.dnp
2004-01-08 10:38 . 2008-02-20 19:23 208896 ----a-w- c:\program files\lame_enc.dll
2001-05-23 13:27 . 2001-05-23 13:27 78730 ----a-w- c:\program files\pcs5easy.htm
2001-05-23 10:25 . 2001-05-23 10:25 900 ----a-w- c:\program files\updateinfo.htm
2001-05-23 09:18 . 2001-05-23 09:18 3735 ----a-w- c:\program files\version.htm
2001-05-23 08:56 . 2001-05-23 08:56 5246 ----a-w- c:\program files\start.htm
2001-02-20 14:36 . 2001-02-20 14:36 44134 ----a-w- c:\program files\oem.bmp
2001-01-25 10:01 . 2001-01-25 10:01 2191 ----a-w- c:\program files\CHANGES.TXT
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotkeyP"="c:\documents and settings\Milan\Dokumenty\u\HotkeyP.exe" [2008-07-15 65536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-05-27 16208384]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"DU Meter"="c:\program files\DU Meter\DUMeter.exe" [2006-12-01 1583644]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-03-01 1443072]
"COMODO livePCsupport"="c:\program files\COMODO\livePCsupport\ELPS.exe" [2009-05-08 689416]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2009-11-18 1800464]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-02 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2005-10-9 610365]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan.lnk
backup=c:\windows\pss\McAfee Security Scan.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Milan^Nabídka Start^Programy^Po spuštění^MRU-Blaster Silent Clean.lnk]
backup=c:\windows\pss\MRU-Blaster Silent Clean.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
2004-06-28 02:33 57344 ----a-w- c:\program files\SlySoft\CloneCD\CloneCDTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GBB36X Configure]
2006-06-02 08:46 385024 ----a-r- c:\windows\system32\JMRaidTool.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Quick Search Box]
2009-11-14 14:59 122880 ----a-w- c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2009-03-01 10:59 172792 ----a-w- c:\progra~1\ICQ6.5\ICQ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2004-10-13 16:24 1694208 ------w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
2007-03-23 12:20 227328 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2007-06-29 04:24 286720 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 10:04 2879488 ------r- c:\windows\SkyTel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpriteService]
2006-10-25 15:11 544768 ----a-w- c:\program files\Sprite Software\Sprite Backup\SpriteService.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2008-11-10 04:43 136600 ----a-w- c:\program files\Java\jre6\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-08-23 05:04 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2009-09-23 06:41 198160 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue SpeedUpMyPC]
2007-05-16 08:45 8975904 ----a-w- c:\program files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XI.SP2\\Win32\\RpcDataSrv.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XI.SP2\\RpcSandraSrv.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Sprite Software\\Sprite Backup\\SpriteService.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Foxit Software\\PDF Editor\\PDFEdit.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitdm.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitnet.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9420:TCP"= 9420:TCP:Red Swoosh
"5000:UDP"= 5000:UDP:Red Swoosh
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R0 PLFF;USB Flash Disk Driver;c:\windows\system32\drivers\plff.sys [14.4.2008 19:02 7040]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [31.10.2009 22:01 133064]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [31.10.2009 22:01 25160]
S1 HWiNFO32;HWiNFO32 Kernel Driver;c:\program files\HWiNFO32\HWiNFO32.SYS [1.1.2010 13:01 19064]
S1 hwinterface;hwinterface;c:\windows\system32\drivers\hwinterface.sys [2.1.2010 19:57 3026]
S1 SSHDRV86;SSHDRV86;\??\c:\windows\system32\drivers\SSHDRV86.sys --> c:\windows\system32\drivers\SSHDRV86.sys [?]
