Prosím o kontrolu logu-pomalý start PC
Re: Prosím o kontrolu logu-pomalý start PC
Fixwareout hned aplikuju ale pak nevím jakou DNS adresu tam dát...Podle mého providera žádnou jinou nevím,kde bych ji mohl zjistit ??
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43287
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu-pomalý start PC
Většinou se dává získat adresu serveru DNS automaticky a získat adresu IP ze serveru DHCP automaticky, je to podle providera.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu-pomalý start PC
Zkoušel sem změnit v připojení: nastavit DNS a IP adresu automaticky ale nastavila se mi jen IP adresa a maska,DNS nic.... 
Re: Prosím o kontrolu logu-pomalý start PC
Tak sem nějak přeměnil ty DNS adresy,net jde ale po předělání se mi ukázalo okno s hláškou:
Ochrana souborů systému Windows
Došlo k nahrazení souborů nezbytných pro správnou funkčnost systému Windows soubory neznámé verze.Stabilita systému bude zachována pokud systém obnoví původní verze těchto souborů.
Vložte Disk CD aktualizace Service Pack systému Windows
Co s tím ?? Já to CD nemám....
Ochrana souborů systému Windows
Došlo k nahrazení souborů nezbytných pro správnou funkčnost systému Windows soubory neznámé verze.Stabilita systému bude zachována pokud systém obnoví původní verze těchto souborů.
Vložte Disk CD aktualizace Service Pack systému Windows
Co s tím ?? Já to CD nemám....
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43287
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu-pomalý start PC
No to je špatný, ještě zkus toto:
Stáhni si Dial-a-fix
Zkus opravit tímto programem.
Explorer/IE/OE/shell/WMP - Pokusí se o opravu Internet Exploreru, Outlook Expressu, Windows Media Playeru atd.
Policies: Otevře přehled všech použitých omezení nastavených v registru, například na použití editoru registru, správce úloh atd.
FlushDNS - Resetuje DNS cache.
Reset networking interfaces - Opraví winsock a síťové nastavení.
Stačí jen klik (dát zatržítko) a pak kliknout na Go.
Když to nepůjde tak ještě toto:
Stáhni si SREng--klikni pravým na odkaz a vyber uložit cíl...
- rozbal na plochu a spusť ho
- "zvol Smart Scan", nech nastaveni tak jak je
- zvol "Verify the digital signature of process modules"
- klik na "Scan"
- klik na Save Reports, ulož log na plochu a cely obsah logu zkopiruj sem.
Stáhni si Dial-a-fix
Zkus opravit tímto programem.
Explorer/IE/OE/shell/WMP - Pokusí se o opravu Internet Exploreru, Outlook Expressu, Windows Media Playeru atd.
Policies: Otevře přehled všech použitých omezení nastavených v registru, například na použití editoru registru, správce úloh atd.
FlushDNS - Resetuje DNS cache.
Reset networking interfaces - Opraví winsock a síťové nastavení.
Stačí jen klik (dát zatržítko) a pak kliknout na Go.
Když to nepůjde tak ještě toto:
Stáhni si SREng--klikni pravým na odkaz a vyber uložit cíl...
- rozbal na plochu a spusť ho
- "zvol Smart Scan", nech nastaveni tak jak je
- zvol "Verify the digital signature of process modules"
- klik na "Scan"
- klik na Save Reports, ulož log na plochu a cely obsah logu zkopiruj sem.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu-pomalý start PC
Log ze SREng
2008-11-28,20:47:43
System Repair Engineer 2.7.0.1210
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed
Follow item(s) have been selected:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Running Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Process Privileges Scan
Scheduled Tasks
API HOOK
Hidden Process
Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><D:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<NvCplDaemon><RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup> [NVIDIA Corporation]
<nwiz><nwiz.exe /install> []
<NvMediaCenter><RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit> [NVIDIA Corporation]
<C-Media Mixer><Mixer.exe /startup> [(Verified)Microsoft Windows Hardware Compatibility Publisher, E=""]
<nod32kui><"D:\Program Files\Eset\nod32kui.exe" /WAITSERVICE> [Eset ]
<SunJavaUpdateSched><"D:\Program Files\Java\jre6\bin\jusched.exe"> [(Verified)"Sun Microsystems, Inc."]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
<Userinit><D:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll> [(Verified)Microsoft Windows Component Publisher]
<{B5A7F190-DDA6-4420-B3BA-52453494E6CD}><D:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<PostBootReminder><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<CDBurn><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<WebCheck><%SystemRoot%\system32\webcheck.dll> [(Verified)Microsoft Windows Publisher]
<WPDShServiceObj><D:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Windows Component Publisher]
<SysTray><D:\WINDOWS\system32\stobject.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
<WinlogonNotify: crypt32chain><crypt32.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
<WinlogonNotify: cryptnet><cryptnet.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
<WinlogonNotify: cscdll><cscdll.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
<WinlogonNotify: ScCertProp><wlnotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
<WinlogonNotify: Schedule><wlnotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
<WinlogonNotify: sclgntfy><sclgntfy.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
<WinlogonNotify: SensLogn><WlNotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
<WinlogonNotify: termsrv><wlnotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
<WinlogonNotify: WgaLogon><WgaLogon.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
<WinlogonNotify: wlballoon><wlnotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Microsoft Windows Media Player><D:\WINDOWS\inf\unregmp2.exe /ShowWMP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
<Vlastní nastavení prohlížeče><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection D:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection D:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection D:\WINDOWS\INF\wmp11.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Adresář 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
<Aktualizace plochy systému Windows><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><D:\WINDOWS\system32\Rundll32.exe D:\WINDOWS\system32\mscories.dll,Install> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<Adobe Reader Speed Launcher><; "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"> [(Verified)"Adobe Systems, Incorporated"]
<Appwarp><; D:\PROGRA~1\REMI-S~1\APPLIC~1\ApplicationWarp.exe> []
<BDRegion><; D:\Program Files\Cyberlink\Shared Files\brs.exe> [(Verified)CyberLink]
<CloneCDTray><; "D:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s> [SlySoft, Inc.]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<DAEMON Tools Lite><; "D:\Program Files\DAEMON Tools Lite\daemon.exe"> [(Verified)DAEMON Tools Code Signing Services]
<IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}><; "D:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<NeroFilterCheck><; D:\Program Files\Common Files\Nero\Lib\NeroCheck.exe> [(Verified)Nero AG]
<PDVD8LanguageShortcut><; "D:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"> [(Verified)CyberLink]
<QuickTime Task><; "D:\Program Files\QuickTime\QTTask.exe" -atboottime> [Apple Inc.]
<RemoteControl8><; "D:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"> [(Verified)CyberLink]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<Steam><; "D:\Program Files\Steam\Steam.exe" -silent> [(Verified)Valve]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<TkBellExe><; "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [(Verified)"RealNetworks, Inc."]
==================================
Startup Folders
[Výřezy obrazovky a spuštění aplikace OneNote 2007]
<D:\Documents and Settings\Martin G\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk --> D:\PROGRA~1\MICROS~1\Office12\ONENOTEM.EXE [Microsoft Corporation]><N>
==================================
Services
[Ad-Aware 2007 Service / aawservice][Running/Auto Start]
<"D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe"><Lavasoft>
[##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## / Bonjour Service][Running/Auto Start]
<"D:\Program Files\Bonjour\mDNSResponder.exe"><Apple Computer, Inc.>
[Capture Device Service / Capture Device Service][Running/Auto Start]
<"D:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe"><InterVideo Inc.>
[FLEXnet Licensing Service / FLEXnet Licensing Service][Stopped/Manual Start]
<"D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"><Macrovision Europe Ltd.>
[Windows Presentation Foundation Font Cache 3.0.0.0 / FontCache3.0.0.0][Stopped/Manual Start]
<D:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe><Microsoft Corporation>
[Přístup k zařízením standardu HID / HidServ][Stopped/Disabled]
<D:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
<"D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[Windows CardSpace / idsvc][Stopped/Manual Start]
<"D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"><Microsoft Corporation>
[InCD Helper / InCDsrv][Stopped/Disabled]
<D:\Program Files\Nero\Nero8\InCD\InCDsrv.exe><Nero AG>
[Java Quick Starter / JavaQuickStarterService][Running/Auto Start]
<"D:\Program Files\Java\jre6\bin\jqs.exe" -service -config "D:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"><Sun Microsystems, Inc.>
[Nero BackItUp Scheduler 3 / Nero BackItUp Scheduler 3][Stopped/Disabled]
<D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe><Nero AG>
[Nero Registry InCD Service / NeroRegInCDSrv][Stopped/Disabled]
<D:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe><Nero AG>
[Net.Tcp Port Sharing Service / NetTcpPortSharing][Stopped/Disabled]
<"D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"><Microsoft Corporation>
[NMIndexingService / NMIndexingService][Stopped/Disabled]
<"D:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe"><Nero AG>
[NMSAccessU / NMSAccessU][Running/Auto Start]
<D:\Program Files\CDBurnerXP\NMSAccessU.exe><N/A>
[NOD32 Kernel Service / NOD32krn][Running/Auto Start]
<"D:\Program Files\Eset\nod32krn.exe"><Eset>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
<D:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[O&O Defrag / O&O Defrag][Running/Auto Start]
<D:\WINDOWS\system32\oodag.exe><O&O Software GmbH>
[PLFlash DeviceIoControl Service / PLFlash DeviceIoControl Service][Running/Auto Start]
<D:\WINDOWS\system32\IoctlSvc.exe><Prolific Technology Inc.>
[StarWind AE Service / StarWindServiceAE][Running/Auto Start]
<D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe><Rocket Division Software>
[TuneUp Drive Defrag Service / TuneUp.Defrag][Stopped/Manual Start]
<D:\WINDOWS\System32\TuneUpDefragService.exe><TuneUp Software GmbH>
[Ulead Burning Helper / UleadBurningHelper][Running/Auto Start]
