prosim o kontrolu

[mikimr]

Prosim o kontrolu logu,dotycny tu mal nainstalovane 3 antviry, 2 som uz dal prec ale pc je stale spomaleny.
Urcite tu bude neake svinstvo.
NB mi dal kvoli tomu ze sa mu sam zapinal. Dakujem

Logfile of random's system information tool 1.06 (written by random/random)
Run by Milan at 2010-04-16 12:23:27
Microsoft® Windows Vista™ Home Basic
System drive C: has 5 GB (15%) free of 33 GB
Total RAM: 502 MB (15% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:32:52, on 16. 4. 2010
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.17037)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\eDSMSNfix.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Users\Milan\AppData\Local\Temp\RtkBtMnt.exe
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\System32\wsqmcons.exe
C:\Users\Milan\Documents\Downloads\RSIT.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\trend micro\Milan.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.us.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [eDSMSNfix] C:\Acer\Empowering Technology\eDSMSNfix.exe
O4 - HKLM\..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [AV7] C:\Program Files\AV7\antivirus7.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: eDataSecurity Service - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Služba Google Update (gupdate1ca49a34d83e9a0) (gupdate1ca49a34d83e9a0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7529 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-01-29 279664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-01-30 812528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-02-06 151552]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-01-29 279664]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-08-31 1006264]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2006-11-06 98304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2006-11-06 106496]
"Persistence"=C:\Windows\system32\igfxpers.exe [2006-11-06 81920]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-03-01 4390912]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-10-23 815104]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-02-07 464168]
"Acer Tour"= []
"eDSMSNfix"=C:\Acer\Empowering Technology\eDSMSNfix.exe [2007-02-09 13312]
"SetPanel"=C:\Acer\APanel\APanel.cmd []
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2006-12-09 614400]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-02-07 54832]
"WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344]
"eRecoveryService"= []
"Acer Tour Reminder"=C:\Acer\AcerTour\Reminder.exe [2007-01-17 151552]
"NWEReboot"= []
"MSSE"=C:\Program Files\Microsoft Security Essentials\msseces.exe [2010-02-21 1093208]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"Acer Tour Reminder"= []
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-03-27 39408]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-09-02 25623336]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-02 201728]
"AV7"=C:\Program Files\AV7\antivirus7.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="eNetHook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2006-11-06 212992]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{19638854-5331-11dc-a889-0016d4d83fba}]
shell\Auto\command - F:\Ghost.pif
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Ghost.pif

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dce39893-57ed-11dc-b724-0016d4d83fba}]
shell\AutoRun\command - F:\8xcrbho6.exe
shell\open\command - F:\8xcrbho6.exe


======List of files/folders created in the last 1 months======

2010-04-16 12:23:37 ----D---- C:\Program Files\trend micro
2010-04-16 12:23:27 ----D---- C:\rsit
2010-04-16 11:51:52 ----A---- C:\Windows\ntbtlog.txt
2010-04-02 19:44:31 ----N---- C:\Windows\system32\MpSigStub.exe
2010-04-02 19:36:29 ----D---- C:\Program Files\Microsoft Security Essentials
2010-04-02 11:48:19 ----D---- C:\ProgramData\Alwil Software
2010-04-02 11:48:19 ----D---- C:\Program Files\Alwil Software
2010-04-02 10:58:47 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
2010-04-02 10:23:41 ----D---- C:\Program Files\AV7
2010-04-02 06:04:16 ----A---- C:\Windows\system32\mshtml.dll
2010-04-02 06:04:12 ----A---- C:\Windows\system32\wininet.dll
2010-04-02 06:04:09 ----A---- C:\Windows\system32\ieframe.dll
2010-04-02 06:04:04 ----A---- C:\Windows\system32\urlmon.dll
2010-04-02 06:04:02 ----A---- C:\Windows\system32\mstime.dll
2010-04-02 06:03:58 ----A---- C:\Windows\system32\ieapfltr.dll
2010-04-02 06:03:54 ----A---- C:\Windows\system32\ie4uinit.exe
2010-04-02 06:03:51 ----A---- C:\Windows\system32\iertutil.dll
2010-04-02 06:03:50 ----A---- C:\Windows\system32\iedkcs32.dll
2010-04-02 06:03:49 ----A---- C:\Windows\system32\mshtmled.dll
2010-04-02 06:03:48 ----A---- C:\Windows\system32\icardie.dll
2010-04-02 06:03:48 ----A---- C:\Windows\system32\dxtmsft.dll
2010-04-02 06:03:47 ----A---- C:\Windows\system32\occache.dll
2010-04-02 06:03:46 ----A---- C:\Windows\system32\msfeeds.dll
2010-04-02 06:03:45 ----A---- C:\Windows\system32\ieaksie.dll
2010-04-02 06:03:44 ----A---- C:\Windows\system32\jsproxy.dll
2010-04-02 06:03:44 ----A---- C:\Windows\system32\iepeers.dll
2010-04-02 06:03:43 ----A---- C:\Windows\system32\pngfilt.dll
2010-04-02 06:03:42 ----A---- C:\Windows\system32\dxtrans.dll
2010-04-02 06:03:41 ----A---- C:\Windows\system32\advpack.dll
2010-04-02 06:03:40 ----A---- C:\Windows\system32\iernonce.dll
2010-04-02 06:03:39 ----A---- C:\Windows\system32\ieencode.dll
2010-04-02 06:03:38 ----A---- C:\Windows\system32\ieUnatt.exe
2010-04-02 06:03:35 ----A---- C:\Windows\system32\admparse.dll
2010-04-02 06:03:33 ----A---- C:\Windows\system32\ieui.dll
2010-04-02 06:03:32 ----A---- C:\Windows\system32\iesetup.dll
2010-04-02 06:03:28 ----A---- C:\Windows\system32\ieakui.dll
2010-04-02 06:03:27 ----A---- C:\Windows\system32\mshtmler.dll