S1 UserPort;UserPort;c:\windows\system32\drivers\UserPort.sys [12.1.2007 20:35 4256]
S2 DLPortIO;DriverLINX Port I/O Driver;c:\windows\system32\drivers\DLPORTIO.sys [5.7.2005 23:19 3584]
S2 io.sys;IO.DLL Driver;c:\windows\system32\drivers\io.sys [21.3.2009 21:27 5152]
S2 IWPORT;IWPORT;c:\windows\system32\drivers\IWPORT.SYS [2.11.2001 8:21 7896]
S2 pardrv;pardrv;c:\windows\system32\drivers\pardrv.sys [7.1.2007 15:20 9728]
S2 STM Parallel Driver;STM Parallel Driver;c:\windows\system32\drivers\parstm.sys [1.6.2007 19:16 35040]
S2 SVKP;SVKP;c:\windows\system32\SVKP.sys [31.8.2008 13:01 2368]
S2 TVICHW32;TVICHW32;c:\windows\system32\drivers\TVicHW32.sys [29.11.2008 19:34 25040]
S3 BulkUsb;FABULK;c:\windows\system32\Drivers\FABulk.sys --> c:\windows\system32\Drivers\FABulk.sys [?]
S3 CTU2K;CTU2K.SYS CTU2K device driver;c:\windows\system32\drivers\CTU2K.sys [18.5.2007 15:24 24197]
S3 DMSHLP;Serial Monitor Helper Driver;c:\program files\Common Files\HHD Software\Device Monitor\DMSHLP.sys [2.6.2004 15:40 8240]
S3 dsnpfd;DeskSoft Service;c:\windows\system32\drivers\dsnpfd.sys [13.2.2009 9:47 26920]
S3 FTD2XX;VAGUSB.sys VAG-Com USB driver;c:\windows\system32\drivers\VAGUSB.sys [18.5.2007 15:11 25596]
S3 gupdate1ca3c18986f9894;Služba Google Update (gupdate1ca3c18986f9894);c:\program files\Google\Update\GoogleUpdate.exe [23.9.2009 7:39 133104]
S3 MarkFun_NT;MarkFun_NT;c:\program files\GIGABYTE\ET5\MARKFUN.W32 [5.1.2007 9:24 6534]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [6.11.2009 10:17 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [6.11.2009 10:17 8320]
S3 ntportio;ntportio;\??\o:\!mobil98\!Mobil\!sonyericson\ok semc 22\ntportio.sys --> o:\!mobil98\!Mobil\!sonyericson\ok semc 22\ntportio.sys [?]
S3 ptiusbf;PTI USB Filter;c:\windows\system32\drivers\ptiusbf.sys [13.4.2001 23:22 22474]
S3 S5AS511;S5AS511;c:\windows\system32\drivers\S5AS511.SYS [26.4.2008 20:15 15360]
S3 S5MCD;S5MCD;c:\windows\system32\drivers\S5MCD.SYS [26.4.2008 20:15 188416]
S3 SerMon;Serial Monitor Filter Driver;c:\program files\HHD Software\Serial Monitor 2.0\SERMON.sys [2.6.2004 15:40 17920]
S3 tt;owonhdsusb.sys, Owon oscilloscope usb Driver;c:\windows\system32\drivers\owonhdsusb.sys [21.4.2006 21:03 59168]
S3 usb2vcom;USB Data Cable;c:\windows\system32\drivers\usb2vcom.sys [23.9.2007 9:41 28704]
S3 USTOR;U-Storage Controller;c:\windows\system32\drivers\UStork.sys [14.4.2008 19:04 20218]
S3 VESTAUSB;VESTAUSB.Sys VESTAUSB Bulk IO driver;c:\windows\system32\drivers\VESTAUSB.sys [9.1.2004 9:38 12928]
S4 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [21.12.2007 7:21 468224]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27.6.2007 16:08 639224]
.
