PC zpusobuje zpomalovani internetu

Zpráva

bellian · #1 Příspěvek od **bellian** » 10 kvě 2010 09:02

Dobry den,

mam switch kde jsou napojeny 2 PC a jeden router s 16MB internetem. Internet me zacal jit velmi spatne s velikou odezvou a rychlosti v radech 50 kbit/s. Postupnym zkousenim jse zjistil, ze kdyz jeden PC vypojim, tak internet funguje opet jako drive. Ale jakmile ho zapojim, tak jde spatne. Kopirovani mezi PC pres switch funguje bez problemu.

Zde prikladam log z PC, ktere mi zpusobuje problemy. (pc jsem projel pouze CCleaner)
Dekuji za pomoc.

Logfile of random's system information tool 1.07 (written by random/random)
Run by imac2 at 2010-05-10 09:52:24
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 164 GB (81%) free of 203 GB
Total RAM: 2030 MB (70% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cac657f069c65e.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-796845957-1844237615-839522115-1004.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-796845957-1844237615-839522115-1004.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-03-08 329312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{af69de43-7d58-4638-b6fa-ce66b5ad205d}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-06-18 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b922d405-6d13-4a2b-ae89-08a030da4402}]
pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll [2009-05-04 650752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-20 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-20 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Program Files\Seznam.cz\core.2.dll [2010-03-24 1108760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B71B15CF-3093-459C-B764-AEB2486F2273} - &S-Rank - C:\Program Files\Seznam\Postak\SRank.dll [2005-05-17 266240]
{B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll [2009-05-04 650752]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-07-31 16380416]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"IRW"=C:\WINDOWS\system32\IRW.exe [2007-07-31 147456]
"Apple_KbdMgr"=C:\Program Files\Boot Camp\KbdMgr.exe [2007-07-31 398640]
"JobHisInit"=C:\Program Files\RMClient\JobHisInit.exe [2001-11-16 135168]
"MplSetUp"=C:\Program Files\RMClient\MplSetUp.exe [2000-11-04 40960]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-06-02 267048]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-20 148888]
"SearchSettings"=C:\Program Files\pdfforge Toolbar\SearchSettings.exe [2009-03-30 970240]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-03-08 202256]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2010-05-10 949376]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-18 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-06-18 39408]
"Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2010-04-06 26102056]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Skype.lnk - C:\WINDOWS\Installer\{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}\Skype.ico

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-07-31 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\FileMaker\FileMaker Pro 5.5\FileMaker Pro.exe"="C:\Program Files\FileMaker\FileMaker Pro 5.5\FileMaker Pro.exe:*:Enabled:FileMaker Pro"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"%windir%\explorer.exe"="%windir%\explorer.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Java\jre6\launch4j-tmp\JDownloader.exe"="C:\Program Files\Java\jre6\launch4j-tmp\JDownloader.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\WINDOWS\system32\java.exe"="C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Disabled:Java(TM) Platform SE binary"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"C:\Program Files\TmNationsForever\TmForever.exe"="C:\Program Files\TmNationsForever\TmForever.exe:*:Disabled:TmForever"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.scr - open - "C:\WINDOWS\system32\notepad.exe" "%1"
.scr - install -
.scr - config -
.txt - open - Notepad.exe %1

======List of files/folders created in the last 1 months======

2010-05-10 09:52:24 ----D---- C:\rsit
2010-05-10 06:10:31 ----A---- C:\WINDOWS\system32\imon.dll
2010-04-15 15:34:38 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-15 15:34:29 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-15 15:32:50 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-15 15:32:42 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-14 11:29:14 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-14 11:29:05 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-04-13 05:59:05 ----N---- C:\WINDOWS\system32\browserchoice.exe

======List of files/folders modified in the last 1 months======

2010-05-10 09:52:07 ----D---- C:\Documents and Settings\imac2\Data aplikací\Skype
2010-05-10 09:50:18 ----D---- C:\WINDOWS\temp
2010-05-10 09:40:36 ----D---- C:\Program Files\RocketDock
2010-05-10 09:34:35 ----D---- C:\WINDOWS\Debug
2010-05-10 09:34:35 ----D---- C:\WINDOWS
2010-05-10 09:33:23 ----D---- C:\WINDOWS\Minidump
2010-05-10 09:29:15 ----SD---- C:\WINDOWS\Tasks
2010-05-10 08:17:25 ----D---- C:\WINDOWS\system32\CatRoot2
2010-05-10 08:02:08 ----A---- C:\WINDOWS\ModemLog_Standardní modem připojený pomocí technologie Bluetooth.txt
2010-05-10 06:10:31 ----D---- C:\WINDOWS\system32\drivers
2010-05-10 06:10:31 ----D---- C:\WINDOWS\system32
2010-05-10 06:10:31 ----D---- C:\Program Files\ESET
2010-05-10 06:03:21 ----D---- C:\Documents and Settings\imac2\Data aplikací\skypePM
2010-05-07 14:21:23 ----D---- C:\WINDOWS\NAVITEMP
2010-05-06 07:51:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\pdf995
2010-04-23 05:54:30 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-19 11:11:56 ----SHD---- C:\Config.Msi
2010-04-19 11:11:55 ----SHD---- C:\WINDOWS\Installer
2010-04-19 11:11:31 ----D---- C:\Program Files\Google
2010-04-15 15:34:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-04-15 15:34:44 ----HD---- C:\WINDOWS\inf
2010-04-15 15:34:35 ----HD---- C:\WINDOWS\$hf_mig$

