ComboFix 10-11-18.03 - Mirecek 19.11.2010 10:28:15.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3037.2375 [GMT 1:00]
Spuštěný z: d:\documents and settings\Mirecek\Dokumenty\Downloads\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-10-19 do 2010-11-19 )))))))))))))))))))))))))))))))
.
2010-11-18 11:12 . 2010-11-18 11:12 388096 ----a-r- d:\documents and settings\Mirecek\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-11-18 11:12 . 2010-11-18 11:12 -------- d-----w- d:\program files\HJT
2010-11-10 13:52 . 2009-03-19 13:07 43264 ----a-w- d:\windows\system32\drivers\tosrfusb.sys
2010-11-10 13:52 . 2009-03-05 10:03 74368 ----a-w- d:\windows\system32\drivers\Tosrfhid.sys
2010-11-10 13:52 . 2008-10-06 16:56 137984 ----a-w- d:\windows\system32\drivers\tosrfbd.sys
2010-11-10 13:52 . 2009-05-14 08:50 54400 ----a-w- d:\windows\system32\drivers\TosRfSnd.sys
2010-11-10 13:52 . 2009-05-12 10:12 36992 ----a-w- d:\windows\system32\drivers\tosrfbnp.sys
2010-11-10 13:52 . 2009-03-12 10:33 16128 ----a-w- d:\windows\system32\drivers\tosrfnds.sys
2010-11-10 13:52 . 2009-02-19 15:20 63872 ----a-w- d:\windows\system32\drivers\tosrfcom.sys
2010-11-10 13:52 . 2008-03-25 12:54 41472 ----a-w- d:\windows\system32\drivers\tosporte.sys
2010-11-10 13:49 . 2010-11-10 13:49 -------- d-----w- d:\program files\Common Files\Adobe
2010-11-10 11:44 . 2010-11-10 11:44 -------- d-----w- d:\windows\OPTIONS
2010-11-10 11:41 . 2008-06-04 15:10 170520 ----a-w- d:\windows\system32\igfxzoom.exe
2010-11-10 11:41 . 2008-06-04 15:10 637464 ----a-w- d:\windows\system32\igfxcfg.exe
2010-11-10 11:41 . 2008-05-21 12:03 147456 ----a-w- d:\windows\system32\igfxCoIn_v4953.dll
2010-11-10 11:41 . 2008-05-21 11:26 2027520 ----a-w- d:\windows\system32\ig4dev32.dll
2010-11-10 11:41 . 2008-05-21 11:21 270336 ----a-w- d:\windows\system32\igfxresp.lrc
2010-11-10 11:41 . 2008-06-04 15:10 920088 ----a-w- d:\windows\system32\igxpun.exe
2010-11-10 11:37 . 2010-11-10 11:37 -------- d-----w- d:\documents and settings\Mirecek\Data aplikací\Carambis
2010-11-10 11:18 . 2010-11-10 11:18 -------- d-----w- d:\documents and settings\All Users\Data aplikací\PC Drivers HeadQuarters
2010-11-10 11:12 . 2010-11-11 14:39 -------- d-----w- d:\program files\Bluetooth File Sender
2010-11-06 10:37 . 2010-11-06 10:37 103864 ----a-w- d:\program files\Mozilla Firefox\plugins\nppdf32.dll
2010-11-06 10:37 . 2010-11-06 10:37 103864 ----a-w- d:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2010-11-03 16:52 . 2010-11-07 14:18 137464 ----a-w- d:\windows\system32\drivers\PnkBstrK.sys
2010-11-03 16:52 . 2010-11-07 14:18 214520 ----a-w- d:\windows\system32\PnkBstrB.exe
2010-11-03 16:52 . 2010-11-07 14:18 214520 ----a-w- d:\windows\system32\PnkBstrB.xtr
2010-11-03 16:52 . 2010-11-03 16:52 75064 ----a-w- d:\windows\system32\PnkBstrA.exe
2010-11-03 16:52 . 2010-11-03 16:52 -------- d-----w- d:\documents and settings\Mirecek\Local Settings\Data aplikací\PunkBuster
2010-11-03 16:26 . 2010-11-03 16:26 -------- d-----w- d:\program files\Activision
2010-11-02 07:46 . 2010-11-02 07:52 -------- d-----w- d:\program files\Zrychleni Pocitace
2010-10-31 10:27 . 2010-10-31 10:27 -------- d-----w- d:\documents and settings\Mirecek\Local Settings\Data aplikací\WMTools Downloaded Files
2010-10-29 14:22 . 2010-10-29 14:22 -------- d-----w- d:\program files\IObit
2010-10-29 13:14 . 2010-10-29 13:14 151515 ----a-w- d:\windows\Čestina do SimCity 4 Rush Hour a Delux BETA Uninstaller.exe
2010-10-29 12:50 . 2003-12-23 00:15 5248 ----a-w- d:\windows\system32\drivers\xmasscsi.sys
2010-10-29 12:50 . 2003-12-21 15:24 140800 ----a-w- d:\windows\system32\drivers\xmasbus.sys
2010-10-29 12:50 . 2010-10-29 12:50 -------- d-----w- d:\program files\Alcohol Soft
2010-10-29 12:33 . 2010-10-29 12:50 -------- d-----w- D:\install
2010-10-23 20:27 . 2010-11-03 15:50 -------- d-----w- d:\documents and settings\Mirecek\Data aplikací\Microgaming
2010-10-23 20:26 . 2010-10-23 20:26 -------- d-----w- D:\Microgaming
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-29 12:46 . 2010-07-13 21:01 685816 ----a-w- d:\windows\system32\drivers\sptd.sys
2010-10-18 18:34 . 2010-10-18 18:34 390144 ----a-w- d:\windows\system32\CF27240.exe
2010-09-18 10:23 . 2004-08-17 13:49 974848 ----a-w- d:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2004-08-17 13:49 974848 ----a-w- d:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2001-10-25 14:00 954368 ----a-w- d:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2001-10-25 14:00 953856 ----a-w- d:\windows\system32\mfc40u.dll
2010-09-09 14:23 . 2004-08-17 13:49 668160 ----a-w- d:\windows\system32\wininet.dll
2010-09-09 14:23 . 2004-08-03 20:59 61952 ----a-w- d:\windows\system32\tdc.ocx
2010-09-09 14:23 . 2004-08-17 13:49 81920 ----a-w- d:\windows\system32\ieencode.dll
2010-09-09 14:16 . 2004-08-17 13:44 370176 ----a-w- d:\windows\system32\html.iec
2010-09-07 15:12 . 2010-10-03 09:41 38848 ----a-w- d:\windows\avastSS.scr
2010-09-07 15:11 . 2010-10-03 09:41 167592 ----a-w- d:\windows\system32\aswBoot.exe
2010-09-07 14:52 . 2010-10-03 09:41 46672 ----a-w- d:\windows\system32\drivers\aswTdi.sys
2010-09-07 14:52 . 2010-10-03 09:41 165584 ----a-w- d:\windows\system32\drivers\aswSP.sys
2010-09-07 14:47 . 2010-10-03 09:41 23376 ----a-w- d:\windows\system32\drivers\aswRdr.sys
2010-09-07 14:47 . 2010-10-03 09:41 100176 ----a-w- d:\windows\system32\drivers\aswmon2.sys
2010-09-07 14:47 . 2010-10-03 09:41 94544 ----a-w- d:\windows\system32\drivers\aswmon.sys
2010-09-07 14:47 . 2010-10-03 09:41 17744 ----a-w- d:\windows\system32\drivers\aswFsBlk.sys
2010-09-07 14:46 . 2010-10-03 09:41 28880 ----a-w- d:\windows\system32\drivers\aavmker4.sys
2010-09-01 11:52 . 2004-08-17 13:48 285824 ----a-w- d:\windows\system32\atmfd.dll
2010-09-01 07:57 . 2004-08-17 13:44 1852800 ----a-w- d:\windows\system32\win32k.sys
2010-08-27 08:03 . 2004-08-17 13:49 119808 ----a-w- d:\windows\system32\t2embed.dll
2010-08-27 05:54 . 2004-08-17 13:49 99840 ----a-w- d:\windows\system32\srvsvc.dll
2010-08-27 01:43 . 2008-05-05 05:25 5632 ----a-w- d:\windows\system32\xpsp4res.dll
2010-08-26 13:39 . 2004-08-03 21:14 357248 ----a-w- d:\windows\system32\drivers\srv.sys
2010-08-23 16:12 . 2004-08-17 13:49 617472 ----a-w- d:\windows\system32\comctl32.dll
2010-08-22 20:05 . 2010-08-22 20:05 281760 ----a-w- d:\windows\system32\drivers\atksgt.sys
2010-08-22 20:05 . 2010-08-22 20:05 25888 ----a-w- d:\windows\system32\drivers\lirsgt.sys
.
((((((((((((((((((((((((((((( SnapShot@2010-10-18_18.43.36 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-06-09 22:28 . 2008-04-14 07:52 54272 d:\windows\system32\vfwwdm32.dll
- 2010-06-09 22:28 . 2008-04-14 06:52 54272 d:\windows\system32\vfwwdm32.dll
+ 2008-09-25 17:29 . 2008-09-25 17:29 35328 d:\windows\system32\TosBtCi.dll
- 2008-09-25 16:29 . 2008-09-25 16:29 35328 d:\windows\system32\TosBtCi.dll
+ 2006-12-04 14:58 . 2006-12-04 14:58 94208 d:\windows\system32\tbtmon98Language.dll
- 2006-12-04 13:58 . 2006-12-04 13:58 94208 d:\windows\system32\tbtmon98Language.dll
+ 2010-11-10 12:41 . 2007-01-17 13:34 53248 d:\windows\system32\ReinstallBackups\0025\DriverFiles\x86\sm56kor.dll
+ 2010-11-10 12:41 . 2007-01-17 13:34 57344 d:\windows\system32\ReinstallBackups\0025\DriverFiles\x86\sm56jpn.dll
+ 2010-11-10 12:41 . 2007-01-17 13:34 65536 d:\windows\system32\ReinstallBackups\0025\DriverFiles\x86\sm56ita.dll
+ 2010-11-10 12:41 . 2007-01-17 13:34 53248 d:\windows\system32\ReinstallBackups\0025\DriverFiles\x86\sm56cht.dll
+ 2010-11-10 12:41 . 2007-01-17 13:34 53248 d:\windows\system32\ReinstallBackups\0025\DriverFiles\x86\sm56chs.dll
+ 2010-11-10 12:41 . 2007-01-17 13:34 65536 d:\windows\system32\ReinstallBackups\0025\DriverFiles\x86\sm56ger.dll
+ 2010-11-10 12:41 . 2007-01-17 13:34 65536 d:\windows\system32\ReinstallBackups\0025\DriverFiles\x86\sm56fra.dll
+ 2010-11-10 12:41 . 2007-01-17 13:34 65536 d:\windows\system32\ReinstallBackups\0025\DriverFiles\x86\sm56esp.dll
+ 2010-11-10 12:41 . 2007-01-17 13:34 69632 d:\windows\system32\ReinstallBackups\0025\DriverFiles\x86\sm56eng.dll
+ 2010-11-10 12:41 . 2007-01-17 13:34 65536 d:\windows\system32\ReinstallBackups\0025\DriverFiles\x86\sm56dnk.dll
+ 2010-11-10 12:41 . 2007-01-17 13:34 65536 d:\windows\system32\ReinstallBackups\0025\DriverFiles\x86\sm56brz.dll
+ 2010-11-10 12:36 . 2010-04-20 00:31 57856 d:\windows\system32\ReinstallBackups\0024\DriverFiles\igxprd32.dll
+ 2010-11-10 12:36 . 2010-04-19 23:59 57344 d:\windows\system32\ReinstallBackups\0024\DriverFiles\igfxsrvc.dll
+ 2010-11-10 12:36 . 2008-05-21 11:17 24576 d:\windows\system32\ReinstallBackups\0024\DriverFiles\igfxexps.dll
+ 2010-11-10 12:36 . 2010-04-19 23:59 94720 d:\windows\system32\ReinstallBackups\0024\DriverFiles\hccutils.dll
+ 2010-11-10 12:35 . 2010-04-20 00:31 57856 d:\windows\system32\ReinstallBackups\0019\DriverFiles\igxprd32.dll
- 2010-10-03 17:37 . 2010-04-20 00:31 57856 d:\windows\system32\ReinstallBackups\0019\DriverFiles\igxprd32.dll
- 2010-10-03 17:37 . 2010-04-19 23:59 57344 d:\windows\system32\ReinstallBackups\0019\DriverFiles\igfxsrvc.dll
+ 2010-11-10 12:35 . 2010-04-19 23:59 57344 d:\windows\system32\ReinstallBackups\0019\DriverFiles\igfxsrvc.dll
+ 2010-11-10 12:35 . 2008-05-21 11:17 24576 d:\windows\system32\ReinstallBackups\0019\DriverFiles\igfxexps.dll
- 2010-10-03 17:37 . 2010-04-19 23:59 94720 d:\windows\system32\ReinstallBackups\0019\DriverFiles\hccutils.dll
+ 2010-11-10 12:35 . 2010-04-19 23:59 94720 d:\windows\system32\ReinstallBackups\0019\DriverFiles\hccutils.dll
+ 2001-10-25 14:00 . 2010-11-19 08:44 68490 d:\windows\system32\perfc009.dat
- 2001-10-25 14:00 . 2010-10-18 18:42 68490 d:\windows\system32\perfc009.dat
- 2001-10-25 14:00 . 2010-10-18 18:42 79930 d:\windows\system32\perfc005.dat
+ 2001-10-25 14:00 . 2010-11-19 08:44 79930 d:\windows\system32\perfc005.dat
+ 2010-11-10 11:41 . 2008-06-04 15:06 73728 d:\windows\system32\Lang\HDMI\CSY\HDMICSY.dll
+ 2010-07-17 12:00 . 2008-05-21 11:48 57344 d:\windows\system32\igxprd32.dll
+ 2010-07-17 12:00 . 2008-05-21 11:17 51712 d:\windows\system32\igfxsrvc.dll
+ 2010-07-17 12:00 . 2008-05-21 11:17 24576 d:\windows\system32\igfxexps.dll
+ 2010-11-10 13:52 . 2009-03-19 13:07 43264 d:\windows\system32\DRVSTORE\tosrfusb_AF5386CB6D987F0BFA798F48C994DC3A92DF00CF\tosrfusb.sys
- 2010-10-03 18:21 . 2009-03-19 12:07 43264 d:\windows\system32\DRVSTORE\tosrfusb_AF5386CB6D987F0BFA798F48C994DC3A92DF00CF\tosrfusb.sys
+ 2010-11-10 13:52 . 2009-05-14 08:50 54400 d:\windows\system32\DRVSTORE\tosrfsnd_DC2405F94D732A2699D2BE0763C0A556963DBE8C\TosRfSnd.sys
- 2010-10-03 18:21 . 2009-05-14 07:50 54400 d:\windows\system32\DRVSTORE\tosrfsnd_DC2405F94D732A2699D2BE0763C0A556963DBE8C\TosRfSnd.sys
- 2010-10-03 18:21 . 2009-03-12 09:33 16128 d:\windows\system32\DRVSTORE\tosrfnds_7989095481F9F3D6BB1C385AA145B0B48C1EE6E9\tosrfnds.sys
+ 2010-11-10 13:52 . 2009-03-12 10:33 16128 d:\windows\system32\DRVSTORE\tosrfnds_7989095481F9F3D6BB1C385AA145B0B48C1EE6E9\tosrfnds.sys
+ 2010-11-10 13:52 . 2009-03-05 10:03 74368 d:\windows\system32\DRVSTORE\tosrfhid_31CF2DD65699851F5C864662D92915B86AB02D9F\Tosrfhid.sys
- 2010-10-03 18:21 . 2009-03-05 09:03 74368 d:\windows\system32\DRVSTORE\tosrfhid_31CF2DD65699851F5C864662D92915B86AB02D9F\Tosrfhid.sys
+ 2010-11-10 13:52 . 2009-02-19 15:20 63872 d:\windows\system32\DRVSTORE\tosrfcom_09FC3CC3F600D40F49EF884EFBE06A653E55ECF3\tosrfcom.sys
- 2010-10-03 18:21 . 2009-02-19 14:20 63872 d:\windows\system32\DRVSTORE\tosrfcom_09FC3CC3F600D40F49EF884EFBE06A653E55ECF3\tosrfcom.sys
- 2010-10-03 18:21 . 2009-05-12 09:12 36992 d:\windows\system32\DRVSTORE\tosrfbnp_6649EBEB075946609EB4E8F62DAFB8F731B093C6\tosrfbnp.sys
+ 2010-11-10 13:52 . 2009-05-12 10:12 36992 d:\windows\system32\DRVSTORE\tosrfbnp_6649EBEB075946609EB4E8F62DAFB8F731B093C6\tosrfbnp.sys
- 2010-10-03 18:21 . 2008-03-25 11:54 41472 d:\windows\system32\DRVSTORE\tosporte_A086FA92B5219E8789BE3D56AA0C608D3F4A16CD\tosporte.sys
+ 2010-11-10 13:52 . 2008-03-25 12:54 41472 d:\windows\system32\DRVSTORE\tosporte_A086FA92B5219E8789BE3D56AA0C608D3F4A16CD\tosporte.sys
