Ve hře se po určité době PC vypne
Log:
Logfile of random's system information tool 1.06 (written by random/random)
Run by domac at 2010-03-04 07:08:38
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 11 GB (5%) free of 238 GB
Total RAM: 3071 MB (77% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:08:49, on 4.3.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\PROGRA~1\MI3AA1~1\wcescomm.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\VentSrv\ventrilo_svc.exe
C:\Program Files\VentSrv\ventrilo_srv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\MSI\PC Alert 4\PCAlert4.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\domac\Plocha\RSIT.exe
C:\Documents and Settings\domac\Plocha\domac.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O1 - Hosts: 88.86.107.55 L2authd.lineage2.com
O1 - Hosts: 88.86.107.55 L2testauthd.lineage2.com
O1 - Hosts: 88.86.107.55 nprotect.lineage2.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [eurobattlegui] "L:\Warcraft III\eb.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MI3AA1~1\wcescomm.exe"
O4 - HKCU\..\Run: [SmileyApp] C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\stbapp.exe
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
O4 - Global Startup: McAfee Security Scan.lnk = ?
O4 - Global Startup: PC Alert 4.lnk = C:\Program Files\MSI\PC Alert 4\StartPCAlert4.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O15 - Trusted Zone: http://www.msi.com.tw
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 6686405392
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/L ... nstall.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Dragon Age: Prameny - aktualizace obsahu (DAUpdaterSvc) - BioWare - C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: Služba Google Update (gupdate1ca017969c452e8) (gupdate1ca017969c452e8) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Ventrilo - Unknown owner - C:\Program Files\VentSrv\ventrilo_svc.exe
--
End of file - 12281 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\SDMsgUpdate (TE).job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-07-10 312928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-09-10 761840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-25 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2009-10-19 1345336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-12-09 958200]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-04-23 937416]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2009-10-19 1345336]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-04-10 16861184]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-06-10 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-06-10 13758464]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-07-10 198160]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"eurobattlegui"=L:\Warcraft III\eb.exe []
"SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe [2009-10-20 111928]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-05-16 153136]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
"H/PC Connection Agent"=C:\PROGRA~1\MI3AA1~1\wcescomm.exe [2006-11-13 1289000]
"SmileyApp"=C:\Program Files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\stbapp.exe []
"RGSC"=C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-09-10 39408]
"PlayNC Launcher"= []
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
McAfee Security Scan.lnk - C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
PC Alert 4.lnk - C:\Program Files\MSI\PC Alert 4\StartPCAlert4.exe
C:\Documents and Settings\domac\Nabídka Start\Programy\Po spuštění
hamachi.lnk - C:\Program Files\Hamachi\hamachi.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2008-04-28 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"F:\Activision\Call of Duty 2\CoD2MP_s.exe"="F:\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"F:\wolfenstein\ET.exe"="F:\wolfenstein\ET.exe:*:Enabled:ET"
"F:\World of the warcraft full set\World of Warcraft\Launcher.exe"="F:\World of the warcraft full set\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"F:\Warcraft III\war3.exe"="F:\Warcraft III\war3.exe:*:Enabled:Warcraft III"
"E:\HRY\World of Warcraft\Launcher.exe"="E:\HRY\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"E:\HRY\World of Warcraft\WoW-3.0.9.9551-to-3.1.0.9767-enUS-downloader.exe"="E:\HRY\World of Warcraft\WoW-3.0.9.9551-to-3.1.0.9767-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe"="C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime"
"F:\Valve\hl.exe"="F:\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"E:\HRY\World of Warcraft\WoW-3.1.1.9835-to-3.1.2.9901-enUS-downloader.exe"="E:\HRY\World of Warcraft\WoW-3.1.1.9835-to-3.1.2.9901-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"H:\Activision\Call of Duty 2\CoD2MP_s.exe"="H:\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"H:\wolfenstein\ET.exe"="H:\wolfenstein\ET.exe:*:Enabled:ET"
"C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe:*:Enabled:umi"
"L:\Warcraft III\war3.exe"="L:\Warcraft III\war3.exe:*:Enabled:Warcraft III"
"E:\HRY\Warcraft III\war3.exe"="E:\HRY\Warcraft III\war3.exe:*:Enabled:Warcraft III"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM)"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\Diablo II\Game.exe"="C:\Program Files\Diablo II\Game.exe:*:Enabled:Diablo II"
"C:\Program Files\Doom 3\Doom3.exe"="C:\Program Files\Doom 3\Doom3.exe:*:Enabled:DOOM 3"
"C:\Program Files\TeamViewer\Version4\TeamViewer.exe"="C:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Documents and Settings\domac\Plocha\Warcraft\war3.exe"="C:\Documents and Settings\domac\Plocha\Warcraft\war3.exe:*:Enabled:Warcraft III"
"C:\Program Files\Dragon Age\bin_ship\daorigins.exe"="C:\Program Files\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Prameny Hra"
"C:\Program Files\Dragon Age\DAOriginsLauncher.exe"="C:\Program Files\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Prameny Spustit"
"C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe"="C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Prameny Aktualizovat"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Ventrilo\Ventrilo.exe"="C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe"
"C:\Program Files\Sports Interactive\Football Manager 2010\fm.exe"="C:\Program Files\Sports Interactive\Football Manager 2010\fm.exe:*:Enabled:Football Manager 2010"
"C:\Program Files\Counter-Strike Source\hl2.exe"="C:\Program Files\Counter-Strike Source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\League of Legends\lol.launcher.exe"="C:\Program Files\League of Legends\lol.launcher.exe:*:Enabled:League of Legends Launcher"
"C:\Program Files\League of Legends\Air\LolClient.exe"="C:\Program Files\League of Legends\Air\LolClient.exe:*:Enabled:League of Legends Lobby"
"C:\Program Files\League of Legends\Game\League of Legends.exe"="C:\Program Files\League of Legends\Game\League of Legends.exe:*:Enabled:League of Legends Game Client"
"C:\Documents and Settings\domac\Plocha\Warcraft\Warcraft III.exe"="C:\Documents and Settings\domac\Plocha\Warcraft\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\Program Files\Garena\Garena.exe"="C:\Program Files\Garena\Garena.exe:*:Enabled:Garena"
"C:\Documents and Settings\domac\Plocha\Neverwinter Nights 2\nwn2main.exe"="C:\Documents and Settings\domac\Plocha\Neverwinter Nights 2\nwn2main.exe:*:Disabled:Neverwinter Nights 2"
