Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosim o kontrolu logu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Zdvr
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 23 dub 2010 22:30

Prosim o kontrolu logu

#1 Příspěvek od Zdvr »

Dobry vecer, prosim o kontrolu logu z radne zanedbaneho ntb :oops:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Honza at 2010-04-23 23:49:05
Microsoft® Windows Vista™ Home Premium
System drive C: has 65 GB (44%) free of 147 GB
Total RAM: 2045 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:49:13, on 23.4.2010
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hp\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Razer\Copperhead\razerhid.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Razer\Copperhead\razerofa.exe
C:\Program Files\Pinnacle\Shared Files\Programs\Remote\remoterm.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE
C:\Windows\system32\wuauclt.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Windows\explorer.exe
C:\Program Files\Razer\Copperhead\razertra.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\Taskmgr.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Honza\Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Honza.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O1 - Hosts: 82.208.58.96 l2authd.lineage2.com
O1 - Hosts: 82.208.58.96 l2testauthd.lineage2.com
O1 - Hosts: 216.107.250.194 nprotect.lineage2.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dll
O2 - BHO: Ask.com Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\Supertoolbar\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Ask.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\Supertoolbar\GenericAskToolbar.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [razer] C:\Program Files\Razer\Copperhead\razerhid.exe
O4 - HKLM\..\Run: [Copperhead] C:\Program Files\Razer\Copperhead\razerhid.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe
O4 - HKCU\..\Run: [PMCLoader] C:\Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe -checktasks
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: &Stáhnout FlashGetem - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Stáhnout všechny FlashGetem - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Služba Google Update (gupdate1c9faeed6154b50) (gupdate1c9faeed6154b50) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 12401 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - C:\Program Files\FlashGet\jccatch.dll [2007-08-06 94308]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-02-24 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-07-02 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C08DF07A-3E49-4E25-9AB0-D3882835F153}]
QUICKfind BHO Object - C:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dll [2003-06-30 337920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask.com Toolbar - C:\Program Files\Ask.com\Supertoolbar\GenericAskToolbar.dll [2008-10-21 741768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-24 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2009-10-19 1345336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - C:\Program Files\FlashGet\getflash.dll [2007-05-18 163840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask.com Toolbar - C:\Program Files\Ask.com\Supertoolbar\GenericAskToolbar.dll [2008-10-21 741768]

{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2009-10-19 1345336]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-02-02 1006264]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-01-14 90191]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-01-14 7766016]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-01-14 81920]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-11-15 815104]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2005-02-17 49152]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2007-01-15 172032]
"QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2006-11-06 159744]
"HP Health Check Scheduler"=C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2006-12-04 46704]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-01-10 472776]
"WAWifiMessage"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2007-01-10 317128]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-01-08 68640]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-01-08 52256]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-05-27 413696]
"razer"=C:\Program Files\Razer\Copperhead\razerhid.exe [2005-11-25 155648]
"Copperhead"=C:\Program Files\Razer\Copperhead\razerhid.exe [2005-11-25 155648]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2006-09-26 35328]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-02-24 136600]
"Samsung PanelMgr"=C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe [2008-08-08 524288]
"SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe [2009-10-20 111928]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-04-14 2790472]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-04-22 2176512]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"=C:\Windows\SMINST\launcher.exe [2006-11-07 44128]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-02-02 1232896]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2006-11-02 125440]
"PMCRemote"=C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe [2007-04-24 253000]
"PMCLoader"=C:\Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe [2007-05-30 105544]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-02 201728]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
VPN Client.lnk - C:\Windows\Installer\{21E247D4-5E27-4BEA-AA4D-19A81203FE2A}\Icon3E5562ED7.ico

C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{301e3144-50f6-11dd-88a2-001a6b3f3aef}]
shell\AutoRun\command - WD_Windows_Tools\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{92d614d3-024b-11dd-a3e3-001a6b3f3aef}]
shell\auToplay\command - kwxle.exe
shell\AutoRun\command - kwxle.exe
shell\expLORe\command - kwxle.exe
shell\Open\command - kwxle.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ae497843-ec09-11de-a5f3-001a6b3f3aef}]
shell\AutoRun\command - "G:\WD SmartWare.exe" autoplay=true

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b001df4f-e41e-11de-9981-001a6b3f3aef}]
shell\AutoRun\command - F:\Web'n'walk_Helper.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ce459180-8582-11de-a526-001a6b3f3aef}]
shell\AutoRun\command - F:\setupSNK.exe


======List of files/folders created in the last 1 months======

2010-04-23 23:32:29 ----D---- C:\Program Files\trend micro
2010-04-23 23:32:26 ----D---- C:\rsit
2010-04-23 10:27:39 ----D---- C:\Windows\21E247D45E274BEAAA4D19A81203FE2A.TMP
2010-04-22 23:24:49 ----D---- C:\Program Files\CCleaner
2010-04-22 18:18:53 ----D---- C:\Users\Honza\AppData\Roaming\Spyware Terminator
2010-04-22 18:18:44 ----D---- C:\ProgramData\Spyware Terminator
2010-04-22 18:18:35 ----D---- C:\Program Files\Spyware Terminator
2010-04-22 17:59:30 ----A---- C:\Windows\system32\aswBoot.exe
2010-04-22 17:58:36 ----D---- C:\ProgramData\Alwil Software
2010-04-22 17:58:36 ----D---- C:\Program Files\Alwil Software
2010-03-29 09:56:05 ----D---- C:\Program Files\WinSCP
2010-03-24 18:45:25 ----D---- C:\Users\Honza\AppData\Roaming\Ashampoo
2010-03-24 18:45:15 ----D---- C:\ProgramData\ashampoo
2010-03-24 18:44:57 ----D---- C:\Program Files\Ashampoo
2010-03-24 18:17:29 ----D---- C:\Users\Honza\AppData\Roaming\AccurateRip
2010-03-24 18:17:16 ----D---- C:\Program Files\Exact Audio Copy

======List of files/folders modified in the last 1 months======

2010-04-23 23:49:06 ----D---- C:\Windows\Temp
2010-04-23 23:32:29 ----RD---- C:\Program Files
2010-04-23 22:08:56 ----D---- C:\WINDOWS
2010-04-23 16:59:21 ----D---- C:\Windows\Tasks
2010-04-23 10:22:49 ----D---- C:\Program Files\jEdit
2010-04-23 10:16:46 ----SHD---- C:\System Volume Information
2010-04-23 00:11:46 ----D---- C:\Windows\System32
2010-04-23 00:11:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-04-23 00:11:44 ----D---- C:\Windows\inf
2010-04-23 00:06:22 ----D---- C:\Windows\system32\catroot2
2010-04-22 23:38:47 ----D---- C:\Windows\Minidump
2010-04-22 23:38:47 ----D---- C:\Windows\Debug
2010-04-22 22:18:58 ----SHD---- C:\Windows\Installer
2010-04-22 22:11:53 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-22 22:04:12 ----D---- C:\Program Files\XTB-Trader 4
2010-04-22 19:04:44 ----D---- C:\Windows\Prefetch
2010-04-22 18:18:56 ----D---- C:\Windows\system32\drivers
2010-04-22 18:18:44 ----HD---- C:\ProgramData
2010-04-22 18:00:50 ----D---- C:\Windows\winsxs
2010-04-22 17:48:02 ----D---- C:\Program Files\Symantec
2010-04-22 17:48:02 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-04-22 17:44:34 ----D---- C:\ProgramData\Symantec
2010-04-22 17:27:56 ----D---- C:\Program Files\BMW M3 ChallengeII
2010-04-11 15:48:01 ----D---- C:\Program Files\Google
2010-04-09 09:43:53 ----D---- C:\Program Files\Mozilla Firefox
2010-04-08 00:13:34 ----D---- C:\Users\Honza\AppData\Roaming\SQL Developer
2010-04-04 10:40:16 ----D---- C:\Windows\system32\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-04-14 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-04-14 162768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-04-14 46672]
R1 eabfiltr;eabfiltr; C:\Windows\system32\DRIVERS\eabfiltr.sys [2006-06-28 8192]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2010-04-22 142592]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-04-14 19024]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-04-14 51792]
R2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2009-11-17 308859]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2006-11-16 32256]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2006-11-16 43520]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2006-11-16 37376]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2007-08-13 5120]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-11-28 8192]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2007-02-14 19456]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2007-02-14 29184]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2007-01-02 78128]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2007-01-02 80688]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-02-02 14208]
R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne2000.sys [2008-11-16 131984]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2006-11-02 200704]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2006-12-12 148992]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-12-07 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-12-07 207360]
R3 NETw3v32;Ovladač adaptéru Intel(R) PRO/Wireless 3945ABG pro Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-09 1786880]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-01-14 4452288]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]
R3 SaiMini;SaiMini; C:\Windows\system32\DRIVERS\SaiMini.sys [2007-10-05 14080]
R3 SaiNtBus;SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [2007-10-05 35200]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-02-02 82432]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-11-15 179256]
R3 UsbFltr;Razer Copperhead Driver; C:\Windows\system32\drivers\copperhd.sys [2005-11-02 11596]
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-12-07 659968]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-02-02 11264]
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys []
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2007-02-14 220160]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys []
S3 CVirtA;Cisco Systems VPN Adapter; C:\Windows\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 E100B;Intel(R) PRO Adapter Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328]
S3 emAudio;PCTV EMP Audio Device; C:\Windows\system32\drivers\emAudio.sys [2007-01-12 22912]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\Windows\system32\DRIVERS\ManyCam.sys [2006-12-13 19072]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\system32\npptNT2.sys []
S3 USB28xxBGA;PCTV 320e Device; C:\Windows\system32\DRIVERS\emBDA.sys [2007-01-29 361728]
S3 USB28xxOEM;USB 28xx OEM Filter; C:\Windows\system32\DRIVERS\emOEM.sys [2007-01-29 39680]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2006-11-02 71552]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]
S4 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-04-14 40384]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe [2007-01-15 270431]
R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe [2007-01-15 118877]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2009-11-17 1528624]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2006-12-04 58984]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-08 171040]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-04-22 488960]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-11-28 386560]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-04-14 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-04-14 40384]
S2 gupdate1c9faeed6154b50;Služba Google Update (gupdate1c9faeed6154b50); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-02 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-02 190448]
S3 AddFiltr;AddFiltr; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe [2006-06-26 126976]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-06 887544]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-11-01 73728]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2006-11-02 22016]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Prosim o kontrolu logu

#2 Příspěvek od Caroprd111 »

Zdravím :)


Obrázek Vložte do PC všechny flash disky, které používáte.

Obrázek Stáhněte na plochu UsbFix http://pagesperso-orange.fr/NosTools/Ch ... UsbFix.exe
  • Spusťte, poté zvolte jazyk E - Enter
  • Zvolte 1 - Enter
  • Po dokončení na Vás vyskočí log, vložte mi ho sem, případně ho najdete v C:\UsbFix.txt

Obrázek Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
  • Spusťte, poté do spodního políčka vložte následující skript.

