Dobrý den,
počítač se v poslední době poměrně zpomalil a při startu windows vyskočí chybová hláška: "Chyba při načítání souboru C:\WINDOWS\system32\NvMcTray.dll Uvedený modul nebyl nalezen". Nedávno mi AVG objevilo trojského koně, ale nebylo schopné ho úplně odstranit. Od té doby už nic nenašlo. Přikládám log z RSIT. Předem děkuji za jakoukoliv pomoc.
Logfile of random's system information tool 1.06 (written by random/random)
Run by Etruska at 2010-04-14 21:32:36
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 123 GB (52%) free of 238 GB
Total RAM: 1006 MB (17% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:32:49, on 14.4.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\server\Apache2\bin\httpd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\RTHDCPL.EXE
C:\server\mysql\bin\mysqld.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files\VMware\VMware Workstation\hqtray.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\server\Apache2\bin\ApacheMonitor.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\system32\vmnat.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\server\Apache2\bin\httpd.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\QIP Infium\infium.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
C:\Documents and Settings\Etruska\Plocha\RSIT.exe
C:\Documents and Settings\Etruska\Plocha\Etruska.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = start.qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: 82.209.32.10 loc.taborranc.cz
O1 - Hosts: 82.209.32.10 loc.phpmyadmin
O1 - Hosts: 82.209.32.10 loc.kurzy-aj.wz.cz
O1 - Hosts: 82.209.32.10 loc.etruska.eu
O1 - Hosts: 82.209.32.10 loc.test-mvc
O1 - Hosts: 82.209.32.10 loc.test
O1 - Hosts: 82.209.32.10 loc.ragnarok
O1 - Hosts: 82.209.32.10 loc.hfest
O1 - Hosts: 74.208.10.249 gs.apple.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "c:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [vmware-tray] C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files\VMware\VMware Workstation\hqtray.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" -autorun
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Monitor Apache Servers.lnk = C:\server\Apache2\bin\ApacheMonitor.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP Infium\infium.exe (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{EFC8F911-F3B6-4304-A8A9-7F91579C54DB}: NameServer = 62.129.50.20,85.135.32.100
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Filter: application/xhtml+xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: application/xhtml+xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apache2.2 - Apache Software Foundation - C:\server\Apache2\bin\httpd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MySQL - Unknown owner - C:\server\mysql\bin\mysqld (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
--
End of file - 8824 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-12-21 61888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-04-05 1602912]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-04-01 16125440]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2007-04-01 2879488]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-04-12 8429568]
"nwiz"=nwiz.exe /install []
"SW20"=C:\WINDOWS\system32\sw20.exe [2006-12-15 208896]
"SW24"=C:\WINDOWS\system32\sw24.exe [2006-12-15 69632]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit []
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-04-05 2064224]
"AdobeCS4ServiceManager"=c:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-11 417792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-01-22 141608]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"vmware-tray"=C:\Program Files\VMware\VMware Workstation\vmware-tray.exe [2007-05-01 68400]
"VMware hqtray"=C:\Program Files\VMware\VMware Workstation\hqtray.exe [2007-05-01 56112]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Pro Agent"=C:\Program Files\DAEMON Tools Pro\DTProAgent.exe [2009-12-18 427328]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2009-11-15 33120]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Monitor Apache Servers.lnk - C:\server\Apache2\bin\ApacheMonitor.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-03-17 12464]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"LegalNoticeText"=
"LegalNoticeCaption"=
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"C:\Program Files\BitLord\BitLord.exe"="C:\Program Files\BitLord\BitLord.exe:*:Enabled:BitLord"
"C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\QIP Infium\infium.exe"="C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\iPhone\TunnelierPortable\itunnel.exe"="C:\iPhone\TunnelierPortable\itunnel.exe:*:Enabled:itunnel"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{047b4200-275e-11df-a619-0019d1f7d720}]
shell\AutoRun\command - J:\DPFMate.exe
======File associations======
.js - open - "C:\Program Files\PSPad editor\PSPad.exe" "%1"
======List of files/folders created in the last 1 months======
2010-04-13 06:49:20 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-04-01 07:05:20 ----HDC---- C:\WINDOWS\$NtUninstallKB980182$
2010-03-31 17:23:10 ----A---- C:\mbam-error.txt
2010-03-22 22:43:49 ----D---- C:\Sounds
2010-03-22 22:10:28 ----D---- C:\Program Files\LG Electronics
2010-03-22 22:07:59 ----A---- C:\WINDOWS\system32\NMSDVDXU.dll
2010-03-22 22:07:37 ----D---- C:\Documents and Settings\Etruska\Data aplikací\LG Electronics
2010-03-22 22:07:36 ----D---- C:\Program Files\LG PC Suite II
2010-03-22 22:07:10 ----D---- C:\Documents and Settings\Etruska\Data aplikací\InstallShield
2010-03-20 18:37:28 ----D---- C:\Program Files\PokerStars.NET
2010-03-20 00:58:16 ----D---- C:\Program Files\Alcohol Soft
2010-03-17 15:18:03 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2010-03-15 23:39:02 ----D---- C:\Program Files\DAEMON Tools Pro
2010-03-15 23:38:42 ----D---- C:\Documents and Settings\Etruska\Data aplikací\DAEMON Tools Pro
2010-03-15 23:38:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Pro
2010-03-15 23:35:25 ----D---- C:\Documents and Settings\Etruska\Data aplikací\VMware
2010-03-15 23:29:52 ----RA---- C:\WINDOWS\system32\vnetinst.dll
2010-03-15 23:29:42 ----A---- C:\WINDOWS\system32\vmnetdhcp.exe
2010-03-15 23:29:38 ----A---- C:\WINDOWS\system32\vmnat.exe
2010-03-15 23:29:30 ----RA---- C:\WINDOWS\system32\vmnetbridge.dll
2010-03-15 23:29:26 ----A---- C:\WINDOWS\system32\vnetlib.dll
2010-03-15 23:24:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\VMware
2010-03-15 23:21:54 ----D---- C:\Program Files\Common Files\VMware
2010-03-15 23:21:53 ----D---- C:\Program Files\VMware
2010-03-15 22:57:39 ----D---- C:\VMWare
2010-03-15 16:55:39 ----D---- C:\Temp
======List of files/folders modified in the last 1 months======
2010-04-14 17:45:26 ----D---- C:\WINDOWS\Prefetch
2010-04-14 17:03:52 ----D---- C:\WINDOWS\temp
2010-04-14 17:01:49 ----D---- C:\WINDOWS
2010-04-14 17:01:48 ----D---- C:\WINDOWS\Minidump
2010-04-14 15:35:56 ----D---- C:\Program Files\Mozilla Thunderbird
2010-04-14 08:24:39 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-14 06:06:09 ----HD---- C:\WINDOWS\inf
2010-04-14 06:05:43 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-14 06:05:35 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-14 06:04:39 ----D---- C:\WINDOWS\system32
2010-04-13 12:20:58 ----D---- C:\Filmy
2010-04-12 22:26:24 ----D---- C:\Hudba
2010-04-06 09:37:46 ----D---- C:\Program Files\Mozilla Firefox
2010-04-05 16:13:39 ----D---- C:\Počítač
2010-04-01 07:05:37 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-01 07:05:35 ----D---- C:\Program Files\Internet Explorer
2010-03-31 17:23:09 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-03-31 17:23:05 ----D---- C:\WINDOWS\system32\drivers
2010-03-28 16:07:02 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-25 18:34:23 ----SHD---- C:\WINDOWS\Installer
2010-03-25 18:33:23 ----D---- C:\Program Files\Opera
2010-03-22 22:10:28 ----RD---- C:\Program Files
2010-03-22 22:10:28 ----HD---- C:\Program Files\InstallShield Installation Information
2010-03-16 22:42:28 ----D---- C:\Documents and Settings\Etruska\Data aplikací\Mozilla
2010-03-15 23:21:54 ----D---- C:\Program Files\Common Files
2010-03-15 16:53:30 ----D---- C:\Program Files\iTunes
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-03-17 216200]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-03-17 29512]
R1 AvgTdiX;AVG Free Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-03-17 242696]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2006-03-02 39936]
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R2 hcmon;VMware hcmon; \??\C:\WINDOWS\system32\Drivers\hcmon.sys []
R2 VMnetBridge;VMware Bridge Protocol; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [2007-05-01 28592]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\WINDOWS\system32\drivers\vmnetuserif.sys []
R2 vmx86;VMware vmx86; \??\C:\WINDOWS\system32\Drivers\vmx86.sys []
R2 vstor2;Vstor2 Virtual Storage Driver; \??\C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys []
R2 vstor2-ws60;Vstor2 WS60 Virtual Storage Driver; \??\C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys []
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2006-03-02 60800]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2007-04-01 254872]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2007-03-13 44672]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2006-03-02 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-04-01 4484608]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2006-03-02 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-04-12 6738656]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2006-03-02 26496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 vmkbd;VMware kbd; \??\C:\WINDOWS\system32\drivers\VMkbd.sys []
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys [2007-05-01 16816]
S3 af5tp7wu;af5tp7wu; C:\WINDOWS\system32\drivers\af5tp7wu.sys []
S3 aflly9ip;aflly9ip; C:\WINDOWS\system32\drivers\aflly9ip.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\Etruska\LOCALS~1\Temp\catchme.sys []
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt []
S3 GMSIPCI;GMSIPCI; \??\I:\INSTALL\GMSIPCI.SYS []
S3 lgmcbus;LGE Mobile driver (WDM); C:\WINDOWS\system32\DRIVERS\lgmcbus.sys [2008-01-09 83584]
S3 MSICPL;MSICPL; \??\I:\install4\MSICPL.sys []
S3 NTACCESS;NTACCESS; \??\I:\NTACCESS.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\I:\NTGLM7X.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 vmusb;VMware USB Client Driver; C:\WINDOWS\System32\Drivers\vmusb.sys [2007-05-01 30768]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apache2.2;Apache2.2; C:\server\Apache2\bin\httpd.exe [2009-09-28 24645]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 avg9emc;AVG Free E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-03-17 916760]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-03-17 308064]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 MySQL;MySQL; C:\server\mysql\bin\mysqld --defaults-file=C:\server\mysql\my.ini MySQL []
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-04-12 163908]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files\VMware\VMware Workstation\vmware-authd.exe [2007-05-01 109360]
R2 VMnetDHCP;VMware DHCP Service; C:\WINDOWS\system32\vmnetdhcp.exe [2007-05-01 121648]
R2 vmount2;VMware Virtual Mount Manager Extended; C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe [2007-03-23 269104]
R2 VMware NAT Service;VMware NAT Service; C:\WINDOWS\system32\vmnat.exe [2007-05-01 150320]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-01-22 545576]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-24 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ufad-ws60;VMware Agent Service; C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe [2007-04-09 187184]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zpomalení počítače a chybějící systémový soubor
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpomalení počítače a chybějící systémový soubor
Naposledy upravil(a) Etruska dne 14 dub 2010 20:57, celkem upraveno 1 x.