"C:\Program Files\The Lord of the Rings - Conquest™\Conquest.exe"="C:\Program Files\The Lord of the Rings - Conquest™\Conquest.exe:*:Enabled:Game"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{004f2efe-79ac-11de-bf85-0016179154fd}]
shell\AutoRun\command - E:\RUNDLL32.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1ab7bb22-ca2d-11de-9a80-0016179154fd}]
shell\AutoRun\command - E:\h0.exe
shell\open\command - E:\h0.exe
======List of files/folders created in the last 1 months======
2010-03-04 07:08:38 ----D---- C:\rsit
2010-02-28 17:09:37 ----D---- C:\Program Files\World of Warcraft
2010-02-25 15:48:06 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-02-22 15:07:01 ----D---- C:\Program Files\Gameforge4D
2010-02-18 20:00:04 ----D---- C:\Program Files\Common Files\Audio
2010-02-18 19:59:04 ----D---- C:\Program Files\Naruto Battle Arena MUGEN
2010-02-11 07:16:28 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-11 07:16:24 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-11 07:14:07 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-11 07:14:02 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-11 07:13:58 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-11 07:13:53 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-11 07:13:14 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-11 07:13:05 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-02-11 07:12:56 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$
2010-02-09 22:59:44 ----A---- C:\ASLog.txt
======List of files/folders modified in the last 1 months======
2010-03-04 07:08:42 ----D---- C:\WINDOWS\Prefetch
2010-03-04 07:06:41 ----D---- C:\Program Files\Mozilla Firefox
2010-03-04 07:05:54 ----D---- C:\WINDOWS\Temp
2010-03-04 07:05:43 ----D---- C:\Documents and Settings\domac\Data aplikací\Skype
2010-03-04 07:05:41 ----D---- C:\Documents and Settings\domac\Data aplikací\skypePM
2010-03-04 07:05:10 ----SD---- C:\WINDOWS\Tasks
2010-03-04 07:05:05 ----D---- C:\Documents and Settings\domac\Data aplikací\Hamachi
2010-03-04 01:05:08 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-03 18:23:22 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-02 16:32:49 ----D---- C:\WINDOWS
2010-03-01 22:50:55 ----A---- C:\WINDOWS\NeroDigital.ini
2010-02-28 17:09:37 ----RD---- C:\Program Files
2010-02-28 10:06:21 ----A---- C:\testcrypted.txt
2010-02-28 10:06:21 ----A---- C:\testBack.txt
2010-02-28 10:06:21 ----A---- C:\test.txt
2010-02-27 01:30:32 ----D---- C:\Documents and Settings\domac\Data aplikací\ICQ
2010-02-26 14:47:21 ----SHD---- C:\WINDOWS\Installer
2010-02-25 15:48:43 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-25 15:48:43 ----HD---- C:\WINDOWS\inf
2010-02-25 15:48:43 ----D---- C:\WINDOWS\system32
2010-02-25 15:48:41 ----D---- C:\WINDOWS\ie8updates
2010-02-25 15:48:38 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-25 15:48:34 ----A---- C:\WINDOWS\imsins.BAK
2010-02-19 16:04:10 ----D---- C:\Program Files\Centauri
2010-02-18 21:19:04 ----D---- C:\Program Files\Garena
2010-02-18 20:00:04 ----D---- C:\Program Files\Common Files
2010-02-18 10:51:59 ----A---- C:\WINDOWS\wincmd.ini
2010-02-11 07:16:26 ----D---- C:\WINDOWS\system32\drivers
2010-02-11 07:13:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-02-09 18:48:40 ----D---- C:\Program Files\Google
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys [2007-02-06 16512]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys []
R2 ALIEHCD;ULi PCI to USB Enhanced Host Controller; C:\WINDOWS\System32\Drivers\ALIEHCI.sys [2005-09-07 84471]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R3 aliroothub;USB 2.0 Root Hub; C:\WINDOWS\system32\DRIVERS\AliRtHub.sys [2005-09-07 5304]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2004-01-09 42496]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-04-17 4707328]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-06-10 8087712]
R3 PCAlertDriver;PCAlertDriver; \??\C:\Program Files\MSI\PC Alert 4\NTGLM7X.sys []
R3 Pcouffin;Low level access layer for CD devices; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2009-09-26 47360]
R3 pfc;PADUS ASPI SHELL; C:\WINDOWS\system32\drivers\pfc.sys [2002-06-13 14604]
R3 ULI5261XP;ULi M526X Ethernet NT Driver; C:\WINDOWS\system32\DRIVERS\ULILAN51.SYS [2005-03-22 28672]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 an54m6n8;an54m6n8; C:\WINDOWS\system32\drivers\an54m6n8.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2009-04-22 60800]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt []
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\domac\LOCALS~1\Temp\KSC1C7.tmp []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-15 25280]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2009-04-22 61824]
S3 npkcrypt;npkcrypt; \??\C:\Program Files\Lineage II\system\npkcrypt.sys []
S3 NTSIM;NTSIM; \??\C:\WINDOWS\system32\ntsim.sys []
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 teamviewervpn;TeamViewer VPN Adapter; C:\WINDOWS\system32\DRIVERS\teamviewervpn.sys [2008-01-25 25088]
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
S3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-04-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-04-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-10-19 222456]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-25 153376]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-06-10 168004]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-08-23 66872]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-08-23 103736]
R2 Ventrilo;Ventrilo; C:\Program Files\VentSrv\ventrilo_svc.exe [2008-08-25 76800]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-16 271920]
S2 gupdate1ca017969c452e8;Služba Google Update (gupdate1ca017969c452e8); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-10 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-02-02 194032]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu; C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-08-30 3407412]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosim o konrolu logu, mám problém s výpadkama PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosim o konrolu logu, mám problém s výpadkama PC
Presun ComboFix
na plochu (ak tam este nie je)
otvor si Poznamkovy blok - notepad
do neho zkopiruj skript z nasledujiceho okna:
uloz vytvoreny textovy soubor ako CFScript.txt na plochu
po ulozeni uchop vytvoreny skript lavym tlacitkom mysi a presun ho nad ikonu Combofixu, nad nim skript upust:
po aplikacii by mal vzniknut dalsi log, ten vloz sem
na plochu (ak tam este nie je)
otvor si Poznamkovy blok - notepad
do neho zkopiruj skript z nasledujiceho okna:
Kód: Vybrat vše
Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{004f2efe-79ac-11de-bf85-0016179154fd}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1ab7bb22-ca2d-11de-9a80-0016179154fd}]
po ulozeni uchop vytvoreny skript lavym tlacitkom mysi a presun ho nad ikonu Combofixu, nad nim skript upust:
po aplikacii by mal vzniknut dalsi log, ten vloz sem
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosim o konrolu logu, mám problém s výpadkama PC
Děkuju moc :
Tady je ten log:
ComboFix 10-03-03.04 - domac 04.03.2010 8:43.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3071.2497 [GMT 1:00]