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys 
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys 
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys 
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav 
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
  • Označte položku Pro všechny uživatele.
  • Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
  • Klikněte na tlačítko Prohledat
  • Po dokončení, sem vložte logy OTL.Txt a Extras.txt
Obrázek
Nahoru
Zdvr
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 23 dub 2010 22:30

Re: Prosim o kontrolu logu

#3 Příspěvek od Zdvr »

Stroj ma malo portu, tak sem zvolil tri nejpouzivanejsi flash disky ... tady je log:


############################## | UsbFix V6.108 |

User : Honza (Administrators) # HONZA-PC
Update on 23/04/2010 by El Desaparecido , C_XX & Chimay8
Start at: 11:00:28 | 24.4.2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Core(TM)2 CPU T7200 @ 2.00GHz
Microsoft® Windows Vista™ Home Premium (6.0.6000 32-bit) #
Internet Explorer 7.0.6000.16643
Windows Firewall Status : Enabled
AV : avast! Antivirus 5.0.83886587 [ Enabled | Updated ]

C:\ -> Local Fixed Disk # 143,62 Go (63,52 Go free) # NTFS
D:\ -> Local Fixed Disk # 5,43 Go (1,34 Go free) [HP_RECOVERY] # NTFS
E:\ -> CD-ROM Disc
F:\ -> Removable Disk # 1,91 Go (1,75 Go free) [PRETEC] # FAT
I:\ -> Local Fixed Disk # 298,02 Go (10,86 Go free) [My Passport] # FAT32
J:\ -> Removable Disk # 3,8 Go (3,71 Go free) # FAT32

################## | Files # Infected Folders |

C:\Users\Honza\jedit4.3.1install.exe
C:\Users\Honza\winscp427setup.exe
I:\autorun.inf

################## | Registry |


################## | Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\F
shell\AutoRun\command =WD_Windows_Tools\Setup.exe

HKCU\..\..\Explorer\MountPoints2\I
shell\AutoRun\command =WD_Windows_Tools\Setup.exe

HKCU\..\..\Explorer\MountPoints2\{301e3144-50f6-11dd-88a2-001a6b3f3aef}
shell\AutoRun\command =WD_Windows_Tools\Setup.exe

HKCU\..\..\Explorer\MountPoints2\{92d614d3-024b-11dd-a3e3-001a6b3f3aef}
shell\auToplay\COmMand =kwxle.exe
shell\AutoRun\command =kwxle.exe
shell\expLORe\CoMmAnD =kwxle.exe
shell\Open\commAnd =kwxle.exe

HKCU\..\..\Explorer\MountPoints2\{ae497843-ec09-11de-a5f3-001a6b3f3aef}
shell\AutoRun\command ="G:\WD SmartWare.exe" autoplay=true

HKCU\..\..\Explorer\MountPoints2\{b001df4f-e41e-11de-9981-001a6b3f3aef}
shell\AutoRun\command =F:\Web'n'walk_Helper.exe

HKCU\..\..\Explorer\MountPoints2\{ce459180-8582-11de-a526-001a6b3f3aef}
shell\AutoRun\command =F:\setupSNK.exe

################## | Vaccin |


################## | ! End of report # UsbFix V6.108 ! |
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Prosim o kontrolu logu

#4 Příspěvek od Caroprd111 »

Postupujte podle návodu, dokud nevystřídáte všechny flash disky.

Obrázek Vložte do PC všechny flash disky, které používáte.

Obrázek Stáhněte na plochu UsbFix http://pagesperso-orange.fr/NosTools/Ch ... UsbFix.exe
  • Spusťte, poté zvolte jazyk E - Enter
  • Zvolte 2 - Enter (je možný restart PC)
  • Po dokončení na Vás vyskočí log, vložte mi ho sem, případně ho najdete v C:\UsbFix.txt
Obrázek
Nahoru
Zdvr
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 23 dub 2010 22:30

Re: Prosim o kontrolu logu

#5 Příspěvek od Zdvr »

ted bezi ten OTL, nechci do toho zasahovat ...
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Prosim o kontrolu logu

#6 Příspěvek od Caroprd111 »

Ok, můžete to provést později. :)
Obrázek
Nahoru
Zdvr
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 23 dub 2010 22:30

Re: Prosim o kontrolu logu

#7 Příspěvek od Zdvr »

OTL.txt

OTL logfile created on: 24.4.2010 11:06:40 - Run 1
OTL by OldTimer - Version 3.2.2.0 Folder = C:\Users\Honza\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16643)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 51,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 71,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 143,62 Gb Total Space | 63,52 Gb Free Space | 44,23% Space Free | Partition Type: NTFS
Drive D: | 5,43 Gb Total Space | 1,34 Gb Free Space | 24,69% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 1,91 Gb Total Space | 1,75 Gb Free Space | 91,68% Space Free | Partition Type: FAT
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 298,02 Gb Total Space | 10,86 Gb Free Space | 3,64% Space Free | Partition Type: FAT32
Drive J: | 3,80 Gb Total Space | 3,71 Gb Free Space | 97,64% Space Free | Partition Type: FAT32

Computer Name: HONZA-PC
Current User Name: Honza
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.04.24 11:05:45 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Users\Honza\Desktop\OTL.exe
PRC - [2010.04.22 18:18:55 | 000,488,960 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2010.04.22 18:18:54 | 002,176,512 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
PRC - [2010.04.14 18:47:08 | 002,790,472 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.04.14 18:47:05 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.03.28 05:13:16 | 000,530,416 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2009.11.17 13:07:46 | 001,528,624 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2009.10.20 14:59:18 | 000,111,928 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe
PRC - [2009.02.24 18:36:03 | 000,382,384 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jucheck.exe
PRC - [2009.02.13 19:16:20 | 000,577,536 | ---- | M] (http://tortoisesvn.net) -- C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
PRC - [2009.01.15 19:42:46 | 007,430,144 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009.01.15 19:42:44 | 007,434,240 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2008.08.08 07:03:41 | 000,524,288 | ---- | M] () -- C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
PRC - [2008.02.02 20:14:03 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.02.02 20:11:44 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007.04.24 17:59:14 | 000,253,000 | ---- | M] (Pinnacle Systems) -- C:\Program Files\Pinnacle\Shared Files\Programs\Remote\remoterm.exe
PRC - [2007.01.15 22:46:56 | 000,118,877 | ---- | M] () -- C:\Program Files\Hp\QuickPlay\Kernel\TV\CLSched.exe
PRC - [2007.01.15 22:46:54 | 000,270,431 | ---- | M] () -- C:\Program Files\Hp\QuickPlay\Kernel\TV\CLCapSvc.exe
PRC - [2007.01.09 09:48:58 | 000,147,456 | ---- | M] (Razer Inc.) -- C:\Program Files\Razer\Copperhead\razerofa.exe
PRC - [2006.11.02 11:44:59 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\conime.exe
PRC - [2006.09.26 16:49:40 | 000,035,328 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2005.11.25 10:54:32 | 000,147,456 | ---- | M] () -- C:\Program Files\Razer\Copperhead\razertra.exe
PRC - [2005.11.25 10:53:40 | 000,155,648 | ---- | M] () -- C:\Program Files\Razer\Copperhead\razerhid.exe


========== Modules (SafeList) ==========

MOD - [2010.04.24 11:05:45 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Users\Honza\Desktop\OTL.exe
MOD - [2009.10.20 14:59:02 | 000,023,864 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll
MOD - [2006.11.02 11:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
MOD - [2006.07.11 19:35:38 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\SweetIM\Messenger\msvcr71.dll


========== Win32 Services (SafeList) ==========

SRV - [2010.04.22 18:18:55 | 000,488,960 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2010.04.14 18:47:05 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.04.14 18:47:05 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.04.14 18:47:05 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009.11.17 13:07:46 | 001,528,624 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2008.02.02 20:11:43 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.01.15 22:46:56 | 000,118,877 | ---- | M] () [Auto | Running] -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2007.01.15 22:46:54 | 000,270,431 | ---- | M] () [Auto | Running] -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2006.11.02 14:36:02 | 000,122,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2006.06.26 10:50:08 | 000,126,976 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe -- (AddFiltr)
SRV - [2004.10.22 04:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - [2010.04.22 18:18:55 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2010.04.14 18:35:47 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.04.14 18:35:25 | 000,162,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.04.14 18:31:39 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.04.14 18:31:23 | 000,051,792 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010.04.14 18:31:01 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.11.17 13:07:06 | 000,308,859 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2008.11.16 19:39:44 | 000,131,984 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\dne2000.sys -- (DNE)
DRV - [2007.10.05 10:19:26 | 000,035,200 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\SaiBus.sys -- (SaiNtBus)
DRV - [2007.10.05 10:19:26 | 000,014,080 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\SaiMini.sys -- (SaiMini)
DRV - [2007.08.13 04:48:45 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2007.01.29 22:20:04 | 000,361,728 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\emBDA.sys -- (USB28xxBGA)
DRV - [2007.01.29 22:19:48 | 000,039,680 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\emOEM.sys -- (USB28xxOEM)
DRV - [2007.01.18 21:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2007.01.14 03:40:00 | 004,452,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007.01.12 18:55:24 | 000,022,912 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\emAudio.sys -- (emAudio)
DRV - [2007.01.02 12:45:30 | 000,080,688 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2007.01.02 12:45:30 | 000,078,128 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2006.12.13 11:00:22 | 000,019,072 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ManyCam.sys -- (ManyCam)
DRV - [2006.12.12 19:06:40 | 000,148,992 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2006.12.07 17:05:58 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006.12.07 17:04:36 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2006.12.07 17:04:26 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006.11.28 18:44:52 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006.11.16 11:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006.11.16 06:42:46 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006.11.16 04:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006.11.15 08:24:00 | 000,179,256 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2006.11.09 11:02:30 | 001,786,880 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\NETw3v32.sys -- (NETw3v32) Ovladač adaptéru Intel(R)
DRV - [2006.11.02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006.11.02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006.11.02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006.11.02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006.11.02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006.11.02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006.11.02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006.11.02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006.11.02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006.11.02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006.11.02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006.11.02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006.11.02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006.11.02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006.11.02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006.11.02 10:55:04 | 000,071,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\USBAUDIO.sys -- (usbaudio) Ovladač zvuků USB (WDM)
DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 09:41:49 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.11.02 09:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2006.11.02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006.11.02 09:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\BCMWL6.SYS -- (BCM43XV)
DRV - [2006.10.19 04:10:57 | 001,380,864 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\igdkmd32.sys -- (ialm)
DRV - [2006.06.28 10:57:00 | 000,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2006.06.28 10:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2005.11.02 10:54:44 | 000,011,596 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\copperhd.sys -- (UsbFltr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3361490867-4187009930-2706979420-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3361490867-4187009930-2706979420-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3361490867-4187009930-2706979420-1000\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-3361490867-4187009930-2706979420-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.3
FF - prefs.js..keyword.URL: "http://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..network.proxy.http: "http://www.vse.cz/proxy/"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.09 09:43:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.09 09:43:46 | 000,000,000 | ---D | M]