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Zpomalení počítače a chybějící systémový soubor
Zdravím 
Odstraňte prosím log z "Code" a já se na to podívám.
Odstraňte prosím log z "Code" a já se na to podívám.
Re: Zpomalení počítače a chybějící systémový soubor
Hotovo, nenapadlo mě že by to mohl být problém, příště se polepším
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Zpomalení počítače a chybějící systémový soubor
V pořádku. Log v "Code" se strašně špatně čte a bolí z toho oči.
Doporučuji odinstalovat:
C:\Program Files\BitLord\BitLord.exe
P2P sítě a jejich klienti jsou potenciálním bezpečnostním rizikem, prakticky neustále jsou zdrojem virů, zbytečně se vystavujete riziku.
Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
Log v "Code" se strašně špatně čte a bolí z toho oči. Doporučuji odinstalovat:C:\Program Files\BitLord\BitLord.exe
P2P sítě a jejich klienti jsou potenciálním bezpečnostním rizikem, prakticky neustále jsou zdrojem virů, zbytečně se vystavujete riziku.
Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
- Spusťte program, poté klikněte na Prohledat
- Po dokončení, sem vložte logy OTL.Txt a Extras.txt
Re: Zpomalení počítače a chybějící systémový soubor
OTL.txt :
OTL logfile created on: 15.4.2010 16:45:47 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Documents and Settings\Etruska\Plocha
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 006,00 Mb Total Physical Memory | 336,00 Mb Available Physical Memory | 33,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 71,00% Paging File free
Paging file location(s): C:\pagefile.sys 1512 3024 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 119,84 Gb Free Space | 51,46% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 169,15 Gb Free Space | 72,64% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PC1
Current User Name: Etruska
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.04.15 16:37:11 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Etruska\Plocha\OTL.exe
PRC - [2010.04.06 09:37:24 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.04.05 15:59:37 | 002,064,224 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010.04.05 15:59:26 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010.03.17 15:18:05 | 000,508,184 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010.03.17 15:18:03 | 000,617,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010.03.17 15:17:40 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010.03.17 15:15:07 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010.03.17 15:15:05 | 000,710,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2009.09.30 21:19:28 | 006,139,904 | ---- | M] () -- C:\server\mysql\bin\mysqld.exe
PRC - [2009.09.28 23:41:12 | 000,024,645 | ---- | M] (Apache Software Foundation) -- C:\server\Apache2\bin\httpd.exe
PRC - [2009.09.28 23:32:34 | 000,041,051 | ---- | M] (Apache Software Foundation) -- C:\server\Apache2\bin\ApacheMonitor.exe
PRC - [2009.09.24 07:50:10 | 003,520,256 | ---- | M] (Ghisler Software GmbH) -- C:\Program Files\totalcmd\TOTALCMD.EXE
PRC - [2007.05.01 23:52:36 | 000,109,360 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
PRC - [2007.05.01 23:52:36 | 000,068,400 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
PRC - [2007.05.01 23:52:32 | 000,150,320 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\system32\vmnat.exe
PRC - [2007.05.01 23:52:12 | 000,056,112 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Workstation\hqtray.exe
PRC - [2007.05.01 23:51:46 | 000,121,648 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\system32\vmnetdhcp.exe
PRC - [2007.03.23 11:02:52 | 000,269,104 | ---- | M] (VMware, Inc.) -- C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
PRC - [2006.03.02 14:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ==========
MOD - [2010.04.15 16:37:11 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Etruska\Plocha\OTL.exe
MOD - [2006.03.02 14:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2010.03.17 15:17:40 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010.03.17 15:15:07 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009.10.24 12:43:03 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.09.30 21:19:28 | 006,139,904 | ---- | M] () [Auto | Running] -- C:\server\mysql\bin\mysqld.exe -- (MySQL)
SRV - [2009.09.28 23:41:12 | 000,024,645 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\server\Apache2\bin\httpd.exe -- (Apache2.2)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2007.05.01 23:52:36 | 000,109,360 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
SRV - [2007.05.01 23:52:32 | 000,150,320 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\WINDOWS\system32\vmnat.exe -- (VMware NAT Service)
SRV - [2007.05.01 23:51:46 | 000,121,648 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\WINDOWS\system32\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2007.04.09 14:58:14 | 000,187,184 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe -- (ufad-ws60)
SRV - [2007.03.23 11:02:52 | 000,269,104 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe -- (vmount2)
========== Driver Services (SafeList) ==========
DRV - [2010.03.17 15:18:13 | 000,242,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010.03.17 15:18:03 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010.03.17 15:15:05 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010.03.15 23:39:24 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.05.25 01:00:00 | 000,026,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt -- (EverestDriver)
DRV - [2008.08.14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\adfs.sys -- (adfs)
DRV - [2008.01.09 11:22:24 | 000,083,584 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgmcbus.sys -- (lgmcbus) LGE Mobile driver (WDM)
DRV - [2007.05.01 23:52:56 | 000,021,040 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMkbd.sys -- (vmkbd)
DRV - [2007.05.01 23:52:52 | 000,034,608 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hcmon.sys -- (hcmon)
DRV - [2007.05.01 23:52:52 | 000,025,264 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV - [2007.05.01 23:52:50 | 000,430,128 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmx86.sys -- (vmx86)
DRV - [2007.05.01 23:51:02 | 000,030,768 | R--- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vmusb.sys -- (vmusb)
DRV - [2007.05.01 23:51:02 | 000,028,592 | R--- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV - [2007.05.01 23:51:02 | 000,016,816 | R--- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV - [2007.04.12 17:44:00 | 006,738,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2007.04.09 14:55:46 | 000,019,504 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys -- (vstor2-ws60)
DRV - [2007.04.01 07:21:17 | 000,254,872 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel(R)
DRV - [2007.04.01 07:19:28 | 004,484,608 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.03.23 11:03:00 | 000,018,480 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys -- (vstor2)
DRV - [2007.03.13 13:05:30 | 000,044,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel(R)
DRV - [2005.12.31 19:04:55 | 001,699,840 | R--- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\msicpl.dll -- (MSICPL)
DRV - [2005.01.07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = start.qip.ru
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Seznam"
FF - prefs.js..browser.startup.homepage: "www.google.cz"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.783
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 8118
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010.03.17 16:26:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.06 09:37:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.06 09:37:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.03.19 11:04:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
[2010.01.31 22:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etruska\Data aplikací\Mozilla\Extensions
[2010.04.14 06:36:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etruska\Data aplikací\Mozilla\Firefox\Profiles\lxdn6ehf.default\extensions
[2010.02.01 17:39:24 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Etruska\Data aplikací\Mozilla\Firefox\Profiles\lxdn6ehf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.01.31 22:42:24 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.10.05 18:34:50 | 000,118,000 | ---- | M] () -- C:\Program Files\Mozilla Firefox\components\qippipe.dll
[2010.01.16 02:50:40 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.01.16 02:50:40 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.01.16 02:50:40 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.01.16 02:50:40 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.01.16 02:50:40 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2010.04.01 09:55:25 | 000,001,942 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 82.209.32.10 loc.taborranc.cz
O1 - Hosts: 82.209.32.10 loc.phpmyadmin
O1 - Hosts: 82.209.32.10 loc.kurzy-aj.wz.cz
O1 - Hosts: 82.209.32.10 loc.etruska.eu
O1 - Hosts: 82.209.32.10 loc.test-mvc
O1 - Hosts: 82.209.32.10 loc.test
O1 - Hosts: 82.209.32.10 loc.ragnarok
O1 - Hosts: 82.209.32.10 loc.hfest
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 12 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] c:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL File not found
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SW20] C:\WINDOWS\system32\sw20.exe ()
O4 - HKLM..\Run: [SW24] C:\WINDOWS\system32\sw24.exe ()
O4 - HKLM..\Run: [VMware hqtray] C:\Program Files\VMware\VMware Workstation\hqtray.exe (VMware, Inc.)