+ 2010-11-10 11:41 . 2008-05-21 11:48 57344 d:\windows\system32\DRVSTORE\igxpc32_2538971D6F35EC3350BA68A29B8A273A98EDCCE1\igxprd32.dll
+ 2010-11-10 11:41 . 2008-05-21 11:17 51712 d:\windows\system32\DRVSTORE\igxpc32_2538971D6F35EC3350BA68A29B8A273A98EDCCE1\igfxsrvc.dll
+ 2010-11-10 11:41 . 2008-05-21 11:17 24576 d:\windows\system32\DRVSTORE\igxpc32_2538971D6F35EC3350BA68A29B8A273A98EDCCE1\igfxexps.dll
- 2004-08-03 23:08 . 2008-04-13 22:15 49408 d:\windows\system32\drivers\stream.sys
+ 2004-08-03 23:08 . 2008-04-13 23:15 49408 d:\windows\system32\drivers\stream.sys
- 2004-08-03 20:59 . 2008-04-13 22:10 15744 d:\windows\system32\drivers\serenum.sys
+ 2004-08-03 20:59 . 2008-04-13 23:10 15744 d:\windows\system32\drivers\serenum.sys
+ 2010-10-18 18:47 . 2010-04-29 13:39 38224 d:\windows\system32\drivers\mbamswissarmy.sys
+ 2010-10-18 18:47 . 2010-04-29 13:39 20952 d:\windows\system32\drivers\mbam.sys
+ 2010-06-11 08:33 . 2008-04-13 23:15 60160 d:\windows\system32\drivers\drmk.sys
- 2010-06-11 08:33 . 2008-04-13 22:15 60160 d:\windows\system32\drivers\drmk.sys
+ 2010-06-09 22:28 . 2008-04-14 07:52 54272 d:\windows\system32\dllcache\vfwwdm32.dll
- 2010-06-09 22:28 . 2008-04-14 06:52 54272 d:\windows\system32\dllcache\vfwwdm32.dll
+ 2004-08-03 23:08 . 2008-04-13 23:15 49408 d:\windows\system32\dllcache\stream.sys
- 2004-08-03 23:08 . 2008-04-13 22:15 49408 d:\windows\system32\dllcache\stream.sys
- 2004-08-03 20:59 . 2008-04-13 22:10 15744 d:\windows\system32\dllcache\serenum.sys
+ 2004-08-03 20:59 . 2008-04-13 23:10 15744 d:\windows\system32\dllcache\serenum.sys
- 2010-06-10 22:16 . 2009-11-27 17:14 17920 d:\windows\system32\dllcache\msyuv.dll
+ 2004-08-17 15:49 . 2009-11-27 17:14 17920 d:\windows\system32\dllcache\msyuv.dll
+ 2010-06-11 08:33 . 2008-04-13 23:15 60160 d:\windows\system32\dllcache\drmk.sys
- 2010-06-11 08:33 . 2008-04-13 22:15 60160 d:\windows\system32\dllcache\drmk.sys
+ 2004-11-29 18:46 . 2004-11-29 18:46 77824 d:\windows\system32\btw_ci.dll
+ 2004-11-29 18:38 . 2004-11-29 18:38 61440 d:\windows\system32\BtAudioHelper.dll
+ 2010-10-29 12:50 . 2010-10-29 12:50 49152 d:\windows\Installer\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}\IconE9F814236.exe
+ 2010-11-03 16:32 . 2010-11-03 16:32 14366 d:\windows\Installer\{D0A05794-48C2-4424-A15A-9F20FCFDD374}\ARPPRODUCTICON.exe
+ 2010-11-10 11:17 . 2010-11-10 11:17 75064 d:\windows\Installer\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}\ProductName.chm.de_D066A77819B7480BA99CC79FB02C9357.exe
+ 2010-11-10 11:17 . 2010-11-10 11:17 75064 d:\windows\Installer\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}\DriverDetective.pt_6CF114D33913468CBA2AA6967939B819.exe
+ 2010-11-10 11:17 . 2010-11-10 11:17 75064 d:\windows\Installer\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}\DriverDetective.it_251B66F1CA924E82A1EE29E85D5EC5A1.exe
+ 2010-11-10 11:17 . 2010-11-10 11:17 75064 d:\windows\Installer\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}\DriverDetective.fr_E1678746353A46E3A9150D3E8B3832B1.exe
+ 2010-11-10 11:17 . 2010-11-10 11:17 75064 d:\windows\Installer\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}\DriverDetective.es_654C8EA5162D4D4084239A5EDD67F462.exe
+ 2010-11-10 11:18 . 2010-11-10 11:18 15872 d:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\272d51526813ea113970b8e890c92ee2\Microsoft.VisualC.ni.dll
+ 2010-11-10 11:18 . 2010-11-10 11:18 73728 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\4f5f63f1c252a2df9e564798bd3374b8\DriversHQ.DriverDetective.ExceptionLogging.ni.dll
- 2010-10-03 18:21 . 2009-02-03 15:56 3712 d:\windows\system32\DRVSTORE\toshidpt_753EFF9C1D54902FB063A3412B2FA5E37A4C2377\Toshidpt.sys
+ 2010-11-10 13:52 . 2009-02-03 16:56 3712 d:\windows\system32\DRVSTORE\toshidpt_753EFF9C1D54902FB063A3412B2FA5E37A4C2377\Toshidpt.sys
+ 2010-10-29 12:50 . 2010-10-29 12:50 5120 d:\windows\Installer\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}\IconE9F814234.exe
- 2010-10-03 18:21 . 2010-10-03 18:21 4398 d:\windows\Installer\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}\ARPPRODUCTICON.exe
+ 2010-11-10 13:52 . 2010-11-10 13:52 4398 d:\windows\Installer\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}\ARPPRODUCTICON.exe
- 2007-12-11 12:43 . 2007-12-11 12:43 144720 d:\windows\system32\TBTMonUI.dll
+ 2007-12-11 13:43 . 2007-12-11 13:43 144720 d:\windows\system32\TBTMonUI.dll
+ 2008-09-05 19:03 . 2008-09-05 19:03 176128 d:\windows\system32\TBTMon.dll
- 2008-09-05 18:03 . 2008-09-05 18:03 176128 d:\windows\system32\TBTMon.dll
+ 2010-11-10 12:41 . 2007-01-17 13:38 983936 d:\windows\system32\ReinstallBackups\0025\DriverFiles\x86\smserial.sys
+ 2010-11-10 12:41 . 2007-01-17 13:34 634880 d:\windows\system32\ReinstallBackups\0025\DriverFiles\x86\sm56hlpr.exe
+ 2010-11-10 12:41 . 2007-01-17 13:34 196608 d:\windows\system32\ReinstallBackups\0025\DriverFiles\x86\sm56co6a.dll
+ 2010-11-10 12:36 . 2010-04-20 00:31 181760 d:\windows\system32\ReinstallBackups\0024\DriverFiles\igxpgd32.dll
+ 2010-11-10 12:36 . 2008-05-21 12:03 147456 d:\windows\system32\ReinstallBackups\0024\DriverFiles\igxpco32.dll
+ 2010-11-10 12:36 . 2008-06-04 15:10 170520 d:\windows\system32\ReinstallBackups\0024\DriverFiles\igfxzoom.exe
+ 2010-11-10 12:36 . 2010-04-22 04:08 136216 d:\windows\system32\ReinstallBackups\0024\DriverFiles\igfxtray.exe
+ 2010-11-10 12:36 . 2008-06-04 15:10 256536 d:\windows\system32\ReinstallBackups\0024\DriverFiles\igfxsrvc.exe
+ 2010-11-10 12:36 . 2010-04-19 23:58 828928 d:\windows\system32\ReinstallBackups\0024\DriverFiles\igfxress.dll
+ 2010-11-10 12:36 . 2008-05-21 11:17 204800 d:\windows\system32\ReinstallBackups\0024\DriverFiles\igfxpph.dll
+ 2010-11-10 12:36 . 2010-04-22 04:08 145432 d:\windows\system32\ReinstallBackups\0024\DriverFiles\igfxpers.exe
+ 2010-11-10 12:36 . 2008-06-04 15:10 174616 d:\windows\system32\ReinstallBackups\0024\DriverFiles\igfxext.exe
+ 2010-11-10 12:36 . 2008-05-21 11:17 135168 d:\windows\system32\ReinstallBackups\0024\DriverFiles\igfxdo.dll
+ 2010-11-10 12:36 . 2008-05-21 11:17 212992 d:\windows\system32\ReinstallBackups\0024\DriverFiles\igfxdev.dll
+ 2010-11-10 12:36 . 2008-06-04 15:10 637464 d:\windows\system32\ReinstallBackups\0024\DriverFiles\igfxcfg.exe
+ 2010-11-10 12:36 . 2008-05-21 11:48 432400 d:\windows\system32\ReinstallBackups\0024\DriverFiles\igcompkrng500.bin
+ 2010-11-10 12:36 . 2010-04-22 04:08 170008 d:\windows\system32\ReinstallBackups\0024\DriverFiles\hkcmd.exe
+ 2010-11-10 12:35 . 2010-04-20 00:31 181760 d:\windows\system32\ReinstallBackups\0019\DriverFiles\igxpgd32.dll
- 2010-10-03 17:37 . 2010-04-20 00:31 181760 d:\windows\system32\ReinstallBackups\0019\DriverFiles\igxpgd32.dll
+ 2010-11-10 12:35 . 2008-05-21 12:03 147456 d:\windows\system32\ReinstallBackups\0019\DriverFiles\igxpco32.dll
+ 2010-11-10 12:35 . 2008-06-04 15:10 170520 d:\windows\system32\ReinstallBackups\0019\DriverFiles\igfxzoom.exe
- 2010-10-03 17:37 . 2010-04-22 04:08 136216 d:\windows\system32\ReinstallBackups\0019\DriverFiles\igfxtray.exe
+ 2010-11-10 12:35 . 2010-04-22 04:08 136216 d:\windows\system32\ReinstallBackups\0019\DriverFiles\igfxtray.exe
+ 2010-11-10 12:35 . 2008-06-04 15:10 256536 d:\windows\system32\ReinstallBackups\0019\DriverFiles\igfxsrvc.exe
+ 2010-11-10 12:35 . 2010-04-19 23:58 828928 d:\windows\system32\ReinstallBackups\0019\DriverFiles\igfxress.dll
- 2010-10-03 17:37 . 2010-04-19 23:58 828928 d:\windows\system32\ReinstallBackups\0019\DriverFiles\igfxress.dll
+ 2010-11-10 12:35 . 2008-05-21 11:17 204800 d:\windows\system32\ReinstallBackups\0019\DriverFiles\igfxpph.dll
- 2010-10-03 17:37 . 2010-04-22 04:08 145432 d:\windows\system32\ReinstallBackups\0019\DriverFiles\igfxpers.exe
+ 2010-11-10 12:35 . 2010-04-22 04:08 145432 d:\windows\system32\ReinstallBackups\0019\DriverFiles\igfxpers.exe
+ 2010-11-10 12:35 . 2008-06-04 15:10 174616 d:\windows\system32\ReinstallBackups\0019\DriverFiles\igfxext.exe
+ 2010-11-10 12:35 . 2008-05-21 11:17 135168 d:\windows\system32\ReinstallBackups\0019\DriverFiles\igfxdo.dll
+ 2010-11-10 12:35 . 2008-05-21 11:17 212992 d:\windows\system32\ReinstallBackups\0019\DriverFiles\igfxdev.dll
+ 2010-11-10 12:35 . 2008-06-04 15:10 637464 d:\windows\system32\ReinstallBackups\0019\DriverFiles\igfxcfg.exe
+ 2010-11-10 12:35 . 2008-05-21 11:48 432400 d:\windows\system32\ReinstallBackups\0019\DriverFiles\igcompkrng500.bin
+ 2010-11-10 12:35 . 2010-04-22 04:08 170008 d:\windows\system32\ReinstallBackups\0019\DriverFiles\hkcmd.exe
- 2010-10-03 17:37 . 2010-04-22 04:08 170008 d:\windows\system32\ReinstallBackups\0019\DriverFiles\hkcmd.exe
+ 2001-10-25 14:00 . 2010-11-19 08:44 435594 d:\windows\system32\perfh009.dat
- 2001-10-25 14:00 . 2010-10-18 18:42 435594 d:\windows\system32\perfh009.dat
- 2001-10-25 14:00 . 2010-10-18 18:42 433356 d:\windows\system32\perfh005.dat
+ 2001-10-25 14:00 . 2010-11-19 08:44 433356 d:\windows\system32\perfh005.dat
- 2004-08-17 15:49 . 2008-04-14 06:53 294912 d:\windows\system32\msh263.drv
+ 2004-08-17 15:49 . 2008-04-14 07:53 294912 d:\windows\system32\msh263.drv
+ 2010-11-18 08:19 . 2010-11-18 08:19 233936 d:\windows\system32\Macromed\Flash\FlashUtil10l_Plugin.exe
+ 2010-07-17 12:00 . 2008-05-21 11:48 151552 d:\windows\system32\igxpgd32.dll
+ 2010-07-17 12:00 . 2008-06-04 15:10 150040 d:\windows\system32\igfxtray.exe
+ 2010-07-17 12:00 . 2008-06-04 15:10 256536 d:\windows\system32\igfxsrvc.exe
+ 2010-07-17 12:00 . 2008-05-21 11:17 204800 d:\windows\system32\igfxpph.dll
+ 2010-07-17 12:00 . 2008-06-04 15:10 141848 d:\windows\system32\igfxpers.exe
+ 2010-07-17 12:00 . 2008-06-04 15:10 174616 d:\windows\system32\igfxext.exe
+ 2010-07-17 12:00 . 2008-05-21 11:17 135168 d:\windows\system32\igfxdo.dll
+ 2010-07-17 12:00 . 2008-05-21 11:17 212992 d:\windows\system32\igfxdev.dll
+ 2010-07-17 12:00 . 2008-05-21 11:48 432400 d:\windows\system32\igcompkrng500.bin
+ 2010-07-17 12:00 . 2008-06-04 15:10 170520 d:\windows\system32\hkcmd.exe
+ 2010-07-17 12:00 . 2008-05-21 11:17 106496 d:\windows\system32\hccutils.dll
+ 2010-11-10 13:52 . 2008-10-06 16:56 137984 d:\windows\system32\DRVSTORE\tosrfbd_14DA309AA66A0029D49667622B292BCAA371185D\tosrfbd.sys
- 2010-10-03 18:21 . 2008-10-06 15:56 137984 d:\windows\system32\DRVSTORE\tosrfbd_14DA309AA66A0029D49667622B292BCAA371185D\tosrfbd.sys
+ 2010-11-10 11:41 . 2008-05-21 11:48 151552 d:\windows\system32\DRVSTORE\igxpc32_2538971D6F35EC3350BA68A29B8A273A98EDCCE1\igxpgd32.dll
+ 2010-11-10 11:41 . 2008-05-21 12:03 147456 d:\windows\system32\DRVSTORE\igxpc32_2538971D6F35EC3350BA68A29B8A273A98EDCCE1\igxpco32.dll
+ 2010-11-10 11:41 . 2008-06-04 15:10 170520 d:\windows\system32\DRVSTORE\igxpc32_2538971D6F35EC3350BA68A29B8A273A98EDCCE1\igfxzoom.exe
+ 2010-11-10 11:41 . 2008-06-04 15:10 150040 d:\windows\system32\DRVSTORE\igxpc32_2538971D6F35EC3350BA68A29B8A273A98EDCCE1\igfxtray.exe
+ 2010-11-10 11:41 . 2008-06-04 15:10 256536 d:\windows\system32\DRVSTORE\igxpc32_2538971D6F35EC3350BA68A29B8A273A98EDCCE1\igfxsrvc.exe
+ 2010-11-10 11:41 . 2008-05-21 11:17 204800 d:\windows\system32\DRVSTORE\igxpc32_2538971D6F35EC3350BA68A29B8A273A98EDCCE1\igfxpph.dll
+ 2010-11-10 11:41 . 2008-06-04 15:10 141848 d:\windows\system32\DRVSTORE\igxpc32_2538971D6F35EC3350BA68A29B8A273A98EDCCE1\igfxpers.exe
+ 2010-11-10 11:41 . 2008-06-04 15:10 174616 d:\windows\system32\DRVSTORE\igxpc32_2538971D6F35EC3350BA68A29B8A273A98EDCCE1\igfxext.exe
+ 2010-11-10 11:41 . 2008-05-21 11:17 135168 d:\windows\system32\DRVSTORE\igxpc32_2538971D6F35EC3350BA68A29B8A273A98EDCCE1\igfxdo.dll
+ 2010-11-10 11:41 . 2008-05-21 11:17 212992 d:\windows\system32\DRVSTORE\igxpc32_2538971D6F35EC3350BA68A29B8A273A98EDCCE1\igfxdev.dll
+ 2010-11-10 11:41 . 2008-06-04 15:10 637464 d:\windows\system32\DRVSTORE\igxpc32_2538971D6F35EC3350BA68A29B8A273A98EDCCE1\igfxcfg.exe
+ 2010-11-10 11:41 . 2008-05-21 11:48 432400 d:\windows\system32\DRVSTORE\igxpc32_2538971D6F35EC3350BA68A29B8A273A98EDCCE1\igcompkrng500.bin
+ 2010-11-10 11:41 . 2008-06-04 15:10 170520 d:\windows\system32\DRVSTORE\igxpc32_2538971D6F35EC3350BA68A29B8A273A98EDCCE1\hkcmd.exe