[2008.12.22 21:10:10 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Mozilla\Extensions
[2010.04.23 22:23:14 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\rn7ekmt7.default\extensions
[2010.04.23 22:20:45 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\rn7ekmt7.default\extensions\firebug@software.joehewitt.com
[2010.02.14 20:13:04 | 000,003,915 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\rn7ekmt7.default\searchplugins\sweetim.xml
[2010.04.23 22:22:59 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.03.16 22:03:14 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.03.16 22:03:14 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.03.16 22:03:14 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.03.16 22:03:14 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.03.16 22:03:14 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2009.08.03 20:09:32 | 000,000,111 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 82.208.58.96 l2authd.lineage2.com
O1 - Hosts: 82.208.58.96 l2testauthd.lineage2.com
O1 - Hosts: 216.107.250.194 nprotect.lineage2.com
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - No CLSID value found.
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (www.flashget.com)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (QUICKfind BHO Object) - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files\IDM\QUICKfind\PlugIns\IEHelp.dll ()
O2 - BHO: (Ask.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\Supertoolbar\GenericAskToolbar.dll (TODO: <Company name>)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (www.flashget.com)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\Supertoolbar\GenericAskToolbar.dll (TODO: <Company name>)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-3361490867-4187009930-2706979420-1000\..\Toolbar\WebBrowser: (no name) - {00000000-0000-0000-0000-000000000000} - No CLSID value found.
O3 - HKU\S-1-5-21-3361490867-4187009930-2706979420-1000\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [Copperhead] C:\Program Files\Razer\Copperhead\razerhid.exe ()
O4 - HKLM..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [razer] C:\Program Files\Razer\Copperhead\razerhid.exe ()
O4 - HKLM..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [SpywareTerminator] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3361490867-4187009930-2706979420-1000..\Run: [PMCLoader] C:\Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe (Pinnacle Systems GmbH)
O4 - HKU\S-1-5-21-3361490867-4187009930-2706979420-1000..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\remoterm.exe (Pinnacle Systems)
O4 - HKLM..\RunOnce: [Launcher] C:\WINDOWS\SMINST\Launcher.exe (soft thinks)
O4 - Startup: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O8 - Extra context menu item: &Stáhnout FlashGetem - C:\Program Files\FlashGet\JC_LINK.HTM ()
O8 - Extra context menu item: &Stáhnout všechny FlashGetem - C:\Program Files\FlashGet\JC_ALL.HTM ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Honza\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Honza\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.09.11 16:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O32 - AutoRun File - [2007.12.21 14:56:46 | 000,000,069 | -H-- | M] () - I:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{301e3144-50f6-11dd-88a2-001a6b3f3aef}\Shell\AutoRun\command - "" = WD_Windows_Tools\Setup.exe
O33 - MountPoints2\{92d614d3-024b-11dd-a3e3-001a6b3f3aef}\Shell\auToplay\COmMand - "" = kwxle.exe
O33 - MountPoints2\{92d614d3-024b-11dd-a3e3-001a6b3f3aef}\Shell\AutoRun\command - "" = kwxle.exe
O33 - MountPoints2\{92d614d3-024b-11dd-a3e3-001a6b3f3aef}\Shell\expLORe\CoMmAnD - "" = kwxle.exe
O33 - MountPoints2\{92d614d3-024b-11dd-a3e3-001a6b3f3aef}\Shell\Open\commAnd - "" = kwxle.exe
O33 - MountPoints2\{ae497843-ec09-11de-a5f3-001a6b3f3aef}\Shell - "" = AutoRun
O33 - MountPoints2\{ae497843-ec09-11de-a5f3-001a6b3f3aef}\Shell\AutoRun\command - "" = G:\WD SmartWare.exe -- File not found
O33 - MountPoints2\{b001df4f-e41e-11de-9981-001a6b3f3aef}\Shell\AutoRun\command - "" = F:\Web'n'walk_Helper.exe -- File not found
O33 - MountPoints2\{ce459180-8582-11de-a526-001a6b3f3aef}\Shell\AutoRun\command - "" = F:\setupSNK.exe -- File not found
O33 - MountPoints2\F\Shell\AutoRun\command - "" = WD_Windows_Tools\Setup.exe
O33 - MountPoints2\I\Shell\AutoRun\command - "" = WD_Windows_Tools\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\WINDOWS\System32\ias [2006.11.02 13:18:47 | 000,000,000 | ---D | M]
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.at3 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\SONY\atrac3.acm ()
Drivers32: msacm.CoreFLAC_ACM - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Core\CoreFLAC_ACM.acm ()
Drivers32: msacm.divxa32 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\divxa32.acm (Kristal StudioDFileDescription)
Drivers32: msacm.imaadpcm - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.imc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\imc32.acm (Intel Corporation)
Drivers32: msacm.l3acm - C:\Program Files\ACE Mega CoDecS Pack\SystemS\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - File not found
Drivers32: msacm.lameacm - C:\Windows\System32\LameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.lhacm - C:\Program Files\ACE Mega CoDecS Pack\SystemS\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.msadpcm - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msaudio1 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\msaud32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msg723 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\msg723.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.pcdv - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Canopus\pcdv.acm (Canopus Co., Ltd.)
Drivers32: msacm.qmpeg - C:\Program Files\ACE Mega CoDecS Pack\SystemS\QDesign\qmpeg.acm (QDesign Corporation)
Drivers32: msacm.sl_anet - C:\Program Files\ACE Mega CoDecS Pack\SystemS\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\Program Files\ACE Mega CoDecS Pack\SystemS\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\Program Files\ACE Mega CoDecS Pack\SystemS\OGG\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: msacm.voxacm160 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\VoxWare\vct3216.acm (Voxware, Inc.)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.aas4 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Autodesk\aasc32.dll (Autodesk, Inc.)
Drivers32: vidc.aasc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Autodesk\aasc32.dll (Autodesk, Inc.)
Drivers32: vidc.advj - C:\Program Files\ACE Mega CoDecS Pack\SystemS\avidavicodec.dll (Avid Technology, Inc)
Drivers32: vidc.advs - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Adaptec\dvc.dll (Adaptec)
Drivers32: vidc.aflc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Autodesk\flccodec32.dll (Autodesk, Inc.)
Drivers32: vidc.afli - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Autodesk\flccodec32.dll (Autodesk, Inc.)
Drivers32: vidc.ap41 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\divxc32f.dll (Hacked with Joy !)
Drivers32: vidc.asv1 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\ASUS\asusasv1.dll ()
Drivers32: vidc.asv2 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\ASUS\asusasv2.dll ()
Drivers32: vidc.asvx - C:\Program Files\ACE Mega CoDecS Pack\SystemS\ASUS\asusasv2.dll ()
Drivers32: vidc.avi1 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\MainConcept\mcmjpg32.dll (MainConcept)
Drivers32: vidc.avi2 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\MainConcept\mcmjpg32.dll (MainConcept)
Drivers32: vidc.avrn - C:\Program Files\ACE Mega CoDecS Pack\SystemS\avidavicodec.dll (Avid Technology, Inc)
Drivers32: vidc.bt20 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Brooktree\btvvc32.drv (Brooktree Corporation)
Drivers32: vidc.cdvc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Canopus\csccdvc.dll (Canopus Co., Ltd.)
Drivers32: vidc.cram - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.cscd - C:\Program Files\ACE Mega CoDecS Pack\SystemS\camcodec.dll (RenderSoft Software.)
Drivers32: vidc.cvid - C:\Program Files\ACE Mega CoDecS Pack\SystemS\iccvid.dll (Compression Technologies, Inc.)
Drivers32: vidc.davc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\dicas\davcvfw.dll (dicas)
Drivers32: vidc.dcap - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Pinnacle\mirodv2avi.dll (Pinnacle Systems)
Drivers32: vidc.dcmj - C:\Program Files\ACE Mega CoDecS Pack\SystemS\MainConcept\mcmjpg32.dll (MainConcept)
Drivers32: vidc.ddvc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Canopus\cscdvsd.dll (Canopus Co., Ltd.)
Drivers32: vidc.div3 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\divxc32.dll (Hacked with Joy !)
Drivers32: vidc.div4 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\divxc32f.dll (Hacked with Joy !)
Drivers32: vidc.div5 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\divxc32.dll (Hacked with Joy !)
Drivers32: vidc.div6 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\divxc32f.dll (Hacked with Joy !)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.dmb2 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\pmjpeg32.dll (White Pine Software and Paradigm Matrix)
Drivers32: vidc.dv25 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.dv50 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.dvc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\MainConcept\mcdvd_32.dll (MainConcept)