======List of files/folders modified in the last 1 months======

2010-04-16 12:32:46 ----D---- C:\Windows\Temp
2010-04-16 12:28:03 ----SHD---- C:\System Volume Information
2010-04-16 12:23:37 ----RD---- C:\Program Files
2010-04-16 12:15:56 ----D---- C:\Users\Milan\AppData\Roaming\Skype
2010-04-16 12:07:31 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-04-16 12:06:17 ----D---- C:\Windows\system32\drivers
2010-04-16 12:06:16 ----D---- C:\ProgramData\Symantec
2010-04-16 12:05:25 ----SHD---- C:\Windows\Installer
2010-04-16 12:01:42 ----D---- C:\Windows\System32
2010-04-16 11:51:52 ----D---- C:\Windows
2010-04-16 11:26:17 ----D---- C:\Users\Milan\AppData\Roaming\skypePM
2010-04-10 15:03:24 ----D---- C:\Windows\Prefetch
2010-04-10 10:42:10 ----D---- C:\ProgramData\Microsoft Help
2010-04-07 16:22:16 ----RSD---- C:\Windows\assembly
2010-04-07 16:17:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-04-07 16:16:59 ----D---- C:\Windows\inf
2010-04-07 16:15:27 ----D---- C:\Program Files\Common Files\microsoft shared
2010-04-07 16:13:13 ----D---- C:\Program Files\Microsoft SQL Server
2010-04-07 16:11:59 ----D---- C:\Windows\registration
2010-04-06 07:44:06 ----D---- C:\Windows\winsxs
2010-04-03 12:57:16 ----D---- C:\Windows\system32\catroot2
2010-04-02 19:37:13 ----D---- C:\Windows\system32\catroot
2010-04-02 19:37:08 ----SD---- C:\ProgramData\Microsoft
2010-04-02 18:15:54 ----D---- C:\Windows\Tasks
2010-04-02 18:11:17 ----HD---- C:\ProgramData
2010-04-02 12:49:59 ----SD---- C:\Users\Milan\AppData\Roaming\Microsoft
2010-04-02 11:21:41 ----D---- C:\Program Files\Internet Explorer
2010-04-02 11:21:40 ----D---- C:\Windows\system32\migration
2010-04-02 11:21:38 ----D---- C:\Windows\AppPatch
2010-03-31 02:55:16 ----D---- C:\Windows\system32\config
2010-03-31 02:55:09 ----D---- C:\Windows\system32\spool
2010-03-31 02:55:05 ----D---- C:\Windows\system32\wbem
2010-03-30 01:00:31 ----D---- C:\Windows\system32\LogFiles

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys [2006-11-03 20112]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2009-12-02 149040]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl [2006-11-02 13560]
R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 76584]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-05 8192]
R3 BCM43XX;Broadcom 802.11 - ovládač sieťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-12-19 534016]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2006-11-02 45056]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-03 21264]
R3 EMSCR;EMSCR; C:\Windows\system32\DRIVERS\EMS7SK.sys [2006-10-25 62208]
R3 ESDCR;ESDCR; C:\Windows\system32\DRIVERS\ESD7SK.sys [2006-10-25 42240]
R3 ESMCR;ESMCR; C:\Windows\system32\DRIVERS\ESM7SK.sys [2006-10-25 76928]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-11-09 986624]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-11-09 206848]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-11-06 1473024]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-03-01 1744928]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-05-15 6144]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2007-08-31 82432]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-10-23 179896]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-11-09 659968]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-11-06 1473024]
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2009-12-02 42368]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2006-11-02 71552]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]
S4 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 eDataSecurity Service;eDataSecurity Service; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-02-07 457512]
R2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2006-12-22 24576]
R2 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2006-12-28 126976]
R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-01-31 53248]
R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-04-24 24576]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 107008]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2009-12-09 17904]
R2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-02-07 266343]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
R2 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-01-02 135168]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-08-05 386560]
S2 gupdate1ca49a34d83e9a0;Služba Google Update (gupdate1ca49a34d83e9a0); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-10 133104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-22 182768]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]

-----------------EOF-----------------

[Clier]

Odinstaluj google a yahoo toolbar, zbytečně zpomalují PC....

[Caroprd111]

Zdravím



Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy.


Vložte do PC všechny flash disky, které používáte.

Stáhněte na plochu UsbFix http://pagesperso-orange.fr/NosTools/Ch ... UsbFix.exe

• Spusťte, poté zvolte jazyk E - Enter
• Zvolte 2 - Enter (je možný restart PC)
• Po dokončení na Vás vyskočí log, vložte mi ho sem, případně ho najdete v C:\UsbFix.txt

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe

• Spusťte program, poté klikněte na Prohledat
• Po dokončení, sem vložte logy OTL.Txt a Extras.txt

[mikimr]

Pridavne zariadenia ktore pouziva nemam. Prikladam log.


############################## | UsbFix V6.104 |

User : Milan (Administrators) # MILAN-PC
Update on 14/04/2010 by El Desaparecido , C_XX & Chimay8
Start at: 14:49:46 | 16. 4. 2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Celeron(R) M CPU 440 @ 1.86GHz
Microsoft® Windows Vista™ Home Basic (6.0.6000 32-bit) #
Internet Explorer 7.0.6000.17037
Windows Firewall Status : Enabled
AV : Microsoft Security Essentials 2.1.6519.0 [ Enabled | Updated ]

C:\ -> Local Fixed Disk # 32,52 Go (4,68 Go free) [ACER] # NTFS
D:\ -> Local Fixed Disk # 32,25 Go (23,63 Go free) [DATA] # NTFS
E:\ -> CD-ROM Disc

################## | Files # Infected Folders |

Deleted ! C:\$Recycle.Bin\S-1-5-21-787756271-3231562560-470489000-1003
Deleted ! D:\$Recycle.Bin\S-1-5-21-787756271-3231562560-470489000-1003

################## | Registry |


################## | Mountpoints2 |

Deleted ! HKCU\...\Explorer\MountPoints2\{19638854-5331-11dc-a889-0016d4d83fba}\Shell\Auto\Command
Deleted ! HKCU\...\Explorer\MountPoints2\{dce39893-57ed-11dc-b724-0016d4d83fba}\Shell\AutoRun\Command

################## | Listing of the present files |

[15. 05. 2007 21:12|--a------|3380] C:\-20070515.log
[18. 09. 2006 23:43|--a------|24] C:\autoexec.bat
[02. 11. 2006 11:53|-rahs----|438840] C:\bootmgr
[16. 05. 2007 05:00|-ra-s----|8192] C:\BOOTSECT.BAK
[18. 09. 2006 23:43|--a------|10] C:\config.sys
[02. 04. 2010 17:48|-rahs----|0] C:\IO.SYS
[02. 04. 2010 17:48|-rahs----|0] C:\MSDOS.SYS
[?|?|?] C:\pagefile.sys
[11. 01. 2007 01:52|---------|631] C:\PDVD.iss
[15. 05. 2007 20:38|--a------|420] C:\RHDSetup.log
[15. 05. 2007 21:04|--a------|178] C:\setup.log
[16. 04. 2010 14:54|--a------|1759] C:\UsbFix.txt

################## | Vaccination |

# C:\autorun.inf -> Autorun.inf created by UsbFix (El Desaparecido).
# D:\autorun.inf -> Autorun.inf created by UsbFix (El Desaparecido).