+ 2010-11-10 11:41 . 2008-05-21 11:17 106496 d:\windows\system32\DRVSTORE\igxpc32_2538971D6F35EC3350BA68A29B8A273A98EDCCE1\hccutils.dll
+ 2010-06-11 08:33 . 2008-04-13 23:49 146048 d:\windows\system32\drivers\portcls.sys
- 2010-06-11 08:33 . 2008-04-13 22:49 146048 d:\windows\system32\drivers\portcls.sys
- 2004-08-03 23:15 . 2008-04-13 22:46 141056 d:\windows\system32\drivers\ks.sys
+ 2004-08-03 23:15 . 2008-04-13 23:46 141056 d:\windows\system32\drivers\ks.sys
+ 2010-06-11 08:33 . 2008-04-13 23:49 146048 d:\windows\system32\dllcache\portcls.sys
- 2010-06-11 08:33 . 2008-04-13 22:49 146048 d:\windows\system32\dllcache\portcls.sys
- 2004-08-03 23:15 . 2008-04-13 22:46 141056 d:\windows\system32\dllcache\ks.sys
+ 2004-08-03 23:15 . 2008-04-13 23:46 141056 d:\windows\system32\dllcache\ks.sys
+ 2010-07-17 12:01 . 2006-11-10 08:25 319456 d:\windows\system32\difxapi.dll
- 2010-07-17 12:01 . 2006-11-02 21:21 319456 d:\windows\system32\difxapi.dll
+ 2010-11-10 11:44 . 2008-01-03 21:10 105856 d:\windows\OPTIONS\CABS\Rtenicxp.sys
+ 2010-11-10 11:44 . 2008-01-03 21:10 125440 d:\windows\OPTIONS\CABS\Rtenic64.sys
+ 2010-11-10 11:44 . 2008-01-03 21:10 103680 d:\windows\OPTIONS\CABS\Rtenic.sys
+ 2010-10-29 12:50 . 2010-10-29 12:50 954368 d:\windows\Installer\5271a.msi
+ 2010-11-10 13:52 . 2010-11-10 13:52 527360 d:\windows\Installer\36ca9f.msi
+ 2010-09-22 17:10 . 2010-09-22 17:10 103864 d:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0400000010\9.4.0\nppdf32.dll
+ 2010-11-10 11:18 . 2010-11-10 11:18 119296 d:\windows\assembly\NativeImages_v2.0.50727_32\XPBurnComponent\3cafa427713cbe4dbc28eae0dcd65995\XPBurnComponent.ni.dll
+ 2010-11-10 11:18 . 2010-11-10 11:18 771584 d:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a140e8da81b3af34c864ad851fe150fd\System.Runtime.Remoting.ni.dll
+ 2010-11-10 11:18 . 2010-11-10 11:18 148992 d:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\becb5df0fe96877954aa1ea03141bf73\Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.ni.dll
+ 2010-11-10 11:18 . 2010-11-10 11:18 309248 d:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\88d6258666f551dfa6d5503704077682\Microsoft.Practices.EnterpriseLibrary.Common.ni.dll
+ 2010-11-10 11:18 . 2010-11-10 11:18 303616 d:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\449d6bdb266d9527084641d016fb33ac\Microsoft.Practices.ObjectBuilder.ni.dll
+ 2010-11-10 11:18 . 2010-11-10 11:18 230912 d:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Applicati#\70ba21426ecced3196a2808d203b1b42\Microsoft.ApplicationBlocks.Updater.ni.dll
+ 2010-11-10 11:18 . 2010-11-10 11:18 202240 d:\windows\assembly\NativeImages_v2.0.50727_32\Interop.WUApiLib\0da3416deb2ddb47313eef9485af11b6\Interop.WUApiLib.ni.dll
+ 2010-11-10 11:18 . 2010-11-10 11:18 331264 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\4ccf5996000af0808e00ae2a7c917d69\DriversHQ.DriverDetective.Common.ni.dll
+ 2010-11-10 11:18 . 2010-11-10 11:18 378368 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\4aa863cac9ce448ac7504a74bfe7a237\DriversHQ.DriverDetective.Client.Communication.ni.dll
+ 2010-11-10 12:36 . 2008-05-21 11:48 6018464 d:\windows\system32\ReinstallBackups\0024\DriverFiles\igxpmp32.sys
+ 2010-11-10 12:36 . 2010-04-20 00:32 4095488 d:\windows\system32\ReinstallBackups\0024\DriverFiles\igxpdx32.dll
+ 2010-11-10 12:36 . 2010-04-20 00:32 3477088 d:\windows\system32\ReinstallBackups\0024\DriverFiles\igxpdv32.dll
+ 2010-11-10 12:36 . 2008-05-21 11:48 1991464 d:\windows\system32\ReinstallBackups\0024\DriverFiles\igkrng500.bin
+ 2010-11-10 12:36 . 2008-05-21 11:26 2412544 d:\windows\system32\ReinstallBackups\0024\DriverFiles\ig4icd32.dll
+ 2010-11-10 12:36 . 2008-05-21 11:26 2027520 d:\windows\system32\ReinstallBackups\0024\DriverFiles\ig4dev32.dll
+ 2010-11-10 12:35 . 2008-05-21 11:48 6018464 d:\windows\system32\ReinstallBackups\0019\DriverFiles\igxpmp32.sys
- 2010-10-03 17:37 . 2010-04-20 00:32 4095488 d:\windows\system32\ReinstallBackups\0019\DriverFiles\igxpdx32.dll
+ 2010-11-10 12:35 . 2010-04-20 00:32 4095488 d:\windows\system32\ReinstallBackups\0019\DriverFiles\igxpdx32.dll
- 2010-10-03 17:37 . 2010-04-20 00:32 3477088 d:\windows\system32\ReinstallBackups\0019\DriverFiles\igxpdv32.dll
+ 2010-11-10 12:35 . 2010-04-20 00:32 3477088 d:\windows\system32\ReinstallBackups\0019\DriverFiles\igxpdv32.dll
+ 2010-11-10 12:35 . 2008-05-21 11:48 1991464 d:\windows\system32\ReinstallBackups\0019\DriverFiles\igkrng500.bin
+ 2010-11-10 12:35 . 2008-05-21 11:26 2412544 d:\windows\system32\ReinstallBackups\0019\DriverFiles\ig4icd32.dll
+ 2010-11-10 12:35 . 2008-05-21 11:26 2027520 d:\windows\system32\ReinstallBackups\0019\DriverFiles\ig4dev32.dll
+ 2010-06-11 08:24 . 2010-11-18 08:19 5971408 d:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2010-07-17 12:00 . 2008-05-21 11:48 3113472 d:\windows\system32\igxpdx32.dll
+ 2010-07-17 12:00 . 2008-05-21 11:48 2144192 d:\windows\system32\igxpdv32.dll
+ 2010-07-17 12:00 . 2008-05-21 11:48 1991464 d:\windows\system32\igkrng500.bin
+ 2010-07-17 12:00 . 2008-05-21 11:16 5697536 d:\windows\system32\igfxress.dll
+ 2010-07-17 12:00 . 2008-05-21 11:26 2412544 d:\windows\system32\ig4icd32.dll
+ 2010-11-10 11:41 . 2008-05-21 11:48 6018464 d:\windows\system32\DRVSTORE\igxpc32_2538971D6F35EC3350BA68A29B8A273A98EDCCE1\igxpmp32.sys
+ 2010-11-10 11:41 . 2008-05-21 11:48 3113472 d:\windows\system32\DRVSTORE\igxpc32_2538971D6F35EC3350BA68A29B8A273A98EDCCE1\igxpdx32.dll
+ 2010-11-10 11:41 . 2008-05-21 11:48 2144192 d:\windows\system32\DRVSTORE\igxpc32_2538971D6F35EC3350BA68A29B8A273A98EDCCE1\igxpdv32.dll
+ 2010-11-10 11:41 . 2008-05-21 11:48 1991464 d:\windows\system32\DRVSTORE\igxpc32_2538971D6F35EC3350BA68A29B8A273A98EDCCE1\igkrng500.bin
+ 2010-11-10 11:41 . 2008-05-21 11:16 5697536 d:\windows\system32\DRVSTORE\igxpc32_2538971D6F35EC3350BA68A29B8A273A98EDCCE1\igfxress.dll
+ 2010-11-10 11:41 . 2008-05-21 11:26 2412544 d:\windows\system32\DRVSTORE\igxpc32_2538971D6F35EC3350BA68A29B8A273A98EDCCE1\ig4icd32.dll
+ 2010-11-10 11:41 . 2008-05-21 11:26 2027520 d:\windows\system32\DRVSTORE\igxpc32_2538971D6F35EC3350BA68A29B8A273A98EDCCE1\ig4dev32.dll
+ 2010-07-17 12:00 . 2008-05-21 11:48 6018464 d:\windows\system32\drivers\igxpmp32.sys
+ 2010-11-18 11:12 . 2010-11-18 11:12 1094656 d:\windows\Installer\568b0a.msi
+ 2010-11-10 13:50 . 2010-11-10 13:50 3946496 d:\windows\Installer\36ca3f.msi
+ 2010-11-08 07:14 . 2010-11-08 07:14 3402752 d:\windows\Installer\1f9c1.msp
+ 2010-11-03 16:41 . 2010-11-03 16:41 2127360 d:\windows\Installer\1653fd7.msi
+ 2010-11-03 16:32 . 2010-11-03 16:32 8455680 d:\windows\Installer\1653fc8.msi
+ 2010-09-16 02:08 . 2010-09-16 02:08 6210560 d:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0400000010\9.4.0\authplay.dll
+ 2010-11-10 11:18 . 2010-11-10 11:18 1115136 d:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\58202ed61096113d08815c0a78313b66\System.Data.OracleClient.ni.dll
+ 2010-11-10 11:18 . 2010-11-10 11:18 4666880 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\53952eae2cf25f3001b1f1bc8309a065\DriversHQ.DriverDetective.Client.ni.exe
+ 2010-11-10 11:18 . 2010-11-10 11:18 1099776 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.Common\48d0a1bc705179df5e17d4a95ad6ea8e\DriversHQ.Common.ni.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="d:\documents and settings\Mirecek\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2010-10-18 136176]
"BTFileSender"="d:\program files\Bluetooth File Sender\BTFileSender.exe" [2006-12-28 1128448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="d:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"avast5"="d:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"RTHDCPL"="RTHDCPL.EXE" [2008-09-09 16851968]
"IgfxTray"="d:\windows\system32\igfxtray.exe" [2008-06-04 150040]
"HotKeysCmds"="d:\windows\system32\hkcmd.exe" [2008-06-04 170520]
"Persistence"="d:\windows\system32\igfxpers.exe" [2008-06-04 141848]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
d:\documents and settings\Mirecek\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - d:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
d:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2009-5-26 2528584]
Ralink Wireless Utility.lnk - d:\program files\Ralink\Common\RaUI.exe [2010-6-13 1638400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WmiApSrv"=3 (0x3)
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Documents and Settings\\Mirecek\\Data aplikací\\uTorrent\\utorrent.exe"=
"d:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Games\\WSOP 2008\\WSOPBFTB.exe"=
"c:\\Games\\Mirrors Edge\\Binaries\\MirrorsEdge.exe"=
"d:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Casino\\ParadiseCasino\\casino.exe"=
"d:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 BtHidBus;Bluetooth HID Bus Service;d:\windows\system32\drivers\BtHidBus.sys [31.7.2008 19:45 20616]
R0 xmasscsi;xmasscsi;d:\windows\system32\drivers\xmasscsi.sys [29.10.2010 13:50 5248]
R1 aswSP;aswSP;d:\windows\system32\drivers\aswSP.sys [3.10.2010 10:41 165584]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [3.10.2010 10:41 17744]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;d:\windows\system32\drivers\RtsUStor.sys [3.10.2010 18:42 182304]
R3 RT80x86;Ralink 802.11n Wireless Driver;d:\windows\system32\drivers\rt2860.sys [13.6.2010 9:48 1334240]
S3 IvtBtBUs;IVT Bluetooth Bus Service;d:\windows\system32\drivers\IvtBtBus.sys [2.7.2008 13:58 26248]
S4 sptd;sptd;d:\windows\system32\drivers\sptd.sys [13.7.2010 22:01 685816]
S4 xmasbus;xmasbus;d:\windows\system32\drivers\xmasbus.sys [29.10.2010 13:50 140800]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - d:\microgaming\Poker\UnibetpokerMPP\MPPoker.exe
FF - ProfilePath - d:\documents and settings\Mirecek\Data aplikací\Mozilla\Firefox\Profiles\fw47egrk.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - google.cz
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... 2.0.0.4&q=
FF - plugin: d:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npwachk.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
d:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKLM-Run-ITSecMng - %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-19 10:31
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
Celkový čas: 2010-11-19 10:32:29
ComboFix-quarantined-files.txt 2010-11-19 09:32
ComboFix2.txt 2010-10-18 18:44
Před spuštěním: 4 789 256 192
Po spuštění: 4 775 026 688
- - End Of File - - FBBF602122E0F02A64739DA5F7AE3E1D
Nelze mi vypínat notas pomocí startu pomoc Vyřešeno
-
Slany.Mirek
- nováček
- Příspěvky: 42
- Registrován: červen 10
- Pohlaví:
- Stav:
Offline
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Nelze mi vypínat notas pomocí startu pomoc
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
Toto otestuj na Virustotal
d:\windows\system32\CF27240.exe
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Kód: Vybrat vše
File::
d:\windows\system32\perfc009.dat
d:\windows\system32\perfc005.dat
d:\windows\system32\perfh009.dat
d:\windows\system32\perfh005.dat
Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000000
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
Toto otestuj na Virustotal
d:\windows\system32\CF27240.exe
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
-
Slany.Mirek
- nováček
- Příspěvky: 42
- Registrován: červen 10
- Pohlaví:
- Stav:
Offline
Re: Nelze mi vypínat notas pomocí startu pomoc
ComboFix 10-11-18.03 - Mirecek 20.11.2010 18:18:54.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3037.2159 [GMT 1:00]
Spuštěný z: d:\documents and settings\Mirecek\Plocha\ComboFix.exe
Použité ovládací přepínače :: d:\documents and settings\Mirecek\Plocha\CFScript.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
FILE ::
"d:\windows\system32\perfc005.dat"
"d:\windows\system32\perfc009.dat"
"d:\windows\system32\perfh005.dat"
"d:\windows\system32\perfh009.dat"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
d:\windows\system32\perfc005.dat
d:\windows\system32\perfh005.dat
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-10-20 do 2010-11-20 )))))))))))))))))))))))))))))))
.