Obsah adresáře 'Naplánované úlohy'
2010-01-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-23 06:39]
2010-01-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-23 06:39]
2009-04-06 c:\windows\Tasks\Uniblue SpeedUpMyPC Nag.job
- c:\program files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe [2008-09-08 08:45]
2008-09-08 c:\windows\Tasks\Uniblue SpeedUpMyPC.job
- c:\program files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe [2008-09-08 08:45]
2010-01-19 c:\windows\Tasks\User_Feed_Synchronization-{DEDB0CEB-7722-4DF7-855B-103E02D682C4}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Stáhnout pomocí USD - c:\documents and settings\Milan\Dokumenty\abritus\usd-4.2\USD_4.2\Ext\downloadie.html
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
Trusted Zone: servis24.cz\www
TCP: {78C6D486-019D-4E8E-AAC9-70656F6568B2} = 62.204.224.2,62.204.224.3,62.240.163.170
DPF: {E62A8B6B-D91C-457C-B1FB-20CC2D96B4EC} - hxxp://downloads.comodo.com/avs/ComodoAVScanner.cab
FF - ProfilePath - c:\documents and settings\Milan\Data aplikací\Mozilla\Firefox\Profiles\597qu841.default\
FF - component: c:\documents and settings\Milan\Data aplikací\Mozilla\Firefox\Profiles\597qu841.default\extensions\speedtest@gotomyhelp.com\components\NetDiag.dll
FF - component: c:\program files\Comodo\HopSurfToolbar\hopsurfext_ff3_5\components\hopsurf.dll
FF - component: c:\program files\Orbitdownloader\addons\OneClickYouTubeDownloader\components\GrabXpcom.dll
FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-21 17:22
Windows 5.1.2600 Service Pack 2 NTFS
detected NTDLL code modification:
ZwClose, ZwOpenFile
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\MarkFun_NT]
"ImagePath"="\??\c:\program files\Gigabyte\ET5\markfun.w32"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1715567821-1979792683-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(268)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2010-01-21 17:25:10
ComboFix-quarantined-files.txt 2010-01-21 16:25
ComboFix2.txt 2010-01-20 21:23
ComboFix3.txt 2010-01-20 20:04
ComboFix4.txt 2009-11-26 17:48
ComboFix5.txt 2010-01-20 21:48
Před spuštěním: 7 874 260 992
Po spuštění: 7 824 683 008
- - End Of File - - 334780E6CB0686AC30A3E696F858E7C1
a Comodo přitom dost žere výkon dvoujádra. To snad takhle nenažraný Comodo nebylo.
Zde je výpis z Combofixu po tom pročištění.
=====================================================
ComboFix 10-01-19.08 - Milan 21.01.2010 17:10:29.9.2 - x86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.3070.2765 [GMT 1:00]
Spuštěný z: c:\documents and settings\Milan\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Milan\Plocha\CFScript.txt
AV: COMODO Antivirus *On-access scanning enabled* (Updated) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
AV: ESET Smart Security 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_HOSTNT
-------\Service_HOSTNT
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-21 do 2010-01-21 )))))))))))))))))))))))))))))))
.
2010-01-20 08:43 . 2010-01-20 08:43 552 ----a-w- c:\windows\system32\d3d8caps.dat
2010-01-19 22:14 . 2010-01-19 22:14 -------- d-----w- c:\windows\system32\wbem\Repository
2010-01-18 20:20 . 2010-01-18 20:20 -------- d-----w- c:\program files\proDAD
2010-01-18 20:20 . 2010-01-19 22:13 -------- d-----w- c:\program files\LooksBuilderSE
2010-01-18 20:17 . 2010-01-18 20:18 -------- d-----w- c:\program files\Boris FX, Inc
2010-01-18 19:19 . 2010-01-18 19:19 -------- d-----w- c:\program files\Common Files\Pinnacle
2010-01-18 18:35 . 2010-01-18 18:35 -------- d-----w- c:\program files\Common Files\Yahoo!