Spuštěný z: c:\documents and settings\domac\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\domac\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 100303-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\domac\Local Settings\Tempcheck.exe
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm105.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm106.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm10B.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm113.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm11C.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm12C.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm14.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm148.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm149.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm15.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm17.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm19.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm19A.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm1A.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm1C.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm1D.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm23.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm29.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm32.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm33.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm34.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm3B.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm3C.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm409.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm41.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm48.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm51.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm52.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm53.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm58.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm5F.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm60.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm61.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm6E.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm7.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm73.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm7F.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm8.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm86.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm87.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm88.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm8A.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm8E.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm9.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm92.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm97.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm98.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm9C.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm9F.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmA.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmA2.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmA6.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmAA.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmAF.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmB.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmB0.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmB4.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmB7.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmBB.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmBF.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmC.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmC3.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmC6.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmCB.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmCC.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmD.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmD1.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmDC.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmDD.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmF5.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmFF.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\bg.jpg
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\CurrentVersion.xml
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Data\ProductInfo.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\ExtractZipFile.zip
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\icon.ico
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\productinfo.dll
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Setup.exe
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\stbup.exe
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\tdf.dat
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\248d6576afce4ee94af42d7350131106.gif
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\24a70fb875fab686b6b3c217612bc07c.gif
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\2afcf6f3f2e19cc42d7f72f3b18b26ef.gif
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\50bffa6936b3e661971a58e3c8bdf4cb.gif
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\default1.dat
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\loading.dat
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\loading.gif
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Cursor.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_DailyVideo.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Game.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Glitter.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Logo.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Option.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Recipe.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Ringtone.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Screensaver.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Search.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Smiley.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Smiley_Config.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Smiley_TellAFriend.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Wallpaper.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Web.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\pixel.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\ProductInfo.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\profile.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\SearchEngineList.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\tbcore.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\ToolbarLayout.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\UpdateCentre.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\UpdateCentreBk.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\URLDynamic.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\URLStatic.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\About.mg
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Component_ComboBox.mg
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Cursor.mg
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Cursor.png