2010-11-20 13:46 . 2010-11-20 13:46 -------- d-----w- d:\documents and settings\Mirecek\Local Settings\Data aplikací\PC_Drivers_Headquarters
2010-11-20 13:45 . 2010-11-20 13:45 -------- d-----w- d:\program files\PC Drivers HeadQuarters
2010-11-20 13:45 . 2010-11-20 13:45 -------- d-----w- d:\documents and settings\Mirecek\Local Settings\Data aplikací\Downloaded Installations
2010-11-18 11:12 . 2010-11-18 11:12 388096 ----a-r- d:\documents and settings\Mirecek\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-11-18 11:12 . 2010-11-18 11:12 -------- d-----w- d:\program files\HJT
2010-11-10 13:52 . 2009-03-19 13:07 43264 ----a-w- d:\windows\system32\drivers\tosrfusb.sys
2010-11-10 13:52 . 2009-03-05 10:03 74368 ----a-w- d:\windows\system32\drivers\Tosrfhid.sys
2010-11-10 13:52 . 2008-10-06 16:56 137984 ----a-w- d:\windows\system32\drivers\tosrfbd.sys
2010-11-10 13:52 . 2009-05-14 08:50 54400 ----a-w- d:\windows\system32\drivers\TosRfSnd.sys
2010-11-10 13:52 . 2009-05-12 10:12 36992 ----a-w- d:\windows\system32\drivers\tosrfbnp.sys
2010-11-10 13:52 . 2009-03-12 10:33 16128 ----a-w- d:\windows\system32\drivers\tosrfnds.sys
2010-11-10 13:52 . 2009-02-19 15:20 63872 ----a-w- d:\windows\system32\drivers\tosrfcom.sys
2010-11-10 13:52 . 2008-03-25 12:54 41472 ----a-w- d:\windows\system32\drivers\tosporte.sys
2010-11-10 13:49 . 2010-11-10 13:49 -------- d-----w- d:\program files\Common Files\Adobe
2010-11-10 11:44 . 2010-11-10 11:44 -------- d-----w- d:\windows\OPTIONS
2010-11-10 11:41 . 2008-06-04 15:10 170520 ----a-w- d:\windows\system32\igfxzoom.exe
2010-11-10 11:41 . 2008-06-04 15:10 637464 ----a-w- d:\windows\system32\igfxcfg.exe
2010-11-10 11:41 . 2008-05-21 12:03 147456 ----a-w- d:\windows\system32\igfxCoIn_v4953.dll
2010-11-10 11:41 . 2008-05-21 11:26 2027520 ----a-w- d:\windows\system32\ig4dev32.dll
2010-11-10 11:41 . 2008-05-21 11:21 270336 ----a-w- d:\windows\system32\igfxresp.lrc
2010-11-10 11:41 . 2008-06-04 15:10 920088 ----a-w- d:\windows\system32\igxpun.exe
2010-11-10 11:37 . 2010-11-10 11:37 -------- d-----w- d:\documents and settings\Mirecek\Data aplikací\Carambis
2010-11-10 11:18 . 2010-11-10 11:18 -------- d-----w- d:\documents and settings\All Users\Data aplikací\PC Drivers HeadQuarters
2010-11-10 11:12 . 2010-11-11 14:39 -------- d-----w- d:\program files\Bluetooth File Sender
2010-11-06 10:37 . 2010-11-06 10:37 103864 ----a-w- d:\program files\Mozilla Firefox\plugins\nppdf32.dll
2010-11-06 10:37 . 2010-11-06 10:37 103864 ----a-w- d:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2010-11-03 16:52 . 2010-11-07 14:18 137464 ----a-w- d:\windows\system32\drivers\PnkBstrK.sys
2010-11-03 16:52 . 2010-11-07 14:18 214520 ----a-w- d:\windows\system32\PnkBstrB.exe
2010-11-03 16:52 . 2010-11-07 14:18 214520 ----a-w- d:\windows\system32\PnkBstrB.xtr
2010-11-03 16:52 . 2010-11-03 16:52 75064 ----a-w- d:\windows\system32\PnkBstrA.exe
2010-11-03 16:52 . 2010-11-03 16:52 -------- d-----w- d:\documents and settings\Mirecek\Local Settings\Data aplikací\PunkBuster
2010-11-03 16:26 . 2010-11-03 16:26 -------- d-----w- d:\program files\Activision
2010-11-02 07:46 . 2010-11-02 07:52 -------- d-----w- d:\program files\Zrychleni Pocitace
2010-10-31 10:27 . 2010-10-31 10:27 -------- d-----w- d:\documents and settings\Mirecek\Local Settings\Data aplikací\WMTools Downloaded Files
2010-10-29 14:22 . 2010-10-29 14:22 -------- d-----w- d:\program files\IObit
2010-10-29 13:14 . 2010-10-29 13:14 151515 ----a-w- d:\windows\Čestina do SimCity 4 Rush Hour a Delux BETA Uninstaller.exe
2010-10-29 12:50 . 2003-12-23 00:15 5248 ----a-w- d:\windows\system32\drivers\xmasscsi.sys
2010-10-29 12:50 . 2003-12-21 15:24 140800 ----a-w- d:\windows\system32\drivers\xmasbus.sys
2010-10-29 12:50 . 2010-10-29 12:50 -------- d-----w- d:\program files\Alcohol Soft
2010-10-29 12:33 . 2010-10-29 12:50 -------- d-----w- D:\install
2010-10-23 20:27 . 2010-11-03 15:50 -------- d-----w- d:\documents and settings\Mirecek\Data aplikací\Microgaming
2010-10-23 20:26 . 2010-10-23 20:26 -------- d-----w- D:\Microgaming
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-29 12:46 . 2010-07-13 21:01 685816 ----a-w- d:\windows\system32\drivers\sptd.sys
2010-10-18 18:34 . 2010-10-18 18:34 390144 ----a-w- d:\windows\system32\CF27240.exe
2010-09-18 10:23 . 2004-08-17 13:49 974848 ----a-w- d:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2004-08-17 13:49 974848 ----a-w- d:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2001-10-25 14:00 954368 ----a-w- d:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2001-10-25 14:00 953856 ----a-w- d:\windows\system32\mfc40u.dll
2010-09-09 14:23 . 2004-08-17 13:49 668160 ----a-w- d:\windows\system32\wininet.dll
2010-09-09 14:23 . 2004-08-03 20:59 61952 ----a-w- d:\windows\system32\tdc.ocx
2010-09-09 14:23 . 2004-08-17 13:49 81920 ----a-w- d:\windows\system32\ieencode.dll
2010-09-09 14:16 . 2004-08-17 13:44 370176 ----a-w- d:\windows\system32\html.iec
2010-09-07 15:12 . 2010-10-03 09:41 38848 ----a-w- d:\windows\avastSS.scr
2010-09-07 15:11 . 2010-10-03 09:41 167592 ----a-w- d:\windows\system32\aswBoot.exe
2010-09-07 14:52 . 2010-10-03 09:41 46672 ----a-w- d:\windows\system32\drivers\aswTdi.sys
2010-09-07 14:52 . 2010-10-03 09:41 165584 ----a-w- d:\windows\system32\drivers\aswSP.sys
2010-09-07 14:47 . 2010-10-03 09:41 23376 ----a-w- d:\windows\system32\drivers\aswRdr.sys
2010-09-07 14:47 . 2010-10-03 09:41 100176 ----a-w- d:\windows\system32\drivers\aswmon2.sys
2010-09-07 14:47 . 2010-10-03 09:41 94544 ----a-w- d:\windows\system32\drivers\aswmon.sys
2010-09-07 14:47 . 2010-10-03 09:41 17744 ----a-w- d:\windows\system32\drivers\aswFsBlk.sys
2010-09-07 14:46 . 2010-10-03 09:41 28880 ----a-w- d:\windows\system32\drivers\aavmker4.sys
2010-09-01 11:52 . 2004-08-17 13:48 285824 ----a-w- d:\windows\system32\atmfd.dll
2010-09-01 07:57 . 2004-08-17 13:44 1852800 ----a-w- d:\windows\system32\win32k.sys
2010-08-27 08:03 . 2004-08-17 13:49 119808 ----a-w- d:\windows\system32\t2embed.dll
2010-08-27 05:54 . 2004-08-17 13:49 99840 ----a-w- d:\windows\system32\srvsvc.dll
2010-08-27 01:43 . 2008-05-05 05:25 5632 ----a-w- d:\windows\system32\xpsp4res.dll
2010-08-26 13:39 . 2004-08-03 21:14 357248 ----a-w- d:\windows\system32\drivers\srv.sys
2010-08-23 16:12 . 2004-08-17 13:49 617472 ----a-w- d:\windows\system32\comctl32.dll
2010-08-22 20:05 . 2010-08-22 20:05 281760 ----a-w- d:\windows\system32\drivers\atksgt.sys
2010-08-22 20:05 . 2010-08-22 20:05 25888 ----a-w- d:\windows\system32\drivers\lirsgt.sys
.
((((((((((((((((((((((((((((( SnapShot_2010-11-19_09.31.15 )))))))))))))))))))))))))))))))))))))))))
.