Drivers32: vidc.dvcp - C:\Program Files\ACE Mega CoDecS Pack\SystemS\SONY\sonydv.dll (Sony Corporation)
Drivers32: vidc.dvcs - C:\Program Files\ACE Mega CoDecS Pack\SystemS\MainConcept\mcdvd_32.dll (MainConcept)
Drivers32: vidc.dvsd - C:\Program Files\ACE Mega CoDecS Pack\SystemS\MainConcept\mcdvd_32.dll (MainConcept)
Drivers32: vidc.dvx4 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\DivX4.dll (DivXNetworks, Inc.)
Drivers32: vidc.em2v - C:\Program Files\ACE Mega CoDecS Pack\SystemS\etxcodec.dll (Etymonix Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.frwa - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Forward\frwt.dll (Darim Vision Co.)
Drivers32: vidc.frwd - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Forward\frwd.dll (Darim Vision Co.)
Drivers32: vidc.frwt - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Forward\frwd.dll (Darim Vision Co.)
Drivers32: vidc.frwu - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Forward\frwu.dll (Darim Vision Co.)
Drivers32: vidc.gepj - C:\Program Files\ACE Mega CoDecS Pack\SystemS\pmjpeg32.dll (White Pine Software and Paradigm Matrix)
Drivers32: vidc.glzw - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Gabest\glzw.dll (Gabest)
Drivers32: vidc.gpeg - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Gabest\gpeg.dll (Gabest)
Drivers32: vidc.gpjm - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Pinnacle\rtmjpgcdc.dll (Pinnacle Systems)
Drivers32: vidc.hfyu - C:\Program Files\ACE Mega CoDecS Pack\SystemS\huffyuv.dll (Disappearing Inc.)
Drivers32: vidc.i263 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\i263_32.drv (Intel Corporation)
Drivers32: vidc.i420 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\msh263.drv (Microsoft Corporation)
Drivers32: vidc.ipdv - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Panasonic\idvcodec.dll (Matsushita Electric Industrial Co., Ltd. I-O DATA DEVICE,INC.)
Drivers32: vidc.ir21 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir21_r.dll ()
Drivers32: vidc.iv30 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv31 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv33 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv34 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv35 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv36 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv37 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv38 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv39 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll ()
Drivers32: vidc.iv40 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv41 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv42 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv43 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv44 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv45 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv46 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv47 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv48 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv49 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll (Intel Corporation)
Drivers32: vidc.iv50 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir50_32.dll (Intel Corporation)
Drivers32: vidc.lead - C:\Program Files\ACE Mega CoDecS Pack\SystemS\LEAD\lcodccmp.dll (LEAD Technologies, Inc.)
Drivers32: vidc.m261 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\msh261.drv (Microsoft Corporation)
Drivers32: vidc.m263 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\msh263.drv (Microsoft Corporation)
Drivers32: vidc.miro - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Pinnacle\mirodv2avi.dll (Pinnacle Systems)
Drivers32: vidc.mjpa - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Pinnacle\rtmjpgcdc.dll (Pinnacle Systems)
Drivers32: VIDC.MJPG - C:\Windows\System32\pvmjpg30.dll (Pegasus Imaging Corporation)
Drivers32: vidc.mjpx - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Pegasus\pvmjpg21.dll (Pegasus Imaging Corporation)
Drivers32: vidc.mkvc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\kmvidc32.dll ()
Drivers32: vidc.mmes - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mmjp - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mp41 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\mpg4c32.dll ()
Drivers32: vidc.mp42 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\mpg4c32.dll ()
Drivers32: vidc.mp43 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\mpg4c32.dll ()
Drivers32: vidc.mp4s - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\mpg4c32.dll ()
Drivers32: vidc.mp4v - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\mpg4c32.dll ()
Drivers32: vidc.mpg3 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\divxc32.dll (Hacked with Joy !)
Drivers32: vidc.mpg4 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\mpg4c32.dll ()
Drivers32: vidc.mrle - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msmc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.msvc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.mszh - C:\Program Files\ACE Mega CoDecS Pack\SystemS\avimszh.dll ()
Drivers32: vidc.mtx1 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx2 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx3 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx4 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx5 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx6 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx7 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx8 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mtx9 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Matrox\digivcap.dll (Matrox Electronic Systems)
Drivers32: vidc.mwv1 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Aware\icmw_32.dll (Aware Inc.)
Drivers32: vidc.nt00 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Newtek\ntcodec.dll (NewTek, Inc)
Drivers32: vidc.pdvc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Panasonic\idvcodec.dll (Matsushita Electric Industrial Co., Ltd. I-O DATA DEVICE,INC.)
Drivers32: vidc.pim1 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Pinnacle\pclepim1.dll (Pinnacle Systems)
Drivers32: vidc.pimj - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Pegasus\pvljpg20.dll (Pegasus Imaging Corporation)
Drivers32: vidc.png1 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Core\CorePNG_vfw.dll ()
Drivers32: vidc.pvw2 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Pegasus\pvwv220.dll (Pegasus Imaging Corporation)
Drivers32: vidc.q1.0 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\qpeg32.dll (Q-Team Dr. Knabe GmbH, Korschenbroich, Germany)
Drivers32: vidc.qpeg - C:\Program Files\ACE Mega CoDecS Pack\SystemS\qpeg32.dll (Q-Team Dr. Knabe GmbH, Korschenbroich, Germany)
Drivers32: vidc.rmp4 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\REALmagic\rmp4.dll ()
Drivers32: vidc.rt21 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Intel\ir21_r.dll ()
Drivers32: vidc.rud0 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Rududu\rududu.dll (nico)
Drivers32: vidc.s422 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Tekram\tekyuv.dll ()
Drivers32: vidc.sjpg - C:\Program Files\ACE Mega CoDecS Pack\SystemS\pmjpeg32.dll (White Pine Software and Paradigm Matrix)
Drivers32: vidc.sony - C:\Program Files\ACE Mega CoDecS Pack\SystemS\SONY\sonydv.dll (Sony Corporation)
Drivers32: vidc.t420 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Toshiba\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.tscc - C:\Program Files\ACE Mega CoDecS Pack\SystemS\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.vcr1 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\ATI\ativcr1.dll (ATI Technologies, Inc.)
Drivers32: vidc.vcr2 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\ATI\ativcr2.dll (ATI Technologies, Inc.)
Drivers32: vidc.vifp - C:\Program Files\ACE Mega CoDecS Pack\SystemS\vfcodec.dll ()
Drivers32: vidc.vixl - C:\Program Files\ACE Mega CoDecS Pack\SystemS\MIRO\miroxl32.dll (Pinnacle Systems)
Drivers32: vidc.vp30 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\On2 Technologies\vp31vfw.dll (On2.com)
Drivers32: vidc.vp31 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\On2 Technologies\vp31vfw.dll (On2.com)
Drivers32: vidc.vp60 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\On2 Technologies\vp6vfw.dll (On2.com)
Drivers32: vidc.vp61 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\On2 Technologies\vp6vfw.dll (On2.com)
Drivers32: vidc.vssv - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Vanguard Software Sollutions\vsscodec.dll (Vanguard Software Solutions, Inc.)
Drivers32: vidc.wmv3 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Microsoft\wmv9vcm.dll (Microsoft Corporation)
Drivers32: vidc.wnv1 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\wnvplay1.dll (Winnov)
Drivers32: vidc.wrpr - C:\Program Files\ACE Mega CoDecS Pack\SystemS\aviwrap.dll ()
Drivers32: vidc.xvid - C:\Program Files\ACE Mega CoDecS Pack\SystemS\XviD\xvidvfw.dll ()
Drivers32: vidc.y411 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Toshiba\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.y41p - C:\Program Files\ACE Mega CoDecS Pack\SystemS\Brooktree\btvvc32.drv (Brooktree Corporation)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.zlib - C:\Program Files\ACE Mega CoDecS Pack\SystemS\avizlib.dll ()
OTL cannot create restorepoints on Vista OSs!
Nahoru
Zdvr
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 23 dub 2010 22:30