<D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe><Ulead Systems, Inc.>
[TrueVector Internet Monitor / vsmon][Running/Auto Start]
<D:\WINDOWS\system32\ZoneLabs\vsmon.exe -service><Zone Labs, LLC>
==================================
Drivers
[Služba instalace zvukového ovladače Intel(r) (WDM) / ac97intc][Running/Manual Start]
<system32\drivers\ac97intc.sys><Intel Corporation>
[AMON / AMON][Running/Auto Start]
<\SystemRoot\system32\drivers\amon.sys><Eset>
[atksgt / atksgt][Running/Auto Start]
<system32\DRIVERS\atksgt.sys><N/A>
[C-Media PCI Audio Driver (WDM) / cmpci][Running/Manual Start]
<system32\drivers\cmaudio.sys><C-Media Inc>
[Dual-Mode DSC(2770) / DCamUSBSQTECH][Stopped/Manual Start]
<System32\Drivers\SQcaptur.sys><Service & Quality Technology.>
[ElbyCDFL / ElbyCDFL][Running/Manual Start]
<System32\Drivers\ElbyCDFL.sys><SlySoft, Inc.>
[ElbyCDIO Driver / ElbyCDIO][Running/System Start]
<System32\Drivers\ElbyCDIO.sys><Elaborate Bytes AG>
[Hamachi Network Interface / hamachi][Running/Manual Start]
<system32\DRIVERS\hamachi.sys><LogMeIn, Inc.>
[hotcore2 / hotcore2][Running/Boot Start]
<\SystemRoot\system32\drivers\hotcore2.sys><Paragon Software Group>
[Nero InCD File System / InCDfs][Running/Disabled]
<system32\drivers\InCDFs.sys><Nero AG>
[Nero InCDPass / InCDPass][Running/System Start]
<system32\drivers\InCDPass.sys><Nero AG>
[Nero InCD MRW Remapper / incdrm][Running/System Start]
<system32\drivers\InCDRm.sys><Nero AG>
[Sony Ericsson K510 Driver driver (WDM) / k510bus][Stopped/Manual Start]
<system32\DRIVERS\k510bus.sys><MCCI>
[Sony Ericsson K510 USB WMC Modem Filter / k510mdfl][Stopped/Manual Start]
<system32\DRIVERS\k510mdfl.sys><MCCI>
[Sony Ericsson K510 USB WMC Modem Driver / k510mdm][Stopped/Manual Start]
<system32\DRIVERS\k510mdm.sys><MCCI>
[Sony Ericsson K510 USB WMC Device Management Drivers (WDM) / k510mgmt][Stopped/Manual Start]
<system32\DRIVERS\k510mgmt.sys><MCCI>
[Sony Ericsson K510 USB WMC OBEX Interface / k510obex][Stopped/Manual Start]
<system32\DRIVERS\k510obex.sys><MCCI>
[KLIF / KLIF][Running/System Start]
<system32\DRIVERS\klif.sys><Kaspersky Lab>
[lirsgt / lirsgt][Running/Auto Start]
<system32\DRIVERS\lirsgt.sys><N/A>
[nod32drv / nod32drv][Running/System Start]
<\SystemRoot\system32\drivers\nod32drv.sys><N/A>
[nv / nv][Running/Manual Start]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[VSO Software pcouffin / pcouffin][Running/Manual Start]
<System32\Drivers\pcouffin.sys><VSO Software>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
<\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
<system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[StarForce Protection Environment Driver (version 1.x) / sfdrv01][Running/Boot Start]
<\SystemRoot\System32\drivers\sfdrv01.sys><Protection Technology>
[StarForce Protection Helper Driver (version 2.x) / sfhlp02][Running/Boot Start]
<\SystemRoot\System32\drivers\sfhlp02.sys><Protection Technology>
[StarForce Protection VFS Driver (version 2.x) / sfvfs02][Running/Boot Start]
<\SystemRoot\System32\drivers\sfvfs02.sys><Protection Technology>
[sptd / sptd][Running/Boot Start]
<\SystemRoot\System32\Drivers\sptd.sys><N/A>
[srescan / srescan][Running/Boot Start]
<\SystemRoot\system32\ZoneLabs\srescan.sys><Zone Labs, LLC>
[VPN Anonymizer Adapter / tap0901_2gm][Stopped/Manual Start]
<system32\DRIVERS\tap0901_2gm.sys><The OpenVPN Project>
[LGE Mobile Composite USB Device / usbbus][Stopped/Manual Start]
<system32\DRIVERS\lgusbbus.sys><LG Electronics Inc.>
[LGE Mobile USB Serial Port / UsbDiag][Stopped/Manual Start]
<system32\DRIVERS\lgusbdiag.sys><LG Electronics Inc.>
[LGE Mobile USB Modem / USBModem][Stopped/Manual Start]
<system32\DRIVERS\lgusbmodem.sys><LG Electronics Inc.>
[vsdatant / vsdatant][Running/System Start]
<System32\vsdatant.sys><Zone Labs, LLC>
[{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054} / {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}][Running/Auto Start]
<\??\D:\Program Files\CyberLink\PowerDVD8\000.fcl><Cyberlink Corp.>
==================================
Browser Add-ons
[Octh Class]
{000123B4-9B42-4900-B3F7-F4B073EFC214} <D:\Program Files\Orbitdownloader\orbitcth.dll, (Signed) Orbitdownloader.com>
[Podpora odkazu pro Adobe PDF Reader]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[Groove GFS Browser Helper]
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} <D:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL, (Signed) Microsoft Corporation>
[Java(tm) Plug-In SSV Helper]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <D:\Program Files\Java\jre6\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[Java(tm) Plug-In 2 SSV Helper]
{DBC80044-A445-435b-BC74-9C25C1C588A9} <D:\Program Files\Java\jre6\bin\jp2ssv.dll, Sun Microsystems, Inc.>
[JQSIEStartDetectorImpl Class]
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} <D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll, Sun Microsystems, Inc.>
[Send to OneNote from Internet Explorer button]
{2670000A-7350-4f3c-8081-5663EE0C6C49} <D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll, (Signed) Microsoft Corporation>
[&Zdroje informací]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL, (Signed) Microsoft Corporation>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <D:\Program Files\Messenger\msmsgs.exe, (Signed) Microsoft Corporation>
[Java Plug-in 1.6.0_10]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <D:\Program Files\Java\jre6\bin\npjpi160_10.dll, (Signed) Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_10]
{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} <D:\Program Files\Java\jre6\bin\npjpi160_10.dll, (Signed) Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_10]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <D:\Program Files\Java\jre6\bin\npjpi160_10.dll, (Signed) Sun Microsystems, Inc.>
[Octh Class]
{000123B4-9B42-4900-B3F7-F4B073EFC214} <D:\Program Files\Orbitdownloader\orbitcth.dll, (Signed) Orbitdownloader.com>
[Outlook Today's Data-binding control]
{0468C085-CA5B-11D0-AF08-00609797F0E0} <D:\PROGRA~1\MICROS~1\Office12\OUTLCTL.DLL, (Signed) >
[Podpora odkazu pro Adobe PDF Reader]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[]
{1F364306-AA45-47B5-9F9D-39A8B94E7EF1} <, >
[]
{2670000A-7350-4F3C-8081-5663EE0C6C49} <, >
[]
{2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <, >
[IETag Factory]
{38481807-CA0E-42D2-BF39-B33AF135CC4D} <D:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, (Signed) Microsoft Corporation>
[Active Desktop Mover]
{72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, (Signed) N/A>
[Groove GFS Browser Helper]
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} <D:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL, (Signed) Microsoft Corporation>
[]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <D:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, (Signed) Adobe Systems, Inc.>
[]
{F90D830D-C175-4bbe-82C7-FF94669A4C42} <, >
[]
{FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
[&Download All by FlashGet]
<D:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm, N/A>
[&Download by FlashGet]
<D:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm, N/A>
[&Download by Orbit]
<res://D:\Program Files\Orbitdownloader\orbitmxt.dll/201, N/A>
[&Grab video by Orbit]
<res://D:\Program Files\Orbitdownloader\orbitmxt.dll/204, N/A>
[Do&wnload selected by Orbit]
<res://D:\Program Files\Orbitdownloader\orbitmxt.dll/203, N/A>
[Down&load all by Orbit]
<res://D:\Program Files\Orbitdownloader\orbitmxt.dll/202, N/A>
[E&xportovat do aplikace Microsoft Excel]
<res://D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000, N/A>
==================================
Running Processes
[PID: 820 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 984 / SYSTEM][\??\D:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1008 / SYSTEM][\??\D:\WINDOWS\system32\winlogon.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1052 / SYSTEM][D:\WINDOWS\system32\services.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\AppPatch\AcAdProc.dll] [Microsoft Corporation, 5.1.2600.3008 (xpsp.061004-0027)]
[PID: 1064 / SYSTEM][D:\WINDOWS\system32\lsass.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [N/A, ]
[PID: 1220 / SYSTEM][D:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1336 / NETWORK SERVICE][D:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [N/A, ]
[D:\Program Files\Bonjour\mdnsNSP.dll] [Apple Computer, Inc., 1,0,3,1]
[PID: 1704 / SYSTEM][D:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[d:\windows\system32\uxtuneup.dll] [TuneUp Software GmbH, 2.0.0.9]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [N/A, ]
[D:\Program Files\Bonjour\mdnsNSP.dll] [Apple Computer, Inc., 1,0,3,1]
[D:\WINDOWS\System32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1860 / NETWORK SERVICE][D:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [N/A, ]
[PID: 2044 / LOCAL SERVICE][D:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [N/A, ]
[PID: 520 / Martin G][D:\WINDOWS\Explorer.EXE] [(Verified) Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
[D:\WINDOWS\system32\BROWSEUI.dll] [Společnost Microsoft, 6.00.2900.3395 (xpsp_sp2_qfe.080623-1318)]
[D:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.DLL] [Microsoft Corporation, 8.00.50727.762]
[D:\Program Files\Nero\Nero8\InCD\NBHShx.dll] [Nero AG, 5, 9, 4, 0]
[D:\Program Files\Nero\Nero8\InCD\NBHStr.dll] [Nero AG, 5, 9, 4, 0]
[D:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.762]
[D:\Program Files\Common Files\Nero\Shared\NL3\AdvrCntr3.dll] [Nero AG, 3,3,1, 500]
[D:\Program Files\Common Files\Nero\Lib\NeroDigitalExt.dll] [Nero AG, 3, 1, 0, 11]
[D:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80.DLL] [Microsoft Corporation, 8.00.50727.762]
[D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 8.1.0.0]
[PID: 1524 / SYSTEM][D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe] [Lavasoft, 7,0,2,6]
[D:\Program Files\Lavasoft\Ad-Aware 2007\CEAPI.dll] [Lavasoft, 7,0,2,6]
[D:\Program Files\Lavasoft\Ad-Aware 2007\PKArchive85u.dll] [PKWARE, Inc., 8.4.1045.0]
[D:\Program Files\Lavasoft\Ad-Aware 2007\Update.dll] [, 7, 0, 2, 6]
[PID: 1956 / SYSTEM][D:\WINDOWS\system32\spoolsv.exe] [(Verified) Microsoft Corporation, 5.1.2600.2696 (xpsp.050610-1527)]
[D:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\System32\spool\PRTPROCS\W32X86\filterpipelineprintproc.dll] [Microsoft Corporation, 6.0.6000.16438 (winmain(wmbla).070123-1305)]
[D:\Program Files\Bonjour\mdnsNSP.dll] [Apple Computer, Inc., 1,0,3,1]
[PID: 324 / SYSTEM][D:\Program Files\Bonjour\mDNSResponder.exe] [Apple Computer, Inc., 1,0,3,1]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [N/A, ]
[PID: 444 / SYSTEM][D:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe] [InterVideo Inc., 1.0.0.1]
[D:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.DLL] [Microsoft Corporation, 8.00.50727.762]