################## | Upload |

Please send the file : C:\UsbFix_Upload_Me_Milan-PC.zip : http://chiquitine.changelog.fr/Sample/Upload.php
Thank you for your contribution .

################## | ! End of report # UsbFix V6.104 ! |

[Caroprd111]

OK, ještě OTL.

[mikimr]

OTL

OTL logfile created on: 16. 4. 2010 15:06:59 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Users\Milan\Documents\Downloads
Windows Vista Home Basic Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 0000041B | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

502,00 Mb Total Physical Memory | 181,00 Mb Available Physical Memory | 36,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 38,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 32,52 Gb Total Space | 4,67 Gb Free Space | 14,37% Space Free | Partition Type: NTFS
Drive D: | 32,25 Gb Total Space | 23,63 Gb Free Space | 73,29% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MILAN-PC
Current User Name: Milan
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/04/16 15:05:36 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Users\Milan\Documents\Downloads\OTL.exe
PRC - [2010/03/28 05:13:16 | 000,530,416 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2009/12/09 18:02:38 | 000,017,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2009/03/23 08:28:11 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/11/24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008/11/24 22:31:10 | 029,263,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2008/11/24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2007/04/24 19:17:34 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
PRC - [2007/02/09 06:35:54 | 000,397,312 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
PRC - [2007/02/07 00:04:26 | 000,457,512 | ---- | M] (HiTRSUT) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
PRC - [2007/01/31 18:18:42 | 000,053,248 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2007/01/10 16:20:34 | 000,462,848 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2007/01/02 09:33:24 | 000,135,168 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
PRC - [2006/12/28 20:07:22 | 000,724,992 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNMTray.exe
PRC - [2006/12/28 20:07:22 | 000,126,976 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe
PRC - [2006/12/22 14:43:18 | 000,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
PRC - [2006/11/24 12:57:54 | 000,107,008 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe
PRC - [2006/11/02 11:45:37 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe
PRC - [2006/11/02 11:45:21 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
PRC - [2006/11/02 11:45:21 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe
PRC - [2006/11/02 11:44:59 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
PRC - [2006/11/02 11:44:59 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe


========== Modules (SafeList) ==========

MOD - [2010/04/16 15:05:36 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Users\Milan\Documents\Downloads\OTL.exe
MOD - [2006/12/28 20:07:22 | 000,090,112 | ---- | M] (acer) -- C:\Windows\System32\eNetHook.dll
MOD - [2006/11/02 11:46:12 | 000,409,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
MOD - [2006/11/02 11:46:05 | 001,139,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
MOD - [2006/11/02 11:42:17 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\odbcint.dll
MOD - [2006/11/02 11:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
MOD - [2006/09/04 10:41:14 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\SysHook.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/12/09 18:02:38 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2008/11/24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008/11/24 22:31:10 | 029,263,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSMLBIZ) SQL Server (MSSMLBIZ)
SRV - [2008/11/24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2008/11/24 22:31:08 | 000,045,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2007/08/31 19:34:54 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/04/24 19:17:34 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService)
SRV - [2007/02/07 00:04:26 | 000,457,512 | ---- | M] (HiTRSUT) [Auto | Running] -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe -- (eDataSecurity Service)
SRV - [2007/01/31 18:18:42 | 000,053,248 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)
SRV - [2007/01/02 09:33:24 | 000,135,168 | ---- | M] (acer) [Auto | Running] -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService)
SRV - [2006/12/28 20:07:22 | 000,126,976 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service)
SRV - [2006/12/22 14:43:18 | 000,024,576 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService)
SRV - [2006/11/24 12:57:54 | 000,107,008 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)
SRV - [2006/11/02 14:34:58 | 000,122,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)


========== Driver Services (SafeList) ==========

DRV - [2009/12/02 15:23:40 | 000,149,040 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\MpFilter.sys -- (MpFilter)
DRV - [2009/12/02 15:23:40 | 000,042,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2007/05/15 21:03:10 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2007/03/01 10:21:10 | 001,744,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/02/07 00:04:54 | 000,016,680 | ---- | M] (HiTRUST) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PSDNServ.sys -- (PSDNServ)
DRV - [2007/02/07 00:04:50 | 000,060,712 | ---- | M] (HiTRUST) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\psdvdisk.sys -- (psdvdisk)
DRV - [2007/02/07 00:04:48 | 000,020,264 | ---- | M] (HiTRUST) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\psdfilter.sys -- (PSDFilter)
DRV - [2006/12/19 06:18:28 | 000,534,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2006/12/07 18:12:02 | 000,076,584 | ---- | M] () [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
DRV - [2006/11/09 01:55:10 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/11/09 01:53:58 | 000,206,848 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2006/11/09 01:53:48 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006/11/06 04:29:14 | 001,473,024 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2006/11/06 04:29:14 | 001,473,024 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm)
DRV - [2006/11/03 06:29:38 | 000,021,264 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\DKbFltr.sys -- (DKbFltr)
DRV - [2006/11/03 06:27:36 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)
DRV - [2006/11/02 16:51:58 | 000,013,560 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD\000.fcl -- ({95808DC4-FA4A-4c74-92FE-5B863F82066B})
DRV - [2006/11/02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 10:55:04 | 000,071,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2006/11/02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 09:41:49 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2006/11/02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006/11/02 09:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/10/25 08:36:48 | 000,042,240 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ESD7SK.sys -- (ESDCR)
DRV - [2006/10/25 08:36:44 | 000,076,928 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ESM7SK.sys -- (ESMCR)
DRV - [2006/10/25 08:36:36 | 000,062,208 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\EMS7SK.sys -- (EMSCR)
DRV - [2006/10/23 05:17:32 | 000,179,896 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2006/08/05 02:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.us.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searc ... 8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O4 - HKLM..\Run: [Acer Tour] File not found
O4 - HKLM..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (Acer Inc.)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST)
O4 - HKLM..\Run: [eDSMSNfix] C:\Acer\Empowering Technology\eDSMSNfix.exe (HiTRUST co.)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NWEReboot] File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd File not found
O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Acer Tour Reminder] File not found
O4 - HKCU..\Run: [AV7] C:\Program Files\AV7\antivirus7.exe File not found
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (eNetHook.dll) - C:\Windows\System32\eNetHook.dll (acer)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Milan\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta programu Windows Fotogaléria.jpg
O24 - Desktop BackupWallPaper: C:\Users\Milan\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta programu Windows Fotogaléria.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/04/16 14:54:15 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/04/16 14:54:15 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/04/16 14:54:15 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2010/04/16 14:40:45 | 000,000,000 | ---D | C] -- C:\UsbFix
[2010/04/16 14:37:29 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/04/16 14:36:46 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2010/04/16 12:23:37 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010/04/16 12:23:27 | 000,000,000 | ---D | C] -- C:\rsit
[2010/04/02 19:44:31 | 000,181,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/04/02 19:36:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010/04/02 11:48:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010/04/02 11:48:19 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/04/02 10:58:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2010/04/02 10:23:41 | 000,000,000 | ---D | C] -- C:\Program Files\AV7
[2010/04/02 06:04:03 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/04/02 06:04:02 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/04/02 06:03:58 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010/04/02 06:03:54 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/04/02 06:03:53 | 001,830,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/04/02 06:03:50 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/04/02 06:03:48 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2010/04/02 06:03:46 | 000,459,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/04/02 06:03:45 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010/04/02 06:03:44 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/04/02 06:03:44 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/04/02 06:03:43 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2010/04/02 06:03:42 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2010/04/02 06:03:40 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/04/02 06:03:39 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2010/04/02 06:03:38 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/04/02 06:03:35 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2010/04/02 06:03:33 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/04/02 06:03:32 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/04/02 06:03:29 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/04/02 06:03:28 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2010/04/02 06:03:27 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2007/05/15 21:06:53 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll

========== Files - Modified Within 30 Days ==========

[2010/04/16 15:06:47 | 002,097,152 | -HS- | M] () -- C:\Users\Milan\ntuser.dat
[2010/04/16 14:56:08 | 000,001,000 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/04/16 14:54:17 | 000,001,257 | ---- | M] () -- C:\UsbFix_Upload_Me_Milan-PC.zip
[2010/04/16 14:49:51 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/04/16 14:49:51 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/04/16 14:49:13 | 000,000,996 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/04/16 14:48:04 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/04/16 14:46:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/04/16 14:39:36 | 001,777,625 | ---- | M] () -- C:\Users\Milan\Desktop\UsbFix.exe
[2010/04/16 14:37:39 | 000,001,674 | ---- | M] () -- C:\Users\Milan\Desktop\CCleaner.lnk
[2010/04/16 14:36:57 | 000,001,706 | ---- | M] () -- C:\Users\Milan\Desktop\Defraggler.lnk
[2010/04/16 12:06:40 | 000,524,288 | -HS- | M] () -- C:\Users\Milan\ntuser.dat{905a878c-493d-11df-b599-0016d4d83fba}.TMContainer00000000000000000002.regtrans-ms
[2010/04/16 12:06:40 | 000,524,288 | -HS- | M] () -- C:\Users\Milan\ntuser.dat{905a878c-493d-11df-b599-0016d4d83fba}.TMContainer00000000000000000001.regtrans-ms
[2010/04/16 12:06:40 | 000,065,536 | -HS- | M] () -- C:\Users\Milan\ntuser.dat{905a878c-493d-11df-b599-0016d4d83fba}.TM.blf
[2010/04/16 12:01:42 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010/04/07 16:17:00 | 000,726,718 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/04/07 16:17:00 | 000,656,850 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/04/07 16:17:00 | 000,121,446 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/04/02 19:36:31 | 000,000,958 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010/04/02 17:48:59 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/04/02 17:48:59 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/04/02 10:24:24 | 000,000,779 | ---- | M] () -- C:\Users\Milan\Desktop\Antivirus7.lnk
[2010/04/01 20:03:40 | 000,001,975 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