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_DailyVideo.mg
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Game.mg
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Glitter.mg
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Glitter.png
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Logo.mg
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Option.mg
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Recipe.mg
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Ringtone.mg
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Screensaver.mg
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Search.mg
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Smiley.mg
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Smiley.png
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Wallpaper.mg
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Web.mg
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDefault.png
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay.bmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay.png
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay18.bmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay20.bmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters.bmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters.png
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters18.bmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters20.bmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnOption.png
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley.bmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley.png
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley18.bmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley20.bmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd.bmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd.png
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd18.bmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd20.bmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink.bmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink.png
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink18.bmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink20.bmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin1.skf
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin2.skf
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin3.skf
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin4.skf
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\TellafriendSkin.skf
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\TellafriendSkin_s.skf
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\ToastSkin.skf
c:\documents and settings\domac\Local Settings\Temporary Internet Files\stb06759.tmp
c:\program files\Internet Saving Optimizer
c:\program files\Internet Saving Optimizer\3.4.0.4340\adwpx.exe
c:\program files\Internet Saving Optimizer\3.4.0.4340\Data\config.md
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFAddOn.dll
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFAddOn.xpt
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFHelperComponent.js
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome.manifest
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\content\NPAddOn.js
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\content\NPAddOn.xul
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\NPAddOn.jar
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\install.rdf
c:\program files\Internet Saving Optimizer\3.4.0.4340\NPCommon.dll
c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.dat
c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.exe
c:\program files\Media Access Startup
c:\program files\Media Access Startup\1.5.0.850\Data\config.md
c:\program files\Media Access Startup\1.5.0.850\FF\components\HPFFAddOn.dll
c:\program files\Media Access Startup\1.5.0.850\FF\components\HPFFAddOn.xpt
c:\program files\Media Access Startup\1.5.0.850\FF\components\HPFFHelperComponent.js
c:\program files\Media Access Startup\1.5.0.850\FF\chrome.manifest
c:\program files\Media Access Startup\1.5.0.850\FF\chrome\content\HPAddOn.js
c:\program files\Media Access Startup\1.5.0.850\FF\chrome\content\HPAddOn.xul
c:\program files\Media Access Startup\1.5.0.850\FF\chrome\HPAddOn.jar
c:\program files\Media Access Startup\1.5.0.850\FF\install.rdf
c:\program files\Media Access Startup\1.5.0.850\HPCommon.dll
c:\program files\Media Access Startup\1.5.0.850\hppx.exe
c:\program files\Media Access Startup\1.5.0.850\MAHelper.exe
c:\program files\Media Access Startup\1.5.0.850\unins000.dat
c:\program files\Media Access Startup\1.5.0.850\unins000.exe
C:\test.txt
c:\windows\system32\SIntf16.dll
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-04 do 2010-03-04 )))))))))))))))))))))))))))))))
.
2010-03-04 06:08 . 2010-03-04 06:08 -------- d-----w- C:\rsit
2010-02-28 16:09 . 2010-02-28 16:31 -------- d-----w- c:\program files\World of Warcraft
2010-02-22 14:07 . 2010-02-22 14:07 -------- d-----w- c:\program files\Gameforge4D
2010-02-19 07:02 . 2010-02-19 07:02 151 ----a-w- c:\documents and settings\domac\check.bat
2010-02-18 19:00 . 2010-02-19 07:02 -------- d-----w- c:\program files\Common Files\Audio
2010-02-18 18:59 . 2010-03-03 20:20 -------- d-----w- c:\program files\Naruto Battle Arena MUGEN
2010-02-10 13:20 . 2009-12-04 17:25 456832 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-19 15:04 . 2009-07-30 06:10 -------- d-----w- c:\program files\Centauri
2010-02-19 07:02 . 2010-02-19 07:02 151 ----a-w- c:\documents and settings\domac\check.bat
2010-02-18 20:19 . 2009-12-11 20:46 -------- d-----w- c:\program files\Garena
2010-02-09 17:48 . 2009-07-10 16:13 -------- d-----w- c:\program files\Google
2010-01-19 19:45 . 2010-01-19 19:40 -------- d-----w- c:\program files\The Lord of the Rings - Conquest™
2010-01-13 20:26 . 2009-07-04 06:12 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-13 20:26 . 2009-09-09 15:03 -------- d-----w- c:\program files\Doom 3
2010-01-12 19:16 . 2009-07-04 07:08 -------- d-----w- c:\program files\Microsoft Works
2010-01-06 13:11 . 2004-09-16 11:24 432272 ----a-w- c:\windows\system32\perfh005.dat
2010-01-06 13:11 . 2004-09-16 11:24 79220 ----a-w- c:\windows\system32\perfc005.dat
2010-01-04 15:53 . 2010-01-04 15:53 -------- d-----w- c:\program files\Opera 10 Beta
2010-01-02 16:44 . 2010-01-02 16:44 69632 ----a-w- c:\windows\system32\Clifford Uninstall.exe
2010-01-01 07:58 . 2009-02-11 10:12 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:08 . 2009-03-03 00:16 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-17 07:42 . 2009-07-04 08:00 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2008-04-14 06:51 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-09 14:33 . 2009-02-09 11:19 2068352 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-09 14:33 . 2009-04-22 07:35 2191488 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-04 17:25 . 2008-11-26 06:35 456832 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-09-25 16:41 . 2009-09-25 16:41 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-09-25 16:41 . 2009-09-25 16:41 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-09-25 16:41 . 2009-09-25 16:41 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-09-25 16:41 . 2009-09-25 16:41 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
.