O4 - HKLM..\Run: [vmware-tray] C:\Program Files\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files\DAEMON Tools Pro\DTProAgent.exe (DT Soft Ltd)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Monitor Apache Servers.lnk = C:\server\Apache2\bin\ApacheMonitor.exe (Apache Software Foundation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Filter\application/xhtml+xml {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter\application/xhtml+xml; charset=iso-8859-1 {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter\application/xhtml+xml; charset=utf-8 {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter\text/xml {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter\text/xml; charset=iso-8859-1 {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter\text/xml; charset=utf-8 {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.10.19 16:30:45 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{047b4200-275e-11df-a619-0019d1f7d720}\Shell - "" = AutoRun
O33 - MountPoints2\{047b4200-275e-11df-a619-0019d1f7d720}\Shell\AutoRun\command - "" = J:\DPFMate.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.04.15 16:37:11 | 000,561,664 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Etruska\Plocha\OTL.exe
[2010.04.15 06:53:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\VMware
[2010.04.13 06:49:20 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010.04.08 22:41:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Etruska\Plocha\ovečka Shaun
[2010.03.22 22:43:49 | 000,000,000 | ---D | C] -- C:\Sounds
[2010.03.22 22:10:30 | 000,012,160 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\lgmcwhnt.sys
[2010.03.22 22:10:30 | 000,012,160 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\lgmcwh.sys
[2010.03.22 22:10:29 | 000,083,584 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\lgmcbus.sys
[2010.03.22 22:10:28 | 000,000,000 | ---D | C] -- C:\Program Files\LG Electronics
[2010.03.22 22:07:59 | 001,164,728 | ---- | C] (NuMedia Soft, Inc.) -- C:\WINDOWS\System32\NMSDVDXU.dll
[2010.03.22 22:07:59 | 000,419,240 | ---- | C] (VideoSoft) -- C:\WINDOWS\System32\Vsflex7L.ocx
[2010.03.22 22:07:58 | 000,630,784 | ---- | C] (ComponentOne) -- C:\WINDOWS\System32\vsflex8u.ocx
[2010.03.22 22:07:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Etruska\Data aplikací\LG Electronics
[2010.03.22 22:07:36 | 000,000,000 | ---D | C] -- C:\Program Files\LG PC Suite II
[2010.03.22 22:07:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Etruska\Data aplikací\InstallShield
[2010.03.20 18:37:28 | 000,000,000 | ---D | C] -- C:\Program Files\PokerStars.NET
[2010.03.20 00:58:16 | 000,000,000 | ---D | C] -- C:\Program Files\Alcohol Soft
[2010.03.17 15:18:03 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010.03.16 16:49:19 | 000,030,768 | R--- | C] (VMware, Inc.) -- C:\WINDOWS\System32\drivers\vmusb.sys
[2009.11.05 22:03:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Apple
[2009.10.23 18:27:03 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2009.10.23 18:27:03 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[2009.10.23 18:27:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2009.10.23 18:27:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.04.15 16:37:11 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Etruska\Plocha\OTL.exe
[2010.04.15 09:20:26 | 058,904,232 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010.04.15 06:55:03 | 000,000,053 | ---- | M] () -- C:\biosinfo
[2010.04.15 06:53:15 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.04.15 06:53:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.04.15 06:50:56 | 002,359,296 | -H-- | M] () -- C:\Documents and Settings\Etruska\NTUSER.DAT
[2010.04.15 06:22:42 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.04.14 22:50:04 | 005,889,614 | -H-- | M] () -- C:\Documents and Settings\Etruska\Local Settings\Data aplikací\IconCache.db
[2010.04.14 21:28:17 | 001,618,332 | ---- | M] () -- C:\Documents and Settings\Etruska\Plocha\No Name Čím to je OFFICIAL HQ.mp3
[2010.04.13 12:16:49 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\Etruska\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.13 12:08:53 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.04.08 21:03:05 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.03.30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.03.30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.03.28 16:07:03 | 000,435,176 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.03.28 16:07:03 | 000,431,708 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.03.28 16:07:03 | 000,068,658 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.03.28 16:07:02 | 001,028,442 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.03.28 16:07:02 | 000,079,262 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.03.25 18:33:34 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Opera.lnk
[2010.03.22 22:08:10 | 000,001,459 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\LG PC Suite II.lnk
[2010.03.20 18:37:56 | 000,000,768 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\PokerStars.net.lnk
[2010.03.20 15:52:57 | 000,000,275 | ---- | M] () -- C:\Documents and Settings\Etruska\Dokumenty\ax_files.xml
[2010.03.20 00:58:46 | 000,000,833 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Alcohol 120%.lnk
[2010.03.17 15:18:13 | 000,242,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010.03.17 15:18:03 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010.03.17 15:18:03 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010.03.17 15:15:05 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.04.14 21:28:05 | 001,618,332 | ---- | C] () -- C:\Documents and Settings\Etruska\Plocha\No Name Čím to je OFFICIAL HQ.mp3
[2010.03.22 22:08:10 | 000,001,459 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\LG PC Suite II.lnk
[2010.03.20 18:37:56 | 000,000,768 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\PokerStars.net.lnk
[2010.03.20 15:52:57 | 000,000,275 | ---- | C] () -- C:\Documents and Settings\Etruska\Dokumenty\ax_files.xml
[2010.03.20 00:58:46 | 000,000,833 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Alcohol 120%.lnk
[2010.03.15 23:39:24 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.03.11 20:28:29 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Etruska\Data aplikací\winscp.rnd
[2009.11.06 00:59:31 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\Etruska\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.10.25 23:49:26 | 000,046,722 | ---- | C] () -- C:\WINDOWS\php.ini
[2009.10.25 23:36:15 | 002,076,672 | ---- | C] () -- C:\WINDOWS\System32\libmysql.dll
[2009.10.25 23:36:15 | 000,464,172 | ---- | C] () -- C:\WINDOWS\System32\libpq.dll
[2009.10.25 23:36:15 | 000,166,912 | ---- | C] () -- C:\WINDOWS\System32\libmcrypt.dll
[2009.10.25 23:36:15 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\msql.dll
[2009.10.25 23:36:14 | 001,110,849 | ---- | C] () -- C:\WINDOWS\System32\aspell-15.dll
[2009.10.19 17:06:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\msicpl.ini
[2009.10.19 17:03:59 | 000,131,072 | R--- | C] () -- C:\WINDOWS\System32\smdll.dll
[2009.10.19 17:03:58 | 000,253,952 | R--- | C] () -- C:\WINDOWS\System32\HookMAp.dll
[2009.10.19 17:03:58 | 000,032,768 | R--- | C] () -- C:\WINDOWS\System32\Auxiliary.dll
[2009.10.19 17:03:57 | 000,262,144 | R--- | C] () -- C:\WINDOWS\System32\HookShield.dll
[2009.10.19 17:03:57 | 000,009,728 | R--- | C] () -- C:\WINDOWS\System32\sysinfoX64.sys
[2009.10.19 17:03:57 | 000,008,192 | R--- | C] () -- C:\WINDOWS\System32\sysinfo.sys
[2009.10.19 16:34:28 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\Etruska\ntuser.dat.LOG
[2009.10.19 16:34:28 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Etruska\ntuser.ini
[2009.10.19 16:34:27 | 002,359,296 | -H-- | C] () -- C:\Documents and Settings\Etruska\NTUSER.DAT
[2007.04.12 17:44:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007.04.12 17:44:00 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007.04.12 17:44:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007.04.12 17:44:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007.04.12 17:44:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006.03.02 14:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
< End of report >
Extras.txt:
OTL Extras logfile created on: 15.4.2010 16:45:47 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Documents and Settings\Etruska\Plocha
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 006,00 Mb Total Physical Memory | 336,00 Mb Available Physical Memory | 33,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 71,00% Paging File free
Paging file location(s): C:\pagefile.sys 1512 3024 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 119,84 Gb Free Space | 51,46% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 169,15 Gb Free Space | 72,64% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PC1
Current User Name: Etruska
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\totalcmd\TOTALCMD.EXE" = C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit -- (Ghisler Software GmbH)
"C:\Program Files\BitLord\BitLord.exe" = C:\Program Files\BitLord\BitLord.exe:*:Enabled:BitLord -- File not found
"C:\Program Files\AVG\AVG9\avgemc.exe" = C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)
"C:\Program Files\QIP Infium\infium.exe" = C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium -- (QIP)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\iPhone\TunnelierPortable\itunnel.exe" = C:\iPhone\TunnelierPortable\itunnel.exe:*:Enabled:itunnel -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}" = Opera 10.51
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0EE5DC1E-0F1E-4456-874C-A52916C13A14}" = MySQL Server 5.4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{16F0EE77-B2B1-4417-A8CC-07E06C78CCC4}" = Rename4u
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{2cb8101f-1f9a-4c9e-81b4-8a0f19d1e60e}" = Nero 9 Lite
"{32F66A20-7614-11D4-BD11-00104BD3F987}" = MathPlayer
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{40FDDCC8-1054-467A-A43F-40C32F2BCBBA}" = CZEN layout 2
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{6059C682-4C5F-4106-8487-943E98225D3B}" = LG MC USB Modem driver
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel(R) PRO Network Connections 12.1.2.9
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{824BADF8-9A1B-4D07-8817-8DDDC8543F23}" = OpenOffice.org 3.1
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{85262A06-2D8C-4BC1-B6ED-5A705D09CFFC}" = Apache HTTP Server 2.2.14
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{99E66BC9-E4B6-485F-ABFC-31EFCE36DFDF}" = Microsoft Keyboard Layout Creator 1.4
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}" = VMware Workstation
"{A4320FD7-AA7C-4A5A-A1A4-01DC2044C9FE}" = LG PC Suite II
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C69405BB-27AF-4940-B3DA-04910B4DFD23}_is1" = aTube Catcher 1.0
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}" = iTunes
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"7-Zip" = 7-Zip 4.65
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"AVG9Uninstall" = AVG Free 9.0
"Avidemux 2.5" = Avidemux 2.5
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DiskAid_is1" = DiskAid 3.11
"eBay Icon" = eBay Icon
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.02
"HECI" = Intel(R) Management Engine Interface
"HijackThis" = HijackThis 2.0.2
"HyperCam 2" = HyperCam 2
"IETester" = IETester v0.4.2 (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MozBackup_is1" = MozBackup 1.4.7
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"Mozilla Thunderbird (2.0.0.24)" = Mozilla Thunderbird (2.0.0.24)
"PokerStars.net" = PokerStars.net
"PSPad editor_is1" = PSPad editor
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 1.0.3
"WIC" = Windows Imaging Component
"WinRAR archiver" = WinRAR
"winscp3_is1" = WinSCP 4.2.7
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP Infium" = QIP Infium 2.0.9032 RC4
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 22.11.2009 10:46:45 | Computer Name = PC1 | Source = Application Error | ID = 1000
Description = Chybující aplikace ietester.exe, verze 0.4.2.0, chybující modul unknown,
verze 0.0.0.0, adresa chyby 0x7e901089.