========== Files Created - No Company Name ==========

[2010/04/16 14:54:17 | 000,001,257 | ---- | C] () -- C:\UsbFix_Upload_Me_Milan-PC.zip
[2010/04/16 14:39:20 | 001,777,625 | ---- | C] () -- C:\Users\Milan\Desktop\UsbFix.exe
[2010/04/16 14:37:39 | 000,001,674 | ---- | C] () -- C:\Users\Milan\Desktop\CCleaner.lnk
[2010/04/16 14:36:57 | 000,001,706 | ---- | C] () -- C:\Users\Milan\Desktop\Defraggler.lnk
[2010/04/16 11:54:06 | 000,524,288 | -HS- | C] () -- C:\Users\Milan\ntuser.dat{905a878c-493d-11df-b599-0016d4d83fba}.TMContainer00000000000000000002.regtrans-ms
[2010/04/16 11:54:06 | 000,524,288 | -HS- | C] () -- C:\Users\Milan\ntuser.dat{905a878c-493d-11df-b599-0016d4d83fba}.TMContainer00000000000000000001.regtrans-ms
[2010/04/16 11:54:06 | 000,065,536 | -HS- | C] () -- C:\Users\Milan\ntuser.dat{905a878c-493d-11df-b599-0016d4d83fba}.TM.blf
[2010/04/02 19:36:31 | 000,000,958 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010/04/02 17:48:59 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/04/02 17:48:59 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/04/02 10:24:24 | 000,000,779 | ---- | C] () -- C:\Users\Milan\Desktop\Antivirus7.lnk
[2010/03/07 11:43:47 | 001,048,576 | -HS- | C] () -- C:\Users\Milan\NTUSER.DAT{d8932e6c-6a6f-11db-b6ab-a038f15a5785}.TxR.2.regtrans-ms
[2010/03/07 11:43:47 | 001,048,576 | -HS- | C] () -- C:\Users\Milan\NTUSER.DAT{d8932e6c-6a6f-11db-b6ab-a038f15a5785}.TxR.1.regtrans-ms
[2010/03/07 11:43:46 | 001,048,576 | -HS- | C] () -- C:\Users\Milan\NTUSER.DAT{d8932e6c-6a6f-11db-b6ab-a038f15a5785}.TxR.0.regtrans-ms
[2010/03/07 11:43:46 | 000,065,536 | -HS- | C] () -- C:\Users\Milan\NTUSER.DAT{d8932e6c-6a6f-11db-b6ab-a038f15a5785}.TxR.blf
[2009/10/10 14:23:51 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/03/12 14:37:14 | 000,026,340 | ---- | C] () -- C:\Users\Milan\AppData\Roaming\UserTile.png
[2007/10/11 19:24:01 | 000,053,248 | ---- | C] () -- C:\Windows\unrar.dll
[2007/08/18 17:45:34 | 000,031,232 | ---- | C] () -- C:\Users\Milan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/08/18 06:38:23 | 000,000,030 | ---- | C] () -- C:\Windows\SETPANEL.INI
[2007/08/18 06:38:22 | 000,000,092 | ---- | C] () -- C:\Windows\CLEANUP.INI
[2007/08/17 15:59:53 | 000,000,037 | ---- | C] () -- C:\Windows\Acer.ini
[2007/08/17 15:58:39 | 002,097,152 | -HS- | C] () -- C:\Users\Milan\ntuser.dat
[2007/08/17 15:58:39 | 000,524,288 | -HS- | C] () -- C:\Users\Milan\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000002.regtrans-ms
[2007/08/17 15:58:39 | 000,524,288 | -HS- | C] () -- C:\Users\Milan\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms
[2007/08/17 15:58:39 | 000,262,144 | -H-- | C] () -- C:\Users\Milan\ntuser.dat.LOG2
[2007/08/17 15:58:39 | 000,262,144 | -H-- | C] () -- C:\Users\Milan\ntuser.dat.LOG1
[2007/08/17 15:58:39 | 000,065,536 | -HS- | C] () -- C:\Users\Milan\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TM.blf
[2007/08/17 15:58:39 | 000,000,020 | -HS- | C] () -- C:\Users\Milan\ntuser.ini
[2007/05/16 07:40:42 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2007/05/16 05:00:08 | 000,000,115 | ---- | C] () -- C:\Windows\Alaunch.ini
[2007/05/16 05:00:03 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1114.dll
[2007/05/16 05:00:03 | 000,053,248 | ---- | C] () -- C:\Windows\System32\oemdspif.dll
[2007/05/16 05:00:01 | 000,077,824 | ---- | C] () -- C:\Windows\System32\hccutils.dll
[2007/05/16 05:00:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/05/15 21:18:25 | 000,076,584 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys
[2007/05/15 21:18:25 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2007/05/15 21:17:29 | 000,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll
[2007/05/15 21:06:53 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll
[2007/05/15 20:46:10 | 000,356,352 | ---- | C] () -- C:\Windows\EMCRI.dll
[2007/05/15 20:37:50 | 000,001,132 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2007/02/06 23:58:10 | 000,204,800 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll
[2007/02/06 23:57:58 | 000,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll
[2007/02/06 23:57:20 | 000,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll
[2007/02/06 23:56:30 | 000,028,672 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll
[2007/02/06 23:56:28 | 000,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll
[2007/02/06 23:52:08 | 000,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll
[2006/12/25 15:44:48 | 000,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll
[2006/11/02 12:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001/12/26 15:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/03 22:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 15:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/23 21:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
< End of report >

[mikimr]

Extras

OTL Extras logfile created on: 16. 4. 2010 15:07:00 - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Users\Milan\Documents\Downloads
Windows Vista Home Basic Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 0000041B | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

502,00 Mb Total Physical Memory | 181,00 Mb Available Physical Memory | 36,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 38,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 32,52 Gb Total Space | 4,67 Gb Free Space | 14,37% Space Free | Partition Type: NTFS
Drive D: | 32,25 Gb Total Space | 23,63 Gb Free Space | 73,29% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MILAN-PC
Current User Name: Milan
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{B68FCB17-D619-4791-B3D0-E236D4BC8F0A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{7015CDA7-3BE3-43A6-8FC4-7D09A87C931C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AE3E1456-FA89-486B-93BD-6DD8BF497B13}" = protocol=17 | dir=in | app=c:\users\milan\appdata\local\temp\7zs3477.tmp\symnrt.exe |
"{BC400C11-EDB6-48C1-9CC3-8F293E02BDC3}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe |
"{EC2D5964-6DC6-463D-9D2D-5CF6EF8DF14B}" = protocol=6 | dir=in | app=c:\users\milan\appdata\local\temp\7zs3477.tmp\symnrt.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{1AEC7728-1640-4E98-AABC-5EBE3FB57FE4}" = SMSC Fast Infrared Driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2A6450FE-4C8C-4333-8D7F-63E3A1DF59A5}_is1" = GTR
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City
"{4D719053-5593-11D3-8F25-0060085C1758}" = Microsoft AutoRoute 2001
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{544057C9-3309-4205-8545-E15E00C9351C}" = GameShadow
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67ADE9AF-5CD9-4089-8825-55DE4B366799}" = NTI Backup NOW! 4.7
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7B1AF68B-4606-4152-9991-1E9D4FF5F0FA}" = Microsoft Antimalware Service CS-CZ Language Pack
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour
"{9455959E-D588-EFAE-329C-F66CC797F32A}" = Adobe Media Player
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{AEEAE013-92F1-4515-B278-139F1A692A36}" = Acer eDataSecurity Management
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{E590FD1C-E8C6-4D2E-8CA9-77B403F7EE01}" = Microsoft Antimalware
"{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AtomixMP3 v2.2" = AtomixMP3 v2.2
"Business Contact Manager for Outlook 2007" = Business Contact Manager for Outlook 2007
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"Codename: Outbreak" = Codename: Outbreak
"Defraggler" = Defraggler
"Diamond Caves II" = Diamond Caves II
"FA-18 Operation Iraqi Freedom DemoVersion 1.0" = FA-18 Operation Iraqi Freedom Demo
"Google Chrome" = Google Chrome
"GridVista" = Acer GridVista
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"LManager" = Launch Manager
"Microsoft Security Essentials" = Microsoft Security Essentials
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Postal 2" = Postal 2
"PROHYBRIDR" = 2007 Microsoft Office system
"RadLight 4.0" = RadLight 4.0 FINAL
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Test Drive 5 Demo" = Test Drive 5 Demo
"TS Dějepis" = TS Dějepis
"WinRAR archiver" = WinRAR

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 13. 4. 2010 10:32:59 | Computer Name = Milan-PC | Source = Google Update | ID = 20
Description =

Error - 14. 4. 2010 6:51:42 | Computer Name = Milan-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description =

Error - 14. 4. 2010 6:56:30 | Computer Name = Milan-PC | Source = Google Update | ID = 20
Description =

Error - 14. 4. 2010 7:31:27 | Computer Name = Milan-PC | Source = Application Error | ID = 1000
Description = Chybová aplikácia iexplore.exe, verzia 7.0.6000.17037, časová značka
0x4b9658a0, chybový modul kernel32.dll, verzia 6.0.6000.16820, časová značka 0x49952034,
kód výnimky 0x0eedfade, odstup chyby 0x0001b09e, identifikácia procesu 0x1e08, čas
spustenia aplikácie 0x01cadbc2e892e5c0.