Re: Prosim o kontrolu logu

#8 Příspěvek od Zdvr »

OTL.txt pokracovani

========== Files/Folders - Created Within 30 Days ==========

[2010.04.24 11:05:44 | 000,562,176 | ---- | C] (OldTimer Tools) -- C:\Users\Honza\Desktop\OTL.exe
[2010.04.24 10:59:33 | 000,000,000 | ---D | C] -- C:\UsbFix
[2010.04.23 23:32:29 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.04.23 23:32:26 | 000,000,000 | ---D | C] -- C:\rsit
[2010.04.23 10:27:39 | 000,000,000 | ---D | C] -- C:\Windows\21E247D45E274BEAAA4D19A81203FE2A.TMP
[2010.04.22 23:24:49 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.04.22 18:18:53 | 000,000,000 | ---D | C] -- C:\Users\Honza\AppData\Roaming\Spyware Terminator
[2010.04.22 18:18:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2010.04.22 18:18:35 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator
[2010.04.22 18:01:07 | 000,162,768 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010.04.22 18:01:07 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010.04.22 18:01:04 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010.04.22 18:01:02 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010.04.22 18:00:58 | 000,051,792 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010.04.22 17:59:30 | 000,153,184 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2010.04.22 17:59:30 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\System32\avastSS.scr
[2010.04.22 17:58:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010.04.22 17:58:36 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010.04.02 11:51:15 | 000,000,000 | ---D | C] -- C:\Users\Honza\Documents\webik
[2010.03.29 09:56:05 | 000,000,000 | ---D | C] -- C:\Program Files\WinSCP
[2010.03.29 09:55:28 | 003,084,859 | ---- | C] (Martin Prikryl ) -- C:\Users\Honza\winscp427setup.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.04.24 11:06:20 | 004,456,448 | -HS- | M] () -- C:\Users\Honza\NTUSER.DAT
[2010.04.24 11:05:45 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Users\Honza\Desktop\OTL.exe
[2010.04.24 11:00:44 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.04.24 11:00:44 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.04.24 10:59:44 | 001,259,320 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.04.24 10:59:44 | 000,610,142 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.04.24 10:59:44 | 000,473,598 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.04.24 10:59:44 | 000,103,924 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.04.24 10:59:44 | 000,081,404 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.04.24 10:57:59 | 001,777,482 | ---- | M] () -- C:\Users\Honza\Desktop\UsbFix.exe
[2010.04.24 10:34:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.04.24 10:10:10 | 000,000,960 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010.04.24 08:01:39 | 000,123,161 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\nvModes.dat
[2010.04.24 08:01:39 | 000,123,161 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\nvModes.001
[2010.04.24 08:00:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.04.23 22:06:34 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2010.04.23 16:33:59 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.04.23 10:04:41 | 000,000,600 | ---- | M] () -- C:\Users\Honza\AppData\Roaming\winscp.rnd
[2010.04.23 00:06:50 | 000,000,148 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2010.04.23 00:06:13 | 000,002,565 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
[2010.04.23 00:05:35 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.04.23 00:05:00 | 2145,443,840 | -HS- | M] () -- C:\hiberfil.sys
[2010.04.23 00:03:39 | 000,001,660 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.04.23 00:03:30 | 004,408,130 | -H-- | M] () -- C:\Users\Honza\AppData\Local\IconCache.db
[2010.04.22 23:55:57 | 000,351,272 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.04.22 23:48:00 | 000,091,528 | ---- | M] () -- C:\Users\Honza\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.04.22 22:01:22 | 000,239,104 | ---- | M] () -- C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.22 18:18:55 | 000,142,592 | ---- | M] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
[2010.04.22 18:01:08 | 000,001,840 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010.04.22 18:00:58 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010.04.19 21:24:37 | 000,237,056 | ---- | M] () -- C:\Users\Honza\Telco.Lisky.doc
[2010.04.19 20:01:37 | 000,024,064 | ---- | M] () -- C:\Users\Honza\lisky_ukol_9tyden.xls
[2010.04.19 20:00:14 | 000,024,119 | ---- | M] () -- C:\Users\Honza\lisky_ukol_9tyden.ods
[2010.04.18 22:13:51 | 000,020,335 | ---- | M] () -- C:\Users\Honza\pripadofka.ods
[2010.04.18 22:09:59 | 000,010,297 | ---- | M] () -- C:\Users\Honza\Documents\pripadovka_2_ot14.doc
[2010.04.18 21:57:27 | 000,070,656 | ---- | M] () -- C:\Users\Honza\Documents\pripadovka_2_ot15.doc
[2010.04.16 11:49:48 | 000,131,591 | ---- | M] () -- C:\Users\Honza\!PS2 - Telco.pdf
[2010.04.14 18:47:23 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\Windows\System32\avastSS.scr
[2010.04.14 18:47:03 | 000,153,184 | ---- | M] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2010.04.14 18:35:47 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010.04.14 18:35:25 | 000,162,768 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010.04.14 18:31:39 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010.04.14 18:31:23 | 000,051,792 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010.04.14 18:31:01 | 000,019,024 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010.04.11 22:06:23 | 000,097,393 | ---- | M] () -- C:\Users\Honza\FLG_38973.jpg
[2010.04.11 22:05:38 | 000,069,802 | ---- | M] () -- C:\Users\Honza\FLG_38972.jpg
[2010.04.11 22:04:41 | 000,714,246 | ---- | M] () -- C:\Users\Honza\FLG_3897.JPG
[2010.04.11 15:48:57 | 000,002,073 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010.04.01 21:47:14 | 004,065,235 | ---- | M] () -- C:\Users\Honza\Documents\html-tvorba-dokonalych-www-stranek.pdf
[2010.04.01 00:12:00 | 000,165,985 | ---- | M] () -- C:\Users\Honza\rustina(vseborec.cz-28l65).rar
[2010.04.01 00:11:09 | 000,010,291 | ---- | M] () -- C:\Users\Honza\2ru101_filip1test(vseborec.cz-c8g3j).rar
[2010.04.01 00:06:49 | 000,003,460 | ---- | M] () -- C:\Users\Honza\2ru101_filip1test(vseborec.cz-djp4m).rar
[2010.03.29 23:07:22 | 000,061,952 | ---- | M] () -- C:\Users\Honza\Top_Hockey_a_s_.xls
[2010.03.29 23:05:51 | 000,399,360 | ---- | M] () -- C:\Users\Honza\Prilohy.doc
[2010.03.29 23:05:35 | 001,596,721 | ---- | M] () -- C:\Users\Honza\Česká spořitelna.pdf
[2010.03.29 23:03:58 | 000,623,104 | ---- | M] () -- C:\Users\Honza\Top_Hockey_a_s_.ppt
[2010.03.29 22:45:40 | 000,216,576 | ---- | M] () -- C:\Users\Honza\Top_Hockey_a_s_-final.doc
[2010.03.29 22:39:23 | 000,181,248 | ---- | M] () -- C:\Users\Honza\Top_Hockey_a_s_.doc
[2010.03.29 11:26:22 | 000,019,845 | ---- | M] () -- C:\Users\Honza\ns_II.jpg
[2010.03.29 10:44:38 | 000,008,122 | ---- | M] () -- C:\Users\Honza\ns.jpg
[2010.03.29 10:42:40 | 000,012,130 | ---- | M] () -- C:\Users\Honza\n107956455893931_9679.jpg
[2010.03.29 09:55:36 | 003,084,859 | ---- | M] (Martin Prikryl ) -- C:\Users\Honza\winscp427setup.exe
[2010.03.28 22:38:28 | 000,157,338 | ---- | M] () -- C:\Users\Honza\Documents\případofka1.odt
[2010.03.27 16:48:46 | 000,051,712 | ---- | M] () -- C:\Users\Honza\Documents\vykaz_zisku_a_ztraty_v_plnem_rozsahu_2009_II.xls
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.04.24 10:57:55 | 001,777,482 | ---- | C] () -- C:\Users\Honza\Desktop\UsbFix.exe
[2010.04.22 18:18:55 | 000,142,592 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
[2010.04.22 18:01:08 | 000,001,840 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010.04.19 21:24:33 | 000,237,056 | ---- | C] () -- C:\Users\Honza\Telco.Lisky.doc
[2010.04.19 00:15:00 | 000,024,064 | ---- | C] () -- C:\Users\Honza\lisky_ukol_9tyden.xls
[2010.04.18 22:49:20 | 000,024,119 | ---- | C] () -- C:\Users\Honza\lisky_ukol_9tyden.ods
[2010.04.18 22:08:03 | 000,010,297 | ---- | C] () -- C:\Users\Honza\Documents\pripadovka_2_ot14.doc
[2010.04.18 21:57:26 | 000,070,656 | ---- | C] () -- C:\Users\Honza\Documents\pripadovka_2_ot15.doc
[2010.04.18 21:45:09 | 000,020,335 | ---- | C] () -- C:\Users\Honza\pripadofka.ods
[2010.04.16 11:49:42 | 000,131,591 | ---- | C] () -- C:\Users\Honza\!PS2 - Telco.pdf
[2010.04.11 22:06:22 | 000,097,393 | ---- | C] () -- C:\Users\Honza\FLG_38973.jpg
[2010.04.11 22:05:37 | 000,069,802 | ---- | C] () -- C:\Users\Honza\FLG_38972.jpg
[2010.04.11 22:04:35 | 000,714,246 | ---- | C] () -- C:\Users\Honza\FLG_3897.JPG
[2010.04.11 15:48:57 | 000,002,073 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010.04.01 21:46:59 | 004,065,235 | ---- | C] () -- C:\Users\Honza\Documents\html-tvorba-dokonalych-www-stranek.pdf
[2010.04.01 00:12:00 | 000,165,985 | ---- | C] () -- C:\Users\Honza\rustina(vseborec.cz-28l65).rar
[2010.04.01 00:11:09 | 000,010,291 | ---- | C] () -- C:\Users\Honza\2ru101_filip1test(vseborec.cz-c8g3j).rar
[2010.04.01 00:06:48 | 000,003,460 | ---- | C] () -- C:\Users\Honza\2ru101_filip1test(vseborec.cz-djp4m).rar
[2010.03.29 23:07:21 | 000,061,952 | ---- | C] () -- C:\Users\Honza\Top_Hockey_a_s_.xls
[2010.03.29 23:05:49 | 000,399,360 | ---- | C] () -- C:\Users\Honza\Prilohy.doc
[2010.03.29 23:05:31 | 001,596,721 | ---- | C] () -- C:\Users\Honza\Česká spořitelna.pdf
[2010.03.29 22:45:38 | 000,216,576 | ---- | C] () -- C:\Users\Honza\Top_Hockey_a_s_-final.doc
[2010.03.29 11:26:22 | 000,019,845 | ---- | C] () -- C:\Users\Honza\ns_II.jpg
[2010.03.29 10:44:36 | 000,008,122 | ---- | C] () -- C:\Users\Honza\ns.jpg
[2010.03.29 10:42:39 | 000,012,130 | ---- | C] () -- C:\Users\Honza\n107956455893931_9679.jpg
[2010.03.29 09:56:12 | 000,000,600 | ---- | C] () -- C:\Users\Honza\AppData\Roaming\winscp.rnd
[2010.03.28 23:26:01 | 000,181,248 | ---- | C] () -- C:\Users\Honza\Top_Hockey_a_s_.doc
[2010.03.28 23:21:54 | 000,623,104 | ---- | C] () -- C:\Users\Honza\Top_Hockey_a_s_.ppt
[2010.03.28 11:07:31 | 000,157,338 | ---- | C] () -- C:\Users\Honza\Documents\případofka1.odt
[2010.03.27 16:48:46 | 000,051,712 | ---- | C] () -- C:\Users\Honza\Documents\vykaz_zisku_a_ztraty_v_plnem_rozsahu_2009_II.xls
[2009.12.24 22:19:33 | 000,022,723 | ---- | C] () -- C:\Windows\System32\cl31cl3.dll
[2009.11.17 13:08:34 | 000,197,424 | ---- | C] () -- C:\Windows\System32\vpnapi.dll
[2009.10.25 21:13:19 | 000,014,848 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2009.01.07 21:35:49 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008.12.22 15:01:09 | 000,001,082 | ---- | C] () -- C:\Windows\PVAStrumento.ini
[2008.12.22 15:00:45 | 000,000,918 | ---- | C] () -- C:\Windows\cPVAS.INI
[2008.11.06 14:10:14 | 000,000,225 | ---- | C] () -- C:\Windows\pdf2word.INI
[2008.10.02 15:55:47 | 000,000,075 | ---- | C] () -- C:\Windows\CONTEXT.INI
[2008.02.24 14:00:05 | 000,196,096 | ---- | C] () -- C:\Windows\System32\MACD32.DLL
[2008.02.24 14:00:05 | 000,138,752 | ---- | C] () -- C:\Windows\System32\MASE32.DLL
[2008.02.24 14:00:05 | 000,136,192 | ---- | C] () -- C:\Windows\System32\MAMC32.DLL
[2008.02.24 14:00:05 | 000,057,856 | ---- | C] () -- C:\Windows\System32\MASD32.DLL
[2008.02.24 14:00:05 | 000,027,648 | ---- | C] () -- C:\Windows\System32\MA32.DLL
[2008.02.04 14:50:02 | 000,000,761 | ---- | C] () -- C:\Windows\m3jp2k.ini
[2008.02.04 14:50:02 | 000,000,714 | ---- | C] () -- C:\Windows\m3jpeg.ini
[2008.02.04 14:50:02 | 000,000,702 | ---- | C] () -- C:\Windows\mmtvmj.ini
[2008.02.04 14:49:59 | 000,019,968 | ---- | C] () -- C:\Windows\System32\cpuinf32.dll
[2008.02.04 14:49:57 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2006.12.20 13:00:12 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006.11.29 09:32:42 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.09.19 00:02:40 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006.09.19 00:02:40 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006.06.19 20:12:31 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2006.06.19 19:59:06 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2006.03.10 02:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005.09.16 17:39:26 | 000,040,960 | ---- | C] () -- C:\Windows\System32\bdadll.dll
[2005.05.08 06:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2004.08.31 11:32:48 | 000,327,680 | ---- | C] () -- C:\Windows\System32\QFClient2.dll
[2002.10.16 00:54:04 | 000,153,088 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

========== LOP Check ==========

[2010.03.24 18:45:25 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Ashampoo
[2008.12.09 20:51:33 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\COWON
[2008.10.01 19:20:36 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\DeepBurner
[2009.02.23 22:06:00 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Facebook
[2008.02.07 14:42:09 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\FlashGet
[2010.03.08 23:05:28 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\GHISLER
[2008.02.04 13:33:39 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\ICQ
[2008.08.26 15:04:41 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\ldoce4
[2009.03.10 21:13:33 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\OpenOffice.org
[2008.03.17 09:58:35 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Opera
[2008.04.16 20:50:52 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Publish Providers
[2008.06.02 17:31:37 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\QIP
[2008.10.23 15:10:03 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\SecondLife
[2008.04.16 20:50:13 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Sony
[2010.04.24 11:02:42 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Spyware Terminator
[2010.04.08 00:13:34 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\SQL Developer
[2009.02.25 23:06:40 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Subversion
[2010.03.09 13:41:29 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\TeamViewer
[2008.10.13 11:01:56 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Template
[2010.04.23 00:03:49 | 000,032,638 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2008.02.02 20:01:10 | 001,232,896 | ---- | M] (Microsoft Corporation)
"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2006.11.02 14:35:32 | 000,125,440 | ---- | M] (Microsoft Corporation)
"PMCRemote" = C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe -- [2007.04.24 17:59:14 | 000,253,000 | ---- | M] (Pinnacle Systems)
"PMCLoader" = C:\Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe -checktasks -- [2007.05.30 13:25:36 | 000,105,544 | ---- | M] (Pinnacle Systems GmbH)
"WMPNSCFG" = C:\Program Files\Windows Media Player\WMPNSCFG.exe -- [2006.11.02 14:36:04 | 000,201,728 | ---- | M] (Microsoft Corporation)