Error - 24.11.2009 3:15:09 | Computer Name = PC1 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Nelze rozpoznat název nebo adresu serveru.
Error - 10.12.2009 11:48:30 | Computer Name = PC1 | Source = ESENT | ID = 490
Description = svchost (1220) Pokus o otevření souboru C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces
nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření
souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).
Error - 10.12.2009 11:48:30 | Computer Name = PC1 | Source = ESENT | ID = 470
Description = Catalog Database (1220) Databáze C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
je částečně připojena. Fáze připojení: 3. Chyba: -1032
Error - 18.12.2009 7:40:43 | Computer Name = PC1 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Nelze rozpoznat název nebo adresu serveru.
Error - 3.1.2010 7:02:29 | Computer Name = PC1 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 1.9.1.3622, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 3.1.2010 7:30:56 | Computer Name = PC1 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 1.9.1.3622, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 3.1.2010 8:38:09 | Computer Name = PC1 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 1.9.1.3622, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 4.1.2010 18:34:50 | Computer Name = PC1 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 1.9.1.3622, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 8.1.2010 8:55:15 | Computer Name = PC1 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace opera.exe, verze 10.0.1750.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
[ System Events ]
Error - 6.4.2010 14:50:56 | Computer Name = PC1 | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort3 neodpovídá v periodě časového limitu.
Error - 8.4.2010 8:51:33 | Computer Name = PC1 | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort2 neodpovídá v periodě časového limitu.
Error - 9.4.2010 2:39:21 | Computer Name = PC1 | Source = DCOM | ID = 10010
Description = Server {1BE1F766-5536-11D1-B726-00C04FB926AF} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 9.4.2010 13:02:08 | Computer Name = PC1 | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort3 neodpovídá v periodě časového limitu.
Error - 10.4.2010 4:20:31 | Computer Name = PC1 | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort3 neodpovídá v periodě časového limitu.
Error - 10.4.2010 4:20:45 | Computer Name = PC1 | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort3 neodpovídá v periodě časového limitu.
Error - 10.4.2010 4:22:49 | Computer Name = PC1 | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort3 neodpovídá v periodě časového limitu.
Error - 14.4.2010 10:36:09 | Computer Name = PC1 | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort3 neodpovídá v periodě časového limitu.
Error - 14.4.2010 11:03:09 | Computer Name = PC1 | Source = System Error | ID = 1003
Description = Kód chyby 0000007a, parametr1 c0783690, parametr2 c000000e, parametr3
f06d2a13, parametr4 0103a860.
Error - 14.4.2010 11:03:17 | Computer Name = PC1 | Source = System Error | ID = 1003
Description = Kód chyby 0000007a, parametr1 c0788ac0, parametr2 c000000e, parametr3
f1158a13, parametr4 1c7e5860.
< End of report >
OTL logfile created on: 15.4.2010 16:45:47 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Documents and Settings\Etruska\Plocha
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 006,00 Mb Total Physical Memory | 336,00 Mb Available Physical Memory | 33,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 71,00% Paging File free
Paging file location(s): C:\pagefile.sys 1512 3024 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 119,84 Gb Free Space | 51,46% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 169,15 Gb Free Space | 72,64% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PC1
Current User Name: Etruska
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.04.15 16:37:11 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Etruska\Plocha\OTL.exe
PRC - [2010.04.06 09:37:24 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.04.05 15:59:37 | 002,064,224 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010.04.05 15:59:26 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010.03.17 15:18:05 | 000,508,184 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010.03.17 15:18:03 | 000,617,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010.03.17 15:17:40 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010.03.17 15:15:07 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010.03.17 15:15:05 | 000,710,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2009.09.30 21:19:28 | 006,139,904 | ---- | M] () -- C:\server\mysql\bin\mysqld.exe
PRC - [2009.09.28 23:41:12 | 000,024,645 | ---- | M] (Apache Software Foundation) -- C:\server\Apache2\bin\httpd.exe
PRC - [2009.09.28 23:32:34 | 000,041,051 | ---- | M] (Apache Software Foundation) -- C:\server\Apache2\bin\ApacheMonitor.exe
PRC - [2009.09.24 07:50:10 | 003,520,256 | ---- | M] (Ghisler Software GmbH) -- C:\Program Files\totalcmd\TOTALCMD.EXE
PRC - [2007.05.01 23:52:36 | 000,109,360 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
PRC - [2007.05.01 23:52:36 | 000,068,400 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
PRC - [2007.05.01 23:52:32 | 000,150,320 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\system32\vmnat.exe
PRC - [2007.05.01 23:52:12 | 000,056,112 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Workstation\hqtray.exe
PRC - [2007.05.01 23:51:46 | 000,121,648 | ---- | M] (VMware, Inc.) -- C:\WINDOWS\system32\vmnetdhcp.exe
PRC - [2007.03.23 11:02:52 | 000,269,104 | ---- | M] (VMware, Inc.) -- C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
PRC - [2006.03.02 14:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ==========
MOD - [2010.04.15 16:37:11 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Etruska\Plocha\OTL.exe
MOD - [2006.03.02 14:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2010.03.17 15:17:40 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010.03.17 15:15:07 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009.10.24 12:43:03 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.09.30 21:19:28 | 006,139,904 | ---- | M] () [Auto | Running] -- C:\server\mysql\bin\mysqld.exe -- (MySQL)
SRV - [2009.09.28 23:41:12 | 000,024,645 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\server\Apache2\bin\httpd.exe -- (Apache2.2)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2007.05.01 23:52:36 | 000,109,360 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
SRV - [2007.05.01 23:52:32 | 000,150,320 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\WINDOWS\system32\vmnat.exe -- (VMware NAT Service)
SRV - [2007.05.01 23:51:46 | 000,121,648 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\WINDOWS\system32\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2007.04.09 14:58:14 | 000,187,184 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe -- (ufad-ws60)
SRV - [2007.03.23 11:02:52 | 000,269,104 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe -- (vmount2)
========== Driver Services (SafeList) ==========
DRV - [2010.03.17 15:18:13 | 000,242,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010.03.17 15:18:03 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010.03.17 15:15:05 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010.03.15 23:39:24 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.05.25 01:00:00 | 000,026,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt -- (EverestDriver)
DRV - [2008.08.14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\adfs.sys -- (adfs)
DRV - [2008.01.09 11:22:24 | 000,083,584 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgmcbus.sys -- (lgmcbus) LGE Mobile driver (WDM)
DRV - [2007.05.01 23:52:56 | 000,021,040 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMkbd.sys -- (vmkbd)
DRV - [2007.05.01 23:52:52 | 000,034,608 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hcmon.sys -- (hcmon)
DRV - [2007.05.01 23:52:52 | 000,025,264 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV - [2007.05.01 23:52:50 | 000,430,128 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmx86.sys -- (vmx86)
DRV - [2007.05.01 23:51:02 | 000,030,768 | R--- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vmusb.sys -- (vmusb)
DRV - [2007.05.01 23:51:02 | 000,028,592 | R--- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV - [2007.05.01 23:51:02 | 000,016,816 | R--- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV - [2007.04.12 17:44:00 | 006,738,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2007.04.09 14:55:46 | 000,019,504 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys -- (vstor2-ws60)
DRV - [2007.04.01 07:21:17 | 000,254,872 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel(R)
DRV - [2007.04.01 07:19:28 | 004,484,608 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.03.23 11:03:00 | 000,018,480 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys -- (vstor2)
DRV - [2007.03.13 13:05:30 | 000,044,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel(R)
DRV - [2005.12.31 19:04:55 | 001,699,840 | R--- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\msicpl.dll -- (MSICPL)
DRV - [2005.01.07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = start.qip.ru
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Seznam"
FF - prefs.js..browser.startup.homepage: "www.google.cz"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.783
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 8118
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010.03.17 16:26:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.06 09:37:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.06 09:37:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.03.19 11:04:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
[2010.01.31 22:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etruska\Data aplikací\Mozilla\Extensions
[2010.04.14 06:36:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Etruska\Data aplikací\Mozilla\Firefox\Profiles\lxdn6ehf.default\extensions
[2010.02.01 17:39:24 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Etruska\Data aplikací\Mozilla\Firefox\Profiles\lxdn6ehf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.01.31 22:42:24 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.10.05 18:34:50 | 000,118,000 | ---- | M] () -- C:\Program Files\Mozilla Firefox\components\qippipe.dll
[2010.01.16 02:50:40 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.01.16 02:50:40 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.01.16 02:50:40 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.01.16 02:50:40 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.01.16 02:50:40 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2010.04.01 09:55:25 | 000,001,942 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 82.209.32.10 loc.taborranc.cz
O1 - Hosts: 82.209.32.10 loc.phpmyadmin
O1 - Hosts: 82.209.32.10 loc.kurzy-aj.wz.cz
O1 - Hosts: 82.209.32.10 loc.etruska.eu
O1 - Hosts: 82.209.32.10 loc.test-mvc
O1 - Hosts: 82.209.32.10 loc.test
O1 - Hosts: 82.209.32.10 loc.ragnarok
O1 - Hosts: 82.209.32.10 loc.hfest
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 12 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] c:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL File not found
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SW20] C:\WINDOWS\system32\sw20.exe ()
O4 - HKLM..\Run: [SW24] C:\WINDOWS\system32\sw24.exe ()
O4 - HKLM..\Run: [VMware hqtray] C:\Program Files\VMware\VMware Workstation\hqtray.exe (VMware, Inc.)