[D:\WINDOWS\system32\msdmo.dll] [, ]
[D:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 232 / SYSTEM][D:\Program Files\Java\jre6\bin\jqs.exe] [Sun Microsystems, Inc., 6.0.100.33]
[D:\Program Files\Java\jre6\bin\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [N/A, ]
[D:\WINDOWS\system32\netfxperf.dll] [Microsoft Corporation, 1.1.4322.573]
[PID: 316 / NETWORK SERVICE][D:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe] [Microsoft Corporation, 2005.090.3042.00]
[PID: 688 / SYSTEM][D:\Program Files\CDBurnerXP\NMSAccessU.exe] [N/A, ]
[PID: 488 / SYSTEM][D:\Program Files\Eset\nod32krn.exe] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\nod32krr.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\ps_amon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_amon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\ps_dmon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_dmon.dll] [N/A, ]
[D:\Program Files\Eset\ps_emon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_emon.dll] [N/A, ]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [N/A, ]
[D:\Program Files\Eset\ps_nod32.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_nod32.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\ps_upd.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_upd.dll] [N/A, ]
[D:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\Bonjour\mdnsNSP.dll] [Apple Computer, Inc., 1,0,3,1]
[PID: 728 / SYSTEM][D:\WINDOWS\system32\nvsvc32.exe] [NVIDIA Corporation, 6.14.11.6921]
[D:\WINDOWS\system32\nvapi.dll] [NVIDIA Corporation, 6.14.11.6921]
[D:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 900 / SYSTEM][D:\WINDOWS\system32\oodag.exe] [O&O Software GmbH, 10.0.1634]
[D:\WINDOWS\system32\OODAGRS.DLL] [O&O Software GmbH, 10.0.1.1617]
[D:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [N/A, ]
[PID: 1424 / SYSTEM][D:\WINDOWS\system32\IoctlSvc.exe] [Prolific Technology Inc., 1, 6, 0, 0]
[PID: 1460 / SYSTEM][D:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe] [Microsoft Corporation, 2005.090.3042.00]
[PID: 2072 / SYSTEM][D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe] [Rocket Division Software, 3.2.3 Build 20070527]
[D:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\Bonjour\mdnsNSP.dll] [Apple Computer, Inc., 1,0,3,1]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [N/A, ]
[PID: 2224 / SYSTEM][D:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2268 / SYSTEM][D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe] [Ulead Systems, Inc., 1, 0, 0, 5]
[PID: 3584 / SYSTEM][D:\WINDOWS\system32\wbem\wmiapsrv.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3676 / LOCAL SERVICE][D:\WINDOWS\System32\alg.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [N/A, ]
[PID: 1856 / Martin G][D:\WINDOWS\system32\RUNDLL32.EXE] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\NvMcTray.dll] [NVIDIA Corporation, 6.14.11.6921]
[D:\WINDOWS\system32\nvapi.dll] [NVIDIA Corporation, 6.14.11.6921]
[PID: 1916 / Martin G][D:\WINDOWS\Mixer.exe] [C-Media Electronic Inc. (http://www.cmedia.com.tw), 1.48]
[D:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\System32\cmnprop.dll] [C-Media Corporation, 5.00.2195.9]
[PID: 2108 / Martin G][D:\Program Files\Eset\nod32kui.exe] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\nod32rui.dll] [N/A, ]
[D:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\Eset\pu_amon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_amon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pu_dmon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_dmon.dll] [N/A, ]
[D:\Program Files\Eset\pu_emon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_emon.dll] [N/A, ]
[D:\Program Files\Eset\pu_imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [N/A, ]
[D:\Program Files\Eset\pu_nod32.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_nod32.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pu_upd.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_upd.dll] [N/A, ]
[PID: 2120 / Martin G][D:\Program Files\Java\jre6\bin\jusched.exe] [Sun Microsystems, Inc., 6.0.100.33]
[D:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\Bonjour\mdnsNSP.dll] [Apple Computer, Inc., 1,0,3,1]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [N/A, ]
[PID: 2220 / Martin G][D:\WINDOWS\system32\ctfmon.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3244 / Martin G][C:\Program Files\TC UP\TOTALCMD.EXE] [C. Ghisler & Co., 7.02a]
[D:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.DLL] [Microsoft Corporation, 8.00.50727.762]
[D:\Program Files\Nero\Nero8\InCD\NBHShx.dll] [Nero AG, 5, 9, 4, 0]
[D:\Program Files\Nero\Nero8\InCD\NBHStr.dll] [Nero AG, 5, 9, 4, 0]
[D:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.762]
[D:\Program Files\Common Files\Nero\Shared\NL3\AdvrCntr3.dll] [Nero AG, 3,3,1, 500]
[PID: 2424 / Martin G][D:\Documents and Settings\Martin G\Plocha\SREngLdr.EXE] [Smallfrogs Studio, 2.7.0.1210]
[PID: 460 / Martin G][D:\Documents and Settings\Martin G\Plocha\SREb5951044.EXE] [Smallfrogs Studio, 2.7.0.1210]
[D:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Documents and Settings\Martin G\Plocha\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
[D:\Program Files\Bonjour\mdnsNSP.dll] [Apple Computer, Inc., 1,0,3,1]
==================================
File Associations
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["D:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock Provider
N/A
==================================
Autorun.Inf
N/A
==================================
HOSTS File
127.0.0.1 localhost
==================================
Process Privileges Scan
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 728, D:\WINDOWS\SYSTEM32\NVSVC32.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3544, D:\PROGRAM FILES\OPERA8.54\OPERA.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2424, D:\DOCUMENTS AND SETTINGS\MARTIN G\PLOCHA\SRENGLDR.EXE]
==================================
Scheduled Tasks
[Disabled] Úklid 1 kliknutím.job
D:\Program Files\TuneUp Utilities 2008\OneClick.exe
[Enabled] 1-Click Maintenance.job
D:\Program Files\TuneUp Utilities 2008\OneClick.exe
==================================
API HOOK
N/A
==================================
Hidden Process
N/A
==================================
2008-11-28,20:47:43
System Repair Engineer 2.7.0.1210
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed
Follow item(s) have been selected:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Running Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Process Privileges Scan
Scheduled Tasks
API HOOK
Hidden Process
Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><D:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<NvCplDaemon><RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup> [NVIDIA Corporation]
<nwiz><nwiz.exe /install> []
<NvMediaCenter><RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit> [NVIDIA Corporation]
<C-Media Mixer><Mixer.exe /startup> [(Verified)Microsoft Windows Hardware Compatibility Publisher, E=""]
<nod32kui><"D:\Program Files\Eset\nod32kui.exe" /WAITSERVICE> [Eset ]
<SunJavaUpdateSched><"D:\Program Files\Java\jre6\bin\jusched.exe"> [(Verified)"Sun Microsystems, Inc."]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
<Userinit><D:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll> [(Verified)Microsoft Windows Component Publisher]
<{B5A7F190-DDA6-4420-B3BA-52453494E6CD}><D:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<PostBootReminder><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<CDBurn><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<WebCheck><%SystemRoot%\system32\webcheck.dll> [(Verified)Microsoft Windows Publisher]
<WPDShServiceObj><D:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Windows Component Publisher]
<SysTray><D:\WINDOWS\system32\stobject.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
<WinlogonNotify: crypt32chain><crypt32.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
<WinlogonNotify: cryptnet><cryptnet.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
<WinlogonNotify: cscdll><cscdll.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
<WinlogonNotify: ScCertProp><wlnotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
<WinlogonNotify: Schedule><wlnotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
<WinlogonNotify: sclgntfy><sclgntfy.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
<WinlogonNotify: SensLogn><WlNotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
<WinlogonNotify: termsrv><wlnotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
<WinlogonNotify: WgaLogon><WgaLogon.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
<WinlogonNotify: wlballoon><wlnotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Microsoft Windows Media Player><D:\WINDOWS\inf\unregmp2.exe /ShowWMP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
<Vlastní nastavení prohlížeče><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection D:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection D:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection D:\WINDOWS\INF\wmp11.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Adresář 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
<Aktualizace plochy systému Windows><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><D:\WINDOWS\system32\Rundll32.exe D:\WINDOWS\system32\mscories.dll,Install> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<Adobe Reader Speed Launcher><; "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"> [(Verified)"Adobe Systems, Incorporated"]
<Appwarp><; D:\PROGRA~1\REMI-S~1\APPLIC~1\ApplicationWarp.exe> []
<BDRegion><; D:\Program Files\Cyberlink\Shared Files\brs.exe> [(Verified)CyberLink]
<CloneCDTray><; "D:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s> [SlySoft, Inc.]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<DAEMON Tools Lite><; "D:\Program Files\DAEMON Tools Lite\daemon.exe"> [(Verified)DAEMON Tools Code Signing Services]
<IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}><; "D:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<NeroFilterCheck><; D:\Program Files\Common Files\Nero\Lib\NeroCheck.exe> [(Verified)Nero AG]
<PDVD8LanguageShortcut><; "D:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"> [(Verified)CyberLink]
<QuickTime Task><; "D:\Program Files\QuickTime\QTTask.exe" -atboottime> [Apple Inc.]
<RemoteControl8><; "D:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"> [(Verified)CyberLink]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<Steam><; "D:\Program Files\Steam\Steam.exe" -silent> [(Verified)Valve]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<TkBellExe><; "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [(Verified)"RealNetworks, Inc."]