2010-01-16 23:50 . 2010-01-16 23:50 -------- d-----w- c:\windows\Mobile Hardware Library
2010-01-16 23:50 . 2010-01-16 23:50 -------- d-----w- c:\program files\ESC
2010-01-16 23:50 . 2010-01-16 23:50 -------- d-----w- c:\program files\Mobile Hardware Library
2010-01-16 22:31 . 2010-01-16 22:31 -------- d-----w- c:\program files\NHL by blackattack
2010-01-08 22:49 . 2010-01-08 22:49 -------- d-----w- c:\program files\ReadManiac
2010-01-04 21:14 . 2010-01-04 21:14 -------- d-----w- c:\program files\Orbitdownloader
2010-01-04 20:41 . 2010-01-06 18:53 475136 ------w- c:\windows\Setup1.exe
2010-01-04 19:51 . 1999-11-22 22:15 77824 ----a-w- c:\windows\system32\ODBCTL32.dll
2010-01-04 19:51 . 2010-01-04 19:51 -------- d-----w- c:\windows\landi ext
2010-01-03 20:09 . 2010-01-03 20:09 295424 ----a-w- c:\windows\system32\bwmedia1.dll
2010-01-03 20:09 . 2010-01-03 20:09 150016 ----a-w- c:\windows\system32\bwmedia.dll
2010-01-03 10:22 . 2010-01-03 10:32 -------- d-----w- c:\program files\USBview
2010-01-02 21:43 . 2010-01-02 21:50 -------- d-----w- c:\program files\Emulator java
2010-01-02 19:21 . 1996-08-21 11:13 27136 ----a-w- c:\windows\system32\drivers\Ctl3d32.dll
2010-01-02 19:21 . 2010-01-02 19:21 -------- d-----w- c:\program files\DLPortIO
2010-01-02 18:57 . 2010-01-02 18:57 3026 ----a-w- c:\windows\system32\drivers\hwinterface.sys
2010-01-01 12:09 . 2010-01-01 12:09 -------- d-----w- c:\program files\GRETECH
2010-01-01 12:01 . 2010-01-01 12:01 -------- d-----w- c:\program files\HWiNFO32
2010-01-01 11:24 . 2010-01-01 11:24 -------- d-----w- c:\program files\Combined Community Codec Pack
2010-01-01 11:01 . 2010-01-01 11:17 -------- d-----w- c:\program files\MSECache
2009-12-31 21:31 . 2009-12-31 21:32 -------- d-----w- c:\program files\LCD smartie
2009-12-27 19:46 . 2007-05-16 15:45 3497832 ----a-w- c:\windows\system32\d3dx9_34.dll
2009-12-26 22:58 . 2009-12-26 22:58 -------- d-----w- c:\program files\vmt
2009-12-26 22:13 . 2009-12-26 22:25 4716 ----a-w- c:\windows\gdrv.sys
2009-12-23 21:24 . 2009-12-23 21:24 -------- d-----w- c:\program files\McAfee Security Scan
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-19 21:49 . 2006-03-02 12:00 82372 ----a-w- c:\windows\system32\perfc005.dat
2010-01-19 21:49 . 2006-03-02 12:00 437558 ----a-w- c:\windows\system32\perfh005.dat
2010-01-19 16:39 . 2009-01-05 21:43 -------- d-----w- c:\program files\RSL
2010-01-18 20:17 . 2007-01-05 08:14 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-18 20:17 . 2007-01-27 18:55 -------- d-----w- c:\program files\Pinnacle
2010-01-10 10:09 . 2007-12-25 21:25 -------- d-----w- c:\program files\SpeedFan
2010-01-06 18:53 . 2008-04-14 17:24 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-12-30 14:27 . 2009-10-31 21:13 1474832 ----a-w- c:\windows\system32\drivers\sfi.dat
2009-12-29 00:42 . 2009-03-10 07:14 -------- d-----w- c:\program files\ICQ6.5
2009-12-26 22:20 . 2007-01-13 19:37 -------- d-----w- c:\program files\CPUz
2009-12-26 22:14 . 2007-01-05 08:14 -------- d-----w- c:\program files\GIGABYTE
2009-12-11 22:10 . 2009-12-11 22:09 -------- d-----w- c:\program files\DATA_EXPLORER_MANAGER
2009-12-10 21:07 . 2008-11-19 12:02 -------- d-----w- c:\program files\yBook
2009-12-03 07:54 . 2008-05-13 19:13 33824 ----a-w- c:\windows\system32\drivers\oreans32.sys
2009-12-01 11:19 . 2009-12-01 11:19 -------- d-----w- c:\program files\Spellit
2009-11-29 09:19 . 2009-11-26 21:00 -------- d-----w- c:\program files\WinXP Manager
2009-11-27 17:44 . 2009-11-27 17:44 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-11-26 19:51 . 2009-10-31 21:01 171552 ----a-w- c:\windows\system32\guard32.dll