Error - 16. 4. 2010 5:26:41 | Computer Name = Milan-PC | Source = Google Update | ID = 20
Description =

Error - 16. 4. 2010 5:34:14 | Computer Name = Milan-PC | Source = Google Update | ID = 20
Description =

Error - 16. 4. 2010 5:46:54 | Computer Name = Milan-PC | Source = Application Hang | ID = 1002
Description = The program {5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}.exe version 10.1.0.26
stopped interacting with Windows and was closed. To see if more information about
the problem is available, check the problem history in the Problem Reports and
Solutions control panel. Process ID: 9c0 Start Time: 01cadd477accc0fb Termination Time:
572

Error - 16. 4. 2010 5:54:20 | Computer Name = Milan-PC | Source = EventSystem | ID = 4609
Description =

Error - 16. 4. 2010 6:12:53 | Computer Name = Milan-PC | Source = Google Update | ID = 20
Description =

Error - 16. 4. 2010 6:17:57 | Computer Name = Milan-PC | Source = Google Update | ID = 20
Description =

[ System Events ]
Error - 16. 4. 2010 6:30:20 | Computer Name = Milan-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 16. 4. 2010 6:30:21 | Computer Name = Milan-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 16. 4. 2010 6:30:59 | Computer Name = Milan-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 16. 4. 2010 6:31:03 | Computer Name = Milan-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 16. 4. 2010 6:54:54 | Computer Name = Milan-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 16. 4. 2010 6:54:57 | Computer Name = Milan-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 16. 4. 2010 6:54:57 | Computer Name = Milan-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 16. 4. 2010 8:44:27 | Computer Name = Milan-PC | Source = Service Control Manager | ID = 7043
Description =

Error - 16. 4. 2010 8:47:47 | Computer Name = Milan-PC | Source = Microsoft Antimalware | ID = 3002
Description = %%861 Real-Time Protection feature has encountered an error and failed.

Feature:
%%835 Error Code: 0x80004005 Error description: Neznáma chyba Reason: %%842

Error - 16. 4. 2010 8:54:12 | Computer Name = Milan-PC | Source = Service Control Manager | ID = 7022
Description =


< End of report >

[Caroprd111]

Spusťte OTL a do spodního okna vložte následující skript.

Kód: Vybrat vše

:OTL
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - No CLSID value found.
O4 - HKLM..\Run: [Acer Tour] File not found
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [NWEReboot] File not found
O4 - HKLM..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd File not found
O4 - HKCU..\Run: [Acer Tour Reminder] File not found
O4 - HKCU..\Run: [AV7] C:\Program Files\AV7\antivirus7.exe File not found
O13 - gopher Prefix: missing
[2010/04/02 10:23:41 | 000,000,000 | ---D | C] -- C:\Program Files\AV7
[2010/04/16 14:49:51 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/04/16 14:49:51 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/04/02 10:24:24 | 000,000,779 | ---- | M] () -- C:\Users\Milan\Desktop\Antivirus7.lnk

:Commands
[PURITY] 
[EMPTYTEMP] 
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[CREATERESTOREPOINT]

Poté klikněte na Opravit, PC se restartuje, log vložte sem.



Tohle otestujte na http://www.virustotal.com/cs/
C:\Windows\EMCRI.dll
C:\Windows\System32\Hmpg12.dll
C:\Windows\System32\HMPV2_ENC.dll

(Soubor nehledejte, jenom vložíte tučně označenou cestu, v případě hlášky "Soubor již byl testován" dejte otestovat znovu. Výsledek analýzy sem v podobě odkazu vložte.)

[mikimr]

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Acer Tour deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\eRecoveryService deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NWEReboot deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SetPanel deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Acer Tour Reminder deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AV7 deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
C:\Program Files\AV7 folder moved successfully.
File move failed. C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 scheduled to be moved on reboot.
File move failed. C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 scheduled to be moved on reboot.
C:\Users\Milan\Desktop\Antivirus7.lnk moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Milan
->Temp folder emptied: 133058733 bytes
->Temporary Internet Files folder emptied: 760526017 bytes
->Google Chrome cache emptied: 25528192 bytes
->Flash cache emptied: 68138 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1519095589 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 11950601 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 2 337,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Milan
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

Error: Unable to interpret <[CLEARALLRESTOREPOINTS> in the current context!

OTL by OldTimer - Version 3.2.1.1 log created on 04162010_154946

Files\Folders moved on Reboot...
File move failed. C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 scheduled to be moved on reboot.
File move failed. C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 scheduled to be moved on reboot.

Registry entries deleted on Reboot...

[Caroprd111]

Ok, ještě ten virustotal.

[mikimr]

Soubor EMCRI.dll přijatý 2010.04.16 14:12:30 (UTC)
Současný stav: Dokončeno
Výsledek: 0/39 (0%)
Formátované
Vytisknout výsledky
Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.04.16 -
AhnLab-V3 5.0.0.2 2010.04.16 -
AntiVir 7.10.6.114 2010.04.16 -
Antiy-AVL 2.0.3.7 2010.04.16 -
Authentium 5.2.0.5 2010.04.16 -
Avast 4.8.1351.0 2010.04.16 -
Avast5 5.0.332.0 2010.04.16 -
AVG 9.0.0.787 2010.04.16 -
BitDefender 7.2 2010.04.16 -
CAT-QuickHeal 10.00 2010.04.16 -
ClamAV 0.96.0.3-git 2010.04.16 -
Comodo 4615 2010.04.16 -
eSafe 7.0.17.0 2010.04.15 -
eTrust-Vet 35.2.7429 2010.04.16 -
F-Prot 4.5.1.85 2010.04.16 -
F-Secure 9.0.15370.0 2010.04.16 -
Fortinet 4.0.14.0 2010.04.16 -
GData 19 2010.04.16 -
Ikarus T3.1.1.80.0 2010.04.16 -
Jiangmin 13.0.900 2010.04.16 -
Kaspersky 7.0.0.125 2010.04.16 -
McAfee 5.400.0.1158 2010.04.16 -
McAfee-GW-Edition 6.8.5 2010.04.16 -
Microsoft 1.5605 2010.04.16 -
NOD32 5033 2010.04.16 -
Norman 6.04.11 2010.04.16 -
nProtect 2010-04-16.01 2010.04.16 -
Panda 10.0.2.7 2010.04.15 -
PCTools 7.0.3.5 2010.04.16 -
Prevx 3.0 2010.04.16 -
Rising 22.43.04.04 2010.04.16 -
Sophos 4.52.0 2010.04.16 -
Sunbelt 6183 2010.04.16 -
Symantec 20091.2.0.41 2010.04.16 -
TheHacker 6.5.2.0.262 2010.04.15 -
TrendMicro 9.120.0.1004 2010.04.15 -
VBA32 3.12.12.4 2010.04.15 -
ViRobot 2010.4.16.2280 2010.04.16 -
VirusBuster 5.0.27.0 2010.04.16 -
Rozšiřující informace
File size: 356352 bytes
MD5...: 13042baf118817dce360790db93fbe6e
SHA1..: b5d2f9f078f2ba492b5b5abd153c763043fd5db8
SHA256: b4d3664b2f04db5551487e9f66c9b322273530d3ff611945d1856c51bfafa36e
ssdeep: 3072:CcPP42x78F5RgGDW30xpkqlYOMXtZPVjZ5Xs:ZwVFrNikfNa1dVVFN
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x14d1
timedatestamp.....: 0x402c6577 (Fri Feb 13 05:49:43 2004)
machinetype.......: 0x14c (I386)

( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x626 0x1000 2.83 be7c2c71b550b116f0a672036399a5ea
.rdata 0x2000 0x562 0x1000 1.94 f00f9d855a11ec495c3cb8469f80a5ef
.data 0x3000 0x1234 0x1000 0.30 bc6700502578e65805b030363158d3b1
.rsrc 0x5000 0x51bd8 0x52000 3.17 ea31a7534aab507aa0600bde89cc1572
.reloc 0x57000 0x4cc 0x1000 0.91 265cd2b5976f75b2cd990a2a51378c71

( 3 imports )
> MFC42.DLL: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -
> MSVCRT.dll: __1type_info@@UAE@XZ, _adjust_fdiv, malloc, _initterm, free, _onexit, __dllonexit, __2@YAPAXI@Z, _EH_prolog, __CxxFrameHandler
> KERNEL32.dll: LocalFree, LocalAlloc

( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Dynamic Link Library (generic) (65.4%)
Generic Win/DOS Executable (17.2%)
DOS Executable Generic (17.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
sigcheck:
publisher....:
copyright....: Copyright (C) 2004
product......: EMCRI Dynamic Link Library
description..: EMCRI DLL
original name: EMCRI.DLL
internal name: EMCRI
file version.: 1, 0, 0, 1
comments.....:
signers......: -
signing date.: -
verified.....: Unsigned

[mikimr]

Soubor Hmpg12.dll přijatý 2010.04.16 14:18:11 (UTC)
Současný stav: Dokončeno
Výsledek: 0/40 (0%)
Formátované
Vytisknout výsledky
Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.04.16 -
AhnLab-V3 5.0.0.2 2010.04.16 -
AntiVir 7.10.6.114 2010.04.16 -
Antiy-AVL 2.0.3.7 2010.04.16 -
Authentium 5.2.0.5 2010.04.16 -
Avast 4.8.1351.0 2010.04.16 -
Avast5 5.0.332.0 2010.04.16 -
AVG 9.0.0.787 2010.04.16 -
BitDefender 7.2 2010.04.16 -
CAT-QuickHeal 10.00 2010.04.16 -
ClamAV 0.96.0.3-git 2010.04.16 -
Comodo 4615 2010.04.16 -
DrWeb 5.0.2.03300 2010.04.16 -
eSafe 7.0.17.0 2010.04.15 -
eTrust-Vet 35.2.7429 2010.04.16 -
F-Prot 4.5.1.85 2010.04.16 -
F-Secure 9.0.15370.0 2010.04.16 -
Fortinet 4.0.14.0 2010.04.16 -
GData 19 2010.04.16 -
Ikarus T3.1.1.80.0 2010.04.16 -
Jiangmin 13.0.900 2010.04.16 -
Kaspersky 7.0.0.125 2010.04.16 -
McAfee 5.400.0.1158 2010.04.16 -
McAfee-GW-Edition 6.8.5 2010.04.16 -
Microsoft 1.5605 2010.04.16 -
NOD32 5034 2010.04.16 -
Norman 6.04.11 2010.04.16 -
nProtect 2010-04-16.01 2010.04.16 -
Panda 10.0.2.7 2010.04.15 -
PCTools 7.0.3.5 2010.04.16 -
Prevx 3.0 2010.04.16 -
Rising 22.43.04.04 2010.04.16 -
Sophos 4.52.0 2010.04.16 -
Sunbelt 6183 2010.04.16 -
Symantec 20091.2.0.41 2010.04.16 -
TheHacker 6.5.2.0.262 2010.04.15 -
TrendMicro 9.120.0.1004 2010.04.15 -
VBA32 3.12.12.4 2010.04.15 -
ViRobot 2010.4.16.2280 2010.04.16 -
VirusBuster 5.0.27.0 2010.04.16 -
Rozšiřující informace
File size: 110592 bytes
MD5...: fe34d72fbd99a4cd761c6465bee74487
SHA1..: 2c50cea650e5b03fb15f617ffd64b2983679e337
SHA256: da58f72233de07bd549bd760f1630b9328c8da577475f18e930113c18d1a4026
ssdeep: 1536:pojbjBsfVZlkT53OemsdOTYo2LBApFeCoN4i9HYsEQqa:AbjBsVZ695ASBn
Co5
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0xa00e
timedatestamp.....: 0x3b944e9c (Tue Sep 04 03:46:36 2001)
machinetype.......: 0x14c (I386)

( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xe9e0 0xf000 6.44 22f7795f0afa1ea3b68d662c54ba8e8c
.rdata 0x10000 0xb7f 0x1000 4.42 3389eb66ed32a5d44ba0f0b0f3f564d6
.data 0x11000 0x961bc 0x7000 4.98 f4884a5b879b07601442654409b7da0b
.data1 0xa8000 0x1c0 0x1000 0.29 2bd6aa7a8410609f542b689a199083ba
.reloc 0xa9000 0x13b8 0x2000 3.47 0c0482393907587a72f2696d4f7eb558