- 2001-10-25 14:00 . 2010-11-19 08:44 68490 d:\windows\system32\perfc009.dat
+ 2001-10-25 14:00 . 2010-11-20 13:22 68490 d:\windows\system32\perfc009.dat
+ 2010-11-20 13:45 . 2010-11-20 13:45 69632 d:\windows\Installer\{621C02EA-AAFF-4026-A903-165D59529A16}\DriversHQ.DriverDe_212B77217E284373BD0AA155B0932A89_1.exe
+ 2010-11-20 13:45 . 2010-11-20 13:45 69632 d:\windows\Installer\{621C02EA-AAFF-4026-A903-165D59529A16}\DriversHQ.DriverDe_212B77217E284373BD0AA155B0932A89.exe
+ 2010-11-20 13:45 . 2010-11-20 13:45 26694 d:\windows\Installer\{621C02EA-AAFF-4026-A903-165D59529A16}\ARPPRODUCTICON.exe
+ 2010-11-20 13:47 . 2010-11-20 13:47 46080 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\e59acdd3f944fc3414cb82ec9dc71e67\DriversHQ.DriverDetective.Client.DirectX.ni.dll
+ 2010-11-20 13:47 . 2010-11-20 13:47 57856 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\64975e476288c87113133cc32eecf612\DriversHQ.DriverDetective.ExceptionLogging.ni.dll
- 2001-10-25 14:00 . 2010-11-19 08:44 435594 d:\windows\system32\perfh009.dat
+ 2001-10-25 14:00 . 2010-11-20 13:22 435594 d:\windows\system32\perfh009.dat
+ 2010-11-20 13:45 . 2010-11-20 13:45 148480 d:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\fe016e881bb02ff5d80f56fc18f79804\Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.ni.dll
+ 2010-11-20 13:45 . 2010-11-20 13:45 304128 d:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\d7ce6416674ef7b72bc999f6da7594d4\Microsoft.Practices.ObjectBuilder.ni.dll
+ 2010-11-20 13:45 . 2010-11-20 13:45 309248 d:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\c0786c509e349a289b92756b8ca00dc6\Microsoft.Practices.EnterpriseLibrary.Common.ni.dll
+ 2010-11-20 13:45 . 2010-11-20 13:45 228864 d:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Applicati#\c8d39427576c7f83124b903376e682c8\Microsoft.ApplicationBlocks.Updater.ni.dll
+ 2010-11-20 13:48 . 2010-11-20 13:48 202240 d:\windows\assembly\NativeImages_v2.0.50727_32\Interop.WUApiLib\192062f30bba9e76a3d1da283e047fbb\Interop.WUApiLib.ni.dll
+ 2010-11-20 13:48 . 2010-11-20 13:48 378368 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\89032eb7df3caf40ae6d4232bff1f8ca\DriversHQ.DriverDetective.Client.Communication.ni.dll
+ 2010-11-20 13:47 . 2010-11-20 13:47 233472 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\60f8ff46d22a0dc2539f34eb216470ed\DriversHQ.DriverDetective.Common.ni.dll
+ 2010-11-20 13:48 . 2010-11-20 13:48 330240 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\197fe087ceecf53da1e9cf89927fc611\DriversHQ.DriverDetective.Common.ni.dll
+ 2010-11-20 13:47 . 2010-11-20 13:47 268800 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\079318c35b8d0ed8c964210196fc21ff\DriversHQ.DriverDetective.Client.Communication.ni.dll
+ 2010-11-20 13:45 . 2010-11-20 13:45 1299456 d:\windows\Installer\232a45.msi
+ 2010-11-20 13:48 . 2010-11-20 13:48 4674560 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\dccc37020f8c1dde38d3c8e9ebee67de\DriversHQ.DriverDetective.Client.ni.exe
+ 2010-11-20 13:47 . 2010-11-20 13:47 3406848 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\308f4c063dc9c9ae69af5be6a1d6aee3\DriversHQ.DriverDetective.Client.ni.exe
+ 2010-11-20 13:48 . 2010-11-20 13:48 1132032 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.Common\82cff8d8c5872bb1eed37a38b5da752b\DriversHQ.Common.ni.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="d:\documents and settings\Mirecek\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2010-10-18 136176]
"BTFileSender"="d:\program files\Bluetooth File Sender\BTFileSender.exe" [2006-12-28 1128448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="d:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"avast5"="d:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"RTHDCPL"="RTHDCPL.EXE" [2008-09-09 16851968]
"IgfxTray"="d:\windows\system32\igfxtray.exe" [2008-06-04 150040]
"HotKeysCmds"="d:\windows\system32\hkcmd.exe" [2008-06-04 170520]
"Persistence"="d:\windows\system32\igfxpers.exe" [2008-06-04 141848]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
d:\documents and settings\Mirecek\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - d:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
d:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2009-5-26 2528584]
Ralink Wireless Utility.lnk - d:\program files\Ralink\Common\RaUI.exe [2010-6-13 1638400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WmiApSrv"=3 (0x3)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Documents and Settings\\Mirecek\\Data aplikací\\uTorrent\\utorrent.exe"=
"d:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Games\\WSOP 2008\\WSOPBFTB.exe"=
"c:\\Games\\Mirrors Edge\\Binaries\\MirrorsEdge.exe"=
"d:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Casino\\ParadiseCasino\\casino.exe"=
"d:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 BtHidBus;Bluetooth HID Bus Service;d:\windows\system32\drivers\BtHidBus.sys [31.7.2008 19:45 20616]
R0 xmasscsi;xmasscsi;d:\windows\system32\drivers\xmasscsi.sys [29.10.2010 13:50 5248]
R1 aswSP;aswSP;d:\windows\system32\drivers\aswSP.sys [3.10.2010 10:41 165584]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [3.10.2010 10:41 17744]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;d:\windows\system32\drivers\RtsUStor.sys [3.10.2010 18:42 182304]
R3 RT80x86;Ralink 802.11n Wireless Driver;d:\windows\system32\drivers\rt2860.sys [13.6.2010 9:48 1334240]
S3 IvtBtBUs;IVT Bluetooth Bus Service;d:\windows\system32\drivers\IvtBtBus.sys [2.7.2008 13:58 26248]
S4 sptd;sptd;d:\windows\system32\drivers\sptd.sys [13.7.2010 22:01 685816]
S4 xmasbus;xmasbus;d:\windows\system32\drivers\xmasbus.sys [29.10.2010 13:50 140800]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - d:\microgaming\Poker\UnibetpokerMPP\MPPoker.exe
FF - ProfilePath - d:\documents and settings\Mirecek\Data aplikací\Mozilla\Firefox\Profiles\fw47egrk.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - google.cz
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... 2.0.0.4&q=
FF - plugin: d:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npwachk.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
d:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-20 18:22
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
Celkový čas: 2010-11-20 18:23:33
ComboFix-quarantined-files.txt 2010-11-20 17:23
ComboFix2.txt 2010-11-19 09:32
ComboFix3.txt 2010-10-18 18:44
Před spuštěním: 4 490 403 840
Po spuštění: 4 481 732 608
- - End Of File - - 56199FCEA1120CA9592579C425F3A29C
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3037.2159 [GMT 1:00]
Spuštěný z: d:\documents and settings\Mirecek\Plocha\ComboFix.exe
Použité ovládací přepínače :: d:\documents and settings\Mirecek\Plocha\CFScript.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
FILE ::
"d:\windows\system32\perfc005.dat"
"d:\windows\system32\perfc009.dat"
"d:\windows\system32\perfh005.dat"
"d:\windows\system32\perfh009.dat"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
d:\windows\system32\perfc005.dat
d:\windows\system32\perfh005.dat
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-10-20 do 2010-11-20 )))))))))))))))))))))))))))))))
.
2010-11-20 13:46 . 2010-11-20 13:46 -------- d-----w- d:\documents and settings\Mirecek\Local Settings\Data aplikací\PC_Drivers_Headquarters
2010-11-20 13:45 . 2010-11-20 13:45 -------- d-----w- d:\program files\PC Drivers HeadQuarters
2010-11-20 13:45 . 2010-11-20 13:45 -------- d-----w- d:\documents and settings\Mirecek\Local Settings\Data aplikací\Downloaded Installations
2010-11-18 11:12 . 2010-11-18 11:12 388096 ----a-r- d:\documents and settings\Mirecek\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-11-18 11:12 . 2010-11-18 11:12 -------- d-----w- d:\program files\HJT
2010-11-10 13:52 . 2009-03-19 13:07 43264 ----a-w- d:\windows\system32\drivers\tosrfusb.sys
2010-11-10 13:52 . 2009-03-05 10:03 74368 ----a-w- d:\windows\system32\drivers\Tosrfhid.sys
2010-11-10 13:52 . 2008-10-06 16:56 137984 ----a-w- d:\windows\system32\drivers\tosrfbd.sys
2010-11-10 13:52 . 2009-05-14 08:50 54400 ----a-w- d:\windows\system32\drivers\TosRfSnd.sys
2010-11-10 13:52 . 2009-05-12 10:12 36992 ----a-w- d:\windows\system32\drivers\tosrfbnp.sys
2010-11-10 13:52 . 2009-03-12 10:33 16128 ----a-w- d:\windows\system32\drivers\tosrfnds.sys
2010-11-10 13:52 . 2009-02-19 15:20 63872 ----a-w- d:\windows\system32\drivers\tosrfcom.sys
2010-11-10 13:52 . 2008-03-25 12:54 41472 ----a-w- d:\windows\system32\drivers\tosporte.sys
2010-11-10 13:49 . 2010-11-10 13:49 -------- d-----w- d:\program files\Common Files\Adobe
2010-11-10 11:44 . 2010-11-10 11:44 -------- d-----w- d:\windows\OPTIONS
2010-11-10 11:41 . 2008-06-04 15:10 170520 ----a-w- d:\windows\system32\igfxzoom.exe
2010-11-10 11:41 . 2008-06-04 15:10 637464 ----a-w- d:\windows\system32\igfxcfg.exe
2010-11-10 11:41 . 2008-05-21 12:03 147456 ----a-w- d:\windows\system32\igfxCoIn_v4953.dll
2010-11-10 11:41 . 2008-05-21 11:26 2027520 ----a-w- d:\windows\system32\ig4dev32.dll
2010-11-10 11:41 . 2008-05-21 11:21 270336 ----a-w- d:\windows\system32\igfxresp.lrc
2010-11-10 11:41 . 2008-06-04 15:10 920088 ----a-w- d:\windows\system32\igxpun.exe
2010-11-10 11:37 . 2010-11-10 11:37 -------- d-----w- d:\documents and settings\Mirecek\Data aplikací\Carambis
2010-11-10 11:18 . 2010-11-10 11:18 -------- d-----w- d:\documents and settings\All Users\Data aplikací\PC Drivers HeadQuarters
2010-11-10 11:12 . 2010-11-11 14:39 -------- d-----w- d:\program files\Bluetooth File Sender
2010-11-06 10:37 . 2010-11-06 10:37 103864 ----a-w- d:\program files\Mozilla Firefox\plugins\nppdf32.dll
2010-11-06 10:37 . 2010-11-06 10:37 103864 ----a-w- d:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2010-11-03 16:52 . 2010-11-07 14:18 137464 ----a-w- d:\windows\system32\drivers\PnkBstrK.sys
2010-11-03 16:52 . 2010-11-07 14:18 214520 ----a-w- d:\windows\system32\PnkBstrB.exe
2010-11-03 16:52 . 2010-11-07 14:18 214520 ----a-w- d:\windows\system32\PnkBstrB.xtr
2010-11-03 16:52 . 2010-11-03 16:52 75064 ----a-w- d:\windows\system32\PnkBstrA.exe
2010-11-03 16:52 . 2010-11-03 16:52 -------- d-----w- d:\documents and settings\Mirecek\Local Settings\Data aplikací\PunkBuster
2010-11-03 16:26 . 2010-11-03 16:26 -------- d-----w- d:\program files\Activision
2010-11-02 07:46 . 2010-11-02 07:52 -------- d-----w- d:\program files\Zrychleni Pocitace
2010-10-31 10:27 . 2010-10-31 10:27 -------- d-----w- d:\documents and settings\Mirecek\Local Settings\Data aplikací\WMTools Downloaded Files
2010-10-29 14:22 . 2010-10-29 14:22 -------- d-----w- d:\program files\IObit
2010-10-29 13:14 . 2010-10-29 13:14 151515 ----a-w- d:\windows\Čestina do SimCity 4 Rush Hour a Delux BETA Uninstaller.exe
2010-10-29 12:50 . 2003-12-23 00:15 5248 ----a-w- d:\windows\system32\drivers\xmasscsi.sys
2010-10-29 12:50 . 2003-12-21 15:24 140800 ----a-w- d:\windows\system32\drivers\xmasbus.sys
2010-10-29 12:50 . 2010-10-29 12:50 -------- d-----w- d:\program files\Alcohol Soft
2010-10-29 12:33 . 2010-10-29 12:50 -------- d-----w- D:\install
2010-10-23 20:27 . 2010-11-03 15:50 -------- d-----w- d:\documents and settings\Mirecek\Data aplikací\Microgaming
2010-10-23 20:26 . 2010-10-23 20:26 -------- d-----w- D:\Microgaming
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-29 12:46 . 2010-07-13 21:01 685816 ----a-w- d:\windows\system32\drivers\sptd.sys
2010-10-18 18:34 . 2010-10-18 18:34 390144 ----a-w- d:\windows\system32\CF27240.exe
2010-09-18 10:23 . 2004-08-17 13:49 974848 ----a-w- d:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2004-08-17 13:49 974848 ----a-w- d:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2001-10-25 14:00 954368 ----a-w- d:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2001-10-25 14:00 953856 ----a-w- d:\windows\system32\mfc40u.dll
2010-09-09 14:23 . 2004-08-17 13:49 668160 ----a-w- d:\windows\system32\wininet.dll
2010-09-09 14:23 . 2004-08-03 20:59 61952 ----a-w- d:\windows\system32\tdc.ocx
2010-09-09 14:23 . 2004-08-17 13:49 81920 ----a-w- d:\windows\system32\ieencode.dll
2010-09-09 14:16 . 2004-08-17 13:44 370176 ----a-w- d:\windows\system32\html.iec
2010-09-07 15:12 . 2010-10-03 09:41 38848 ----a-w- d:\windows\avastSS.scr
2010-09-07 15:11 . 2010-10-03 09:41 167592 ----a-w- d:\windows\system32\aswBoot.exe
2010-09-07 14:52 . 2010-10-03 09:41 46672 ----a-w- d:\windows\system32\drivers\aswTdi.sys
2010-09-07 14:52 . 2010-10-03 09:41 165584 ----a-w- d:\windows\system32\drivers\aswSP.sys
2010-09-07 14:47 . 2010-10-03 09:41 23376 ----a-w- d:\windows\system32\drivers\aswRdr.sys
2010-09-07 14:47 . 2010-10-03 09:41 100176 ----a-w- d:\windows\system32\drivers\aswmon2.sys
2010-09-07 14:47 . 2010-10-03 09:41 94544 ----a-w- d:\windows\system32\drivers\aswmon.sys
2010-09-07 14:47 . 2010-10-03 09:41 17744 ----a-w- d:\windows\system32\drivers\aswFsBlk.sys
2010-09-07 14:46 . 2010-10-03 09:41 28880 ----a-w- d:\windows\system32\drivers\aavmker4.sys
2010-09-01 11:52 . 2004-08-17 13:48 285824 ----a-w- d:\windows\system32\atmfd.dll
2010-09-01 07:57 . 2004-08-17 13:44 1852800 ----a-w- d:\windows\system32\win32k.sys
2010-08-27 08:03 . 2004-08-17 13:49 119808 ----a-w- d:\windows\system32\t2embed.dll
2010-08-27 05:54 . 2004-08-17 13:49 99840 ----a-w- d:\windows\system32\srvsvc.dll
2010-08-27 01:43 . 2008-05-05 05:25 5632 ----a-w- d:\windows\system32\xpsp4res.dll
2010-08-26 13:39 . 2004-08-03 21:14 357248 ----a-w- d:\windows\system32\drivers\srv.sys
2010-08-23 16:12 . 2004-08-17 13:49 617472 ----a-w- d:\windows\system32\comctl32.dll
2010-08-22 20:05 . 2010-08-22 20:05 281760 ----a-w- d:\windows\system32\drivers\atksgt.sys
2010-08-22 20:05 . 2010-08-22 20:05 25888 ----a-w- d:\windows\system32\drivers\lirsgt.sys
.
((((((((((((((((((((((((((((( SnapShot_2010-11-19_09.31.15 )))))))))))))))))))))))))))))))))))))))))
.