2009-11-26 19:51 . 2009-10-31 21:01 133064 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2009-11-21 16:46 . 2006-03-02 12:00 470528 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-18 07:14 . 2009-10-31 21:01 87104 ----a-w- c:\windows\system32\drivers\inspect.sys
2009-11-18 07:14 . 2009-10-31 21:01 25160 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2009-11-09 15:25 . 2007-01-07 14:20 75776 ----a-w- c:\windows\system32\drivers\Pg4uusb.sys
2009-10-29 07:43 . 2006-03-02 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-08-23 07:52 . 2009-08-23 07:52 0 ----a-w- c:\program files\uziv.dat
2009-02-08 14:01 . 2009-02-08 14:01 5 ----a-w- c:\program files\trl.trl
2008-09-29 19:52 . 2008-09-29 19:52 18 ----a-w- c:\program files\XP Repair Pro 2007ERR_Item1-9-29-2008_21-52-25_9052089.dnp
2008-09-29 19:52 . 2008-09-29 19:52 18 ----a-w- c:\program files\XP Repair Pro 2007ERR_Item1-9-29-2008_21-52-12_2967885.dnp
2008-09-29 19:51 . 2008-09-29 19:51 18 ----a-w- c:\program files\XP Repair Pro 2007ERR_Item1-9-29-2008_21-51-57_6435778.dnp
2008-09-29 19:51 . 2008-09-29 19:51 18 ----a-w- c:\program files\XP Repair Pro 2007ERR_Item1-9-29-2008_21-51-29_2636282.dnp
2008-08-21 19:03 . 2008-08-21 19:03 18 ----a-w- c:\program files\XP Repair Pro 2007ERR_Item0-8-21-2008_21-3-7_4559656.dnp
2004-01-08 10:38 . 2008-02-20 19:23 208896 ----a-w- c:\program files\lame_enc.dll
2001-05-23 13:27 . 2001-05-23 13:27 78730 ----a-w- c:\program files\pcs5easy.htm
2001-05-23 10:25 . 2001-05-23 10:25 900 ----a-w- c:\program files\updateinfo.htm
2001-05-23 09:18 . 2001-05-23 09:18 3735 ----a-w- c:\program files\version.htm
2001-05-23 08:56 . 2001-05-23 08:56 5246 ----a-w- c:\program files\start.htm
2001-02-20 14:36 . 2001-02-20 14:36 44134 ----a-w- c:\program files\oem.bmp
2001-01-25 10:01 . 2001-01-25 10:01 2191 ----a-w- c:\program files\CHANGES.TXT
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotkeyP"="c:\documents and settings\Milan\Dokumenty\u\HotkeyP.exe" [2008-07-15 65536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-05-27 16208384]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"DU Meter"="c:\program files\DU Meter\DUMeter.exe" [2006-12-01 1583644]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-03-01 1443072]
"COMODO livePCsupport"="c:\program files\COMODO\livePCsupport\ELPS.exe" [2009-05-08 689416]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2009-11-18 1800464]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-02 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2005-10-9 610365]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan.lnk
backup=c:\windows\pss\McAfee Security Scan.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Milan^Nabídka Start^Programy^Po spuštění^MRU-Blaster Silent Clean.lnk]
backup=c:\windows\pss\MRU-Blaster Silent Clean.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
2004-06-28 02:33 57344 ----a-w- c:\program files\SlySoft\CloneCD\CloneCDTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GBB36X Configure]
2006-06-02 08:46 385024 ----a-r- c:\windows\system32\JMRaidTool.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Quick Search Box]
2009-11-14 14:59 122880 ----a-w- c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2009-03-01 10:59 172792 ----a-w- c:\progra~1\ICQ6.5\ICQ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2004-10-13 16:24 1694208 ------w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