==================================
Startup Folders
[Výřezy obrazovky a spuštění aplikace OneNote 2007]
<D:\Documents and Settings\Martin G\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk --> D:\PROGRA~1\MICROS~1\Office12\ONENOTEM.EXE [Microsoft Corporation]><N>
==================================
Services
[Ad-Aware 2007 Service / aawservice][Running/Auto Start]
<"D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe"><Lavasoft>
[##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## / Bonjour Service][Running/Auto Start]
<"D:\Program Files\Bonjour\mDNSResponder.exe"><Apple Computer, Inc.>
[Capture Device Service / Capture Device Service][Running/Auto Start]
<"D:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe"><InterVideo Inc.>
[FLEXnet Licensing Service / FLEXnet Licensing Service][Stopped/Manual Start]
<"D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"><Macrovision Europe Ltd.>
[Windows Presentation Foundation Font Cache 3.0.0.0 / FontCache3.0.0.0][Stopped/Manual Start]
<D:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe><Microsoft Corporation>
[Přístup k zařízením standardu HID / HidServ][Stopped/Disabled]
<D:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
<"D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[Windows CardSpace / idsvc][Stopped/Manual Start]
<"D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"><Microsoft Corporation>
[InCD Helper / InCDsrv][Stopped/Disabled]
<D:\Program Files\Nero\Nero8\InCD\InCDsrv.exe><Nero AG>
[Java Quick Starter / JavaQuickStarterService][Running/Auto Start]
<"D:\Program Files\Java\jre6\bin\jqs.exe" -service -config "D:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"><Sun Microsystems, Inc.>
[Nero BackItUp Scheduler 3 / Nero BackItUp Scheduler 3][Stopped/Disabled]
<D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe><Nero AG>
[Nero Registry InCD Service / NeroRegInCDSrv][Stopped/Disabled]
<D:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe><Nero AG>
[Net.Tcp Port Sharing Service / NetTcpPortSharing][Stopped/Disabled]
<"D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"><Microsoft Corporation>
[NMIndexingService / NMIndexingService][Stopped/Disabled]
<"D:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe"><Nero AG>
[NMSAccessU / NMSAccessU][Running/Auto Start]
<D:\Program Files\CDBurnerXP\NMSAccessU.exe><N/A>
[NOD32 Kernel Service / NOD32krn][Running/Auto Start]
<"D:\Program Files\Eset\nod32krn.exe"><Eset>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
<D:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[O&O Defrag / O&O Defrag][Running/Auto Start]
<D:\WINDOWS\system32\oodag.exe><O&O Software GmbH>
[PLFlash DeviceIoControl Service / PLFlash DeviceIoControl Service][Running/Auto Start]
<D:\WINDOWS\system32\IoctlSvc.exe><Prolific Technology Inc.>
[StarWind AE Service / StarWindServiceAE][Running/Auto Start]
<D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe><Rocket Division Software>
[TuneUp Drive Defrag Service / TuneUp.Defrag][Stopped/Manual Start]
<D:\WINDOWS\System32\TuneUpDefragService.exe><TuneUp Software GmbH>
[Ulead Burning Helper / UleadBurningHelper][Running/Auto Start]
<D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe><Ulead Systems, Inc.>
[TrueVector Internet Monitor / vsmon][Running/Auto Start]
<D:\WINDOWS\system32\ZoneLabs\vsmon.exe -service><Zone Labs, LLC>
==================================
Drivers
[Služba instalace zvukového ovladače Intel(r) (WDM) / ac97intc][Running/Manual Start]
<system32\drivers\ac97intc.sys><Intel Corporation>
[AMON / AMON][Running/Auto Start]
<\SystemRoot\system32\drivers\amon.sys><Eset>
[atksgt / atksgt][Running/Auto Start]
<system32\DRIVERS\atksgt.sys><N/A>
[C-Media PCI Audio Driver (WDM) / cmpci][Running/Manual Start]
<system32\drivers\cmaudio.sys><C-Media Inc>
[Dual-Mode DSC(2770) / DCamUSBSQTECH][Stopped/Manual Start]
<System32\Drivers\SQcaptur.sys><Service & Quality Technology.>
[ElbyCDFL / ElbyCDFL][Running/Manual Start]
<System32\Drivers\ElbyCDFL.sys><SlySoft, Inc.>
[ElbyCDIO Driver / ElbyCDIO][Running/System Start]
<System32\Drivers\ElbyCDIO.sys><Elaborate Bytes AG>
[Hamachi Network Interface / hamachi][Running/Manual Start]
<system32\DRIVERS\hamachi.sys><LogMeIn, Inc.>
[hotcore2 / hotcore2][Running/Boot Start]
<\SystemRoot\system32\drivers\hotcore2.sys><Paragon Software Group>
[Nero InCD File System / InCDfs][Running/Disabled]
<system32\drivers\InCDFs.sys><Nero AG>
[Nero InCDPass / InCDPass][Running/System Start]
<system32\drivers\InCDPass.sys><Nero AG>
[Nero InCD MRW Remapper / incdrm][Running/System Start]
<system32\drivers\InCDRm.sys><Nero AG>
[Sony Ericsson K510 Driver driver (WDM) / k510bus][Stopped/Manual Start]
<system32\DRIVERS\k510bus.sys><MCCI>
[Sony Ericsson K510 USB WMC Modem Filter / k510mdfl][Stopped/Manual Start]
<system32\DRIVERS\k510mdfl.sys><MCCI>
[Sony Ericsson K510 USB WMC Modem Driver / k510mdm][Stopped/Manual Start]
<system32\DRIVERS\k510mdm.sys><MCCI>
[Sony Ericsson K510 USB WMC Device Management Drivers (WDM) / k510mgmt][Stopped/Manual Start]
<system32\DRIVERS\k510mgmt.sys><MCCI>
[Sony Ericsson K510 USB WMC OBEX Interface / k510obex][Stopped/Manual Start]
<system32\DRIVERS\k510obex.sys><MCCI>
[KLIF / KLIF][Running/System Start]
<system32\DRIVERS\klif.sys><Kaspersky Lab>
[lirsgt / lirsgt][Running/Auto Start]
<system32\DRIVERS\lirsgt.sys><N/A>
[nod32drv / nod32drv][Running/System Start]
<\SystemRoot\system32\drivers\nod32drv.sys><N/A>
[nv / nv][Running/Manual Start]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[VSO Software pcouffin / pcouffin][Running/Manual Start]
<System32\Drivers\pcouffin.sys><VSO Software>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
<\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
<system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[StarForce Protection Environment Driver (version 1.x) / sfdrv01][Running/Boot Start]
<\SystemRoot\System32\drivers\sfdrv01.sys><Protection Technology>
[StarForce Protection Helper Driver (version 2.x) / sfhlp02][Running/Boot Start]
<\SystemRoot\System32\drivers\sfhlp02.sys><Protection Technology>
[StarForce Protection VFS Driver (version 2.x) / sfvfs02][Running/Boot Start]
<\SystemRoot\System32\drivers\sfvfs02.sys><Protection Technology>
[sptd / sptd][Running/Boot Start]
<\SystemRoot\System32\Drivers\sptd.sys><N/A>
[srescan / srescan][Running/Boot Start]
<\SystemRoot\system32\ZoneLabs\srescan.sys><Zone Labs, LLC>
[VPN Anonymizer Adapter / tap0901_2gm][Stopped/Manual Start]
<system32\DRIVERS\tap0901_2gm.sys><The OpenVPN Project>
[LGE Mobile Composite USB Device / usbbus][Stopped/Manual Start]
<system32\DRIVERS\lgusbbus.sys><LG Electronics Inc.>
[LGE Mobile USB Serial Port / UsbDiag][Stopped/Manual Start]
<system32\DRIVERS\lgusbdiag.sys><LG Electronics Inc.>
[LGE Mobile USB Modem / USBModem][Stopped/Manual Start]
<system32\DRIVERS\lgusbmodem.sys><LG Electronics Inc.>
[vsdatant / vsdatant][Running/System Start]
<System32\vsdatant.sys><Zone Labs, LLC>
[{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054} / {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}][Running/Auto Start]
<\??\D:\Program Files\CyberLink\PowerDVD8\000.fcl><Cyberlink Corp.>
==================================
Browser Add-ons
[Octh Class]
{000123B4-9B42-4900-B3F7-F4B073EFC214} <D:\Program Files\Orbitdownloader\orbitcth.dll, (Signed) Orbitdownloader.com>
[Podpora odkazu pro Adobe PDF Reader]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[Groove GFS Browser Helper]
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} <D:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL, (Signed) Microsoft Corporation>
[Java(tm) Plug-In SSV Helper]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <D:\Program Files\Java\jre6\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[Java(tm) Plug-In 2 SSV Helper]
{DBC80044-A445-435b-BC74-9C25C1C588A9} <D:\Program Files\Java\jre6\bin\jp2ssv.dll, Sun Microsystems, Inc.>
[JQSIEStartDetectorImpl Class]
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} <D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll, Sun Microsystems, Inc.>
[Send to OneNote from Internet Explorer button]
{2670000A-7350-4f3c-8081-5663EE0C6C49} <D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll, (Signed) Microsoft Corporation>
[&Zdroje informací]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL, (Signed) Microsoft Corporation>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <D:\Program Files\Messenger\msmsgs.exe, (Signed) Microsoft Corporation>
[Java Plug-in 1.6.0_10]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <D:\Program Files\Java\jre6\bin\npjpi160_10.dll, (Signed) Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_10]
{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} <D:\Program Files\Java\jre6\bin\npjpi160_10.dll, (Signed) Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_10]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <D:\Program Files\Java\jre6\bin\npjpi160_10.dll, (Signed) Sun Microsystems, Inc.>
[Octh Class]
{000123B4-9B42-4900-B3F7-F4B073EFC214} <D:\Program Files\Orbitdownloader\orbitcth.dll, (Signed) Orbitdownloader.com>
[Outlook Today's Data-binding control]
{0468C085-CA5B-11D0-AF08-00609797F0E0} <D:\PROGRA~1\MICROS~1\Office12\OUTLCTL.DLL, (Signed) >
[Podpora odkazu pro Adobe PDF Reader]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[]
{1F364306-AA45-47B5-9F9D-39A8B94E7EF1} <, >
[]
{2670000A-7350-4F3C-8081-5663EE0C6C49} <, >
[]
{2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <, >
[IETag Factory]
{38481807-CA0E-42D2-BF39-B33AF135CC4D} <D:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, (Signed) Microsoft Corporation>
[Active Desktop Mover]
{72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, (Signed) N/A>
[Groove GFS Browser Helper]
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} <D:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL, (Signed) Microsoft Corporation>
[]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <D:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, (Signed) Adobe Systems, Inc.>
[]
{F90D830D-C175-4bbe-82C7-FF94669A4C42} <, >
[]
{FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
[&Download All by FlashGet]
<D:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm, N/A>
[&Download by FlashGet]
<D:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm, N/A>
[&Download by Orbit]
<res://D:\Program Files\Orbitdownloader\orbitmxt.dll/201, N/A>
[&Grab video by Orbit]
<res://D:\Program Files\Orbitdownloader\orbitmxt.dll/204, N/A>
[Do&wnload selected by Orbit]
<res://D:\Program Files\Orbitdownloader\orbitmxt.dll/203, N/A>
[Down&load all by Orbit]
<res://D:\Program Files\Orbitdownloader\orbitmxt.dll/202, N/A>
[E&xportovat do aplikace Microsoft Excel]
<res://D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000, N/A>
==================================
Running Processes
[PID: 820 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 984 / SYSTEM][\??\D:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1008 / SYSTEM][\??\D:\WINDOWS\system32\winlogon.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1052 / SYSTEM][D:\WINDOWS\system32\services.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\AppPatch\AcAdProc.dll] [Microsoft Corporation, 5.1.2600.3008 (xpsp.061004-0027)]
[PID: 1064 / SYSTEM][D:\WINDOWS\system32\lsass.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [N/A, ]
[PID: 1220 / SYSTEM][D:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1336 / NETWORK SERVICE][D:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [N/A, ]
[D:\Program Files\Bonjour\mdnsNSP.dll] [Apple Computer, Inc., 1,0,3,1]
[PID: 1704 / SYSTEM][D:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[d:\windows\system32\uxtuneup.dll] [TuneUp Software GmbH, 2.0.0.9]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [N/A, ]
[D:\Program Files\Bonjour\mdnsNSP.dll] [Apple Computer, Inc., 1,0,3,1]
[D:\WINDOWS\System32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1860 / NETWORK SERVICE][D:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [N/A, ]