- 2001-10-25 14:00 . 2010-11-19 08:44 68490 d:\windows\system32\perfc009.dat
+ 2001-10-25 14:00 . 2010-11-20 13:22 68490 d:\windows\system32\perfc009.dat
+ 2010-11-20 13:45 . 2010-11-20 13:45 69632 d:\windows\Installer\{621C02EA-AAFF-4026-A903-165D59529A16}\DriversHQ.DriverDe_212B77217E284373BD0AA155B0932A89_1.exe
+ 2010-11-20 13:45 . 2010-11-20 13:45 69632 d:\windows\Installer\{621C02EA-AAFF-4026-A903-165D59529A16}\DriversHQ.DriverDe_212B77217E284373BD0AA155B0932A89.exe
+ 2010-11-20 13:45 . 2010-11-20 13:45 26694 d:\windows\Installer\{621C02EA-AAFF-4026-A903-165D59529A16}\ARPPRODUCTICON.exe
+ 2010-11-20 13:47 . 2010-11-20 13:47 46080 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\e59acdd3f944fc3414cb82ec9dc71e67\DriversHQ.DriverDetective.Client.DirectX.ni.dll
+ 2010-11-20 13:47 . 2010-11-20 13:47 57856 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\64975e476288c87113133cc32eecf612\DriversHQ.DriverDetective.ExceptionLogging.ni.dll
- 2001-10-25 14:00 . 2010-11-19 08:44 435594 d:\windows\system32\perfh009.dat
+ 2001-10-25 14:00 . 2010-11-20 13:22 435594 d:\windows\system32\perfh009.dat
+ 2010-11-20 13:45 . 2010-11-20 13:45 148480 d:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\fe016e881bb02ff5d80f56fc18f79804\Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.ni.dll
+ 2010-11-20 13:45 . 2010-11-20 13:45 304128 d:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\d7ce6416674ef7b72bc999f6da7594d4\Microsoft.Practices.ObjectBuilder.ni.dll
+ 2010-11-20 13:45 . 2010-11-20 13:45 309248 d:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\c0786c509e349a289b92756b8ca00dc6\Microsoft.Practices.EnterpriseLibrary.Common.ni.dll
+ 2010-11-20 13:45 . 2010-11-20 13:45 228864 d:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Applicati#\c8d39427576c7f83124b903376e682c8\Microsoft.ApplicationBlocks.Updater.ni.dll
+ 2010-11-20 13:48 . 2010-11-20 13:48 202240 d:\windows\assembly\NativeImages_v2.0.50727_32\Interop.WUApiLib\192062f30bba9e76a3d1da283e047fbb\Interop.WUApiLib.ni.dll
+ 2010-11-20 13:48 . 2010-11-20 13:48 378368 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\89032eb7df3caf40ae6d4232bff1f8ca\DriversHQ.DriverDetective.Client.Communication.ni.dll
+ 2010-11-20 13:47 . 2010-11-20 13:47 233472 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\60f8ff46d22a0dc2539f34eb216470ed\DriversHQ.DriverDetective.Common.ni.dll
+ 2010-11-20 13:48 . 2010-11-20 13:48 330240 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\197fe087ceecf53da1e9cf89927fc611\DriversHQ.DriverDetective.Common.ni.dll
+ 2010-11-20 13:47 . 2010-11-20 13:47 268800 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\079318c35b8d0ed8c964210196fc21ff\DriversHQ.DriverDetective.Client.Communication.ni.dll
+ 2010-11-20 13:45 . 2010-11-20 13:45 1299456 d:\windows\Installer\232a45.msi
+ 2010-11-20 13:48 . 2010-11-20 13:48 4674560 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\dccc37020f8c1dde38d3c8e9ebee67de\DriversHQ.DriverDetective.Client.ni.exe
+ 2010-11-20 13:47 . 2010-11-20 13:47 3406848 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\308f4c063dc9c9ae69af5be6a1d6aee3\DriversHQ.DriverDetective.Client.ni.exe
+ 2010-11-20 13:48 . 2010-11-20 13:48 1132032 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.Common\82cff8d8c5872bb1eed37a38b5da752b\DriversHQ.Common.ni.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="d:\documents and settings\Mirecek\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2010-10-18 136176]
"BTFileSender"="d:\program files\Bluetooth File Sender\BTFileSender.exe" [2006-12-28 1128448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="d:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"avast5"="d:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"RTHDCPL"="RTHDCPL.EXE" [2008-09-09 16851968]
"IgfxTray"="d:\windows\system32\igfxtray.exe" [2008-06-04 150040]
"HotKeysCmds"="d:\windows\system32\hkcmd.exe" [2008-06-04 170520]
"Persistence"="d:\windows\system32\igfxpers.exe" [2008-06-04 141848]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
d:\documents and settings\Mirecek\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - d:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
d:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2009-5-26 2528584]
Ralink Wireless Utility.lnk - d:\program files\Ralink\Common\RaUI.exe [2010-6-13 1638400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WmiApSrv"=3 (0x3)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Documents and Settings\\Mirecek\\Data aplikací\\uTorrent\\utorrent.exe"=
"d:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Games\\WSOP 2008\\WSOPBFTB.exe"=
"c:\\Games\\Mirrors Edge\\Binaries\\MirrorsEdge.exe"=
"d:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Casino\\ParadiseCasino\\casino.exe"=
"d:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 BtHidBus;Bluetooth HID Bus Service;d:\windows\system32\drivers\BtHidBus.sys [31.7.2008 19:45 20616]
R0 xmasscsi;xmasscsi;d:\windows\system32\drivers\xmasscsi.sys [29.10.2010 13:50 5248]
R1 aswSP;aswSP;d:\windows\system32\drivers\aswSP.sys [3.10.2010 10:41 165584]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [3.10.2010 10:41 17744]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;d:\windows\system32\drivers\RtsUStor.sys [3.10.2010 18:42 182304]
R3 RT80x86;Ralink 802.11n Wireless Driver;d:\windows\system32\drivers\rt2860.sys [13.6.2010 9:48 1334240]
S3 IvtBtBUs;IVT Bluetooth Bus Service;d:\windows\system32\drivers\IvtBtBus.sys [2.7.2008 13:58 26248]
S4 sptd;sptd;d:\windows\system32\drivers\sptd.sys [13.7.2010 22:01 685816]
S4 xmasbus;xmasbus;d:\windows\system32\drivers\xmasbus.sys [29.10.2010 13:50 140800]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - d:\microgaming\Poker\UnibetpokerMPP\MPPoker.exe
FF - ProfilePath - d:\documents and settings\Mirecek\Data aplikací\Mozilla\Firefox\Profiles\fw47egrk.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - google.cz
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... 2.0.0.4&q=
FF - plugin: d:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npwachk.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
d:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-20 18:22
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
Celkový čas: 2010-11-20 18:23:33
ComboFix-quarantined-files.txt 2010-11-20 17:23
ComboFix2.txt 2010-11-19 09:32
ComboFix3.txt 2010-10-18 18:44
Před spuštěním: 4 490 403 840
Po spuštění: 4 481 732 608
- - End Of File - - 56199FCEA1120CA9592579C425F3A29C
-
Slany.Mirek
- nováček
- Příspěvky: 42
- Registrován: červen 10
- Pohlaví:
- Stav:
Offline
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Nelze mi vypínat notas pomocí startu pomoc
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Kód: Vybrat vše
File::
d:\windows\system32\CF27240.exe
Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WmiApSrv"=-
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
-
Slany.Mirek
- nováček
- Příspěvky: 42
- Registrován: červen 10
- Pohlaví:
- Stav:
Offline
Re: Nelze mi vypínat notas pomocí startu pomoc
ComboFix 10-11-18.03 - Mirecek 20.11.2010 18:50:14.4.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3037.2160 [GMT 1:00]
Spuštěný z: d:\documents and settings\Mirecek\Plocha\ComboFix.exe
Použité ovládací přepínače :: d:\documents and settings\Mirecek\Plocha\CFScript.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
FILE ::
"d:\windows\system32\CF27240.exe"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
d:\windows\system32\CF27240.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-10-20 do 2010-11-20 )))))))))))))))))))))))))))))))
.
2010-11-20 13:46 . 2010-11-20 13:46 -------- d-----w- d:\documents and settings\Mirecek\Local Settings\Data aplikací\PC_Drivers_Headquarters
2010-11-20 13:45 . 2010-11-20 13:45 -------- d-----w- d:\program files\PC Drivers HeadQuarters
2010-11-20 13:45 . 2010-11-20 13:45 -------- d-----w- d:\documents and settings\Mirecek\Local Settings\Data aplikací\Downloaded Installations
2010-11-18 11:12 . 2010-11-18 11:12 388096 ----a-r- d:\documents and settings\Mirecek\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-11-18 11:12 . 2010-11-18 11:12 -------- d-----w- d:\program files\HJT
2010-11-10 13:52 . 2009-03-19 13:07 43264 ----a-w- d:\windows\system32\drivers\tosrfusb.sys
2010-11-10 13:52 . 2009-03-05 10:03 74368 ----a-w- d:\windows\system32\drivers\Tosrfhid.sys
2010-11-10 13:52 . 2008-10-06 16:56 137984 ----a-w- d:\windows\system32\drivers\tosrfbd.sys
2010-11-10 13:52 . 2009-05-14 08:50 54400 ----a-w- d:\windows\system32\drivers\TosRfSnd.sys
2010-11-10 13:52 . 2009-05-12 10:12 36992 ----a-w- d:\windows\system32\drivers\tosrfbnp.sys
2010-11-10 13:52 . 2009-03-12 10:33 16128 ----a-w- d:\windows\system32\drivers\tosrfnds.sys
2010-11-10 13:52 . 2009-02-19 15:20 63872 ----a-w- d:\windows\system32\drivers\tosrfcom.sys
2010-11-10 13:52 . 2008-03-25 12:54 41472 ----a-w- d:\windows\system32\drivers\tosporte.sys
2010-11-10 13:49 . 2010-11-10 13:49 -------- d-----w- d:\program files\Common Files\Adobe
2010-11-10 11:44 . 2010-11-10 11:44 -------- d-----w- d:\windows\OPTIONS
2010-11-10 11:41 . 2008-06-04 15:10 170520 ----a-w- d:\windows\system32\igfxzoom.exe
2010-11-10 11:41 . 2008-06-04 15:10 637464 ----a-w- d:\windows\system32\igfxcfg.exe
2010-11-10 11:41 . 2008-05-21 12:03 147456 ----a-w- d:\windows\system32\igfxCoIn_v4953.dll
2010-11-10 11:41 . 2008-05-21 11:26 2027520 ----a-w- d:\windows\system32\ig4dev32.dll
2010-11-10 11:41 . 2008-05-21 11:21 270336 ----a-w- d:\windows\system32\igfxresp.lrc
2010-11-10 11:41 . 2008-06-04 15:10 920088 ----a-w- d:\windows\system32\igxpun.exe
2010-11-10 11:37 . 2010-11-10 11:37 -------- d-----w- d:\documents and settings\Mirecek\Data aplikací\Carambis
2010-11-10 11:18 . 2010-11-10 11:18 -------- d-----w- d:\documents and settings\All Users\Data aplikací\PC Drivers HeadQuarters
2010-11-10 11:12 . 2010-11-11 14:39 -------- d-----w- d:\program files\Bluetooth File Sender
2010-11-06 10:37 . 2010-11-06 10:37 103864 ----a-w- d:\program files\Mozilla Firefox\plugins\nppdf32.dll
2010-11-06 10:37 . 2010-11-06 10:37 103864 ----a-w- d:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2010-11-03 16:52 . 2010-11-07 14:18 137464 ----a-w- d:\windows\system32\drivers\PnkBstrK.sys
2010-11-03 16:52 . 2010-11-07 14:18 214520 ----a-w- d:\windows\system32\PnkBstrB.exe
2010-11-03 16:52 . 2010-11-07 14:18 214520 ----a-w- d:\windows\system32\PnkBstrB.xtr
2010-11-03 16:52 . 2010-11-03 16:52 75064 ----a-w- d:\windows\system32\PnkBstrA.exe
2010-11-03 16:52 . 2010-11-03 16:52 -------- d-----w- d:\documents and settings\Mirecek\Local Settings\Data aplikací\PunkBuster
2010-11-03 16:26 . 2010-11-03 16:26 -------- d-----w- d:\program files\Activision
2010-11-02 07:46 . 2010-11-02 07:52 -------- d-----w- d:\program files\Zrychleni Pocitace
2010-10-31 10:27 . 2010-10-31 10:27 -------- d-----w- d:\documents and settings\Mirecek\Local Settings\Data aplikací\WMTools Downloaded Files
2010-10-29 14:22 . 2010-10-29 14:22 -------- d-----w- d:\program files\IObit
2010-10-29 13:14 . 2010-10-29 13:14 151515 ----a-w- d:\windows\Čestina do SimCity 4 Rush Hour a Delux BETA Uninstaller.exe
2010-10-29 12:50 . 2003-12-23 00:15 5248 ----a-w- d:\windows\system32\drivers\xmasscsi.sys
2010-10-29 12:50 . 2003-12-21 15:24 140800 ----a-w- d:\windows\system32\drivers\xmasbus.sys
2010-10-29 12:50 . 2010-10-29 12:50 -------- d-----w- d:\program files\Alcohol Soft
2010-10-29 12:33 . 2010-10-29 12:50 -------- d-----w- D:\install
2010-10-23 20:27 . 2010-11-03 15:50 -------- d-----w- d:\documents and settings\Mirecek\Data aplikací\Microgaming
2010-10-23 20:26 . 2010-10-23 20:26 -------- d-----w- D:\Microgaming
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-29 12:46 . 2010-07-13 21:01 685816 ----a-w- d:\windows\system32\drivers\sptd.sys
2010-09-18 10:23 . 2004-08-17 13:49 974848 ----a-w- d:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2004-08-17 13:49 974848 ----a-w- d:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2001-10-25 14:00 954368 ----a-w- d:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2001-10-25 14:00 953856 ----a-w- d:\windows\system32\mfc40u.dll
2010-09-09 14:23 . 2004-08-17 13:49 668160 ----a-w- d:\windows\system32\wininet.dll
2010-09-09 14:23 . 2004-08-03 20:59 61952 ----a-w- d:\windows\system32\tdc.ocx
2010-09-09 14:23 . 2004-08-17 13:49 81920 ----a-w- d:\windows\system32\ieencode.dll
2010-09-09 14:16 . 2004-08-17 13:44 370176 ----a-w- d:\windows\system32\html.iec
2010-09-07 15:12 . 2010-10-03 09:41 38848 ----a-w- d:\windows\avastSS.scr
2010-09-07 15:11 . 2010-10-03 09:41 167592 ----a-w- d:\windows\system32\aswBoot.exe
2010-09-07 14:52 . 2010-10-03 09:41 46672 ----a-w- d:\windows\system32\drivers\aswTdi.sys
2010-09-07 14:52 . 2010-10-03 09:41 165584 ----a-w- d:\windows\system32\drivers\aswSP.sys
2010-09-07 14:47 . 2010-10-03 09:41 23376 ----a-w- d:\windows\system32\drivers\aswRdr.sys
2010-09-07 14:47 . 2010-10-03 09:41 100176 ----a-w- d:\windows\system32\drivers\aswmon2.sys
2010-09-07 14:47 . 2010-10-03 09:41 94544 ----a-w- d:\windows\system32\drivers\aswmon.sys
2010-09-07 14:47 . 2010-10-03 09:41 17744 ----a-w- d:\windows\system32\drivers\aswFsBlk.sys
2010-09-07 14:46 . 2010-10-03 09:41 28880 ----a-w- d:\windows\system32\drivers\aavmker4.sys
2010-09-01 11:52 . 2004-08-17 13:48 285824 ----a-w- d:\windows\system32\atmfd.dll
2010-09-01 07:57 . 2004-08-17 13:44 1852800 ----a-w- d:\windows\system32\win32k.sys
2010-08-27 08:03 . 2004-08-17 13:49 119808 ----a-w- d:\windows\system32\t2embed.dll
2010-08-27 05:54 . 2004-08-17 13:49 99840 ----a-w- d:\windows\system32\srvsvc.dll
2010-08-27 01:43 . 2008-05-05 05:25 5632 ----a-w- d:\windows\system32\xpsp4res.dll
2010-08-26 13:39 . 2004-08-03 21:14 357248 ----a-w- d:\windows\system32\drivers\srv.sys
2010-08-23 16:12 . 2004-08-17 13:49 617472 ----a-w- d:\windows\system32\comctl32.dll
2010-08-22 20:05 . 2010-08-22 20:05 281760 ----a-w- d:\windows\system32\drivers\atksgt.sys
2010-08-22 20:05 . 2010-08-22 20:05 25888 ----a-w- d:\windows\system32\drivers\lirsgt.sys
.