( 1 imports )
> KERNEL32.dll: HeapReAlloc, CloseHandle, ExitThread, CreateThread, ResumeThread, LockFile, UnlockFile, GetFileSize, WriteFile, VirtualFree, SetFilePointer, CreateFileA, VirtualAlloc, LeaveCriticalSection, ResetEvent, CreateEventA, DeleteCriticalSection, EnterCriticalSection, InitializeCriticalSection, SetEvent, HeapAlloc, HeapFree, ExitProcess, TerminateProcess, GetCurrentProcess, GetSystemTimeAsFileTime, GetCommandLineA, GetVersion, HeapDestroy, HeapCreate, WaitForSingleObject, GetProcAddress, GetModuleHandleA, GetLastError, SetHandleCount, GetStdHandle, GetFileType, GetStartupInfoA, GetModuleFileNameA, FreeEnvironmentStringsA, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStrings, GetEnvironmentStringsW, DisableThreadLibraryCalls, FlushFileBuffers, SetStdHandle, GetCPInfo, GetACP, GetOEMCP, LoadLibraryA, MultiByteToWideChar, GetStringTypeA, GetStringTypeW, LCMapStringA, LCMapStringW, SetEndOfFile, ReadFile, RtlUnwind

( 7 exports )
HMPG12EA_deinit, HMPG12EA_encode, HMPG12EA_init, HMPG12ES_deinit, HMPG12ES_encodeaudio, HMPG12ES_encodevideo, HMPG12ES_init
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

[mikimr]

Soubor HMPV2_ENC.dll přijatý 2010.04.16 14:24:12 (UTC)
Současný stav: Dokončeno
Výsledek: 0/39 (0%)
Formátované
Vytisknout výsledky
Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.04.16 -
AhnLab-V3 5.0.0.2 2010.04.16 -
AntiVir 7.10.6.114 2010.04.16 -
Antiy-AVL 2.0.3.7 2010.04.16 -
Authentium 5.2.0.5 2010.04.16 -
Avast 4.8.1351.0 2010.04.16 -
Avast5 5.0.332.0 2010.04.16 -
AVG 9.0.0.787 2010.04.16 -
BitDefender 7.2 2010.04.16 -
CAT-QuickHeal 10.00 2010.04.16 -
ClamAV 0.96.0.3-git 2010.04.16 -
Comodo 4615 2010.04.16 -
DrWeb 5.0.2.03300 2010.04.16 -
eSafe 7.0.17.0 2010.04.15 -
eTrust-Vet 35.2.7429 2010.04.16 -
F-Prot 4.5.1.85 2010.04.16 -
F-Secure 9.0.15370.0 2010.04.16 -
Fortinet 4.0.14.0 2010.04.16 -
GData 19 2010.04.16 -
Ikarus T3.1.1.80.0 2010.04.16 -
Jiangmin 13.0.900 2010.04.16 -
Kaspersky 7.0.0.125 2010.04.16 -
McAfee 5.400.0.1158 2010.04.16 -
McAfee-GW-Edition 6.8.5 2010.04.16 -
Microsoft 1.5605 2010.04.16 -
NOD32 5034 2010.04.16 -
Norman 6.04.11 2010.04.16 -
nProtect 2010-04-16.01 2010.04.16 -
Panda 10.0.2.7 2010.04.15 -
PCTools 7.0.3.5 2010.04.16 -
Prevx 3.0 2010.04.16 -
Rising 22.43.04.04 2010.04.16 -
Sophos 4.52.0 2010.04.16 -
Sunbelt 6183 2010.04.16 -
Symantec 20091.2.0.41 2010.04.16 -
TheHacker 6.5.2.0.262 2010.04.15 -
TrendMicro 9.120.0.1004 2010.04.15 -
VBA32 3.12.12.4 2010.04.15 -
ViRobot 2010.4.16.2280 2010.04.16 -
Rozšiřující informace
File size: 118784 bytes
MD5...: 38b78898c70e740bed0334bdc0c783ce
SHA1..: 31a5a5e4229e61cf8c5e6043774fec275b0e0dd2
SHA256: 2f8f4175e4c819b4b7051bd103f4d05530404695240b1b221b9776c33946e8a2
ssdeep: 1536:y3b7WARmn00LBKUfcDh5sNtTDsEVLW09akWxkYKQHoFX/VIHF:yfWh00NKU
fczWYg4Ho
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0xbc7c
timedatestamp.....: 0x3b650de2 (Mon Jul 30 07:33:54 2001)
machinetype.......: 0x14c (I386)

( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x3000 0xf1f8 0x10000 6.50 ef1b1430dd7cabf8f0463682b6943a67
.rdata 0x13000 0xcf9 0x1000 4.83 8debfc3f365562a5c94c8f4dfcf957cb
.data 0x14000 0x161c4 0x5000 2.33 7b8c8ceb8737241a1d162357cb738dc5
.data1 0x2b000 0x1260 0x2000 2.82 d45b4670c3f9bf90b06d607e7d0b4308
.reloc 0x2d000 0x1d08 0x2000 4.67 d485cada21d24decb56cee2cb076d990

( 1 imports )
> KERNEL32.dll: TlsFree, VirtualAlloc, EnterCriticalSection, LeaveCriticalSection, ExitProcess, TerminateProcess, GetCurrentProcess, HeapFree, HeapAlloc, GetSystemTimeAsFileTime, GetCommandLineA, GetVersion, SetHandleCount, GetStdHandle, GetFileType, GetStartupInfoA, DeleteCriticalSection, InitializeCriticalSection, GetModuleHandleA, GetModuleFileNameA, GetEnvironmentVariableA, GetVersionExA, HeapDestroy, HeapCreate, HeapReAlloc, RtlUnwind, GetLastError, CloseHandle, WriteFile, GetProcAddress, GetCurrentThreadId, TlsSetValue, TlsAlloc, VirtualFree, SetLastError, TlsGetValue, FreeEnvironmentStringsA, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStrings, GetEnvironmentStringsW, FlushFileBuffers, InterlockedDecrement, InterlockedIncrement, SetFilePointer, SetStdHandle, GetCPInfo, GetACP, GetOEMCP, LoadLibraryA, MultiByteToWideChar, GetStringTypeA, GetStringTypeW, LCMapStringA, LCMapStringW

( 3 exports )
hmpv2_deinit, hmpv2_encode, hmpv2_init
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

[Caroprd111]

Jak to vypadá s PC

[mikimr]

No je dost pomale, ale mozno to tak ma ist je to neaky celeron.
Skusim to este skontrolovat s eset online scaner, precistit a defragmentovat a uvidim.

Ak su logz ciste tak dakujem.