------- Sigcheck -------
[-] 2008-11-26 . 5B61517E148ED7D09F5093FEE44AE0C4 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2009-10-19 187192]
[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2009-10-19 15:15 1345336 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-10-19 1345336]
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-10-19 1345336]
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 153136]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-10 39408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-04-10 16861184]
"nwiz"="nwiz.exe" [2009-06-10 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-06-10 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-10 13758464]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-07-10 198160]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2009-10-20 111928]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"_nltide_2"="shell32" [X]
c:\documents and settings\domac\Nabˇdka Start\Programy\Po spuçtŘnˇ\
hamachi.lnk - c:\program files\Hamachi\hamachi.exe [2009-9-15 625952]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
McAfee Security Scan.lnk - c:\program files\McAfee Security Scan\1.0.150\SSScheduler.exe [2009-7-28 199184]
PC Alert 4.lnk - c:\program files\MSI\PC Alert 4\StartPCAlert4.exe [2009-7-4 188416]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Diablo II\\Game.exe"=
"c:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Documents and Settings\\domac\\Plocha\\Warcraft\\war3.exe"=
"c:\\Program Files\\Dragon Age\\bin_ship\\daorigins.exe"=
"c:\\Program Files\\Dragon Age\\DAOriginsLauncher.exe"=
"c:\\Program Files\\Dragon Age\\bin_ship\\daupdatersvc.service.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Sports Interactive\\Football Manager 2010\\fm.exe"=
"c:\\Program Files\\Counter-Strike Source\\hl2.exe"=
"c:\\Documents and Settings\\domac\\Plocha\\Warcraft\\Warcraft III.exe"=
"c:\\Program Files\\Garena\\Garena.exe"=
"c:\\Documents and Settings\\domac\\Plocha\\Neverwinter Nights 2\\nwn2main.exe"=
"c:\\Program Files\\The Lord of the Rings - Conquest™\\Conquest.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"8394:TCP"= 8394:TCP:League of Legends Launcher
"8394:UDP"= 8394:UDP:League of Legends Launcher
"8393:TCP"= 8393:TCP:League of Legends Lobby
"8393:UDP"= 8393:UDP:League of Legends Lobby
"8390:TCP"= 8390:TCP:League of Legends Game Client
"8390:UDP"= 8390:UDP:League of Legends Game Client
"6888:TCP"= 6888:TCP:League of Legends Launcher
"6888:UDP"= 6888:UDP:League of Legends Launcher
R0 m5288;m5288;c:\windows\system32\drivers\m5288.sys [4.7.2009 7:31 210304]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [4.7.2009 7:41 114768]
R2 ALIEHCD;ULi PCI to USB Enhanced Host Controller;c:\windows\system32\drivers\AliEhci.sys [4.7.2009 7:31 84471]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [4.7.2009 7:41 20560]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [4.7.2009 19:46 222456]
R3 aliroothub;USB 2.0 Root Hub;c:\windows\system32\drivers\AliRtHub.sys [4.7.2009 7:31 5304]
R3 ULI5261XP;ULi M526X Ethernet NT Driver;c:\windows\system32\drivers\ULILAN51.SYS [4.7.2009 7:31 28672]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [6.7.2009 8:45 721904]
S2 gupdate1ca017969c452e8;Služba Google Update (gupdate1ca017969c452e8);c:\program files\Google\Update\GoogleUpdate.exe [10.7.2009 17:13 133104]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu;c:\program files\Dragon Age\bin_ship\daupdatersvc.service.exe [13.11.2009 17:17 25832]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [4.7.2009 7:02 26224]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\domac\LOCALS~1\Temp\KSC1C7.tmp --> c:\docume~1\domac\LOCALS~1\Temp\KSC1C7.tmp [?]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [25.1.2008 10:12 25088]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
2010-03-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-06-03 11:42]
2010-03-04 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-10 13:03]
2010-03-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-10 16:13]
2010-03-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-10 16:13]
2010-03-04 c:\windows\Tasks\SDMsgUpdate (TE).job
- c:\progra~1\SMARTD~1\Messages\SDNotify.exe [2009-07-28 14:29]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://home.sweetim.com
mStart Page = hxxp://home.sweetim.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: com.tw\asia.msi
Trusted Zone: com.tw\global.msi
Trusted Zone: com.tw\www.msi
DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab
FF - ProfilePath - c:\documents and settings\domac\Data aplikací\Mozilla\Firefox\Profiles\x82c19x9.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.theprizeday.com/today.php|http://ra ... com/?hp=df
FF - prefs.js: keyword.URL - hxxp://radiobar.toolbarhome.com/search.aspx?srch=ku&q=
FF - component: c:\documents and settings\domac\Data aplikací\Mozilla\Firefox\Profiles\x82c19x9.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - component: c:\documents and settings\domac\Data aplikací\Mozilla\Firefox\Profiles\x82c19x9.default\extensions\radiobar@toolbar\components\toolbarhomewmp.dll
FF - component: c:\program files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\FFToolbar\components\SmileyCore.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1851.5542\npCIDetect14.dll
FF - plugin: c:\program files\Google\Update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\program files\Opera 10 Beta\program\plugins\npdsplay.dll
FF - plugin: c:\program files\Opera 10 Beta\program\plugins\npwmsdrm.dll
FF - plugin: c:\program files\Opera\program\plugins\np_gp.dll
FF - plugin: c:\program files\Opera\program\plugins\npdivx32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKCU-Run-SmileyApp - c:\program files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\stbapp.exe
HKCU-Run-RGSC - c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
HKCU-Run-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
HKCU-Run-PlayNC Launcher - (no file)
HKLM-Run-eurobattlegui - l:\warcraft iii\eb.exe
AddRemove-DarkNestPatch_0 - c:\program files\Lineage II\Uninstall.exe
AddRemove-Divinity II - Ego Draconis_is1 - c:\program files\Divinity II - Ego Draconis\unins000.exe
AddRemove-DVD To AVI Converter_is1 - e:\stažené\DVD To AVI Converter4.0\unins000.exe
AddRemove-EADM - c:\program files\Electronic Arts\EADM\Uninstall.exe
AddRemove-GameParkClient_is1 - e:\gamepark\unins000.exe
AddRemove-Krtek_is1 - e:\hry\unins000.exe
AddRemove-League of Legends_is1 - c:\program files\League of Legends\unins000.exe
AddRemove-War Chess - e:\hry\War Chess\Uninstall.exe
AddRemove-{16B6279B-9FF5-41fb-8BF9-404324F5DD1F}}_is1 - c:\program files\Media Access Startup\1.5.0.850\unins000.exe
AddRemove-{1FB52AB3-5987-45a2-85E0-F3EC30DDDC29}}_is1 - c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.exe
AddRemove-{6663554C-2FC7-4CDC-809D-1BCD59189853}_is1 - c:\program files\Trine\unins000.exe
AddRemove-Elmoreden PvP Patch - c:\documents and settings\domac\Plocha\Lineage II\Uninstal.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-04 08:49
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\domac\LOCALS~1\Temp\KSC1C7.tmp"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
Celkový čas: 2010-03-04 08:51:49
ComboFix-quarantined-files.txt 2010-03-04 07:51
Před spuštěním: 3 767 259 136
Po spuštění: Volných bajtů: 13 802 278 912
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer
- - End Of File - - 27971B426F8B33E809F03D23592DF203
Tady je ten log:
ComboFix 10-03-03.04 - domac 04.03.2010 8:43.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3071.2497 [GMT 1:00]
Spuštěný z: c:\documents and settings\domac\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\domac\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 100303-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\domac\Local Settings\Tempcheck.exe
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm105.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm106.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm10B.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm113.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm11C.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm12C.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm14.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm148.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm149.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm15.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm17.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm19.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm19A.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm1A.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm1C.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm1D.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm23.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm29.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm32.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm33.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm34.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm3B.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm3C.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm409.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm41.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm48.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm51.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm52.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm53.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm58.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm5F.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm60.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm61.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm6E.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm7.