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 bantext;Belarc SMBios Access; C:\WINDOWS\System32\Drivers\BANTExt.sys [2008-02-27 3840]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-18 39936]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-18 14848]
R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2010-05-10 15424]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2010-05-10 512096]
R2 KeyAgent;KeyAgent; \??\C:\WINDOWS\system32\drivers\KeyAgent.sys []
R2 MacHALDriver;Mac HAL; \??\C:\WINDOWS\system32\drivers\MacHALDriver.sys []
R3 applebt;Apple Built-in Bluetooth; C:\WINDOWS\system32\DRIVERS\applebt.sys [2007-07-31 8064]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-18 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-07-31 2301440]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-03 17024]
R3 BTHMODEM;Ovladač komunikace modemu Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2004-08-03 38016]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidBth;Miniport Bluetooth HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2004-08-17 25600]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-07-31 4447232]
R3 IRRemoteFlt;IR Receiver Filter Driver; C:\WINDOWS\system32\DRIVERS\IRFilter.sys [2007-07-31 16512]
R3 KeyMagic;USB Keyboard HID Filter; C:\WINDOWS\system32\DRIVERS\KeyMagic.sys [2007-07-31 13824]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-18 61824]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-03 59648]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2010-02-04 27632]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-18 31616]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-18 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-18 20480]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-04 78464]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2007-07-31 255232]
S3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2007-07-31 592256]
S3 BthKicker;Apple Bluetooth Device Driver; C:\WINDOWS\system32\DRIVERS\BthKicker.sys [2007-07-31 7424]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-04 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-18 40320]
S3 ovt530;Webcam Deluxe; C:\WINDOWS\System32\Drivers\ov530vid.sys [2005-03-15 161792]
S3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2008-02-22 47360]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-10-31 110592]
R2 AppleOSSMgr;Apple OS Switch Manager; C:\WINDOWS\system32\AppleOSSMgr.exe [2007-07-31 116016]
R2 AppleTimeSrv;Apple Time Service; C:\WINDOWS\system32\AppleTimeSrv.exe [2007-07-31 99632]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-07-31 479232]
R2 Autodesk Data Management Job Dispatch;Autodesk Data Management Job Dispatch; C:\Program Files\Autodesk\Data Management Server 2008\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe [2007-02-13 32768]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-18 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-20 152984]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2010-05-10 552064]
R2 SNMP;SNMP; C:\WINDOWS\System32\snmp.exe [2006-11-21 32768]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-06-02 504104]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2007-06-14 520192]
S2 Autodesk EDM Server;Autodesk EDM Server; C:\Program Files\Autodesk\Data Management Server 2008\Server\Webserver\Connectivity.EDMWS.Server.exe [2007-02-13 49152]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2006-03-02 268288]
S2 gupdate1c9efec3094599e;Služba Google Update (gupdate1c9efec3094599e); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-18 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-18 183280]
S2 MSSQL$AUTODESKVAULT;SQL Server (AUTODESKVAULT); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2007-11-01 79360]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LPDSVC;Tiskový server TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-18 19456]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 OKI OPHC DCS Loader;OKI OPHC DCS Loader; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\OPHCLDCS.EXE [2005-01-06 24576]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SNMPTRAP;Zachytávání pro službu SNMP; C:\WINDOWS\System32\snmptrap.exe [2006-03-02 8704]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-18 14336]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []

-----------------EOF-----------------

#2 Příspěvek od **Caroprd111** » 10 kvě 2010 11:13

Zdravím

Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy.

Obrázek

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe

Spusťte, poté do spodního políčka vložte následující skript.

Kód: Vybrat vše

 netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys 
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys 
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys 
cdrom.sys 
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav 
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Označte položku Pro všechny uživatele.
Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Klikněte na tlačítko Prohledat
Po dokončení, sem vložte logy OTL.Txt a Extras.txt

bellian · #3 Příspěvek od **bellian** » 10 kvě 2010 12:23

OTL logfile created on: 10.5.2010 12:59:16 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = I:\1
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 70,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): C:\pagefile.sys 1512 3024 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 197,77 Gb Total Space | 160,56 Gb Free Space | 81,18% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 74,21 Gb Total Space | 18,59 Gb Free Space | 25,06% Space Free | Partition Type: NTFS