O4 - HKLM..\Run: [vmware-tray] C:\Program Files\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files\DAEMON Tools Pro\DTProAgent.exe (DT Soft Ltd)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Monitor Apache Servers.lnk = C:\server\Apache2\bin\ApacheMonitor.exe (Apache Software Foundation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Filter\application/xhtml+xml {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter\application/xhtml+xml; charset=iso-8859-1 {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter\application/xhtml+xml; charset=utf-8 {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter\text/xml {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter\text/xml; charset=iso-8859-1 {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter\text/xml; charset=utf-8 {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.10.19 16:30:45 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{047b4200-275e-11df-a619-0019d1f7d720}\Shell - "" = AutoRun
O33 - MountPoints2\{047b4200-275e-11df-a619-0019d1f7d720}\Shell\AutoRun\command - "" = J:\DPFMate.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.04.15 16:37:11 | 000,561,664 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Etruska\Plocha\OTL.exe
[2010.04.15 06:53:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\VMware
[2010.04.13 06:49:20 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010.04.08 22:41:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Etruska\Plocha\ovečka Shaun
[2010.03.22 22:43:49 | 000,000,000 | ---D | C] -- C:\Sounds
[2010.03.22 22:10:30 | 000,012,160 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\lgmcwhnt.sys
[2010.03.22 22:10:30 | 000,012,160 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\lgmcwh.sys
[2010.03.22 22:10:29 | 000,083,584 | ---- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\lgmcbus.sys
[2010.03.22 22:10:28 | 000,000,000 | ---D | C] -- C:\Program Files\LG Electronics
[2010.03.22 22:07:59 | 001,164,728 | ---- | C] (NuMedia Soft, Inc.) -- C:\WINDOWS\System32\NMSDVDXU.dll
[2010.03.22 22:07:59 | 000,419,240 | ---- | C] (VideoSoft) -- C:\WINDOWS\System32\Vsflex7L.ocx
[2010.03.22 22:07:58 | 000,630,784 | ---- | C] (ComponentOne) -- C:\WINDOWS\System32\vsflex8u.ocx
[2010.03.22 22:07:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Etruska\Data aplikací\LG Electronics
[2010.03.22 22:07:36 | 000,000,000 | ---D | C] -- C:\Program Files\LG PC Suite II
[2010.03.22 22:07:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Etruska\Data aplikací\InstallShield
[2010.03.20 18:37:28 | 000,000,000 | ---D | C] -- C:\Program Files\PokerStars.NET
[2010.03.20 00:58:16 | 000,000,000 | ---D | C] -- C:\Program Files\Alcohol Soft
[2010.03.17 15:18:03 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010.03.16 16:49:19 | 000,030,768 | R--- | C] (VMware, Inc.) -- C:\WINDOWS\System32\drivers\vmusb.sys
[2009.11.05 22:03:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Apple
[2009.10.23 18:27:03 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2009.10.23 18:27:03 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[2009.10.23 18:27:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2009.10.23 18:27:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.04.15 16:37:11 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Etruska\Plocha\OTL.exe
[2010.04.15 09:20:26 | 058,904,232 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010.04.15 06:55:03 | 000,000,053 | ---- | M] () -- C:\biosinfo
[2010.04.15 06:53:15 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.04.15 06:53:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.04.15 06:50:56 | 002,359,296 | -H-- | M] () -- C:\Documents and Settings\Etruska\NTUSER.DAT
[2010.04.15 06:22:42 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.04.14 22:50:04 | 005,889,614 | -H-- | M] () -- C:\Documents and Settings\Etruska\Local Settings\Data aplikací\IconCache.db
[2010.04.14 21:28:17 | 001,618,332 | ---- | M] () -- C:\Documents and Settings\Etruska\Plocha\No Name Čím to je OFFICIAL HQ.mp3
[2010.04.13 12:16:49 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\Etruska\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.13 12:08:53 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.04.08 21:03:05 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.03.30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.03.30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.03.28 16:07:03 | 000,435,176 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.03.28 16:07:03 | 000,431,708 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.03.28 16:07:03 | 000,068,658 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.03.28 16:07:02 | 001,028,442 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.03.28 16:07:02 | 000,079,262 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.03.25 18:33:34 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Opera.lnk
[2010.03.22 22:08:10 | 000,001,459 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\LG PC Suite II.lnk
[2010.03.20 18:37:56 | 000,000,768 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\PokerStars.net.lnk
[2010.03.20 15:52:57 | 000,000,275 | ---- | M] () -- C:\Documents and Settings\Etruska\Dokumenty\ax_files.xml
[2010.03.20 00:58:46 | 000,000,833 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Alcohol 120%.lnk
[2010.03.17 15:18:13 | 000,242,696 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010.03.17 15:18:03 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010.03.17 15:18:03 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010.03.17 15:15:05 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.04.14 21:28:05 | 001,618,332 | ---- | C] () -- C:\Documents and Settings\Etruska\Plocha\No Name Čím to je OFFICIAL HQ.mp3
[2010.03.22 22:08:10 | 000,001,459 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\LG PC Suite II.lnk
[2010.03.20 18:37:56 | 000,000,768 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\PokerStars.net.lnk
[2010.03.20 15:52:57 | 000,000,275 | ---- | C] () -- C:\Documents and Settings\Etruska\Dokumenty\ax_files.xml
[2010.03.20 00:58:46 | 000,000,833 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Alcohol 120%.lnk
[2010.03.15 23:39:24 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.03.11 20:28:29 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Etruska\Data aplikací\winscp.rnd
[2009.11.06 00:59:31 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\Etruska\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.10.25 23:49:26 | 000,046,722 | ---- | C] () -- C:\WINDOWS\php.ini
[2009.10.25 23:36:15 | 002,076,672 | ---- | C] () -- C:\WINDOWS\System32\libmysql.dll
[2009.10.25 23:36:15 | 000,464,172 | ---- | C] () -- C:\WINDOWS\System32\libpq.dll
[2009.10.25 23:36:15 | 000,166,912 | ---- | C] () -- C:\WINDOWS\System32\libmcrypt.dll
[2009.10.25 23:36:15 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\msql.dll
[2009.10.25 23:36:14 | 001,110,849 | ---- | C] () -- C:\WINDOWS\System32\aspell-15.dll
[2009.10.19 17:06:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\msicpl.ini
[2009.10.19 17:03:59 | 000,131,072 | R--- | C] () -- C:\WINDOWS\System32\smdll.dll
[2009.10.19 17:03:58 | 000,253,952 | R--- | C] () -- C:\WINDOWS\System32\HookMAp.dll
[2009.10.19 17:03:58 | 000,032,768 | R--- | C] () -- C:\WINDOWS\System32\Auxiliary.dll
[2009.10.19 17:03:57 | 000,262,144 | R--- | C] () -- C:\WINDOWS\System32\HookShield.dll
[2009.10.19 17:03:57 | 000,009,728 | R--- | C] () -- C:\WINDOWS\System32\sysinfoX64.sys
[2009.10.19 17:03:57 | 000,008,192 | R--- | C] () -- C:\WINDOWS\System32\sysinfo.sys
[2009.10.19 16:34:28 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\Etruska\ntuser.dat.LOG
[2009.10.19 16:34:28 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Etruska\ntuser.ini
[2009.10.19 16:34:27 | 002,359,296 | -H-- | C] () -- C:\Documents and Settings\Etruska\NTUSER.DAT
[2007.04.12 17:44:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007.04.12 17:44:00 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2007.04.12 17:44:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007.04.12 17:44:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007.04.12 17:44:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006.03.02 14:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
< End of report >
Extras.txt:
OTL Extras logfile created on: 15.4.2010 16:45:47 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Documents and Settings\Etruska\Plocha
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 006,00 Mb Total Physical Memory | 336,00 Mb Available Physical Memory | 33,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 71,00% Paging File free
Paging file location(s): C:\pagefile.sys 1512 3024 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 119,84 Gb Free Space | 51,46% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 169,15 Gb Free Space | 72,64% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PC1
Current User Name: Etruska
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\totalcmd\TOTALCMD.EXE" = C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit -- (Ghisler Software GmbH)
"C:\Program Files\BitLord\BitLord.exe" = C:\Program Files\BitLord\BitLord.exe:*:Enabled:BitLord -- File not found
"C:\Program Files\AVG\AVG9\avgemc.exe" = C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)
"C:\Program Files\QIP Infium\infium.exe" = C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium -- (QIP)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\iPhone\TunnelierPortable\itunnel.exe" = C:\iPhone\TunnelierPortable\itunnel.exe:*:Enabled:itunnel -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}" = Opera 10.51