[PID: 2044 / LOCAL SERVICE][D:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [N/A, ]
[PID: 520 / Martin G][D:\WINDOWS\Explorer.EXE] [(Verified) Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
[D:\WINDOWS\system32\BROWSEUI.dll] [Společnost Microsoft, 6.00.2900.3395 (xpsp_sp2_qfe.080623-1318)]
[D:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.DLL] [Microsoft Corporation, 8.00.50727.762]
[D:\Program Files\Nero\Nero8\InCD\NBHShx.dll] [Nero AG, 5, 9, 4, 0]
[D:\Program Files\Nero\Nero8\InCD\NBHStr.dll] [Nero AG, 5, 9, 4, 0]
[D:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.762]
[D:\Program Files\Common Files\Nero\Shared\NL3\AdvrCntr3.dll] [Nero AG, 3,3,1, 500]
[D:\Program Files\Common Files\Nero\Lib\NeroDigitalExt.dll] [Nero AG, 3, 1, 0, 11]
[D:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80.DLL] [Microsoft Corporation, 8.00.50727.762]
[D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 8.1.0.0]
[PID: 1524 / SYSTEM][D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe] [Lavasoft, 7,0,2,6]
[D:\Program Files\Lavasoft\Ad-Aware 2007\CEAPI.dll] [Lavasoft, 7,0,2,6]
[D:\Program Files\Lavasoft\Ad-Aware 2007\PKArchive85u.dll] [PKWARE, Inc., 8.4.1045.0]
[D:\Program Files\Lavasoft\Ad-Aware 2007\Update.dll] [, 7, 0, 2, 6]
[PID: 1956 / SYSTEM][D:\WINDOWS\system32\spoolsv.exe] [(Verified) Microsoft Corporation, 5.1.2600.2696 (xpsp.050610-1527)]
[D:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\System32\spool\PRTPROCS\W32X86\filterpipelineprintproc.dll] [Microsoft Corporation, 6.0.6000.16438 (winmain(wmbla).070123-1305)]
[D:\Program Files\Bonjour\mdnsNSP.dll] [Apple Computer, Inc., 1,0,3,1]
[PID: 324 / SYSTEM][D:\Program Files\Bonjour\mDNSResponder.exe] [Apple Computer, Inc., 1,0,3,1]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [N/A, ]
[PID: 444 / SYSTEM][D:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe] [InterVideo Inc., 1.0.0.1]
[D:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.DLL] [Microsoft Corporation, 8.00.50727.762]
[D:\WINDOWS\system32\msdmo.dll] [, ]
[D:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 232 / SYSTEM][D:\Program Files\Java\jre6\bin\jqs.exe] [Sun Microsystems, Inc., 6.0.100.33]
[D:\Program Files\Java\jre6\bin\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [N/A, ]
[D:\WINDOWS\system32\netfxperf.dll] [Microsoft Corporation, 1.1.4322.573]
[PID: 316 / NETWORK SERVICE][D:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe] [Microsoft Corporation, 2005.090.3042.00]
[PID: 688 / SYSTEM][D:\Program Files\CDBurnerXP\NMSAccessU.exe] [N/A, ]
[PID: 488 / SYSTEM][D:\Program Files\Eset\nod32krn.exe] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\nod32krr.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\ps_amon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_amon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\ps_dmon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_dmon.dll] [N/A, ]
[D:\Program Files\Eset\ps_emon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_emon.dll] [N/A, ]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [N/A, ]
[D:\Program Files\Eset\ps_nod32.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_nod32.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\ps_upd.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_upd.dll] [N/A, ]
[D:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\Bonjour\mdnsNSP.dll] [Apple Computer, Inc., 1,0,3,1]
[PID: 728 / SYSTEM][D:\WINDOWS\system32\nvsvc32.exe] [NVIDIA Corporation, 6.14.11.6921]
[D:\WINDOWS\system32\nvapi.dll] [NVIDIA Corporation, 6.14.11.6921]
[D:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 900 / SYSTEM][D:\WINDOWS\system32\oodag.exe] [O&O Software GmbH, 10.0.1634]
[D:\WINDOWS\system32\OODAGRS.DLL] [O&O Software GmbH, 10.0.1.1617]
[D:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [N/A, ]
[PID: 1424 / SYSTEM][D:\WINDOWS\system32\IoctlSvc.exe] [Prolific Technology Inc., 1, 6, 0, 0]
[PID: 1460 / SYSTEM][D:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe] [Microsoft Corporation, 2005.090.3042.00]
[PID: 2072 / SYSTEM][D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe] [Rocket Division Software, 3.2.3 Build 20070527]
[D:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\Bonjour\mdnsNSP.dll] [Apple Computer, Inc., 1,0,3,1]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [N/A, ]
[PID: 2224 / SYSTEM][D:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2268 / SYSTEM][D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe] [Ulead Systems, Inc., 1, 0, 0, 5]
[PID: 3584 / SYSTEM][D:\WINDOWS\system32\wbem\wmiapsrv.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3676 / LOCAL SERVICE][D:\WINDOWS\System32\alg.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [N/A, ]
[PID: 1856 / Martin G][D:\WINDOWS\system32\RUNDLL32.EXE] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\NvMcTray.dll] [NVIDIA Corporation, 6.14.11.6921]
[D:\WINDOWS\system32\nvapi.dll] [NVIDIA Corporation, 6.14.11.6921]
[PID: 1916 / Martin G][D:\WINDOWS\Mixer.exe] [C-Media Electronic Inc. (http://www.cmedia.com.tw), 1.48]
[D:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\System32\cmnprop.dll] [C-Media Corporation, 5.00.2195.9]
[PID: 2108 / Martin G][D:\Program Files\Eset\nod32kui.exe] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\nod32rui.dll] [N/A, ]
[D:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\Eset\pu_amon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_amon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pu_dmon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_dmon.dll] [N/A, ]
[D:\Program Files\Eset\pu_emon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_emon.dll] [N/A, ]
[D:\Program Files\Eset\pu_imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [N/A, ]
[D:\Program Files\Eset\pu_nod32.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_nod32.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pu_upd.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_upd.dll] [N/A, ]
[PID: 2120 / Martin G][D:\Program Files\Java\jre6\bin\jusched.exe] [Sun Microsystems, Inc., 6.0.100.33]
[D:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Program Files\Bonjour\mdnsNSP.dll] [Apple Computer, Inc., 1,0,3,1]
[D:\WINDOWS\system32\imon.dll] [Eset , 2, 70, 39 ]
[D:\Program Files\Eset\pr_imon.dll] [N/A, ]
[PID: 2220 / Martin G][D:\WINDOWS\system32\ctfmon.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3244 / Martin G][C:\Program Files\TC UP\TOTALCMD.EXE] [C. Ghisler & Co., 7.02a]
[D:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.DLL] [Microsoft Corporation, 8.00.50727.762]
[D:\Program Files\Nero\Nero8\InCD\NBHShx.dll] [Nero AG, 5, 9, 4, 0]
[D:\Program Files\Nero\Nero8\InCD\NBHStr.dll] [Nero AG, 5, 9, 4, 0]
[D:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.762]
[D:\Program Files\Common Files\Nero\Shared\NL3\AdvrCntr3.dll] [Nero AG, 3,3,1, 500]
[PID: 2424 / Martin G][D:\Documents and Settings\Martin G\Plocha\SREngLdr.EXE] [Smallfrogs Studio, 2.7.0.1210]
[PID: 460 / Martin G][D:\Documents and Settings\Martin G\Plocha\SREb5951044.EXE] [Smallfrogs Studio, 2.7.0.1210]
[D:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\Documents and Settings\Martin G\Plocha\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
[D:\Program Files\Bonjour\mdnsNSP.dll] [Apple Computer, Inc., 1,0,3,1]
==================================
File Associations
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["D:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock Provider
N/A
==================================
Autorun.Inf
N/A
==================================
HOSTS File
127.0.0.1 localhost
==================================
Process Privileges Scan
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 728, D:\WINDOWS\SYSTEM32\NVSVC32.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3544, D:\PROGRAM FILES\OPERA8.54\OPERA.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2424, D:\DOCUMENTS AND SETTINGS\MARTIN G\PLOCHA\SRENGLDR.EXE]
==================================
Scheduled Tasks
[Disabled] Úklid 1 kliknutím.job
D:\Program Files\TuneUp Utilities 2008\OneClick.exe
[Enabled] 1-Click Maintenance.job
D:\Program Files\TuneUp Utilities 2008\OneClick.exe
==================================
API HOOK
N/A
==================================
Hidden Process
N/A
==================================
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43287
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu-pomalý start PC
Nejlepší by bylo půjčit sio od někoho CD se stejným OS jako máš Ty.
Koukni se zde:
system32\themeui.dll
ProgramFiles%\Outlook Express\setup50.exe, pokud tam nemáš ty soubory , musel bys je tam dodat, problém je ale i v klíčích...
Ještě toto:
Stáhni si SDFix
- Spusť ho a rozbalí se ti na disk kde je nainstalovaný Windows (typicky to je C:\SDfix)
- Pak restartuj PC do nouzového režimu (zvol možnost: Stav nouze, ne Stav nouze s práci v síti)
- Otevři adresář kde je vybalený SDFix a spusť soubor RunThis.bat tím spustíš program.
* Pak stiskni klávesu Y a pak Enter pro zahájení čistícího procesu.
* Pro dokončení kontroly budeš vyzván ke stisknutí libovolné klávesy a počítač se restartuje.
* Při nabíhání operačního systému se program spustí znovu a dokončí čistící proces. Až se objeví Finish, budeš muset po vyzvání stisknout libovolnou klávesu, tim se ukončí program a zobrazí se ti ikony na ploše
- Když se skončí načítání ikon na ploše, otevře se ti na obrazovce log z SDFix a zároveň ho uloží do adresáře kde je rozbalený SDFix jako soubor Report.txt
Pak sem zkopíruj jeho obsah + nový log z HJT+ mrkni se jestli ti pod Startem nechybí nějaké ikony, zobrazují se ti disky pod Tento počítač....
A zkus sehnat to CD s XP.
Koukni se zde:
system32\themeui.dll
ProgramFiles%\Outlook Express\setup50.exe, pokud tam nemáš ty soubory , musel bys je tam dodat, problém je ale i v klíčích...
Ještě toto:
Stáhni si SDFix
- Spusť ho a rozbalí se ti na disk kde je nainstalovaný Windows (typicky to je C:\SDfix)
- Pak restartuj PC do nouzového režimu (zvol možnost: Stav nouze, ne Stav nouze s práci v síti)
- Otevři adresář kde je vybalený SDFix a spusť soubor RunThis.bat tím spustíš program.
* Pak stiskni klávesu Y a pak Enter pro zahájení čistícího procesu.
* Pro dokončení kontroly budeš vyzván ke stisknutí libovolné klávesy a počítač se restartuje.
* Při nabíhání operačního systému se program spustí znovu a dokončí čistící proces. Až se objeví Finish, budeš muset po vyzvání stisknout libovolnou klávesu, tim se ukončí program a zobrazí se ti ikony na ploše
- Když se skončí načítání ikon na ploše, otevře se ti na obrazovce log z SDFix a zároveň ho uloží do adresáře kde je rozbalený SDFix jako soubor Report.txt
Pak sem zkopíruj jeho obsah + nový log z HJT+ mrkni se jestli ti pod Startem nechybí nějaké ikony, zobrazují se ti disky pod Tento počítač....
A zkus sehnat to CD s XP.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu-pomalý start PC
Ty soubory tam jsou.CD s WinXP se pokusím sehnat, mám originál. systém,ne fake asi by vadilo kdybych vložil fake CD z SP2 že ??
Jinak ty logy:
SDFix
SDFix: Version 1.240
Run by Martin G on so 29.11.2008 at 10:23
Microsoft Windows XP [Verze 5.1.2600]
Running From: D:\SDFix
Checking Services :
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
Checking Files :
No Trojan Files Found
Removing Temp Files
ADS Check :
Final Check :
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-29 11:25:07
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="D:\Program Files\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000001
"ujdew"=hex:55,66,c2,91,62,9d,ad,17,69,95,f1,4b,08,90,0a,b3,1b,dc,23,8d,41,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="D:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:0d,37,36,a1,85,b0,8c,62,fe,eb,68,58,c4,05,ab,4b,1c,43,78,b0,22,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,55,64,54,3c,a2,38,75,11,dd,1b,f5,31,f3,af,ed,36,2b,..