2007-03-23 12:20 227328 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2007-06-29 04:24 286720 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 10:04 2879488 ------r- c:\windows\SkyTel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpriteService]
2006-10-25 15:11 544768 ----a-w- c:\program files\Sprite Software\Sprite Backup\SpriteService.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2008-11-10 04:43 136600 ----a-w- c:\program files\Java\jre6\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-08-23 05:04 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2009-09-23 06:41 198160 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue SpeedUpMyPC]
2007-05-16 08:45 8975904 ----a-w- c:\program files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XI.SP2\\Win32\\RpcDataSrv.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XI.SP2\\RpcSandraSrv.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Sprite Software\\Sprite Backup\\SpriteService.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Foxit Software\\PDF Editor\\PDFEdit.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitdm.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitnet.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9420:TCP"= 9420:TCP:Red Swoosh
"5000:UDP"= 5000:UDP:Red Swoosh
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R0 PLFF;USB Flash Disk Driver;c:\windows\system32\drivers\plff.sys [14.4.2008 19:02 7040]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [31.10.2009 22:01 133064]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [31.10.2009 22:01 25160]
S1 HWiNFO32;HWiNFO32 Kernel Driver;c:\program files\HWiNFO32\HWiNFO32.SYS [1.1.2010 13:01 19064]
S1 hwinterface;hwinterface;c:\windows\system32\drivers\hwinterface.sys [2.1.2010 19:57 3026]
S1 SSHDRV86;SSHDRV86;\??\c:\windows\system32\drivers\SSHDRV86.sys --> c:\windows\system32\drivers\SSHDRV86.sys [?]
S1 UserPort;UserPort;c:\windows\system32\drivers\UserPort.sys [12.1.2007 20:35 4256]
S2 DLPortIO;DriverLINX Port I/O Driver;c:\windows\system32\drivers\DLPORTIO.sys [5.7.2005 23:19 3584]
S2 io.sys;IO.DLL Driver;c:\windows\system32\drivers\io.sys [21.3.2009 21:27 5152]
S2 IWPORT;IWPORT;c:\windows\system32\drivers\IWPORT.SYS [2.11.2001 8:21 7896]
S2 pardrv;pardrv;c:\windows\system32\drivers\pardrv.sys [7.1.2007 15:20 9728]
S2 STM Parallel Driver;STM Parallel Driver;c:\windows\system32\drivers\parstm.sys [1.6.2007 19:16 35040]
S2 SVKP;SVKP;c:\windows\system32\SVKP.sys [31.8.2008 13:01 2368]
S2 TVICHW32;TVICHW32;c:\windows\system32\drivers\TVicHW32.sys [29.11.2008 19:34 25040]
S3 BulkUsb;FABULK;c:\windows\system32\Drivers\FABulk.sys --> c:\windows\system32\Drivers\FABulk.sys [?]
S3 CTU2K;CTU2K.SYS CTU2K device driver;c:\windows\system32\drivers\CTU2K.sys [18.5.2007 15:24 24197]
S3 DMSHLP;Serial Monitor Helper Driver;c:\program files\Common Files\HHD Software\Device Monitor\DMSHLP.sys [2.6.2004 15:40 8240]
S3 dsnpfd;DeskSoft Service;c:\windows\system32\drivers\dsnpfd.sys [13.2.2009 9:47 26920]
S3 FTD2XX;VAGUSB.sys VAG-Com USB driver;c:\windows\system32\drivers\VAGUSB.sys [18.5.2007 15:11 25596]
S3 gupdate1ca3c18986f9894;Služba Google Update (gupdate1ca3c18986f9894);c:\program files\Google\Update\GoogleUpdate.exe [23.9.2009 7:39 133104]
S3 MarkFun_NT;MarkFun_NT;c:\program files\GIGABYTE\ET5\MARKFUN.W32 [5.1.2007 9:24 6534]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [6.11.2009 10:17 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [6.11.2009 10:17 8320]
S3 ntportio;ntportio;\??\o:\!mobil98\!Mobil\!sonyericson\ok semc 22\ntportio.sys --> o:\!mobil98\!Mobil\!sonyericson\ok semc 22\ntportio.sys [?]