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm73.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm7F.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm8.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm86.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm87.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm88.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm8A.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm8E.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm9.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm92.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm97.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm98.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm9C.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tm9F.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmA.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmA2.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmA6.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmAA.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmAF.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmB.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmB0.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmB4.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmB7.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmBB.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmBF.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmC.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmC3.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmC6.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmCB.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmCC.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmD.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmD1.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmDC.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmDD.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmF5.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\_tmFF.tmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\bg.jpg
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\CurrentVersion.xml
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Data\ProductInfo.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\ExtractZipFile.zip
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\icon.ico
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\productinfo.dll
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Setup.exe
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\stbup.exe
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\tdf.dat
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\248d6576afce4ee94af42d7350131106.gif
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\24a70fb875fab686b6b3c217612bc07c.gif
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\2afcf6f3f2e19cc42d7f72f3b18b26ef.gif
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\50bffa6936b3e661971a58e3c8bdf4cb.gif
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\default1.dat
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\loading.dat
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Cache\loading.gif
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Cursor.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_DailyVideo.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Game.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Glitter.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Logo.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Option.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Recipe.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Ringtone.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Screensaver.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Search.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Smiley.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Smiley_Config.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Smiley_TellAFriend.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Wallpaper.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Web.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\pixel.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\ProductInfo.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\profile.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\SearchEngineList.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\tbcore.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\ToolbarLayout.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\UpdateCentre.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\UpdateCentreBk.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\URLDynamic.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\URLStatic.mx
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\About.mg
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Component_ComboBox.mg
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Cursor.mg
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Cursor.png
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_DailyVideo.mg
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Game.mg
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Glitter.mg
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Glitter.png
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Logo.mg
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Option.mg
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Recipe.mg
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Ringtone.mg
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Screensaver.mg
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Search.mg
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Smiley.mg
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Smiley.png
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Wallpaper.mg
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Web.mg
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDefault.png
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay.bmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay.png
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay18.bmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay20.bmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters.bmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters.png
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters18.bmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters20.bmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnOption.png
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley.bmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley.png
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley18.bmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley20.bmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd.bmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd.png
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd18.bmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd20.bmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink.bmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink.png
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink18.bmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink20.bmp
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin1.skf
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin2.skf
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin3.skf
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin4.skf
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\TellafriendSkin.skf
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\TellafriendSkin_s.skf
c:\documents and settings\domac\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\ToastSkin.skf
c:\documents and settings\domac\Local Settings\Temporary Internet Files\stb06759.tmp
c:\program files\Internet Saving Optimizer
c:\program files\Internet Saving Optimizer\3.4.0.4340\adwpx.exe
c:\program files\Internet Saving Optimizer\3.4.0.4340\Data\config.md
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFAddOn.dll
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFAddOn.xpt
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFHelperComponent.js
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome.manifest
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\content\NPAddOn.js
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\content\NPAddOn.xul
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\NPAddOn.jar
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\install.rdf
c:\program files\Internet Saving Optimizer\3.4.0.4340\NPCommon.dll
c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.dat
c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.exe
c:\program files\Media Access Startup
c:\program files\Media Access Startup\1.5.0.850\Data\config.md
c:\program files\Media Access Startup\1.5.0.850\FF\components\HPFFAddOn.dll
c:\program files\Media Access Startup\1.5.0.850\FF\components\HPFFAddOn.xpt
c:\program files\Media Access Startup\1.5.0.850\FF\components\HPFFHelperComponent.js
c:\program files\Media Access Startup\1.5.0.850\FF\chrome.manifest
c:\program files\Media Access Startup\1.5.0.850\FF\chrome\content\HPAddOn.js
c:\program files\Media Access Startup\1.5.0.850\FF\chrome\content\HPAddOn.xul
c:\program files\Media Access Startup\1.5.0.850\FF\chrome\HPAddOn.jar
c:\program files\Media Access Startup\1.5.0.850\FF\install.rdf
c:\program files\Media Access Startup\1.5.0.850\HPCommon.dll
c:\program files\Media Access Startup\1.5.0.850\hppx.exe
c:\program files\Media Access Startup\1.5.0.850\MAHelper.exe
c:\program files\Media Access Startup\1.5.0.850\unins000.dat
c:\program files\Media Access Startup\1.5.0.850\unins000.exe
C:\test.txt
c:\windows\system32\SIntf16.dll
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-04 do 2010-03-04 )))))))))))))))))))))))))))))))
.