"khjeh"=hex:8a,12,1b,36,36,bf,f0,55,59,10,e1,82,1b,84,5f,6b,6e,85,d6,3a,f2,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:a4,63,67,4b,76,52,bb,7c,3a,56,3a,1b,e9,4c,67,a9,e1,cb,85,10,39,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:27,25,66,b5,e7,3a,8f,2f,d4,58,02,bd,7a,64,f6,69,0e,31,37,64,96,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:f1,f3,75,01,08,f4,14,19,b0,de,46,7f,d9,cd,ab,10,28,d6,5d,3b,9a,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex:37,bb,0a,8c,32,00,38,88,28,5f,91,91,c5,93,f1,b1,54,36,ec,6d,c4,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2C7D58A9-CC0B-43C2-8AF5-768AD1A11A0B}]
"LeaseObtainedTime"=dword:49311809
"T1"=dword:49311888
"T2"=dword:493118e8
"LeaseTerminatesTime"=dword:49311908
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{2C7D58A9-CC0B-43C2-8AF5-768AD1A11A0B}\Parameters\Tcpip]
"LeaseObtainedTime"=dword:49311809
"T1"=dword:49311888
"T2"=dword:493118e8
"LeaseTerminatesTime"=dword:49311908
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="D:\Program Files\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000001
"ujdew"=hex:55,66,c2,91,62,9d,ad,17,69,95,f1,4b,08,90,0a,b3,1b,dc,23,8d,41,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="D:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:0d,37,36,a1,85,b0,8c,62,fe,eb,68,58,c4,05,ab,4b,1c,43,78,b0,22,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,55,64,54,3c,a2,38,75,11,dd,1b,f5,31,f3,af,ed,36,2b,..
"khjeh"=hex:8a,12,1b,36,36,bf,f0,55,59,10,e1,82,1b,84,5f,6b,6e,85,d6,3a,f2,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:a4,63,67,4b,76,52,bb,7c,3a,56,3a,1b,e9,4c,67,a9,e1,cb,85,10,39,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:27,25,66,b5,e7,3a,8f,2f,d4,58,02,bd,7a,64,f6,69,0e,31,37,64,96,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:f1,f3,75,01,08,f4,14,19,b0,de,46,7f,d9,cd,ab,10,28,d6,5d,3b,9a,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex:37,bb,0a,8c,32,00,38,88,28,5f,91,91,c5,93,f1,b1,54,36,ec,6d,c4,..
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Cursors\Schemes]
"\f\1e?r?n?é? ?u?k?a?z?a?t?e?l?e? ?"="D:\WINDOWS\cursors\arrow_r.cur,D:\WINDOWS\cursors\help_r.cur,D:\WINDOWS\cursors\wait_r.cur,D:\WINDOWS\cursors\busy_r.cur,D:\WINDOWS\cursors\cross_r.cur,D:\WINDOWS\cursors\beam_r.cur,D:\WINDOWS\cursors\pen_r.cur,D:\WINDOWS\cursors\no_r.cur,D:\WINDOWS\cursors\size4_r.cur,D:\WINDOWS\cursors\size3_r.cur,D:\WINDOWS\cursors\size2_r.cur,D:\WINDOWS\cursors\size1_r.cur,D:\WINDOWS\cursors\move_r.cur,D:\WINDOWS\cursors\up_r.cur"
"\f\1e?r?n?é? ?u?k?a?z?a?t?e?l?e? ?(?v?e?l?k?é?)?"="D:\WINDOWS\cursors\arrow_rm.cur,D:\WINDOWS\cursors\help_rm.cur,D:\WINDOWS\cursors\wait_rm.cur,D:\WINDOWS\cursors\busy_rm.cur,D:\WINDOWS\cursors\cross_rm.cur,D:\WINDOWS\cursors\beam_rm.cur,D:\WINDOWS\cursors\pen_rm.cur,D:\WINDOWS\cursors\no_rm.cur,D:\WINDOWS\cursors\size4_rm.cur,D:\WINDOWS\cursors\size3_rm.cur,D:\WINDOWS\cursors\size2_rm.cur,D:\WINDOWS\cursors\size1_rm.cur,D:\WINDOWS\cursors\move_rm.cur,D:\WINDOWS\cursors\up_rm.cur"
"\f\1e?r?n?é? ?u?k?a?z?a?t?e?l?e? ?(?n?e?j?v?\e\1t?a\1í?)?"="D:\WINDOWS\cursors\arrow_rl.cur,D:\WINDOWS\cursors\help_rl.cur,D:\WINDOWS\cursors\wait_rl.cur,D:\WINDOWS\cursors\busy_rl.cur,D:\WINDOWS\cursors\cross_rl.cur,D:\WINDOWS\cursors\beam_rl.cur,D:\WINDOWS\cursors\pen_rl.cur,D:\WINDOWS\cursors\no_rl.cur,D:\WINDOWS\cursors\size4_rl.cur,D:\WINDOWS\cursors\size3_rl.cur,D:\WINDOWS\cursors\size2_rl.cur,D:\WINDOWS\cursors\size1_rl.cur,D:\WINDOWS\cursors\move_rl.cur,D:\WINDOWS\cursors\up_rl.cur"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System]
"OODEFRAG10.00.00.01WORKSTATION"="6BAE70412D3358569E19A855E5AA832340BBA6124908E945548746E6F4A54B9131F68ED914CD6D5492672F00F47266F53A3C95C52D3D7C6598D3118851EA0ADF8ECB80FEBA757EFA3D9519F0E01660FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79339DB7CE019D40AA5CA9C6AECB7A5D1407A6A0AC4980AC79333E5AF40C40EAB4604C625D859AFBE8D016DDC6F6E33D5D16718F9F8282A72390888F5A813FE2CFDAE520894A79987F56D9063D0634DE9D40A6FB3A0B6BAA8161072DFE57C059DCC27546980E6DC6F8FED594C40D1173BE9862B0E80EC5BA97626841D5570D1898015FC659020381FCEC47FBAAC8EAC8F71752C015EF0618C907F29F82AEBD70B3A09F54CFBA1849ACE6796FEED606B075DB3C82DAF5F50471E7FDDFE1EB42B4D2D340E73332622317D6506A45B97C0055AB758F8D4E34465940F55C8285DC3D1070643E6EC5681844C8C02817D63991AA6AE9C53285322842715B3425512466F7EC41D521B686342DEF572B81F97E417D2519C70111347A5EFC41CB428E048E0BE89F73202AEC09BFA230B7D3516072470A157B69C7D68DD70C5148845C3A99BFA35C9FF1AA9EA9DED97E57146E4889F7EA860B8BE385B94A6BC717C7BDD9707D8169A6D2247330DFB4885878C7717172C0A9E43E0783D944097465219D4A7C220D4C18B06817380DF229C9EFB86E970EA54BBB893365CACBFA3C2756C6C530FD721EC8B02E89E2A4FCCD021A7E246C15D74F842CCF15F0D8F79593626A5AFCD7820CD0AA0D1FD558DB78994A3DC8E6463BAE7A17A852B1D4DA8F26F29C6C5AE632568AA783FE384EBBBF6E0B786C7F5655F21AEE6C2CF8A2A5489DEA5531C5591AD41969F125B620F04EA0981EED35EA52BCA70FAF0AB494FAF47C6072343ECFF76EDEE39FE0045CF0E29661F9028820013E2705E9255774235D8B9E3254465EAB21843C3456518654CEF88CBE32000353BEE411F48A577C0A5DD3243AC3660FBB7E75503E7DDA115AF7B4F0845B2499E1996DA8901EAF5D3F6627A2138A2B5FCE2BE22E2E225BE8E3DA7B1C44AD83D7E53F9375E114DFBAF67D9602A90223BFB2E1BF9AD9E313EA770341CD5CAEB02B3E31ED566E76692E09B8795B4C596194D9ED450C7A36C769BE14C0FA8FB53FF0EF08D55BA22353C1F0446BFDB114FE38D632EE2E2DE142AA09C375CB84714A7C1F6EE94ACCCB287750E24CEC7187167664237D607481CDE7C5DD221D4561EE1699240C9D22F577C0E8E7BD5D8660C7115D49F437B485BBD08BBE4A7F4059CE77CA7BE281B8FCD287243A28BAD31CB73D45441DF8B7B0E10516593938C8848FCF49DD58588B0C51280C5736A39C8D0CA33F4303A2AA9C979CC0B47ABD13DEDA42C9C31AB6FA278CF0D24F"
"OODEFRAG11.00.00.01WORKSTATION"="4A74F6DF4CF3D8EE820B9605D007C0C8EFE12A408E856C5225E4F3345E390C525082BB47501173F08E34C4C1E9693C548B0913EC36E5B7537B4D09509CDF2A2D5D3B4D73905B635E11BD85358D98967CB944D935E325912373A35545D411BA76570984F3FDA0602E4F7B77FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79338EDD5E5BE2F6E667A6171C11EC38DE3DA6A0AC4980AC7933610C8EEC9F600F08C80BE795E798A3A5839DE9E9524EAEF30C7EE1FBAB0B36E2F8A445FE2F9EC1F387A666181675DAAE2A02427B3236A26B389F5DE1A0BB6E689EB627458858033824F07B72E46A4D74CA70A8EBE7BFBBC828950D95E4CB1E4D671EBF3AD5299928C892CAD6E1F3A88FBA7E77C18065B08B8381279327D0A2906EAC3F6F87652D689D289F0BDDBF7F6A59B53417CED19D02F6FC09EAD995408A53A5F8875092C976D5426566EA3345C50695811A6766FD523611AFBEB1169DE4B8BFE5BD276CDF9FA2E7ADD7646655B5A48D2C0D23383774763E3EC62A05C61CC328A15BC660C386BB90ACE063226BA19F07A0C51F0F8C3670F57CCC0047AA82217F6A42AE11AE22DD2A3C9449682A45E259F0AF3DE62BB7E2A0543137761D3E7ED9A66623D4BBBDC894581E3A6C95AF5ED353C8A1F1A06D8E18D467145FD4498EBC5D50A9376C783FA522BA9E14194587B721A2B4135D2039AC327622856FF08627B99C8EF5A5C388A5DFBB227C013ED63C5863A563BA6DAD2041F9AE9CE856A3870C79DF03ADE672D2F78435747EA6C88A1B4765AFF145382AFD20CC0EA6F0234348AD7186327CCA5D78918B80275DDE402F1AA778216DAB76082ED2797009C7AF86105BD9C4F3656A936D1ED674959CEF7E3FE6F24B7DDB232079592E70BCD89B838DF68BD8101A931CBA29E343598A20172CDE85D562234430EDBFB2377DA0C61DA6E45FC4E744E40D2EABC5D582374AAB6D12CE0CDD615EBF0A27C0B792EB64586E074A4864C4DF8012E952514130DB109E461E9C04F5EE0163F6454814119BDD0E057702C67EF9BAC1EC8FBE988D383FF38278983E4664C49E58E12670E389F7C14BC5F59FD89B9EAF01390DE2E4B4D8B214967749BCA181F93AECEFE940BE18D907470E57BFA135E1353F0BC8559A9C350EE4933447FD54C1CE6FA816043D503BAB429527225EAA70DEC4704DFDA970EAC403AA6558437AD98BA538DE13805A5CF1313D9F7594518916A0D44183925FD3D0475F15E232D73B2B82698052F012CBD3C3992230801EECB560374D8F7B170810B839D062FBF16FAAAB6C0E2E70F5A7905BA2664DCB2972DDC1776E4E7FE731A314A1F75549F497CD7A546D93D22A26AA8F3576CC99B00174B8DC72EF2BC90EEE4B6641BC352FE4997C185876E0770E6B"
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Remaining Services :
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\\Program Files\\QIP\\qip.exe"="D:\\Program Files\\QIP\\qip.exe:*:Disabled:Quiet Internet Pager"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
Remaining Files :
Files with Hidden Attributes :
Thu 27 Nov 2008 0 ..SH. --- "D:\WINDOWS\SE6CEC13C.tmp"
Wed 3 May 2006 163,328 ..SHR --- "D:\WINDOWS\system32\flvDX.dll"
Wed 21 Feb 2007 31,232 ..SHR --- "D:\WINDOWS\system32\msfDX.dll"
Mon 17 Dec 2007 27,648 ..SH. --- "D:\WINDOWS\system32\Smab0.dll"
Sun 26 Jun 2005 616,448 ..SHR --- "D:\Program Files\eRightSoft\SUPER\cygwin1.dll"
Tue 21 Jun 2005 45,568 ..SHR --- "D:\Program Files\eRightSoft\SUPER\cygz.dll"
Thu 22 May 2008 72,704 ..SHR --- "D:\Program Files\eRightSoft\SUPER\Setup.exe"
Tue 2 Oct 2007 15,360 A.SHR --- "D:\Program Files\eRightSoft\SUPER\_Setup.dll"
Thu 7 Aug 2008 2,451,968 ..SH. --- "D:\Documents and Settings\Martin G\Dokumenty\youtube\Vdm61r_cfdg.exe"
Tue 4 Jun 2002 84,992 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\14_43260.dll"
Tue 4 Jun 2002 44,032 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\28_83260.dll"
Tue 10 Dec 2002 73,766 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\atrc3260.dll"
Tue 10 Dec 2002 65,575 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\cook3260.dll"
Sun 9 Jun 2002 36,864 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\ddnt3260.dll"
Tue 4 Jun 2002 20,480 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\dnet3260.dll"
Tue 10 Dec 2002 102,437 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\drv13260.dll"
Tue 10 Dec 2002 176,165 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\drv23260.dll"
Tue 10 Dec 2002 208,935 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\drv33260.dll"
Tue 10 Dec 2002 217,127 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\drv43260.dll"
Sun 9 Jun 2002 40,448 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\dspr3260.dll"
Sat 3 Nov 2001 225,280 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\ivvideo.dll"
Tue 10 Apr 2001 225,280 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\qtmlClient.dll"
Fri 20 Feb 2004 232,960 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\raac.dll"
Sun 9 Jun 2002 525,824 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\rnco3260.dll"
Tue 10 Dec 2002 245,805 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\rnlt3260.dll"
Tue 10 Dec 2002 45,093 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\rv103260.dll"
Tue 10 Dec 2002 98,341 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\rv203260.dll"
Tue 10 Dec 2002 94,247 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\rv303260.dll"
Tue 10 Dec 2002 90,151 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\rv403260.dll"
Tue 10 Dec 2002 102,439 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\sipr3260.dll"
Sun 9 Jun 2002 49,152 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\tokr3260.dll"
Thu 20 Mar 2008 5,632 ..SHR --- "D:\Program Files\eRightSoft\SUPER\spk\1stRun.exe"
Sun 5 Oct 2008 165,232 A..H. --- "D:\Documents and Settings\Martin G\Data aplikacˇ\Microsoft\Virtual PC\VPCKeyboard.dll"
Finished!