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0EE5DC1E-0F1E-4456-874C-A52916C13A14}" = MySQL Server 5.4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{16F0EE77-B2B1-4417-A8CC-07E06C78CCC4}" = Rename4u
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{2cb8101f-1f9a-4c9e-81b4-8a0f19d1e60e}" = Nero 9 Lite
"{32F66A20-7614-11D4-BD11-00104BD3F987}" = MathPlayer
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{40FDDCC8-1054-467A-A43F-40C32F2BCBBA}" = CZEN layout 2
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{6059C682-4C5F-4106-8487-943E98225D3B}" = LG MC USB Modem driver
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel(R) PRO Network Connections 12.1.2.9
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{824BADF8-9A1B-4D07-8817-8DDDC8543F23}" = OpenOffice.org 3.1
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{85262A06-2D8C-4BC1-B6ED-5A705D09CFFC}" = Apache HTTP Server 2.2.14
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{99E66BC9-E4B6-485F-ABFC-31EFCE36DFDF}" = Microsoft Keyboard Layout Creator 1.4
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}" = VMware Workstation
"{A4320FD7-AA7C-4A5A-A1A4-01DC2044C9FE}" = LG PC Suite II
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C69405BB-27AF-4940-B3DA-04910B4DFD23}_is1" = aTube Catcher 1.0
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}" = iTunes
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"7-Zip" = 7-Zip 4.65
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"AVG9Uninstall" = AVG Free 9.0
"Avidemux 2.5" = Avidemux 2.5
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DiskAid_is1" = DiskAid 3.11
"eBay Icon" = eBay Icon
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.02
"HECI" = Intel(R) Management Engine Interface
"HijackThis" = HijackThis 2.0.2
"HyperCam 2" = HyperCam 2
"IETester" = IETester v0.4.2 (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MozBackup_is1" = MozBackup 1.4.7
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"Mozilla Thunderbird (2.0.0.24)" = Mozilla Thunderbird (2.0.0.24)
"PokerStars.net" = PokerStars.net
"PSPad editor_is1" = PSPad editor
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 1.0.3
"WIC" = Windows Imaging Component
"WinRAR archiver" = WinRAR
"winscp3_is1" = WinSCP 4.2.7
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP Infium" = QIP Infium 2.0.9032 RC4
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 22.11.2009 10:46:45 | Computer Name = PC1 | Source = Application Error | ID = 1000
Description = Chybující aplikace ietester.exe, verze 0.4.2.0, chybující modul unknown,
verze 0.0.0.0, adresa chyby 0x7e901089.
Error - 24.11.2009 3:15:09 | Computer Name = PC1 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Nelze rozpoznat název nebo adresu serveru.
Error - 10.12.2009 11:48:30 | Computer Name = PC1 | Source = ESENT | ID = 490
Description = svchost (1220) Pokus o otevření souboru C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces
nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření
souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).
Error - 10.12.2009 11:48:30 | Computer Name = PC1 | Source = ESENT | ID = 470
Description = Catalog Database (1220) Databáze C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
je částečně připojena. Fáze připojení: 3. Chyba: -1032
Error - 18.12.2009 7:40:43 | Computer Name = PC1 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Nelze rozpoznat název nebo adresu serveru.
Error - 3.1.2010 7:02:29 | Computer Name = PC1 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 1.9.1.3622, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 3.1.2010 7:30:56 | Computer Name = PC1 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 1.9.1.3622, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 3.1.2010 8:38:09 | Computer Name = PC1 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 1.9.1.3622, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 4.1.2010 18:34:50 | Computer Name = PC1 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 1.9.1.3622, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 8.1.2010 8:55:15 | Computer Name = PC1 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace opera.exe, verze 10.0.1750.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
[ System Events ]
Error - 6.4.2010 14:50:56 | Computer Name = PC1 | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort3 neodpovídá v periodě časového limitu.
Error - 8.4.2010 8:51:33 | Computer Name = PC1 | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort2 neodpovídá v periodě časového limitu.
Error - 9.4.2010 2:39:21 | Computer Name = PC1 | Source = DCOM | ID = 10010
Description = Server {1BE1F766-5536-11D1-B726-00C04FB926AF} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 9.4.2010 13:02:08 | Computer Name = PC1 | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort3 neodpovídá v periodě časového limitu.
Error - 10.4.2010 4:20:31 | Computer Name = PC1 | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort3 neodpovídá v periodě časového limitu.
Error - 10.4.2010 4:20:45 | Computer Name = PC1 | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort3 neodpovídá v periodě časového limitu.
Error - 10.4.2010 4:22:49 | Computer Name = PC1 | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort3 neodpovídá v periodě časového limitu.
Error - 14.4.2010 10:36:09 | Computer Name = PC1 | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort3 neodpovídá v periodě časového limitu.
Error - 14.4.2010 11:03:09 | Computer Name = PC1 | Source = System Error | ID = 1003
Description = Kód chyby 0000007a, parametr1 c0783690, parametr2 c000000e, parametr3
f06d2a13, parametr4 0103a860.
Error - 14.4.2010 11:03:17 | Computer Name = PC1 | Source = System Error | ID = 1003
Description = Kód chyby 0000007a, parametr1 c0788ac0, parametr2 c000000e, parametr3
f1158a13, parametr4 1c7e5860.
< End of report >
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Zpomalení počítače a chybějící systémový soubor
Spusťte OTL a do spodního okna vložte následující skript.
Kód: Vybrat vše
:OTL
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = start.qip.ru
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
O4 - HKLM..\Run: [SW20] C:\WINDOWS\system32\sw20.exe ()
O4 - HKLM..\Run: [SW24] C:\WINDOWS\system32\sw24.exe ()
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
:Commands
[PURITY]
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[RESETHOSTS]
[CREATERESTOREPOINT]
[REBOOT] - Nainstalujte a v průběhu instalace odškrtněte, že chcete instalovat yahoo toolbar.
Záložka Čistič - Dejte analyzovat, po dokončení dejte Spustit Ccleaner.
Záložka Registry - Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.
OK Zavřít
Re: Zpomalení počítače a chybějící systémový soubor
Děkuji vám za váš čas a ochotu. Tady je log z OTL:
All processes killed
========== OTL ==========
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SW20 deleted successfully.
C:\WINDOWS\system32\sw20.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SW24 deleted successfully.
C:\WINDOWS\system32\sw24.exe moved successfully.
C:\WINDOWS\SET21.tmp deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: Etruska
->Temp folder emptied: 1074955930 bytes
->Temporary Internet Files folder emptied: 17772559 bytes
->FireFox cache emptied: 85363422 bytes
->Flash cache emptied: 64374 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1024715 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1567613 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 2642087330 bytes
Total Files Cleaned = 3 646,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: Etruska
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
Restore points cleared and new OTL Restore Point set!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.
OTL by OldTimer - Version 3.2.1.1 log created on 04152010_173855
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
All processes killed
========== OTL ==========
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SW20 deleted successfully.
C:\WINDOWS\system32\sw20.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SW24 deleted successfully.
C:\WINDOWS\system32\sw24.exe moved successfully.
C:\WINDOWS\SET21.tmp deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: Etruska
->Temp folder emptied: 1074955930 bytes
->Temporary Internet Files folder emptied: 17772559 bytes
->FireFox cache emptied: 85363422 bytes
->Flash cache emptied: 64374 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1024715 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1567613 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 2642087330 bytes
Total Files Cleaned = 3 646,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: Etruska
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
Restore points cleared and new OTL Restore Point set!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.
OTL by OldTimer - Version 3.2.1.1 log created on 04152010_173855
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Zpomalení počítače a chybějící systémový soubor
Jestli je počítač rychlejší to zatím nedokážu posoudit, ale po restartování se chyba neobjevila. Myslíte, že závada byla v registrech? Každopádně ještě jednou děkuji
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Zpomalení počítače a chybějící systémový soubor
Ano, bylo to v registrech + nějaký vir. Poprosím o nový log z RSIT.