< c:\windows\*.* /U >
[2 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.03.24 18:22:15 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\AccurateRip
[2008.05.20 14:54:40 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Adobe
[2010.03.24 18:45:25 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Ashampoo
[2008.12.09 20:51:33 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\COWON
[2008.02.04 14:32:46 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\CyberLink
[2008.10.01 19:20:36 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\DeepBurner
[2009.02.23 22:06:00 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Facebook
[2008.02.07 14:42:09 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\FlashGet
[2010.03.08 23:05:28 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\GHISLER
[2008.02.02 19:10:38 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Hewlett-Packard
[2008.02.04 14:32:34 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\HP
[2008.02.04 13:33:39 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\ICQ
[2008.02.02 19:17:04 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Identities
[2008.06.02 17:20:53 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\InstallShield
[2008.08.26 15:04:41 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\ldoce4
[2008.02.02 19:12:22 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Macromedia
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Media Center Programs
[2008.11.15 17:34:46 | 000,000,000 | --SD | M] -- C:\Users\Honza\AppData\Roaming\Microsoft
[2008.12.22 21:10:10 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Mozilla
[2009.03.10 21:13:33 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\OpenOffice.org
[2009.03.10 21:08:58 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\OpenOffice.org2
[2008.03.17 09:58:35 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Opera
[2008.04.16 20:50:52 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Publish Providers
[2008.06.02 17:31:37 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\QIP
[2008.06.26 15:54:06 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Roxio
[2008.10.23 15:10:03 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\SecondLife
[2008.08.26 15:04:23 | 000,000,000 | RH-D | M] -- C:\Users\Honza\AppData\Roaming\SecuROM
[2010.02.24 17:17:40 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Skype
[2010.02.24 17:01:41 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\skypePM
[2008.04.16 20:50:13 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Sony
[2010.04.24 11:02:42 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Spyware Terminator
[2010.04.08 00:13:34 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\SQL Developer
[2009.02.25 23:06:40 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Subversion
[2008.06.09 19:17:47 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\teamspeak2
[2010.03.09 13:41:29 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\TeamViewer
[2008.10.13 11:01:56 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Template
[2009.03.01 18:14:03 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\TortoiseSVN
[2008.02.27 00:44:26 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\Ventrilo
[2008.02.08 21:15:26 | 000,000,000 | ---D | M] -- C:\Users\Honza\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2008.03.17 09:58:32 | 000,061,440 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Honza\AppData\Roaming\Microsoft\Installer\{FB706A00-C234-4716-AB1F-27DCB192C664}\ARPPRODUCTICON.exe


< MD5 for: AGP440.SYS >
[2007.02.14 02:08:19 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=313FF294978EA6AF715722D708FB249F -- C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20494_none_b858f78adaed51b3\AGP440.sys
[2007.02.14 02:08:19 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=CE71AFD6738AA025D742CDBCFBDC8B9C -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_f2490cb0\AGP440.sys
[2007.02.14 02:08:19 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=CE71AFD6738AA025D742CDBCFBDC8B9C -- C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16399_none_b7d45c31c1cb309c\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\WINDOWS\System32\drivers\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.04.18 15:04:24 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\WINDOWS\System32\drivers\atapi.sys
[2008.04.18 15:04:24 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\WINDOWS\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008.04.18 15:04:24 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008.04.18 15:04:23 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\WINDOWS\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\WINDOWS\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\WINDOWS\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2006.11.02 11:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\WINDOWS\System32\cryptsvc.dll
[2006.11.02 11:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\WINDOWS\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2008.02.02 20:14:03 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\WINDOWS\explorer.exe
[2008.02.02 20:14:03 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2008.02.02 20:14:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe

< MD5 for: HAL.DLL >
[2006.11.02 11:51:12 | 000,160,872 | ---- | M] (Microsoft Corporation) MD5=E3A21FC3407DA84C5FF41B5088A67C3B -- C:\WINDOWS\System32\hal.dll

< MD5 for: IASTORV.SYS >
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\WINDOWS\System32\drivers\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\WINDOWS\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\WINDOWS\System32\drivers\isapnp.sys
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2007.02.14 02:08:19 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=B5B664CFE3B8C4E426B164103373DFFD -- C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20494_none_b858f78adaed51b3\isapnp.sys
[2007.02.14 02:08:19 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=C756DC995A7E81A66E0D59305EE4A25F -- C:\WINDOWS\System32\DriverStore\FileRepository\machine.inf_f2490cb0\isapnp.sys
[2007.02.14 02:08:19 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=C756DC995A7E81A66E0D59305EE4A25F -- C:\WINDOWS\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16399_none_b7d45c31c1cb309c\isapnp.sys

< MD5 for: LSASS.EXE >
[2006.11.02 11:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=6A0E382E74280E4CC0DF17FE2661D003 -- C:\WINDOWS\System32\lsass.exe
[2006.11.02 11:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=6A0E382E74280E4CC0DF17FE2661D003 -- C:\WINDOWS\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_a413c8c65fe02762\lsass.exe

< MD5 for: NDIS.SYS >
[2006.11.02 11:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\WINDOWS\System32\drivers\ndis.sys
[2006.11.02 11:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\WINDOWS\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys

< MD5 for: NETLOGON.DLL >
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\WINDOWS\System32\netlogon.dll
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\WINDOWS\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll

< MD5 for: NVRAID.SYS >
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\WINDOWS\System32\drivers\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\WINDOWS\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\WINDOWS\System32\drivers\nvstor.sys
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\WINDOWS\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys

< MD5 for: SCECLI.DLL >
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\WINDOWS\System32\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\WINDOWS\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll

< MD5 for: SMSS.EXE >
[2006.11.02 11:45:45 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=CAA75757BB3695478C23CB0624342A61 -- C:\WINDOWS\System32\smss.exe
[2006.11.02 11:45:45 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=CAA75757BB3695478C23CB0624342A61 -- C:\WINDOWS\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.16386_none_aa03e6011c468ee6\smss.exe

< MD5 for: SVCHOST.EXE >
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\WINDOWS\System32\svchost.exe
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\WINDOWS\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.02.02 20:11:17 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=028061C7F6D2D03068C72E2A27E4228A -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16567_none_5f6577ce925d75a7\tcpip.sys
[2008.02.02 20:11:16 | 000,804,352 | ---- | M] (Microsoft Corporation) MD5=43EAE40B50FE3E60D194DD9C97EBB1FD -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20689_none_5fdb7555ab898001\tcpip.sys
[2008.04.18 15:02:39 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[2008.04.18 15:02:40 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\WINDOWS\System32\drivers\tcpip.sys
[2008.04.18 15:02:40 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[2006.11.02 10:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\WINDOWS\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys

< MD5 for: USERINIT.EXE >
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\WINDOWS\System32\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\WINDOWS\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\WINDOWS\System32\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe

< MD5 for: WS2_32.DLL >
[2006.11.02 11:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\ws2_32.dll
[2006.11.02 11:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008.04.18 14:51:32 | 000,347,136 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\dxtmsft.dll
[2008.04.18 14:51:32 | 000,214,528 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\dxtrans.dll
[2006.11.02 11:47:18 | 000,228,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\rsaenh.dll
[2008.02.02 20:04:07 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\SLC.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\WINDOWS\System32\config\COMPONENTS.SAV
[2006.11.02 12:34:05 | 000,020,480 | ---- | M] () -- C:\WINDOWS\System32\config\DEFAULT.SAV
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\WINDOWS\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\WINDOWS\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\WINDOWS\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.dll /lockedfiles >
[2008.04.18 14:51:32 | 000,347,136 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\dxtmsft.dll
[2008.04.18 14:51:32 | 000,214,528 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\dxtrans.dll
[2006.11.02 11:47:18 | 000,228,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\rsaenh.dll
[2008.02.02 20:04:07 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\System32\SLC.dll

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< %systemroot%\system32\drivers\*.sys /3 >
[2010.04.22 18:18:55 | 000,142,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys

< %systemroot%\system32\*.* /3 >
[2010.04.24 11:00:44 | 000,003,072 | -H-- | M] () -- C:\WINDOWS\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.04.24 11:00:44 | 000,003,072 | -H-- | M] () -- C:\WINDOWS\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.04.22 18:00:58 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\config.nt
[2010.04.22 23:55:57 | 000,351,272 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.04.24 10:59:44 | 000,081,404 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.04.24 10:59:44 | 000,103,924 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.04.24 10:59:44 | 000,473,598 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.04.24 10:59:44 | 000,610,142 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.04.24 10:59:44 | 001,259,320 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

========== Alternate Data Streams ==========

@Alternate Data Stream - 824 bytes -> C:\Users\Honza\Documents\dgsgd.eml:OECustomProperty
@Alternate Data Stream - 64 bytes -> C:\Users\Honza\Documents\testttt.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Honza\Documents\exp.avi:TOC.WMV
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:05EE1EEF
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:888AFB86
< End of report >
Nahoru
Zdvr
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 23 dub 2010 22:30

Re: Prosim o kontrolu logu

#9 Příspěvek od Zdvr »

Extras.txt

OTL Extras logfile created on: 24.4.2010 11:06:40 - Run 1
OTL by OldTimer - Version 3.2.2.0 Folder = C:\Users\Honza\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16643)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 51,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 71,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 143,62 Gb Total Space | 63,52 Gb Free Space | 44,23% Space Free | Partition Type: NTFS
Drive D: | 5,43 Gb Total Space | 1,34 Gb Free Space | 24,69% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 1,91 Gb Total Space | 1,75 Gb Free Space | 91,68% Space Free | Partition Type: FAT
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 298,02 Gb Total Space | 10,86 Gb Free Space | 3,64% Space Free | Partition Type: FAT32
Drive J: | 3,80 Gb Total Space | 3,71 Gb Free Space | 97,64% Space Free | Partition Type: FAT32