HijackThis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:40:02, on 29.11.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\ZoneLabs\vsmon.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\CDBurnerXP\NMSAccessU.exe
D:\Program Files\Eset\nod32krn.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\oodag.exe
D:\WINDOWS\system32\IoctlSvc.exe
D:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
D:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\WINDOWS\system32\notepad.exe
D:\WINDOWS\system32\wuauclt.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\WINDOWS\Mixer.exe
D:\Program Files\Eset\nod32kui.exe
D:\Program Files\Java\jre6\bin\jusched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [nod32kui] "D:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] ; "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Appwarp] ; D:\PROGRA~1\REMI-S~1\APPLIC~1\ApplicationWarp.exe
O4 - HKLM\..\Run: [BDRegion] ; D:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [CloneCDTray] ; "D:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [NeroFilterCheck] ; D:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] ; "D:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
O4 - HKLM\..\Run: [QuickTime Task] ; "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RemoteControl8] ; "D:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
O4 - HKLM\..\Run: [TkBellExe] ; "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] ; "D:\Program Files\DAEMON Tools Lite\daemon.exe"
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] ; "D:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Steam] ; "D:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: &Download All by FlashGet - D:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
O8 - Extra context menu item: &Download by FlashGet - D:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
O8 - Extra context menu item: &Download by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{FF6F40A0-9980-463A-A903-FD3B6C48406C}: NameServer = 213.195.238.1,81.30.224.2
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - D:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMSAccessU - Unknown owner - D:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - D:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - D:\WINDOWS\system32\oodag.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - D:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - D:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - D:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 8697 bytes
Jinak ty logy:
SDFix
SDFix: Version 1.240
Run by Martin G on so 29.11.2008 at 10:23
Microsoft Windows XP [Verze 5.1.2600]
Running From: D:\SDFix
Checking Services :
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
Checking Files :
No Trojan Files Found
Removing Temp Files
ADS Check :
Final Check :
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-29 11:25:07
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="D:\Program Files\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000001
"ujdew"=hex:55,66,c2,91,62,9d,ad,17,69,95,f1,4b,08,90,0a,b3,1b,dc,23,8d,41,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="D:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:0d,37,36,a1,85,b0,8c,62,fe,eb,68,58,c4,05,ab,4b,1c,43,78,b0,22,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,55,64,54,3c,a2,38,75,11,dd,1b,f5,31,f3,af,ed,36,2b,..
"khjeh"=hex:8a,12,1b,36,36,bf,f0,55,59,10,e1,82,1b,84,5f,6b,6e,85,d6,3a,f2,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:a4,63,67,4b,76,52,bb,7c,3a,56,3a,1b,e9,4c,67,a9,e1,cb,85,10,39,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:27,25,66,b5,e7,3a,8f,2f,d4,58,02,bd,7a,64,f6,69,0e,31,37,64,96,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:f1,f3,75,01,08,f4,14,19,b0,de,46,7f,d9,cd,ab,10,28,d6,5d,3b,9a,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex:37,bb,0a,8c,32,00,38,88,28,5f,91,91,c5,93,f1,b1,54,36,ec,6d,c4,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2C7D58A9-CC0B-43C2-8AF5-768AD1A11A0B}]
"LeaseObtainedTime"=dword:49311809
"T1"=dword:49311888
"T2"=dword:493118e8
"LeaseTerminatesTime"=dword:49311908
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{2C7D58A9-CC0B-43C2-8AF5-768AD1A11A0B}\Parameters\Tcpip]
"LeaseObtainedTime"=dword:49311809
"T1"=dword:49311888
"T2"=dword:493118e8
"LeaseTerminatesTime"=dword:49311908
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="D:\Program Files\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000001
"ujdew"=hex:55,66,c2,91,62,9d,ad,17,69,95,f1,4b,08,90,0a,b3,1b,dc,23,8d,41,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="D:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:0d,37,36,a1,85,b0,8c,62,fe,eb,68,58,c4,05,ab,4b,1c,43,78,b0,22,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,55,64,54,3c,a2,38,75,11,dd,1b,f5,31,f3,af,ed,36,2b,..
"khjeh"=hex:8a,12,1b,36,36,bf,f0,55,59,10,e1,82,1b,84,5f,6b,6e,85,d6,3a,f2,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:a4,63,67,4b,76,52,bb,7c,3a,56,3a,1b,e9,4c,67,a9,e1,cb,85,10,39,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:27,25,66,b5,e7,3a,8f,2f,d4,58,02,bd,7a,64,f6,69,0e,31,37,64,96,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:f1,f3,75,01,08,f4,14,19,b0,de,46,7f,d9,cd,ab,10,28,d6,5d,3b,9a,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex:37,bb,0a,8c,32,00,38,88,28,5f,91,91,c5,93,f1,b1,54,36,ec,6d,c4,..
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Cursors\Schemes]
"\f\1e?r?n?é? ?u?k?a?z?a?t?e?l?e? ?"="D:\WINDOWS\cursors\arrow_r.cur,D:\WINDOWS\cursors\help_r.cur,D:\WINDOWS\cursors\wait_r.cur,D:\WINDOWS\cursors\busy_r.cur,D:\WINDOWS\cursors\cross_r.cur,D:\WINDOWS\cursors\beam_r.cur,D:\WINDOWS\cursors\pen_r.cur,D:\WINDOWS\cursors\no_r.cur,D:\WINDOWS\cursors\size4_r.cur,D:\WINDOWS\cursors\size3_r.cur,D:\WINDOWS\cursors\size2_r.cur,D:\WINDOWS\cursors\size1_r.cur,D:\WINDOWS\cursors\move_r.cur,D:\WINDOWS\cursors\up_r.cur"
"\f\1e?r?n?é? ?u?k?a?z?a?t?e?l?e? ?(?v?e?l?k?é?)?"="D:\WINDOWS\cursors\arrow_rm.cur,D:\WINDOWS\cursors\help_rm.cur,D:\WINDOWS\cursors\wait_rm.cur,D:\WINDOWS\cursors\busy_rm.cur,D:\WINDOWS\cursors\cross_rm.cur,D:\WINDOWS\cursors\beam_rm.cur,D:\WINDOWS\cursors\pen_rm.cur,D:\WINDOWS\cursors\no_rm.cur,D:\WINDOWS\cursors\size4_rm.cur,D:\WINDOWS\cursors\size3_rm.cur,D:\WINDOWS\cursors\size2_rm.cur,D:\WINDOWS\cursors\size1_rm.cur,D:\WINDOWS\cursors\move_rm.cur,D:\WINDOWS\cursors\up_rm.cur"
"\f\1e?r?n?é? ?u?k?a?z?a?t?e?l?e? ?(?n?e?j?v?\e\1t?a\1í?)?"="D:\WINDOWS\cursors\arrow_rl.cur,D:\WINDOWS\cursors\help_rl.cur,D:\WINDOWS\cursors\wait_rl.cur,D:\WINDOWS\cursors\busy_rl.cur,D:\WINDOWS\cursors\cross_rl.cur,D:\WINDOWS\cursors\beam_rl.cur,D:\WINDOWS\cursors\pen_rl.cur,D:\WINDOWS\cursors\no_rl.cur,D:\WINDOWS\cursors\size4_rl.cur,D:\WINDOWS\cursors\size3_rl.cur,D:\WINDOWS\cursors\size2_rl.cur,D:\WINDOWS\cursors\size1_rl.cur,D:\WINDOWS\cursors\move_rl.cur,D:\WINDOWS\cursors\up_rl.cur"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System]
"OODEFRAG10.00.00.01WORKSTATION"="6BAE70412D3358569E19A855E5AA832340BBA6124908E945548746E6F4A54B9131F68ED914CD6D5492672F00F47266F53A3C95C52D3D7C6598D3118851EA0ADF8ECB80FEBA757EFA3D9519F0E01660FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79339DB7CE019D40AA5CA9C6AECB7A5D1407A6A0AC4980AC79333E5AF40C40EAB4604C625D859AFBE8D016DDC6F6E33D5D16718F9F8282A72390888F5A813FE2CFDAE520894A79987F56D9063D0634DE9D40A6FB3A0B6BAA8161072DFE57C059DCC27546980E6DC6F8FED594C40D1173BE9862B0E80EC5BA97626841D5570D1898015FC659020381FCEC47FBAAC8EAC8F71752C015EF0618C907F29F82AEBD70B3A09F54CFBA1849ACE6796FEED606B075DB3C82DAF5F50471E7FDDFE1EB42B4D2D340E73332622317D6506A45B97C0055AB758F8D4E34465940F55C8285DC3D1070643E6EC5681844C8C02817D63991AA6AE9C53285322842715B3425512466F7EC41D521B686342DEF572B81F97E417D2519C70111347A5EFC41CB428E048E0BE89F73202AEC09BFA230B7D3516072470A157B69C7D68DD70C5148845C3A99BFA35C9FF1AA9EA9DED97E57146E4889F7EA860B8BE385B94A6BC717C7BDD9707D8169A6D2247330DFB4885878C7717172C0A9E43E0783D944097465219D4A7C220D4C18B06817380DF229C9EFB86E970EA54BBB893365CACBFA3C2756C6C530FD721EC8B02E89E2A4FCCD021A7E246C15D74F842CCF15F0D8F79593626A5AFCD7820CD0AA0D1FD558DB78994A3DC8E6463BAE7A17A852B1D4DA8F26F29C6C5AE632568AA783FE384EBBBF6E0B786C7F5655F21AEE6C2CF8A2A5489DEA5531C5591AD41969F125B620F04EA0981EED35EA52BCA70FAF0AB494FAF47C6072343ECFF76EDEE39FE0045CF0E29661F9028820013E2705E9255774235D8B9E3254465EAB21843C3456518654CEF88CBE32000353BEE411F48A577C0A5DD3243AC3660FBB7E75503E7DDA115AF7B4F0845B2499E1996DA8901EAF5D3F6627A2138A2B5FCE2BE22E2E225BE8E3DA7B1C44AD83D7E53F9375E114DFBAF67D9602A90223BFB2E1BF9AD9E313EA770341CD5CAEB02B3E31ED566E76692E09B8795B4C596194D9ED450C7A36C769BE14C0FA8FB53FF0EF08D55BA22353C1F0446BFDB114FE38D632EE2E2DE142AA09C375CB84714A7C1F6EE94ACCCB287750E24CEC7187167664237D607481CDE7C5DD221D4561EE1699240C9D22F577C0E8E7BD5D8660C7115D49F437B485BBD08BBE4A7F4059CE77CA7BE281B8FCD287243A28BAD31CB73D45441DF8B7B0E10516593938C8848FCF49DD58588B0C51280C5736A39C8D0CA33F4303A2AA9C979CC0B47ABD13DEDA42C9C31AB6FA278CF0D24F"