Re: Zpomalení počítače a chybějící systémový soubor
Tady je:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Etruska at 2010-04-15 18:51:13
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 128 GB (54%) free of 238 GB
Total RAM: 1006 MB (39% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:51:20, on 15.4.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
C:\server\Apache2\bin\httpd.exe
C:\Program Files\VMware\VMware Workstation\hqtray.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\server\mysql\bin\mysqld.exe
C:\server\Apache2\bin\ApacheMonitor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\server\Apache2\bin\httpd.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\system32\vmnat.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\QIP Infium\infium.exe
C:\Documents and Settings\Etruska\Plocha\RSIT.exe
C:\Documents and Settings\Etruska\Plocha\Etruska.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "c:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [vmware-tray] C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files\VMware\VMware Workstation\hqtray.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" -autorun
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Monitor Apache Servers.lnk = C:\server\Apache2\bin\ApacheMonitor.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP Infium\infium.exe (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{EFC8F911-F3B6-4304-A8A9-7F91579C54DB}: NameServer = 62.129.50.20,85.135.32.100
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Filter: application/xhtml+xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: application/xhtml+xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apache2.2 - Apache Software Foundation - C:\server\Apache2\bin\httpd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MySQL - Unknown owner - C:\server\mysql\bin\mysqld (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
--
End of file - 7925 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-12-21 61888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-04-05 1602912]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-04-01 16125440]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2007-04-01 2879488]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-04-12 8429568]
"nwiz"=nwiz.exe /install []
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-04-05 2064224]
"AdobeCS4ServiceManager"=c:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-11 417792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-01-22 141608]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"vmware-tray"=C:\Program Files\VMware\VMware Workstation\vmware-tray.exe [2007-05-01 68400]
"VMware hqtray"=C:\Program Files\VMware\VMware Workstation\hqtray.exe [2007-05-01 56112]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Pro Agent"=C:\Program Files\DAEMON Tools Pro\DTProAgent.exe [2009-12-18 427328]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2009-11-15 33120]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Monitor Apache Servers.lnk - C:\server\Apache2\bin\ApacheMonitor.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-03-17 12464]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"LegalNoticeText"=
"LegalNoticeCaption"=
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"C:\Program Files\BitLord\BitLord.exe"="C:\Program Files\BitLord\BitLord.exe:*:Enabled:BitLord"
"C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\QIP Infium\infium.exe"="C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\iPhone\TunnelierPortable\itunnel.exe"="C:\iPhone\TunnelierPortable\itunnel.exe:*:Enabled:itunnel"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{047b4200-275e-11df-a619-0019d1f7d720}]
shell\AutoRun\command - J:\DPFMate.exe
======File associations======
.js - open - "C:\Program Files\PSPad editor\PSPad.exe" "%1"
======List of files/folders created in the last 1 months======
2010-04-15 17:38:55 ----D---- C:\_OTL
2010-04-15 06:22:56 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-15 06:22:37 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-15 06:22:29 ----HDC---- C:\WINDOWS\$NtUninstallKB981350$
2010-04-15 06:18:28 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-15 06:18:07 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-15 06:17:57 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-15 06:17:49 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-04-15 06:16:52 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9L$
2010-04-13 06:49:20 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-04-01 07:05:20 ----HDC---- C:\WINDOWS\$NtUninstallKB980182$
2010-03-31 17:23:10 ----A---- C:\mbam-error.txt
2010-03-22 22:43:49 ----D---- C:\Sounds
2010-03-22 22:10:28 ----D---- C:\Program Files\LG Electronics
2010-03-22 22:07:59 ----A---- C:\WINDOWS\system32\NMSDVDXU.dll
2010-03-22 22:07:37 ----D---- C:\Documents and Settings\Etruska\Data aplikací\LG Electronics
2010-03-22 22:07:36 ----D---- C:\Program Files\LG PC Suite II
2010-03-22 22:07:10 ----D---- C:\Documents and Settings\Etruska\Data aplikací\InstallShield
2010-03-20 18:37:28 ----D---- C:\Program Files\PokerStars.NET
2010-03-20 00:58:16 ----D---- C:\Program Files\Alcohol Soft
2010-03-17 15:18:03 ----A---- C:\WINDOWS\system32\avgrsstx.dll
======List of files/folders modified in the last 1 months======
2010-04-15 18:51:18 ----D---- C:\WINDOWS\Prefetch
2010-04-15 18:43:29 ----D---- C:\WINDOWS\temp
2010-04-15 18:43:28 ----D---- C:\WINDOWS
2010-04-15 18:42:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\VMware
2010-04-15 18:41:59 ----D---- C:\Documents and Settings\Etruska\Data aplikací\VMware
2010-04-15 18:39:11 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-15 18:28:39 ----D---- C:\Počítač
2010-04-15 18:27:46 ----D---- C:\WINDOWS\Debug
2010-04-15 18:27:45 ----D---- C:\WINDOWS\Minidump
2010-04-15 17:40:08 ----D---- C:\WINDOWS\system32\Restore
2010-04-15 17:39:00 ----D---- C:\WINDOWS\system32
2010-04-15 17:14:32 ----D---- C:\Program Files\Mozilla Thunderbird
2010-04-15 16:36:26 ----D---- C:\Program Files\BitLord
2010-04-15 06:23:28 ----HD---- C:\WINDOWS\inf
2010-04-15 06:23:09 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-15 06:22:45 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-15 06:22:40 ----D---- C:\WINDOWS\system32\drivers
2010-04-15 06:16:16 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-13 12:20:58 ----D---- C:\Filmy
2010-04-12 22:26:24 ----D---- C:\Hudba
2010-04-06 19:52:54 ----A---- C:\WINDOWS\system32\MRT.exe
2010-04-06 09:37:46 ----D---- C:\Program Files\Mozilla Firefox
2010-04-01 07:05:35 ----D---- C:\Program Files\Internet Explorer
2010-03-31 17:23:09 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-03-28 16:07:02 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-25 18:34:23 ----SHD---- C:\WINDOWS\Installer
2010-03-25 18:33:23 ----D---- C:\Program Files\Opera
2010-03-22 22:10:28 ----RD---- C:\Program Files
2010-03-22 22:10:28 ----HD---- C:\Program Files\InstallShield Installation Information
2010-03-19 21:38:17 ----D---- C:\VMWare
2010-03-16 22:42:28 ----D---- C:\Documents and Settings\Etruska\Data aplikací\Mozilla
2010-03-16 00:02:26 ----D---- C:\Documents and Settings\Etruska\Data aplikací\DAEMON Tools Pro
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-03-17 216200]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-03-17 29512]
R1 AvgTdiX;AVG Free Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-03-17 242696]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2006-03-02 39936]
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R2 hcmon;VMware hcmon; \??\C:\WINDOWS\system32\Drivers\hcmon.sys []
R2 VMnetBridge;VMware Bridge Protocol; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [2007-05-01 28592]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\WINDOWS\system32\drivers\vmnetuserif.sys []
R2 vmx86;VMware vmx86; \??\C:\WINDOWS\system32\Drivers\vmx86.sys []
R2 vstor2;Vstor2 Virtual Storage Driver; \??\C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys []
R2 vstor2-ws60;Vstor2 WS60 Virtual Storage Driver; \??\C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys []
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2006-03-02 60800]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2007-04-01 254872]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2007-03-13 44672]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2006-03-02 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-04-01 4484608]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2006-03-02 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-04-12 6738656]
R3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2006-03-02 26496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 vmkbd;VMware kbd; \??\C:\WINDOWS\system32\drivers\VMkbd.sys []
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys [2007-05-01 16816]
S3 an9g75e0;an9g75e0; C:\WINDOWS\system32\drivers\an9g75e0.sys []
S3 aumijp3a;aumijp3a; C:\WINDOWS\system32\drivers\aumijp3a.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\Etruska\LOCALS~1\Temp\catchme.sys []
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt []
S3 GMSIPCI;GMSIPCI; \??\I:\INSTALL\GMSIPCI.SYS []
S3 lgmcbus;LGE Mobile driver (WDM); C:\WINDOWS\system32\DRIVERS\lgmcbus.sys [2008-01-09 83584]
S3 MSICPL;MSICPL; \??\I:\install4\MSICPL.sys []
S3 NTACCESS;NTACCESS; \??\I:\NTACCESS.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\I:\NTGLM7X.sys []
S3 vmusb;VMware USB Client Driver; C:\WINDOWS\System32\Drivers\vmusb.sys [2007-05-01 30768]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apache2.2;Apache2.2; C:\server\Apache2\bin\httpd.exe [2009-09-28 24645]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 avg9emc;AVG Free E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-03-17 916760]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-03-17 308064]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 MySQL;MySQL; C:\server\mysql\bin\mysqld --defaults-file=C:\server\mysql\my.ini MySQL []
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-04-12 163908]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files\VMware\VMware Workstation\vmware-authd.exe [2007-05-01 109360]
R2 VMnetDHCP;VMware DHCP Service; C:\WINDOWS\system32\vmnetdhcp.exe [2007-05-01 121648]
R2 vmount2;VMware Virtual Mount Manager Extended; C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe [2007-03-23 269104]
R2 VMware NAT Service;VMware NAT Service; C:\WINDOWS\system32\vmnat.exe [2007-05-01 150320]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-01-22 545576]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-24 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ufad-ws60;VMware Agent Service; C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe [2007-04-09 187184]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by Etruska at 2010-04-15 18:51:13
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 128 GB (54%) free of 238 GB
Total RAM: 1006 MB (39% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:51:20, on 15.4.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
C:\server\Apache2\bin\httpd.exe
C:\Program Files\VMware\VMware Workstation\hqtray.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\server\mysql\bin\mysqld.exe