Computer Name: HONZA-PC
Current User Name: Honza
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3361490867-4187009930-2706979420-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05AC3D13-B3BB-4241-A9FE-570A4A8C8988}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3224F782-022B-4EA4-BCF7-BCFFFD18E967}" = protocol=17 | dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{34C0BBF9-B223-411D-A510-E827A7C54382}" = protocol=6 | dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{48148709-90D8-419E-9277-AFE4B90D506E}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{6E709423-4529-4A94-B3B4-86A4FCD9FB48}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{09A1267F-DD75-4352-BBE5-EC317DF758E4}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"TCP Query User{FB1C6D74-982B-4C24-822F-2FD945F66EC4}C:\program files\qip\qip.exe" = protocol=6 | dir=in | app=c:\program files\qip\qip.exe |
"UDP Query User{1C5204F0-6A4C-4416-980D-DF8F4C524A3F}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"UDP Query User{393C847E-501A-4E33-A7B7-C2501A0CE1ED}C:\program files\qip\qip.exe" = protocol=17 | dir=in | app=c:\program files\qip\qip.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{08C0729E-3E50-11DF-9D81-005056806466}" = Google Earth
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{1246FF64-3035-4A92-8FE6-A968275495EB}" = Sony Vegas Pro 8.0
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21E247D4-5E27-4BEA-AA4D-19A81203FE2A}" = Cisco Systems VPN Client 5.0.06.0160
"{21E62565-8639-457C-B64C-A3FF0A8B4D80}" = HP Active Support Library
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
"{28A946E1-E83B-4662-BC7C-23451851489E}" = Razer Copperhead
"{31CF6C0E-51F0-41D2-B088-A6A143C4303C}" = SweetIM Toolbar for Internet Explorer 3.6
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java(TM) 6 Update 4
"{32A3A4F4-B792-11D6-A78A-00B0D0160040}" = Java(TM) SE Development Kit 6 Update 4
"{32A3A4F4-B792-11D6-A78A-00B0D0160100}" = Java(TM) SE Development Kit 6 Update 10
"{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}" = Roxio MyDVD Basic v9
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.10 B9
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{37FF74E1-843A-4431-AA07-E73E2B847CA4}" = Pegasus Imaging PICVideo Motion JPEG 3.0
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.0
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{564D0000-547B-4ED8-8070-85286CC8C9BF}" = OpenOffice.org 3.0
"{593AFFA4-D08E-4272-BABB-420949D32A10}" = QUICKfind
"{5CA81D12-9EC2-4082-972B-43ECA63F41F2}" = HP Pavilion Webcam Driver for Vista v061.001.00005
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6FE30813-AC60-40A3-BE53-F6713A1F3893}" = HP Wireless Assistant
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758AF648-0B6C-4593-BDF1-9BF4CB50A359}" = IL-2 Sturmovik 1946
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{78B914B4-4586-41C6-B02C-3CB10FE0DED7}" = PDConverter
"{790E65B3-909D-422C-971D-B58B304F81B5}" = TortoiseSVN 1.5.8.15348 (32 bit)
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask.com Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{91CAFCA8-F8C6-4DA0-B22D-CDD13D62D2DC}" = ESU for Microsoft Vista
"{998D6972-F58E-479D-9248-8F179E55AE38}" = Java DB 10.4.1.3
"{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}" = HP Integrated Module with Bluetooth wireless technology
"{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC76BA86-7AD7-1033-7B44-A80000000002}" = Adobe Reader 8
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D6D5CFB3-7095-4073-B6B7-B7E909838C57}" = Razer Copperhead
"{DA53ABD7-6592-45DA-A6DD-287A48F74D37}" = Sybase PowerDesigner 12.5
"{DF6F459C-8B89-4F88-B63F-A2E136BB6B79}" = SweetIM for Messenger 2.8
"{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = jetAudio Basic
"{E4DDBA93-769B-49D8-BA33-8814E45ED0C1}" = HP Help and Support
"{ED4905E3-2B32-4DD8-BC14-7CAFD30E9ECD}" = HP User Guide 0048
"{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}" = Pinnacle TVCenter Pro
"{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}" = HP Easy Setup - Core
"{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}" = ASL_HS_Installer32
"{FB706A00-C234-4716-AB1F-27DCB192C664}" = Opera 9.26
"{FFFF6D5C-E2F1-4B40-BC89-8923312E89EB}}_is1" = ACE Mega CoDecS Pack
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced Port Scanner v1.2" = Advanced Port Scanner v1.2
"Arial Sound Recorder_is1" = Arial Sound Recorder version 1.7.2
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"avast5" = avast! Free Antivirus
"AVI ReComp" = AVI ReComp 1.2.3
"AviSplit Classic (Freeware)_is1" = AviSplit Classic Version 1.43
"AviSynth" = AviSynth 2.5
"Azbuka_is1" = Azbuka 1.0.3.4
"BSPlayer1" = BSPlayer
"CCleaner" = CCleaner (remove only)
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5045&SUBSYS_103C30B7" = HDAUDIO Soft Data Fax Modem with SmartCP
"Condor: The Competition Soaring Simulator" = Condor: The Competition Soaring Simulator 1.0.4
"CryptextNT4" = Cryptext (Remove Only)
"EasternAlps Scenery" = EasternAlps Scenery 2.0
"Exact Audio Copy" = Exact Audio Copy 0.99pb5
"FlashGet" = FlashGet 1.9.6.1073
"Fraps" = Fraps (remove only)
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"HijackThis" = HijackThis 2.0.2
"InstallShield_{37FF74E1-843A-4431-AA07-E73E2B847CA4}" = Pegasus Imaging PICVideo Motion JPEG 3.0
"InstallShield_{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"InstallShield_{758AF648-0B6C-4593-BDF1-9BF4CB50A359}" = IL-2 Sturmovik 1946
"jEdit_is1" = jEdit 4.3.1
"JUDE Community_is1" = JUDE Community 5.4.1
"LameACM" = Lame ACM MP3 Codec
"ldoce4v2" = LONGMAN Dictionary of Contemporary English
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"nbi-glassfish-2.0.0.58.20070907" = GlassFish V2
"nbi-glassfish-2.0.2.4.20080515" = GlassFish V2 UR2
"nbi-glassfish-mod-3.0.0.28.20081022" = GlassFish v3 Prelude
"nbi-nb-base-6.0.0.0.200711261600" = NetBeans IDE 6.0
"nbi-nb-base-6.5.0.0.200811100001" = NetBeans IDE 6.5
"NVIDIA Drivers" = NVIDIA Drivers
"QIP Infium_is1" = QIP Infium 1.0.9008 RC1
"QIP2005" = QIP 2005 Uninstall
"rajče.net_is1" = rajče beta50
"Samsung CLP-310 Series" = Samsung CLP-310 Series
"SecondLife" = SecondLife (remove only)
"Spyware Terminator_is1" = Spyware Terminator
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"Trillian" = Trillian
"VobSub" = VobSub v2.23 (Remove Only)
"Winamp" = Winamp (remove only)
"WinRAR archiver" = WinRAR
"winscp3_is1" = WinSCP 4.2.7
"WinZip" = WinZip
"Xvid_is1" = Xvid 1.1.2 final uninstall

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3361490867-4187009930-2706979420-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Advanced Archive Password Recovery" = Advanced Archive Password Recovery
"ButtonDemo" = ButtonDemo
"Color Rendering Table Demo Application" = Color Rendering Table Demo Application
"ColorChooserDemo" = ColorChooserDemo
"ColorChooserDemo2" = ColorChooserDemo2
"ComboBoxDemo2" = ComboBoxDemo2
"CustomComboBoxDemo" = CustomComboBoxDemo
"Formatted Text Field Table Demo Application" = Formatted Text Field Table Demo Application
"CheckBox Demo" = CheckBox Demo
"QIP 2005" = QIP 2005 8095
"Radio Button Demo" = Radio Button Demo
"TextAreaDemo" = TextAreaDemo
"Violet UML Editor" = Violet UML Editor

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2.5.2009 15:36:34 | Computer Name = Honza-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace RunDLL32.exe, verze 6.0.6000.16386, časové razítko
0x4549b0e1, chybující modul lmpgspl.ax, verze 4.0.0.77, časové razítko 0x3d133951,
kód výjimky 0xc0000005, posun chyby 0x00001652, ID procesu 0x1300, čas spuštění
aplikace 0x01c9cb5d4c0857b0.

Error - 2.5.2009 15:36:39 | Computer Name = Honza-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace RunDLL32.exe, verze 6.0.6000.16386, časové razítko
0x4549b0e1, chybující modul lmpgspl.ax, verze 4.0.0.77, časové razítko 0x3d133951,
kód výjimky 0xc0000005, posun chyby 0x00001652, ID procesu 0x1734, čas spuštění
aplikace 0x01c9cb5d50229ae0.

Error - 2.5.2009 15:36:42 | Computer Name = Honza-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace RunDLL32.exe, verze 6.0.6000.16386, časové razítko
0x4549b0e1, chybující modul lmpgspl.ax, verze 4.0.0.77, časové razítko 0x3d133951,
kód výjimky 0xc0000005, posun chyby 0x00001652, ID procesu 0x830, čas spuštění aplikace
0x01c9cb5d51f75ae0.

Error - 2.5.2009 15:36:47 | Computer Name = Honza-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace RunDLL32.exe, verze 6.0.6000.16386, časové razítko
0x4549b0e1, chybující modul lmpgspl.ax, verze 4.0.0.77, časové razítko 0x3d133951,
kód výjimky 0xc0000005, posun chyby 0x00001652, ID procesu 0x1608, čas spuštění
aplikace 0x01c9cb5d54a5b200.

Error - 2.5.2009 15:36:50 | Computer Name = Honza-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace RunDLL32.exe, verze 6.0.6000.16386, časové razítko
0x4549b0e1, chybující modul lmpgspl.ax, verze 4.0.0.77, časové razítko 0x3d133951,
kód výjimky 0xc0000005, posun chyby 0x00001652, ID procesu 0x1768, čas spuštění
aplikace 0x01c9cb5d568d5dc0.

Error - 2.5.2009 15:36:58 | Computer Name = Honza-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace RunDLL32.exe, verze 6.0.6000.16386, časové razítko
0x4549b0e1, chybující modul lmpgspl.ax, verze 4.0.0.77, časové razítko 0x3d133951,
kód výjimky 0xc0000005, posun chyby 0x00001652, ID procesu 0x20c, čas spuštění aplikace
0x01c9cb5d5b4d56d0.

Error - 2.5.2009 15:37:06 | Computer Name = Honza-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace RunDLL32.exe, verze 6.0.6000.16386, časové razítko
0x4549b0e1, chybující modul lmpgspl.ax, verze 4.0.0.77, časové razítko 0x3d133951,
kód výjimky 0xc0000005, posun chyby 0x00001652, ID procesu 0x126c, čas spuštění
aplikace 0x01c9cb5d6030dd70.

Error - 2.5.2009 15:37:11 | Computer Name = Honza-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace RunDLL32.exe, verze 6.0.6000.16386, časové razítko
0x4549b0e1, chybující modul lmpgspl.ax, verze 4.0.0.77, časové razítko 0x3d133951,
kód výjimky 0xc0000005, posun chyby 0x00001652, ID procesu 0xd2c, čas spuštění aplikace
0x01c9cb5d62ec05d0.