"OODEFRAG11.00.00.01WORKSTATION"="4A74F6DF4CF3D8EE820B9605D007C0C8EFE12A408E856C5225E4F3345E390C525082BB47501173F08E34C4C1E9693C548B0913EC36E5B7537B4D09509CDF2A2D5D3B4D73905B635E11BD85358D98967CB944D935E325912373A35545D411BA76570984F3FDA0602E4F7B77FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79338EDD5E5BE2F6E667A6171C11EC38DE3DA6A0AC4980AC7933610C8EEC9F600F08C80BE795E798A3A5839DE9E9524EAEF30C7EE1FBAB0B36E2F8A445FE2F9EC1F387A666181675DAAE2A02427B3236A26B389F5DE1A0BB6E689EB627458858033824F07B72E46A4D74CA70A8EBE7BFBBC828950D95E4CB1E4D671EBF3AD5299928C892CAD6E1F3A88FBA7E77C18065B08B8381279327D0A2906EAC3F6F87652D689D289F0BDDBF7F6A59B53417CED19D02F6FC09EAD995408A53A5F8875092C976D5426566EA3345C50695811A6766FD523611AFBEB1169DE4B8BFE5BD276CDF9FA2E7ADD7646655B5A48D2C0D23383774763E3EC62A05C61CC328A15BC660C386BB90ACE063226BA19F07A0C51F0F8C3670F57CCC0047AA82217F6A42AE11AE22DD2A3C9449682A45E259F0AF3DE62BB7E2A0543137761D3E7ED9A66623D4BBBDC894581E3A6C95AF5ED353C8A1F1A06D8E18D467145FD4498EBC5D50A9376C783FA522BA9E14194587B721A2B4135D2039AC327622856FF08627B99C8EF5A5C388A5DFBB227C013ED63C5863A563BA6DAD2041F9AE9CE856A3870C79DF03ADE672D2F78435747EA6C88A1B4765AFF145382AFD20CC0EA6F0234348AD7186327CCA5D78918B80275DDE402F1AA778216DAB76082ED2797009C7AF86105BD9C4F3656A936D1ED674959CEF7E3FE6F24B7DDB232079592E70BCD89B838DF68BD8101A931CBA29E343598A20172CDE85D562234430EDBFB2377DA0C61DA6E45FC4E744E40D2EABC5D582374AAB6D12CE0CDD615EBF0A27C0B792EB64586E074A4864C4DF8012E952514130DB109E461E9C04F5EE0163F6454814119BDD0E057702C67EF9BAC1EC8FBE988D383FF38278983E4664C49E58E12670E389F7C14BC5F59FD89B9EAF01390DE2E4B4D8B214967749BCA181F93AECEFE940BE18D907470E57BFA135E1353F0BC8559A9C350EE4933447FD54C1CE6FA816043D503BAB429527225EAA70DEC4704DFDA970EAC403AA6558437AD98BA538DE13805A5CF1313D9F7594518916A0D44183925FD3D0475F15E232D73B2B82698052F012CBD3C3992230801EECB560374D8F7B170810B839D062FBF16FAAAB6C0E2E70F5A7905BA2664DCB2972DDC1776E4E7FE731A314A1F75549F497CD7A546D93D22A26AA8F3576CC99B00174B8DC72EF2BC90EEE4B6641BC352FE4997C185876E0770E6B"
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Remaining Services :
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\\Program Files\\QIP\\qip.exe"="D:\\Program Files\\QIP\\qip.exe:*:Disabled:Quiet Internet Pager"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
Remaining Files :
Files with Hidden Attributes :
Thu 27 Nov 2008 0 ..SH. --- "D:\WINDOWS\SE6CEC13C.tmp"
Wed 3 May 2006 163,328 ..SHR --- "D:\WINDOWS\system32\flvDX.dll"
Wed 21 Feb 2007 31,232 ..SHR --- "D:\WINDOWS\system32\msfDX.dll"
Mon 17 Dec 2007 27,648 ..SH. --- "D:\WINDOWS\system32\Smab0.dll"
Sun 26 Jun 2005 616,448 ..SHR --- "D:\Program Files\eRightSoft\SUPER\cygwin1.dll"
Tue 21 Jun 2005 45,568 ..SHR --- "D:\Program Files\eRightSoft\SUPER\cygz.dll"
Thu 22 May 2008 72,704 ..SHR --- "D:\Program Files\eRightSoft\SUPER\Setup.exe"
Tue 2 Oct 2007 15,360 A.SHR --- "D:\Program Files\eRightSoft\SUPER\_Setup.dll"
Thu 7 Aug 2008 2,451,968 ..SH. --- "D:\Documents and Settings\Martin G\Dokumenty\youtube\Vdm61r_cfdg.exe"
Tue 4 Jun 2002 84,992 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\14_43260.dll"
Tue 4 Jun 2002 44,032 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\28_83260.dll"
Tue 10 Dec 2002 73,766 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\atrc3260.dll"
Tue 10 Dec 2002 65,575 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\cook3260.dll"
Sun 9 Jun 2002 36,864 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\ddnt3260.dll"
Tue 4 Jun 2002 20,480 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\dnet3260.dll"
Tue 10 Dec 2002 102,437 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\drv13260.dll"
Tue 10 Dec 2002 176,165 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\drv23260.dll"
Tue 10 Dec 2002 208,935 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\drv33260.dll"
Tue 10 Dec 2002 217,127 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\drv43260.dll"
Sun 9 Jun 2002 40,448 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\dspr3260.dll"
Sat 3 Nov 2001 225,280 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\ivvideo.dll"
Tue 10 Apr 2001 225,280 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\qtmlClient.dll"
Fri 20 Feb 2004 232,960 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\raac.dll"
Sun 9 Jun 2002 525,824 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\rnco3260.dll"
Tue 10 Dec 2002 245,805 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\rnlt3260.dll"
Tue 10 Dec 2002 45,093 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\rv103260.dll"
Tue 10 Dec 2002 98,341 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\rv203260.dll"
Tue 10 Dec 2002 94,247 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\rv303260.dll"
Tue 10 Dec 2002 90,151 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\rv403260.dll"
Tue 10 Dec 2002 102,439 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\sipr3260.dll"
Sun 9 Jun 2002 49,152 ...HR --- "D:\Program Files\eRightSoft\SUPER\mencoder\tokr3260.dll"
Thu 20 Mar 2008 5,632 ..SHR --- "D:\Program Files\eRightSoft\SUPER\spk\1stRun.exe"
Sun 5 Oct 2008 165,232 A..H. --- "D:\Documents and Settings\Martin G\Data aplikacˇ\Microsoft\Virtual PC\VPCKeyboard.dll"
Finished!
HijackThis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:40:02, on 29.11.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\ZoneLabs\vsmon.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\CDBurnerXP\NMSAccessU.exe
D:\Program Files\Eset\nod32krn.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\oodag.exe
D:\WINDOWS\system32\IoctlSvc.exe
D:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
D:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\WINDOWS\system32\notepad.exe
D:\WINDOWS\system32\wuauclt.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\WINDOWS\Mixer.exe
D:\Program Files\Eset\nod32kui.exe
D:\Program Files\Java\jre6\bin\jusched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [nod32kui] "D:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] ; "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Appwarp] ; D:\PROGRA~1\REMI-S~1\APPLIC~1\ApplicationWarp.exe
O4 - HKLM\..\Run: [BDRegion] ; D:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [CloneCDTray] ; "D:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [NeroFilterCheck] ; D:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] ; "D:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
O4 - HKLM\..\Run: [QuickTime Task] ; "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RemoteControl8] ; "D:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
O4 - HKLM\..\Run: [TkBellExe] ; "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] ; "D:\Program Files\DAEMON Tools Lite\daemon.exe"
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] ; "D:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Steam] ; "D:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: &Download All by FlashGet - D:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
O8 - Extra context menu item: &Download by FlashGet - D:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
O8 - Extra context menu item: &Download by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{FF6F40A0-9980-463A-A903-FD3B6C48406C}: NameServer = 213.195.238.1,81.30.224.2
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - D:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMSAccessU - Unknown owner - D:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - D:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - D:\WINDOWS\system32\oodag.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - D:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - D:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - D:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 8697 bytes
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43287
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu-pomalý start PC
Najdi a smaž:
D:\SDFix
Fix v HJT:
Aktualizuj javu:
Java SE Runtime Environment 6u10
Vyber OS ( předpokládám Windows), zatržítko agree-continue
Vyber:
Windows Offline Installation
jre-6u10-windows-i586-p.exe
Ostatní javy odeber v přidat/odebrat programy.
Na opravu windows Ti stačí jakékoliv CD se stejným OS jako máš Ty..
D:\SDFix
Fix v HJT:
Kód: Vybrat vše
O4 - HKLM\..\Run: [NeroFilterCheck] ; D:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] ; "D:\Program Files\QuickTime\QTTask.exe" -atboottime
Aktualizuj javu:
Java SE Runtime Environment 6u10
Vyber OS ( předpokládám Windows), zatržítko agree-continue
Vyber:
Windows Offline Installation
jre-6u10-windows-i586-p.exe
Ostatní javy odeber v přidat/odebrat programy.
Na opravu windows Ti stačí jakékoliv CD se stejným OS jako máš Ty..
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu-pomalý start PC
Takže to nemusí být originál...ok,ještě dneska to snad bude
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 80 hostů