C:\server\Apache2\bin\ApacheMonitor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\server\Apache2\bin\httpd.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\system32\vmnat.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\QIP Infium\infium.exe
C:\Documents and Settings\Etruska\Plocha\RSIT.exe
C:\Documents and Settings\Etruska\Plocha\Etruska.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "c:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [vmware-tray] C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files\VMware\VMware Workstation\hqtray.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" -autorun
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Monitor Apache Servers.lnk = C:\server\Apache2\bin\ApacheMonitor.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP Infium\infium.exe (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{EFC8F911-F3B6-4304-A8A9-7F91579C54DB}: NameServer = 62.129.50.20,85.135.32.100
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Filter: application/xhtml+xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: application/xhtml+xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apache2.2 - Apache Software Foundation - C:\server\Apache2\bin\httpd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MySQL - Unknown owner - C:\server\mysql\bin\mysqld (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
--
End of file - 7925 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-12-21 61888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-04-05 1602912]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-04-01 16125440]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2007-04-01 2879488]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-04-12 8429568]
"nwiz"=nwiz.exe /install []
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-04-05 2064224]
"AdobeCS4ServiceManager"=c:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-11 417792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-01-22 141608]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"vmware-tray"=C:\Program Files\VMware\VMware Workstation\vmware-tray.exe [2007-05-01 68400]
"VMware hqtray"=C:\Program Files\VMware\VMware Workstation\hqtray.exe [2007-05-01 56112]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Pro Agent"=C:\Program Files\DAEMON Tools Pro\DTProAgent.exe [2009-12-18 427328]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2009-11-15 33120]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Monitor Apache Servers.lnk - C:\server\Apache2\bin\ApacheMonitor.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-03-17 12464]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"LegalNoticeText"=
"LegalNoticeCaption"=
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"C:\Program Files\BitLord\BitLord.exe"="C:\Program Files\BitLord\BitLord.exe:*:Enabled:BitLord"
"C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\QIP Infium\infium.exe"="C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\iPhone\TunnelierPortable\itunnel.exe"="C:\iPhone\TunnelierPortable\itunnel.exe:*:Enabled:itunnel"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{047b4200-275e-11df-a619-0019d1f7d720}]
shell\AutoRun\command - J:\DPFMate.exe
======File associations======
.js - open - "C:\Program Files\PSPad editor\PSPad.exe" "%1"
======List of files/folders created in the last 1 months======
2010-04-15 17:38:55 ----D---- C:\_OTL
2010-04-15 06:22:56 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-15 06:22:37 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-15 06:22:29 ----HDC---- C:\WINDOWS\$NtUninstallKB981350$
2010-04-15 06:18:28 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-15 06:18:07 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-15 06:17:57 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-15 06:17:49 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-04-15 06:16:52 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9L$
2010-04-13 06:49:20 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-04-01 07:05:20 ----HDC---- C:\WINDOWS\$NtUninstallKB980182$
2010-03-31 17:23:10 ----A---- C:\mbam-error.txt
2010-03-22 22:43:49 ----D---- C:\Sounds
2010-03-22 22:10:28 ----D---- C:\Program Files\LG Electronics
2010-03-22 22:07:59 ----A---- C:\WINDOWS\system32\NMSDVDXU.dll
2010-03-22 22:07:37 ----D---- C:\Documents and Settings\Etruska\Data aplikací\LG Electronics
2010-03-22 22:07:36 ----D---- C:\Program Files\LG PC Suite II
2010-03-22 22:07:10 ----D---- C:\Documents and Settings\Etruska\Data aplikací\InstallShield
2010-03-20 18:37:28 ----D---- C:\Program Files\PokerStars.NET
2010-03-20 00:58:16 ----D---- C:\Program Files\Alcohol Soft
2010-03-17 15:18:03 ----A---- C:\WINDOWS\system32\avgrsstx.dll
======List of files/folders modified in the last 1 months======
2010-04-15 18:51:18 ----D---- C:\WINDOWS\Prefetch
2010-04-15 18:43:29 ----D---- C:\WINDOWS\temp
2010-04-15 18:43:28 ----D---- C:\WINDOWS
2010-04-15 18:42:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\VMware
2010-04-15 18:41:59 ----D---- C:\Documents and Settings\Etruska\Data aplikací\VMware
2010-04-15 18:39:11 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-15 18:28:39 ----D---- C:\Počítač
2010-04-15 18:27:46 ----D---- C:\WINDOWS\Debug
2010-04-15 18:27:45 ----D---- C:\WINDOWS\Minidump
2010-04-15 17:40:08 ----D---- C:\WINDOWS\system32\Restore
2010-04-15 17:39:00 ----D---- C:\WINDOWS\system32
2010-04-15 17:14:32 ----D---- C:\Program Files\Mozilla Thunderbird
2010-04-15 16:36:26 ----D---- C:\Program Files\BitLord
2010-04-15 06:23:28 ----HD---- C:\WINDOWS\inf
2010-04-15 06:23:09 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-15 06:22:45 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-15 06:22:40 ----D---- C:\WINDOWS\system32\drivers
2010-04-15 06:16:16 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-13 12:20:58 ----D---- C:\Filmy
2010-04-12 22:26:24 ----D---- C:\Hudba
2010-04-06 19:52:54 ----A---- C:\WINDOWS\system32\MRT.exe
2010-04-06 09:37:46 ----D---- C:\Program Files\Mozilla Firefox
2010-04-01 07:05:35 ----D---- C:\Program Files\Internet Explorer
2010-03-31 17:23:09 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-03-28 16:07:02 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-25 18:34:23 ----SHD---- C:\WINDOWS\Installer
2010-03-25 18:33:23 ----D---- C:\Program Files\Opera
2010-03-22 22:10:28 ----RD---- C:\Program Files
2010-03-22 22:10:28 ----HD---- C:\Program Files\InstallShield Installation Information
2010-03-19 21:38:17 ----D---- C:\VMWare
2010-03-16 22:42:28 ----D---- C:\Documents and Settings\Etruska\Data aplikací\Mozilla
2010-03-16 00:02:26 ----D---- C:\Documents and Settings\Etruska\Data aplikací\DAEMON Tools Pro
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-03-17 216200]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-03-17 29512]
R1 AvgTdiX;AVG Free Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-03-17 242696]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2006-03-02 39936]
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R2 hcmon;VMware hcmon; \??\C:\WINDOWS\system32\Drivers\hcmon.sys []
R2 VMnetBridge;VMware Bridge Protocol; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [2007-05-01 28592]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\WINDOWS\system32\drivers\vmnetuserif.sys []
R2 vmx86;VMware vmx86; \??\C:\WINDOWS\system32\Drivers\vmx86.sys []
R2 vstor2;Vstor2 Virtual Storage Driver; \??\C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys []
R2 vstor2-ws60;Vstor2 WS60 Virtual Storage Driver; \??\C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys []
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2006-03-02 60800]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2007-04-01 254872]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2007-03-13 44672]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2006-03-02 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-04-01 4484608]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2006-03-02 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-04-12 6738656]
R3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2006-03-02 26496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 vmkbd;VMware kbd; \??\C:\WINDOWS\system32\drivers\VMkbd.sys []
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys [2007-05-01 16816]
S3 an9g75e0;an9g75e0; C:\WINDOWS\system32\drivers\an9g75e0.sys []
S3 aumijp3a;aumijp3a; C:\WINDOWS\system32\drivers\aumijp3a.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\Etruska\LOCALS~1\Temp\catchme.sys []
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt []
S3 GMSIPCI;GMSIPCI; \??\I:\INSTALL\GMSIPCI.SYS []
S3 lgmcbus;LGE Mobile driver (WDM); C:\WINDOWS\system32\DRIVERS\lgmcbus.sys [2008-01-09 83584]
S3 MSICPL;MSICPL; \??\I:\install4\MSICPL.sys []
S3 NTACCESS;NTACCESS; \??\I:\NTACCESS.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\I:\NTGLM7X.sys []
S3 vmusb;VMware USB Client Driver; C:\WINDOWS\System32\Drivers\vmusb.sys [2007-05-01 30768]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apache2.2;Apache2.2; C:\server\Apache2\bin\httpd.exe [2009-09-28 24645]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 avg9emc;AVG Free E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-03-17 916760]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-03-17 308064]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 MySQL;MySQL; C:\server\mysql\bin\mysqld --defaults-file=C:\server\mysql\my.ini MySQL []
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-04-12 163908]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files\VMware\VMware Workstation\vmware-authd.exe [2007-05-01 109360]
R2 VMnetDHCP;VMware DHCP Service; C:\WINDOWS\system32\vmnetdhcp.exe [2007-05-01 121648]
R2 vmount2;VMware Virtual Mount Manager Extended; C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe [2007-03-23 269104]
R2 VMware NAT Service;VMware NAT Service; C:\WINDOWS\system32\vmnat.exe [2007-05-01 150320]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-01-22 545576]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-24 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ufad-ws60;VMware Agent Service; C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe [2007-04-09 187184]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Zpomalení počítače a chybějící systémový soubor
Stáhněte T-Cleanerhttp://sweb.cz/Marinus/T-Cleaner.exe
- Spusťte, pro potvrzení volby mačkejte klávesu A, Enter
- Po použití program vymažte. Pozor,antiviry ho mohou falešně označit za vir.
Stáhněte a použijte http://oldtimer.geekstogo.com/TFC.exe Stáhněte OTC http://oldtimer.geekstogo.com/OTC.exe
- Spusťte.
- Klikněte na "CleanUp!". Potvrďte hlášky stiskem "Yes" (Bude následovat restart)
Doinstalujte SP3 http://www.viry.cz/forum/viewtopic.php?f=46&t=86100 Používáte AVG Internet Security nebo AVG Anti-Virus (bez firewallu) 
Re: Zpomalení počítače a chybějící systémový soubor
Tak jsem udělal všechno podle seznamu, tedy kromě instalace SP3. Ze začátku to vypadalo že to půjde celkem rychle, ale teď se to už 2 hodiny zastavilo na čištění počítače. Je to normální nebo je to nějaká chyba?
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Zpomalení počítače a chybějící systémový soubor
Nechal jsem to běžet celou noc a nic se nezměnilo, tak jsem restartoval počítač. Myslíte že bych to měl zkusit znovu?
Přispějete na provoz fóra?