2010-03-04 06:08 . 2010-03-04 06:08 -------- d-----w- C:\rsit
2010-02-28 16:09 . 2010-02-28 16:31 -------- d-----w- c:\program files\World of Warcraft
2010-02-22 14:07 . 2010-02-22 14:07 -------- d-----w- c:\program files\Gameforge4D
2010-02-19 07:02 . 2010-02-19 07:02 151 ----a-w- c:\documents and settings\domac\check.bat
2010-02-18 19:00 . 2010-02-19 07:02 -------- d-----w- c:\program files\Common Files\Audio
2010-02-18 18:59 . 2010-03-03 20:20 -------- d-----w- c:\program files\Naruto Battle Arena MUGEN
2010-02-10 13:20 . 2009-12-04 17:25 456832 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-19 15:04 . 2009-07-30 06:10 -------- d-----w- c:\program files\Centauri
2010-02-19 07:02 . 2010-02-19 07:02 151 ----a-w- c:\documents and settings\domac\check.bat
2010-02-18 20:19 . 2009-12-11 20:46 -------- d-----w- c:\program files\Garena
2010-02-09 17:48 . 2009-07-10 16:13 -------- d-----w- c:\program files\Google
2010-01-19 19:45 . 2010-01-19 19:40 -------- d-----w- c:\program files\The Lord of the Rings - Conquest™
2010-01-13 20:26 . 2009-07-04 06:12 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-13 20:26 . 2009-09-09 15:03 -------- d-----w- c:\program files\Doom 3
2010-01-12 19:16 . 2009-07-04 07:08 -------- d-----w- c:\program files\Microsoft Works
2010-01-06 13:11 . 2004-09-16 11:24 432272 ----a-w- c:\windows\system32\perfh005.dat
2010-01-06 13:11 . 2004-09-16 11:24 79220 ----a-w- c:\windows\system32\perfc005.dat
2010-01-04 15:53 . 2010-01-04 15:53 -------- d-----w- c:\program files\Opera 10 Beta
2010-01-02 16:44 . 2010-01-02 16:44 69632 ----a-w- c:\windows\system32\Clifford Uninstall.exe
2010-01-01 07:58 . 2009-02-11 10:12 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:08 . 2009-03-03 00:16 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-17 07:42 . 2009-07-04 08:00 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2008-04-14 06:51 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-09 14:33 . 2009-02-09 11:19 2068352 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-09 14:33 . 2009-04-22 07:35 2191488 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-04 17:25 . 2008-11-26 06:35 456832 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-09-25 16:41 . 2009-09-25 16:41 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-09-25 16:41 . 2009-09-25 16:41 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-09-25 16:41 . 2009-09-25 16:41 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-09-25 16:41 . 2009-09-25 16:41 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
.
------- Sigcheck -------
[-] 2008-11-26 . 5B61517E148ED7D09F5093FEE44AE0C4 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2009-10-19 187192]
[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2009-10-19 15:15 1345336 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-10-19 1345336]
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-10-19 1345336]
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 153136]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-10 39408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-04-10 16861184]
"nwiz"="nwiz.exe" [2009-06-10 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-06-10 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-10 13758464]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-07-10 198160]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2009-10-20 111928]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"_nltide_2"="shell32" [X]
c:\documents and settings\domac\Nabˇdka Start\Programy\Po spuçtŘnˇ\
hamachi.lnk - c:\program files\Hamachi\hamachi.exe [2009-9-15 625952]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
McAfee Security Scan.lnk - c:\program files\McAfee Security Scan\1.0.150\SSScheduler.exe [2009-7-28 199184]
PC Alert 4.lnk - c:\program files\MSI\PC Alert 4\StartPCAlert4.exe [2009-7-4 188416]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Diablo II\\Game.exe"=
"c:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Documents and Settings\\domac\\Plocha\\Warcraft\\war3.exe"=
"c:\\Program Files\\Dragon Age\\bin_ship\\daorigins.exe"=
"c:\\Program Files\\Dragon Age\\DAOriginsLauncher.exe"=
"c:\\Program Files\\Dragon Age\\bin_ship\\daupdatersvc.service.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Sports Interactive\\Football Manager 2010\\fm.exe"=
"c:\\Program Files\\Counter-Strike Source\\hl2.exe"=
"c:\\Documents and Settings\\domac\\Plocha\\Warcraft\\Warcraft III.exe"=
"c:\\Program Files\\Garena\\Garena.exe"=
"c:\\Documents and Settings\\domac\\Plocha\\Neverwinter Nights 2\\nwn2main.exe"=
"c:\\Program Files\\The Lord of the Rings - Conquest™\\Conquest.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"8394:TCP"= 8394:TCP:League of Legends Launcher
"8394:UDP"= 8394:UDP:League of Legends Launcher
"8393:TCP"= 8393:TCP:League of Legends Lobby
"8393:UDP"= 8393:UDP:League of Legends Lobby
"8390:TCP"= 8390:TCP:League of Legends Game Client
"8390:UDP"= 8390:UDP:League of Legends Game Client
"6888:TCP"= 6888:TCP:League of Legends Launcher
"6888:UDP"= 6888:UDP:League of Legends Launcher
R0 m5288;m5288;c:\windows\system32\drivers\m5288.sys [4.7.2009 7:31 210304]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [4.7.2009 7:41 114768]