((((((((((((((((((((((((((((( SnapShot_2010-11-19_09.31.15 )))))))))))))))))))))))))))))))))))))))))
.
- 2001-10-25 14:00 . 2010-11-19 08:44 68490 d:\windows\system32\perfc009.dat
+ 2001-10-25 14:00 . 2010-11-20 13:22 68490 d:\windows\system32\perfc009.dat
+ 2010-11-20 13:45 . 2010-11-20 13:45 69632 d:\windows\Installer\{621C02EA-AAFF-4026-A903-165D59529A16}\DriversHQ.DriverDe_212B77217E284373BD0AA155B0932A89_1.exe
+ 2010-11-20 13:45 . 2010-11-20 13:45 69632 d:\windows\Installer\{621C02EA-AAFF-4026-A903-165D59529A16}\DriversHQ.DriverDe_212B77217E284373BD0AA155B0932A89.exe
+ 2010-11-20 13:45 . 2010-11-20 13:45 26694 d:\windows\Installer\{621C02EA-AAFF-4026-A903-165D59529A16}\ARPPRODUCTICON.exe
+ 2010-11-20 13:47 . 2010-11-20 13:47 46080 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\e59acdd3f944fc3414cb82ec9dc71e67\DriversHQ.DriverDetective.Client.DirectX.ni.dll
+ 2010-11-20 13:47 . 2010-11-20 13:47 57856 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\64975e476288c87113133cc32eecf612\DriversHQ.DriverDetective.ExceptionLogging.ni.dll
- 2001-10-25 14:00 . 2010-11-19 08:44 435594 d:\windows\system32\perfh009.dat
+ 2001-10-25 14:00 . 2010-11-20 13:22 435594 d:\windows\system32\perfh009.dat
+ 2010-11-20 13:45 . 2010-11-20 13:45 148480 d:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\fe016e881bb02ff5d80f56fc18f79804\Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.ni.dll
+ 2010-11-20 13:45 . 2010-11-20 13:45 304128 d:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\d7ce6416674ef7b72bc999f6da7594d4\Microsoft.Practices.ObjectBuilder.ni.dll
+ 2010-11-20 13:45 . 2010-11-20 13:45 309248 d:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\c0786c509e349a289b92756b8ca00dc6\Microsoft.Practices.EnterpriseLibrary.Common.ni.dll
+ 2010-11-20 13:45 . 2010-11-20 13:45 228864 d:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Applicati#\c8d39427576c7f83124b903376e682c8\Microsoft.ApplicationBlocks.Updater.ni.dll
+ 2010-11-20 13:48 . 2010-11-20 13:48 202240 d:\windows\assembly\NativeImages_v2.0.50727_32\Interop.WUApiLib\192062f30bba9e76a3d1da283e047fbb\Interop.WUApiLib.ni.dll
+ 2010-11-20 13:48 . 2010-11-20 13:48 378368 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\89032eb7df3caf40ae6d4232bff1f8ca\DriversHQ.DriverDetective.Client.Communication.ni.dll
+ 2010-11-20 13:47 . 2010-11-20 13:47 233472 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\60f8ff46d22a0dc2539f34eb216470ed\DriversHQ.DriverDetective.Common.ni.dll
+ 2010-11-20 13:48 . 2010-11-20 13:48 330240 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\197fe087ceecf53da1e9cf89927fc611\DriversHQ.DriverDetective.Common.ni.dll
+ 2010-11-20 13:47 . 2010-11-20 13:47 268800 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\079318c35b8d0ed8c964210196fc21ff\DriversHQ.DriverDetective.Client.Communication.ni.dll
+ 2010-11-20 13:45 . 2010-11-20 13:45 1299456 d:\windows\Installer\232a45.msi
+ 2010-11-20 13:48 . 2010-11-20 13:48 4674560 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\dccc37020f8c1dde38d3c8e9ebee67de\DriversHQ.DriverDetective.Client.ni.exe
+ 2010-11-20 13:47 . 2010-11-20 13:47 3406848 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\308f4c063dc9c9ae69af5be6a1d6aee3\DriversHQ.DriverDetective.Client.ni.exe
+ 2010-11-20 13:48 . 2010-11-20 13:48 1132032 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.Common\82cff8d8c5872bb1eed37a38b5da752b\DriversHQ.Common.ni.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="d:\documents and settings\Mirecek\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2010-10-18 136176]
"BTFileSender"="d:\program files\Bluetooth File Sender\BTFileSender.exe" [2006-12-28 1128448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="d:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"avast5"="d:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"RTHDCPL"="RTHDCPL.EXE" [2008-09-09 16851968]
"IgfxTray"="d:\windows\system32\igfxtray.exe" [2008-06-04 150040]
"HotKeysCmds"="d:\windows\system32\hkcmd.exe" [2008-06-04 170520]
"Persistence"="d:\windows\system32\igfxpers.exe" [2008-06-04 141848]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
d:\documents and settings\Mirecek\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - d:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
d:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2009-5-26 2528584]
Ralink Wireless Utility.lnk - d:\program files\Ralink\Common\RaUI.exe [2010-6-13 1638400]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Documents and Settings\\Mirecek\\Data aplikací\\uTorrent\\utorrent.exe"=
"d:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Games\\WSOP 2008\\WSOPBFTB.exe"=
"c:\\Games\\Mirrors Edge\\Binaries\\MirrorsEdge.exe"=
"d:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Casino\\ParadiseCasino\\casino.exe"=
"d:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 BtHidBus;Bluetooth HID Bus Service;d:\windows\system32\drivers\BtHidBus.sys [31.7.2008 19:45 20616]
R0 xmasscsi;xmasscsi;d:\windows\system32\drivers\xmasscsi.sys [29.10.2010 13:50 5248]
R1 aswSP;aswSP;d:\windows\system32\drivers\aswSP.sys [3.10.2010 10:41 165584]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [3.10.2010 10:41 17744]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;d:\windows\system32\drivers\RtsUStor.sys [3.10.2010 18:42 182304]
R3 RT80x86;Ralink 802.11n Wireless Driver;d:\windows\system32\drivers\rt2860.sys [13.6.2010 9:48 1334240]
S3 IvtBtBUs;IVT Bluetooth Bus Service;d:\windows\system32\drivers\IvtBtBus.sys [2.7.2008 13:58 26248]
S4 sptd;sptd;d:\windows\system32\drivers\sptd.sys [13.7.2010 22:01 685816]
S4 xmasbus;xmasbus;d:\windows\system32\drivers\xmasbus.sys [29.10.2010 13:50 140800]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - d:\microgaming\Poker\UnibetpokerMPP\MPPoker.exe
FF - ProfilePath - d:\documents and settings\Mirecek\Data aplikací\Mozilla\Firefox\Profiles\fw47egrk.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - google.cz
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... 2.0.0.4&q=
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
d:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-20 18:52
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
Celkový čas: 2010-11-20 18:53:09
ComboFix-quarantined-files.txt 2010-11-20 17:53
ComboFix2.txt 2010-11-20 17:23
ComboFix3.txt 2010-11-19 09:32
ComboFix4.txt 2010-10-18 18:44
Před spuštěním: 4 366 721 024
Po spuštění: 4 352 741 376
- - End Of File - - C9213C255C6477C9EE65ED66E6BC6C16
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3037.2160 [GMT 1:00]
Spuštěný z: d:\documents and settings\Mirecek\Plocha\ComboFix.exe
Použité ovládací přepínače :: d:\documents and settings\Mirecek\Plocha\CFScript.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
FILE ::
"d:\windows\system32\CF27240.exe"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
d:\windows\system32\CF27240.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-10-20 do 2010-11-20 )))))))))))))))))))))))))))))))
.
2010-11-20 13:46 . 2010-11-20 13:46 -------- d-----w- d:\documents and settings\Mirecek\Local Settings\Data aplikací\PC_Drivers_Headquarters
2010-11-20 13:45 . 2010-11-20 13:45 -------- d-----w- d:\program files\PC Drivers HeadQuarters
2010-11-20 13:45 . 2010-11-20 13:45 -------- d-----w- d:\documents and settings\Mirecek\Local Settings\Data aplikací\Downloaded Installations
2010-11-18 11:12 . 2010-11-18 11:12 388096 ----a-r- d:\documents and settings\Mirecek\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-11-18 11:12 . 2010-11-18 11:12 -------- d-----w- d:\program files\HJT
2010-11-10 13:52 . 2009-03-19 13:07 43264 ----a-w- d:\windows\system32\drivers\tosrfusb.sys
2010-11-10 13:52 . 2009-03-05 10:03 74368 ----a-w- d:\windows\system32\drivers\Tosrfhid.sys
2010-11-10 13:52 . 2008-10-06 16:56 137984 ----a-w- d:\windows\system32\drivers\tosrfbd.sys
2010-11-10 13:52 . 2009-05-14 08:50 54400 ----a-w- d:\windows\system32\drivers\TosRfSnd.sys
2010-11-10 13:52 . 2009-05-12 10:12 36992 ----a-w- d:\windows\system32\drivers\tosrfbnp.sys
2010-11-10 13:52 . 2009-03-12 10:33 16128 ----a-w- d:\windows\system32\drivers\tosrfnds.sys
2010-11-10 13:52 . 2009-02-19 15:20 63872 ----a-w- d:\windows\system32\drivers\tosrfcom.sys
2010-11-10 13:52 . 2008-03-25 12:54 41472 ----a-w- d:\windows\system32\drivers\tosporte.sys
2010-11-10 13:49 . 2010-11-10 13:49 -------- d-----w- d:\program files\Common Files\Adobe
2010-11-10 11:44 . 2010-11-10 11:44 -------- d-----w- d:\windows\OPTIONS
2010-11-10 11:41 . 2008-06-04 15:10 170520 ----a-w- d:\windows\system32\igfxzoom.exe
2010-11-10 11:41 . 2008-06-04 15:10 637464 ----a-w- d:\windows\system32\igfxcfg.exe
2010-11-10 11:41 . 2008-05-21 12:03 147456 ----a-w- d:\windows\system32\igfxCoIn_v4953.dll
2010-11-10 11:41 . 2008-05-21 11:26 2027520 ----a-w- d:\windows\system32\ig4dev32.dll
2010-11-10 11:41 . 2008-05-21 11:21 270336 ----a-w- d:\windows\system32\igfxresp.lrc
2010-11-10 11:41 . 2008-06-04 15:10 920088 ----a-w- d:\windows\system32\igxpun.exe
2010-11-10 11:37 . 2010-11-10 11:37 -------- d-----w- d:\documents and settings\Mirecek\Data aplikací\Carambis
2010-11-10 11:18 . 2010-11-10 11:18 -------- d-----w- d:\documents and settings\All Users\Data aplikací\PC Drivers HeadQuarters
2010-11-10 11:12 . 2010-11-11 14:39 -------- d-----w- d:\program files\Bluetooth File Sender
2010-11-06 10:37 . 2010-11-06 10:37 103864 ----a-w- d:\program files\Mozilla Firefox\plugins\nppdf32.dll
2010-11-06 10:37 . 2010-11-06 10:37 103864 ----a-w- d:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2010-11-03 16:52 . 2010-11-07 14:18 137464 ----a-w- d:\windows\system32\drivers\PnkBstrK.sys
2010-11-03 16:52 . 2010-11-07 14:18 214520 ----a-w- d:\windows\system32\PnkBstrB.exe
2010-11-03 16:52 . 2010-11-07 14:18 214520 ----a-w- d:\windows\system32\PnkBstrB.xtr
2010-11-03 16:52 . 2010-11-03 16:52 75064 ----a-w- d:\windows\system32\PnkBstrA.exe
2010-11-03 16:52 . 2010-11-03 16:52 -------- d-----w- d:\documents and settings\Mirecek\Local Settings\Data aplikací\PunkBuster
2010-11-03 16:26 . 2010-11-03 16:26 -------- d-----w- d:\program files\Activision
2010-11-02 07:46 . 2010-11-02 07:52 -------- d-----w- d:\program files\Zrychleni Pocitace
2010-10-31 10:27 . 2010-10-31 10:27 -------- d-----w- d:\documents and settings\Mirecek\Local Settings\Data aplikací\WMTools Downloaded Files
2010-10-29 14:22 . 2010-10-29 14:22 -------- d-----w- d:\program files\IObit
2010-10-29 13:14 . 2010-10-29 13:14 151515 ----a-w- d:\windows\Čestina do SimCity 4 Rush Hour a Delux BETA Uninstaller.exe
2010-10-29 12:50 . 2003-12-23 00:15 5248 ----a-w- d:\windows\system32\drivers\xmasscsi.sys
2010-10-29 12:50 . 2003-12-21 15:24 140800 ----a-w- d:\windows\system32\drivers\xmasbus.sys
2010-10-29 12:50 . 2010-10-29 12:50 -------- d-----w- d:\program files\Alcohol Soft
2010-10-29 12:33 . 2010-10-29 12:50 -------- d-----w- D:\install
2010-10-23 20:27 . 2010-11-03 15:50 -------- d-----w- d:\documents and settings\Mirecek\Data aplikací\Microgaming
2010-10-23 20:26 . 2010-10-23 20:26 -------- d-----w- D:\Microgaming
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-29 12:46 . 2010-07-13 21:01 685816 ----a-w- d:\windows\system32\drivers\sptd.sys
2010-09-18 10:23 . 2004-08-17 13:49 974848 ----a-w- d:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2004-08-17 13:49 974848 ----a-w- d:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2001-10-25 14:00 954368 ----a-w- d:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2001-10-25 14:00 953856 ----a-w- d:\windows\system32\mfc40u.dll
2010-09-09 14:23 . 2004-08-17 13:49 668160 ----a-w- d:\windows\system32\wininet.dll
2010-09-09 14:23 . 2004-08-03 20:59 61952 ----a-w- d:\windows\system32\tdc.ocx
2010-09-09 14:23 . 2004-08-17 13:49 81920 ----a-w- d:\windows\system32\ieencode.dll
2010-09-09 14:16 . 2004-08-17 13:44 370176 ----a-w- d:\windows\system32\html.iec
2010-09-07 15:12 . 2010-10-03 09:41 38848 ----a-w- d:\windows\avastSS.scr
2010-09-07 15:11 . 2010-10-03 09:41 167592 ----a-w- d:\windows\system32\aswBoot.exe
2010-09-07 14:52 . 2010-10-03 09:41 46672 ----a-w- d:\windows\system32\drivers\aswTdi.sys
2010-09-07 14:52 . 2010-10-03 09:41 165584 ----a-w- d:\windows\system32\drivers\aswSP.sys
2010-09-07 14:47 . 2010-10-03 09:41 23376 ----a-w- d:\windows\system32\drivers\aswRdr.sys
2010-09-07 14:47 . 2010-10-03 09:41 100176 ----a-w- d:\windows\system32\drivers\aswmon2.sys
2010-09-07 14:47 . 2010-10-03 09:41 94544 ----a-w- d:\windows\system32\drivers\aswmon.sys
2010-09-07 14:47 . 2010-10-03 09:41 17744 ----a-w- d:\windows\system32\drivers\aswFsBlk.sys
2010-09-07 14:46 . 2010-10-03 09:41 28880 ----a-w- d:\windows\system32\drivers\aavmker4.sys
2010-09-01 11:52 . 2004-08-17 13:48 285824 ----a-w- d:\windows\system32\atmfd.dll
2010-09-01 07:57 . 2004-08-17 13:44 1852800 ----a-w- d:\windows\system32\win32k.sys
2010-08-27 08:03 . 2004-08-17 13:49 119808 ----a-w- d:\windows\system32\t2embed.dll
2010-08-27 05:54 . 2004-08-17 13:49 99840 ----a-w- d:\windows\system32\srvsvc.dll
2010-08-27 01:43 . 2008-05-05 05:25 5632 ----a-w- d:\windows\system32\xpsp4res.dll
2010-08-26 13:39 . 2004-08-03 21:14 357248 ----a-w- d:\windows\system32\drivers\srv.sys
2010-08-23 16:12 . 2004-08-17 13:49 617472 ----a-w- d:\windows\system32\comctl32.dll
2010-08-22 20:05 . 2010-08-22 20:05 281760 ----a-w- d:\windows\system32\drivers\atksgt.sys
2010-08-22 20:05 . 2010-08-22 20:05 25888 ----a-w- d:\windows\system32\drivers\lirsgt.sys
.