S3 ptiusbf;PTI USB Filter;c:\windows\system32\drivers\ptiusbf.sys [13.4.2001 23:22 22474]
S3 S5AS511;S5AS511;c:\windows\system32\drivers\S5AS511.SYS [26.4.2008 20:15 15360]
S3 S5MCD;S5MCD;c:\windows\system32\drivers\S5MCD.SYS [26.4.2008 20:15 188416]
S3 SerMon;Serial Monitor Filter Driver;c:\program files\HHD Software\Serial Monitor 2.0\SERMON.sys [2.6.2004 15:40 17920]
S3 tt;owonhdsusb.sys, Owon oscilloscope usb Driver;c:\windows\system32\drivers\owonhdsusb.sys [21.4.2006 21:03 59168]
S3 usb2vcom;USB Data Cable;c:\windows\system32\drivers\usb2vcom.sys [23.9.2007 9:41 28704]
S3 USTOR;U-Storage Controller;c:\windows\system32\drivers\UStork.sys [14.4.2008 19:04 20218]
S3 VESTAUSB;VESTAUSB.Sys VESTAUSB Bulk IO driver;c:\windows\system32\drivers\VESTAUSB.sys [9.1.2004 9:38 12928]
S4 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [21.12.2007 7:21 468224]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27.6.2007 16:08 639224]
.
Obsah adresáře 'Naplánované úlohy'
2010-01-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-23 06:39]
2010-01-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-23 06:39]
2009-04-06 c:\windows\Tasks\Uniblue SpeedUpMyPC Nag.job
- c:\program files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe [2008-09-08 08:45]
2008-09-08 c:\windows\Tasks\Uniblue SpeedUpMyPC.job
- c:\program files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe [2008-09-08 08:45]
2010-01-19 c:\windows\Tasks\User_Feed_Synchronization-{DEDB0CEB-7722-4DF7-855B-103E02D682C4}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Stáhnout pomocí USD - c:\documents and settings\Milan\Dokumenty\abritus\usd-4.2\USD_4.2\Ext\downloadie.html
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
Trusted Zone: servis24.cz\www
TCP: {78C6D486-019D-4E8E-AAC9-70656F6568B2} = 62.204.224.2,62.204.224.3,62.240.163.170
DPF: {E62A8B6B-D91C-457C-B1FB-20CC2D96B4EC} - hxxp://downloads.comodo.com/avs/ComodoAVScanner.cab
FF - ProfilePath - c:\documents and settings\Milan\Data aplikací\Mozilla\Firefox\Profiles\597qu841.default\
FF - component: c:\documents and settings\Milan\Data aplikací\Mozilla\Firefox\Profiles\597qu841.default\extensions\speedtest@gotomyhelp.com\components\NetDiag.dll
FF - component: c:\program files\Comodo\HopSurfToolbar\hopsurfext_ff3_5\components\hopsurf.dll
FF - component: c:\program files\Orbitdownloader\addons\OneClickYouTubeDownloader\components\GrabXpcom.dll
FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-21 17:22
Windows 5.1.2600 Service Pack 2 NTFS
detected NTDLL code modification:
ZwClose, ZwOpenFile
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\MarkFun_NT]
"ImagePath"="\??\c:\program files\Gigabyte\ET5\markfun.w32"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1715567821-1979792683-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(268)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2010-01-21 17:25:10
ComboFix-quarantined-files.txt 2010-01-21 16:25
ComboFix2.txt 2010-01-20 21:23
ComboFix3.txt 2010-01-20 20:04
ComboFix4.txt 2009-11-26 17:48
ComboFix5.txt 2010-01-20 21:48
Před spuštěním: 7 874 260 992
Po spuštění: 7 824 683 008
- - End Of File - - 334780E6CB0686AC30A3E696F858E7C1
-
Rudy
- Site Admin
- Příspěvky: 119383
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nedokončí boot
Log již vypadá čistý. Comodo na zkoušku vypněte, příp. reinstalujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nedokončí boot
Tak po reinstalu Comodo je to o dost lepší. Díky moc za pomoc.
-
Rudy
- Site Admin
- Příspěvky: 119383
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nedokončí boot
Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?