R2 ALIEHCD;ULi PCI to USB Enhanced Host Controller;c:\windows\system32\drivers\AliEhci.sys [4.7.2009 7:31 84471]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [4.7.2009 7:41 20560]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [4.7.2009 19:46 222456]
R3 aliroothub;USB 2.0 Root Hub;c:\windows\system32\drivers\AliRtHub.sys [4.7.2009 7:31 5304]
R3 ULI5261XP;ULi M526X Ethernet NT Driver;c:\windows\system32\drivers\ULILAN51.SYS [4.7.2009 7:31 28672]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [6.7.2009 8:45 721904]
S2 gupdate1ca017969c452e8;Služba Google Update (gupdate1ca017969c452e8);c:\program files\Google\Update\GoogleUpdate.exe [10.7.2009 17:13 133104]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu;c:\program files\Dragon Age\bin_ship\daupdatersvc.service.exe [13.11.2009 17:17 25832]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [4.7.2009 7:02 26224]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\domac\LOCALS~1\Temp\KSC1C7.tmp --> c:\docume~1\domac\LOCALS~1\Temp\KSC1C7.tmp [?]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [25.1.2008 10:12 25088]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
2010-03-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-06-03 11:42]
2010-03-04 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-10 13:03]
2010-03-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-10 16:13]
2010-03-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-10 16:13]
2010-03-04 c:\windows\Tasks\SDMsgUpdate (TE).job
- c:\progra~1\SMARTD~1\Messages\SDNotify.exe [2009-07-28 14:29]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://home.sweetim.com
mStart Page = hxxp://home.sweetim.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: com.tw\asia.msi
Trusted Zone: com.tw\global.msi
Trusted Zone: com.tw\www.msi
DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab
FF - ProfilePath - c:\documents and settings\domac\Data aplikací\Mozilla\Firefox\Profiles\x82c19x9.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.theprizeday.com/today.php|http://ra ... com/?hp=df
FF - prefs.js: keyword.URL - hxxp://radiobar.toolbarhome.com/search.aspx?srch=ku&q=
FF - component: c:\documents and settings\domac\Data aplikací\Mozilla\Firefox\Profiles\x82c19x9.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - component: c:\documents and settings\domac\Data aplikací\Mozilla\Firefox\Profiles\x82c19x9.default\extensions\radiobar@toolbar\components\toolbarhomewmp.dll
FF - component: c:\program files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\FFToolbar\components\SmileyCore.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1851.5542\npCIDetect14.dll
FF - plugin: c:\program files\Google\Update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\program files\Opera 10 Beta\program\plugins\npdsplay.dll
FF - plugin: c:\program files\Opera 10 Beta\program\plugins\npwmsdrm.dll
FF - plugin: c:\program files\Opera\program\plugins\np_gp.dll
FF - plugin: c:\program files\Opera\program\plugins\npdivx32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKCU-Run-SmileyApp - c:\program files\DoubleD\GamingHarbor Toolbar\4.1.4.20920\stbapp.exe
HKCU-Run-RGSC - c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
HKCU-Run-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
HKCU-Run-PlayNC Launcher - (no file)
HKLM-Run-eurobattlegui - l:\warcraft iii\eb.exe
AddRemove-DarkNestPatch_0 - c:\program files\Lineage II\Uninstall.exe
AddRemove-Divinity II - Ego Draconis_is1 - c:\program files\Divinity II - Ego Draconis\unins000.exe
AddRemove-DVD To AVI Converter_is1 - e:\stažené\DVD To AVI Converter4.0\unins000.exe
AddRemove-EADM - c:\program files\Electronic Arts\EADM\Uninstall.exe
AddRemove-GameParkClient_is1 - e:\gamepark\unins000.exe
AddRemove-Krtek_is1 - e:\hry\unins000.exe
AddRemove-League of Legends_is1 - c:\program files\League of Legends\unins000.exe
AddRemove-War Chess - e:\hry\War Chess\Uninstall.exe
AddRemove-{16B6279B-9FF5-41fb-8BF9-404324F5DD1F}}_is1 - c:\program files\Media Access Startup\1.5.0.850\unins000.exe
AddRemove-{1FB52AB3-5987-45a2-85E0-F3EC30DDDC29}}_is1 - c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.exe
AddRemove-{6663554C-2FC7-4CDC-809D-1BCD59189853}_is1 - c:\program files\Trine\unins000.exe
AddRemove-Elmoreden PvP Patch - c:\documents and settings\domac\Plocha\Lineage II\Uninstal.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-04 08:49
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\domac\LOCALS~1\Temp\KSC1C7.tmp"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
Celkový čas: 2010-03-04 08:51:49
ComboFix-quarantined-files.txt 2010-03-04 07:51
Před spuštěním: 3 767 259 136
Po spuštění: Volných bajtů: 13 802 278 912
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer
- - End Of File - - 27971B426F8B33E809F03D23592DF203
Re: Prosim o konrolu logu, mám problém s výpadkama PC
no fajn, bolo tam kopec balastu este vycisti PC s MBAM
este vycisti PC s MBAMFRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosim o konrolu logu, mám problém s výpadkama PC
za malo
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?