Error - 2.5.2009 15:37:15 | Computer Name = Honza-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace RunDLL32.exe, verze 6.0.6000.16386, časové razítko
0x4549b0e1, chybující modul lmpgspl.ax, verze 4.0.0.77, časové razítko 0x3d133951,
kód výjimky 0xc0000005, posun chyby 0x00001652, ID procesu 0xb20, čas spuštění aplikace
0x01c9cb5d656d8090.

Error - 2.5.2009 15:44:07 | Computer Name = Honza-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace RunDLL32.exe, verze 6.0.6000.16386, časové razítko
0x4549b0e1, chybující modul lmpgspl.ax, verze 4.0.0.77, časové razítko 0x3d133951,
kód výjimky 0xc0000005, posun chyby 0x00001652, ID procesu 0xfb0, čas spuštění aplikace
0x01c9cb5e5ae4db90.

[ Media Center Events ]
Error - 16.4.2008 10:51:44 | Computer Name = Honza-PC | Source = MCUpdate | ID = 0
Description = ?

Error - 2.12.2008 5:50:38 | Computer Name = Honza-PC | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Proces: DefaultDomain Název objektu: Media Center
Guide

[ System Events ]
Error - 23.4.2010 14:13:34 | Computer Name = Honza-PC | Source = disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 23.4.2010 14:14:14 | Computer Name = Honza-PC | Source = disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 23.4.2010 14:14:51 | Computer Name = Honza-PC | Source = disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 23.4.2010 14:19:20 | Computer Name = Honza-PC | Source = disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 23.4.2010 14:46:11 | Computer Name = Honza-PC | Source = disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 23.4.2010 14:47:28 | Computer Name = Honza-PC | Source = disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 23.4.2010 14:47:54 | Computer Name = Honza-PC | Source = disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 23.4.2010 14:49:24 | Computer Name = Honza-PC | Source = disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 23.4.2010 15:22:37 | Computer Name = Honza-PC | Source = disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 23.4.2010 15:31:19 | Computer Name = Honza-PC | Source = disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.


< End of report >
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Prosim o kontrolu logu

#10 Příspěvek od Caroprd111 »

Obrázek Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy.


Obrázek Spusťte OTL a do spodního okna vložte následující skript.

Kód: Vybrat vše

:OTL
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - No CLSID value found.
O2 - BHO: (Ask.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\Supertoolbar\GenericAskToolbar.dll (TODO: <Company name>)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\Supertoolbar\GenericAskToolbar.dll (TODO: <Company name>)
O32 - AutoRun File - [2005.09.11 16:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O32 - AutoRun File - [2007.12.21 14:56:46 | 000,000,069 | -H-- | M] () - I:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{92d614d3-024b-11dd-a3e3-001a6b3f3aef}\Shell\auToplay\COmMand - "" = kwxle.exe
O33 - MountPoints2\{92d614d3-024b-11dd-a3e3-001a6b3f3aef}\Shell\AutoRun\command - "" = kwxle.exe
O33 - MountPoints2\{92d614d3-024b-11dd-a3e3-001a6b3f3aef}\Shell\expLORe\CoMmAnD - "" = kwxle.exe
O33 - MountPoints2\{92d614d3-024b-11dd-a3e3-001a6b3f3aef}\Shell\Open\commAnd - "" = kwxle.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
@Alternate Data Stream - 824 bytes -> C:\Users\Honza\Documents\dgsgd.eml:OECustomProperty
@Alternate Data Stream - 64 bytes -> C:\Users\Honza\Documents\testttt.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Honza\Documents\exp.avi:TOC.WMV
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:05EE1EEF
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:888AFB86

:Services
usprserv

:Files
C:\Program Files\Ask.com

:Commands
[EMPTYTEMP] 
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[RESETHOSTS] 
[CREATERESTOREPOINT]
¨
Poté klikněte na Opravit, PC se restartuje, log vložte sem.


Obrázek Tohle otestujte na http://www.virustotal.com/cs/
C:\WINDOWS\System32\ws2_32.dll

(Soubor nehledejte, jenom vložíte tučně označenou cestu, v případě hlášky "Soubor již byl testován" dejte otestovat znovu. Výsledek analýzy sem v podobě odkazu vložte.)
Obrázek
Nahoru
Zdvr
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 23 dub 2010 22:30

Re: Prosim o kontrolu logu

#11 Příspěvek od Zdvr »

toolbary zadne nemam ani nepouzivam, mozna v IE ktery jsem dva roky na tomhle stroji nepustil ... jdu opravovat/testovat :worship:
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Prosim o kontrolu logu

#12 Příspěvek od Caroprd111 »

V logu je vidět SweetIM Toolbar for Internet Explorer :)
Obrázek
Nahoru
Zdvr
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 23 dub 2010 22:30

Re: Prosim o kontrolu logu

#13 Příspěvek od Zdvr »

uz je pryc ...

tady je log: http://www.virustotal.com/cs/analisis/2 ... 1272104197
Nahoru
Zdvr
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 23 dub 2010 22:30

Re: Prosim o kontrolu logu

#14 Příspěvek od Zdvr »

tady je log z OTL podruhe :)

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Program Files\Ask.com\Supertoolbar\GenericAskToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\Supertoolbar\GenericAskToolbar.dll not found.
D:\AUTOMODE moved successfully.
I:\autorun.inf moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{92d614d3-024b-11dd-a3e3-001a6b3f3aef}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{92d614d3-024b-11dd-a3e3-001a6b3f3aef}\ not found.
File kwxle.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{92d614d3-024b-11dd-a3e3-001a6b3f3aef}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{92d614d3-024b-11dd-a3e3-001a6b3f3aef}\ not found.
File kwxle.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{92d614d3-024b-11dd-a3e3-001a6b3f3aef}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{92d614d3-024b-11dd-a3e3-001a6b3f3aef}\ not found.
File kwxle.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{92d614d3-024b-11dd-a3e3-001a6b3f3aef}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{92d614d3-024b-11dd-a3e3-001a6b3f3aef}\ not found.
File kwxle.exe not found.
C:\Windows\21E247D45E274BEAAA4D19A81203FE2A.TMP\WiseCustomCall.dll deleted successfully.
C:\Windows\21E247D45E274BEAAA4D19A81203FE2A.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\21E247D45E274BEAAA4D19A81203FE2A.TMP\WiseCustomCalla18.dll deleted successfully.
C:\Windows\21E247D45E274BEAAA4D19A81203FE2A.TMP\WiseCustomCalla21.dll deleted successfully.
C:\Windows\21E247D45E274BEAAA4D19A81203FE2A.TMP\WiseCustomCalla22.dll deleted successfully.
C:\Windows\21E247D45E274BEAAA4D19A81203FE2A.TMP\WiseCustomCalla23.dll deleted successfully.
C:\Windows\21E247D45E274BEAAA4D19A81203FE2A.TMP\WiseCustomCalla24.dll deleted successfully.
C:\Windows\21E247D45E274BEAAA4D19A81203FE2A.TMP\WiseCustomCalla25.dll deleted successfully.
C:\Windows\21E247D45E274BEAAA4D19A81203FE2A.TMP\WiseCustomCalla26.dll deleted successfully.
C:\Windows\21E247D45E274BEAAA4D19A81203FE2A.TMP\WiseCustomCalla27.dll deleted successfully.
C:\Windows\21E247D45E274BEAAA4D19A81203FE2A.TMP\WiseCustomCalla33.dll deleted successfully.
C:\Windows\21E247D45E274BEAAA4D19A81203FE2A.TMP\WiseCustomCalla35.dll deleted successfully.
C:\Windows\21E247D45E274BEAAA4D19A81203FE2A.TMP\WiseCustomCalla36.dll deleted successfully.
C:\Windows\21E247D45E274BEAAA4D19A81203FE2A.TMP\WiseCustomCalla37.dll deleted successfully.
C:\Windows\21E247D45E274BEAAA4D19A81203FE2A.TMP\WiseCustomCalla38.dll deleted successfully.
C:\Windows\21E247D45E274BEAAA4D19A81203FE2A.TMP\WiseCustomCalla39.dll deleted successfully.
C:\Windows\21E247D45E274BEAAA4D19A81203FE2A.TMP\WiseCustomCalla41.exe deleted successfully.
C:\Windows\21E247D45E274BEAAA4D19A81203FE2A.TMP\WiseCustomCalla42.dll deleted successfully.
C:\Windows\21E247D45E274BEAAA4D19A81203FE2A.TMP\WiseCustomCalla43.dll deleted successfully.
C:\Windows\21E247D45E274BEAAA4D19A81203FE2A.TMP\WiseCustomCalla44.dll deleted successfully.
C:\Windows\21E247D45E274BEAAA4D19A81203FE2A.TMP\WiseCustomCalla46.dll deleted successfully.
C:\Windows\21E247D45E274BEAAA4D19A81203FE2A.TMP\WiseCustomCalla47.dll deleted successfully.
C:\Windows\21E247D45E274BEAAA4D19A81203FE2A.TMP\WiseCustomCalla48.dll deleted successfully.
C:\Windows\21E247D45E274BEAAA4D19A81203FE2A.TMP\WiseCustomCalla49.dll deleted successfully.
C:\Windows\21E247D45E274BEAAA4D19A81203FE2A.TMP\WiseCustomCalla50.dll deleted successfully.
C:\Windows\21E247D45E274BEAAA4D19A81203FE2A.TMP\WiseCustomCalla51.dll deleted successfully.
C:\Windows\21E247D45E274BEAAA4D19A81203FE2A.TMP folder deleted successfully.
C:\Windows\msdownld.tmp folder deleted successfully.
ADS C:\Users\Honza\Documents\dgsgd.eml:OECustomProperty deleted successfully.
ADS C:\Users\Honza\Documents\testttt.avi:TOC.WMV deleted successfully.
ADS C:\Users\Honza\Documents\exp.avi:TOC.WMV deleted successfully.
ADS C:\ProgramData\TEMP:05EE1EEF deleted successfully.
ADS C:\ProgramData\TEMP:888AFB86 deleted successfully.
========== SERVICES/DRIVERS ==========
Service usprserv stopped successfully!
Service usprserv deleted successfully!
========== FILES ==========
C:\Program Files\Ask.com\Supertoolbar folder moved successfully.
C:\Program Files\Ask.com folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Honza
->Temp folder emptied: 74812979 bytes
->Temporary Internet Files folder emptied: 5021394 bytes
->Java cache emptied: 23642207 bytes
->FireFox cache emptied: 39843428 bytes
->Google Chrome cache emptied: 336958280 bytes
->Flash cache emptied: 719 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1426954 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 459,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Honza
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully


OTL by OldTimer - Version 3.2.2.0 log created on 04242010_122213

Files\Folders moved on Reboot...
C:\Users\Honza\AppData\Local\Temp\ehmsas.txt moved successfully.
File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Prosim o kontrolu logu

#15 Příspěvek od Caroprd111 »

Ok, ještě ten UsbFix.
Obrázek
Nahoru
Odpovědět

Zpět na „Preventivní kontroly logů“