((((((((((((((((((((((((((((( SnapShot_2010-11-19_09.31.15 )))))))))))))))))))))))))))))))))))))))))
.
- 2001-10-25 14:00 . 2010-11-19 08:44 68490 d:\windows\system32\perfc009.dat
+ 2001-10-25 14:00 . 2010-11-20 13:22 68490 d:\windows\system32\perfc009.dat
+ 2010-11-20 13:45 . 2010-11-20 13:45 69632 d:\windows\Installer\{621C02EA-AAFF-4026-A903-165D59529A16}\DriversHQ.DriverDe_212B77217E284373BD0AA155B0932A89_1.exe
+ 2010-11-20 13:45 . 2010-11-20 13:45 69632 d:\windows\Installer\{621C02EA-AAFF-4026-A903-165D59529A16}\DriversHQ.DriverDe_212B77217E284373BD0AA155B0932A89.exe
+ 2010-11-20 13:45 . 2010-11-20 13:45 26694 d:\windows\Installer\{621C02EA-AAFF-4026-A903-165D59529A16}\ARPPRODUCTICON.exe
+ 2010-11-20 13:47 . 2010-11-20 13:47 46080 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\e59acdd3f944fc3414cb82ec9dc71e67\DriversHQ.DriverDetective.Client.DirectX.ni.dll
+ 2010-11-20 13:47 . 2010-11-20 13:47 57856 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\64975e476288c87113133cc32eecf612\DriversHQ.DriverDetective.ExceptionLogging.ni.dll
- 2001-10-25 14:00 . 2010-11-19 08:44 435594 d:\windows\system32\perfh009.dat
+ 2001-10-25 14:00 . 2010-11-20 13:22 435594 d:\windows\system32\perfh009.dat
+ 2010-11-20 13:45 . 2010-11-20 13:45 148480 d:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\fe016e881bb02ff5d80f56fc18f79804\Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.ni.dll
+ 2010-11-20 13:45 . 2010-11-20 13:45 304128 d:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\d7ce6416674ef7b72bc999f6da7594d4\Microsoft.Practices.ObjectBuilder.ni.dll
+ 2010-11-20 13:45 . 2010-11-20 13:45 309248 d:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Practices#\c0786c509e349a289b92756b8ca00dc6\Microsoft.Practices.EnterpriseLibrary.Common.ni.dll
+ 2010-11-20 13:45 . 2010-11-20 13:45 228864 d:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Applicati#\c8d39427576c7f83124b903376e682c8\Microsoft.ApplicationBlocks.Updater.ni.dll
+ 2010-11-20 13:48 . 2010-11-20 13:48 202240 d:\windows\assembly\NativeImages_v2.0.50727_32\Interop.WUApiLib\192062f30bba9e76a3d1da283e047fbb\Interop.WUApiLib.ni.dll
+ 2010-11-20 13:48 . 2010-11-20 13:48 378368 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\89032eb7df3caf40ae6d4232bff1f8ca\DriversHQ.DriverDetective.Client.Communication.ni.dll
+ 2010-11-20 13:47 . 2010-11-20 13:47 233472 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\60f8ff46d22a0dc2539f34eb216470ed\DriversHQ.DriverDetective.Common.ni.dll
+ 2010-11-20 13:48 . 2010-11-20 13:48 330240 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\197fe087ceecf53da1e9cf89927fc611\DriversHQ.DriverDetective.Common.ni.dll
+ 2010-11-20 13:47 . 2010-11-20 13:47 268800 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\079318c35b8d0ed8c964210196fc21ff\DriversHQ.DriverDetective.Client.Communication.ni.dll
+ 2010-11-20 13:45 . 2010-11-20 13:45 1299456 d:\windows\Installer\232a45.msi
+ 2010-11-20 13:48 . 2010-11-20 13:48 4674560 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\dccc37020f8c1dde38d3c8e9ebee67de\DriversHQ.DriverDetective.Client.ni.exe
+ 2010-11-20 13:47 . 2010-11-20 13:47 3406848 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.DriverDet#\308f4c063dc9c9ae69af5be6a1d6aee3\DriversHQ.DriverDetective.Client.ni.exe
+ 2010-11-20 13:48 . 2010-11-20 13:48 1132032 d:\windows\assembly\NativeImages_v2.0.50727_32\DriversHQ.Common\82cff8d8c5872bb1eed37a38b5da752b\DriversHQ.Common.ni.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="d:\documents and settings\Mirecek\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2010-10-18 136176]
"BTFileSender"="d:\program files\Bluetooth File Sender\BTFileSender.exe" [2006-12-28 1128448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="d:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"avast5"="d:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"RTHDCPL"="RTHDCPL.EXE" [2008-09-09 16851968]
"IgfxTray"="d:\windows\system32\igfxtray.exe" [2008-06-04 150040]
"HotKeysCmds"="d:\windows\system32\hkcmd.exe" [2008-06-04 170520]
"Persistence"="d:\windows\system32\igfxpers.exe" [2008-06-04 141848]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
d:\documents and settings\Mirecek\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - d:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
d:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2009-5-26 2528584]
Ralink Wireless Utility.lnk - d:\program files\Ralink\Common\RaUI.exe [2010-6-13 1638400]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Documents and Settings\\Mirecek\\Data aplikací\\uTorrent\\utorrent.exe"=
"d:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Games\\WSOP 2008\\WSOPBFTB.exe"=
"c:\\Games\\Mirrors Edge\\Binaries\\MirrorsEdge.exe"=
"d:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Casino\\ParadiseCasino\\casino.exe"=
"d:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 BtHidBus;Bluetooth HID Bus Service;d:\windows\system32\drivers\BtHidBus.sys [31.7.2008 19:45 20616]
R0 xmasscsi;xmasscsi;d:\windows\system32\drivers\xmasscsi.sys [29.10.2010 13:50 5248]
R1 aswSP;aswSP;d:\windows\system32\drivers\aswSP.sys [3.10.2010 10:41 165584]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [3.10.2010 10:41 17744]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;d:\windows\system32\drivers\RtsUStor.sys [3.10.2010 18:42 182304]
R3 RT80x86;Ralink 802.11n Wireless Driver;d:\windows\system32\drivers\rt2860.sys [13.6.2010 9:48 1334240]
S3 IvtBtBUs;IVT Bluetooth Bus Service;d:\windows\system32\drivers\IvtBtBus.sys [2.7.2008 13:58 26248]
S4 sptd;sptd;d:\windows\system32\drivers\sptd.sys [13.7.2010 22:01 685816]
S4 xmasbus;xmasbus;d:\windows\system32\drivers\xmasbus.sys [29.10.2010 13:50 140800]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - d:\microgaming\Poker\UnibetpokerMPP\MPPoker.exe
FF - ProfilePath - d:\documents and settings\Mirecek\Data aplikací\Mozilla\Firefox\Profiles\fw47egrk.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - google.cz
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... 2.0.0.4&q=
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
d:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-20 18:52
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
Celkový čas: 2010-11-20 18:53:09
ComboFix-quarantined-files.txt 2010-11-20 17:53
ComboFix2.txt 2010-11-20 17:23
ComboFix3.txt 2010-11-19 09:32
ComboFix4.txt 2010-10-18 18:44
Před spuštěním: 4 366 721 024
Po spuštění: 4 352 741 376
- - End Of File - - C9213C255C6477C9EE65ED66E6BC6C16
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Nelze mi vypínat notas pomocí startu pomoc
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš
pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials
+HJT
Jak se chová PC?
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš
pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials
+HJT
Jak se chová PC?
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
-
Slany.Mirek
- nováček
- Příspěvky: 42
- Registrován: červen 10
- Pohlaví:
- Stav:
Offline
-
Slany.Mirek
- nováček
- Příspěvky: 42
- Registrován: červen 10
- Pohlaví:
- Stav:
Offline
Re: Nelze mi vypínat notas pomocí startu pomoc
LOG PO CCLEANERU
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:15:49, on 20.11.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Alwil Software\Avast5\AvastSvc.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\Program Files\Ralink\Common\RalinkRegistryWriter.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
D:\Program Files\Alwil Software\Avast5\avastUI.exe
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\system32\igfxtray.exe
D:\WINDOWS\system32\hkcmd.exe
D:\WINDOWS\system32\igfxpers.exe
D:\Documents and Settings\Mirecek\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
D:\WINDOWS\system32\igfxsrvc.exe
D:\Program Files\Bluetooth File Sender\BTFileSender.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
D:\Documents and Settings\Mirecek\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Mirecek\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Mirecek\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Mirecek\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Mirecek\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Mirecek\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Mirecek\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Mirecek\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Mirecek\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\WINDOWS\explorer.exe
D:\Program Files\HJT\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avast5] "D:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IgfxTray] D:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] D:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] D:\WINDOWS\system32\igfxpers.exe
O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\Mirecek\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [BTFileSender] D:\Program Files\Bluetooth File Sender\BTFileSender.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Ralink Wireless Utility.lnk = D:\Program Files\Ralink\Common\RaUI.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - D:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - D:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - D:\Program Files\Ralink\Common\RalinkRegistryWriter.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
--
End of file - 6781 bytes
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:15:49, on 20.11.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Alwil Software\Avast5\AvastSvc.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\Program Files\Ralink\Common\RalinkRegistryWriter.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
D:\Program Files\Alwil Software\Avast5\avastUI.exe
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\system32\igfxtray.exe
D:\WINDOWS\system32\hkcmd.exe
D:\WINDOWS\system32\igfxpers.exe
D:\Documents and Settings\Mirecek\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
D:\WINDOWS\system32\igfxsrvc.exe
D:\Program Files\Bluetooth File Sender\BTFileSender.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
D:\Documents and Settings\Mirecek\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Mirecek\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Mirecek\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Mirecek\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Mirecek\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Mirecek\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Mirecek\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Mirecek\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Mirecek\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\WINDOWS\explorer.exe
D:\Program Files\HJT\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avast5] "D:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IgfxTray] D:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] D:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] D:\WINDOWS\system32\igfxpers.exe
O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\Mirecek\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [BTFileSender] D:\Program Files\Bluetooth File Sender\BTFileSender.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Ralink Wireless Utility.lnk = D:\Program Files\Ralink\Common\RaUI.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - D:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - D:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - D:\Program Files\Ralink\Common\RalinkRegistryWriter.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
--
End of file - 6781 bytes
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Nelze mi vypínat notas pomocí startu pomoc
Log HJT ok. Proto jsem to psal tučně. Před stažením T-Cleaneru vypni antivir, stáhni, spusť, udělej sken a smaž jej a zase zapni antivir
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
-
Slany.Mirek
- nováček
- Příspěvky: 42
- Registrován: červen 10
- Pohlaví:
- Stav:
Offline
Re: Nelze mi vypínat notas pomocí startu pomoc
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:50:22, on 20.11.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\savedump.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Alwil Software\Avast5\AvastSvc.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
D:\Program Files\Alwil Software\Avast5\avastUI.exe
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\system32\igfxtray.exe
D:\WINDOWS\system32\hkcmd.exe
D:\WINDOWS\system32\igfxpers.exe
D:\WINDOWS\system32\igfxsrvc.exe
D:\Documents and Settings\Mirecek\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
D:\Program Files\Bluetooth File Sender\BTFileSender.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
D:\Program Files\Ralink\Common\RaUI.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\Program Files\Ralink\Common\RalinkRegistryWriter.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
D:\Program Files\HJT\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avast5] "D:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IgfxTray] D:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] D:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] D:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\Mirecek\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [BTFileSender] D:\Program Files\Bluetooth File Sender\BTFileSender.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Ralink Wireless Utility.lnk = D:\Program Files\Ralink\Common\RaUI.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - D:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - D:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - D:\Program Files\Ralink\Common\RalinkRegistryWriter.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
--
End of file - 6175 bytes
Scan saved at 21:50:22, on 20.11.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\savedump.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Alwil Software\Avast5\AvastSvc.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
D:\Program Files\Alwil Software\Avast5\avastUI.exe
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\system32\igfxtray.exe
D:\WINDOWS\system32\hkcmd.exe
D:\WINDOWS\system32\igfxpers.exe
D:\WINDOWS\system32\igfxsrvc.exe
D:\Documents and Settings\Mirecek\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
D:\Program Files\Bluetooth File Sender\BTFileSender.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
D:\Program Files\Ralink\Common\RaUI.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\Program Files\Ralink\Common\RalinkRegistryWriter.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
D:\Program Files\HJT\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avast5] "D:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IgfxTray] D:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] D:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] D:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\Mirecek\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [BTFileSender] D:\Program Files\Bluetooth File Sender\BTFileSender.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Ralink Wireless Utility.lnk = D:\Program Files\Ralink\Common\RaUI.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - D:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - D:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - D:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - D:\Program Files\Ralink\Common\RalinkRegistryWriter.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
--
End of file - 6175 bytes
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Nelze mi vypínat notas pomocí startu pomoc
Fix:
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
Jak se chová PC?
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
Jak se chová PC?
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 71 hostů