Computer Name: IMAC4
Current User Name: imac2
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.05.10 12:53:48 | 000,570,880 | ---- | M] (OldTimer Tools) -- I:\1\OTL.exe
PRC - [2010.03.08 07:02:28 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010.02.24 23:09:42 | 000,173,576 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealUpgrade\realupgrade.exe
PRC - [2009.05.27 03:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2009.01.26 16:31:16 | 002,144,088 | ---- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009.01.22 16:49:53 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.11.24 23:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008.11.24 23:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2007.07.31 14:04:58 | 000,398,640 | ---- | M] (Apple Inc.) -- C:\Program Files\Boot Camp\KbdMgr.exe
PRC - [2007.07.31 14:04:48 | 000,099,632 | ---- | M] (Apple Inc.) -- C:\WINDOWS\system32\AppleTimeSrv.exe
PRC - [2007.07.31 14:04:34 | 000,116,016 | ---- | M] () -- C:\WINDOWS\system32\AppleOSSMgr.exe
PRC - [2007.07.31 13:57:49 | 000,147,456 | ---- | M] (Apple Inc.) -- C:\WINDOWS\system32\IRW.exe
PRC - [2007.02.13 09:28:14 | 000,032,768 | ---- | M] (Autodesk) -- C:\Program Files\Autodesk\Data Management Server 2008\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe
PRC - [2007.02.13 09:26:46 | 000,049,152 | ---- | M] (Autodesk) -- C:\Program Files\Autodesk\Data Management Server 2008\Server\Webserver\Connectivity.EDMWS.Server.exe
PRC - [2006.11.21 12:26:39 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\snmp.exe
PRC - [2006.11.03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe

========== Modules (SafeList) ==========

MOD - [2010.05.10 12:53:48 | 000,570,880 | ---- | M] (OldTimer Tools) -- I:\1\OTL.exe
MOD - [2006.08.25 17:51:20 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2004.08.18 14:00:00 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll
MOD - [2004.08.18 14:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2004.08.18 14:00:00 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll
MOD - [2004.08.18 14:00:00 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll
MOD - [2004.08.18 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll
MOD - [2004.08.18 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll
MOD - [2004.08.18 14:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (NMIndexingService)
SRV - [2009.05.27 03:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$AUTODESKVAULT) SQL Server (AUTODESKVAULT)
SRV - [2008.11.24 23:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008.11.24 23:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2008.11.24 23:31:08 | 000,045,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2007.11.01 13:16:18 | 000,079,360 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2007.07.31 14:04:48 | 000,099,632 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\WINDOWS\system32\AppleTimeSrv.exe -- (AppleTimeSrv)
SRV - [2007.07.31 14:04:34 | 000,116,016 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\AppleOSSMgr.exe -- (AppleOSSMgr)
SRV - [2007.02.13 09:28:14 | 000,032,768 | ---- | M] (Autodesk) [Auto | Running] -- C:\Program Files\Autodesk\Data Management Server 2008\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe -- (Autodesk Data Management Job Dispatch)
SRV - [2007.02.13 09:26:46 | 000,049,152 | ---- | M] (Autodesk) [Auto | Running] -- C:\Program Files\Autodesk\Data Management Server 2008\Server\Webserver\Connectivity.EDMWS.Server.exe -- (Autodesk EDM Server)
SRV - [2006.11.21 12:26:39 | 000,032,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\snmp.exe -- (SNMP)
SRV - [2006.11.03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2005.01.06 11:25:56 | 000,024,576 | ---- | M] (Oki Data Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\w32x86\3\OPHCLDCS.EXE -- (OKI OPHC DCS Loader)
SRV - [2004.08.18 14:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\tcpsvcs.exe -- (LPDSVC)

========== Driver Services (SafeList) ==========

DRV - [2010.02.04 10:08:30 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri)
DRV - [2008.05.16 12:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)
DRV - [2008.05.16 12:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)
DRV - [2008.05.16 12:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008.05.16 12:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008.05.16 12:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV - [2008.05.16 12:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008.05.16 12:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV - [2008.03.31 08:51:28 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.02.27 13:49:00 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (bantext)
DRV - [2007.07.31 13:59:49 | 004,447,232 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.07.31 13:58:43 | 000,255,232 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2007.07.31 13:58:08 | 000,592,256 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bcmwl5.sys -- (BCM43XX)
DRV - [2007.07.31 13:57:54 | 000,004,864 | ---- | M] (Apple Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\KeyAgent.sys -- (KeyAgent)
DRV - [2007.07.31 13:57:49 | 000,016,512 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IRFilter.sys -- (IRRemoteFlt)
DRV - [2007.07.31 13:57:44 | 000,013,824 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\KeyMagic.sys -- (KeyMagic)
DRV - [2007.07.31 13:57:44 | 000,006,528 | ---- | M] (Apple Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\MacHALDriver.sys -- (MacHALDriver)
DRV - [2007.07.31 13:57:37 | 000,008,064 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\applebt.sys -- (applebt)
DRV - [2007.07.31 13:57:35 | 000,007,424 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bthkicker.sys -- (BthKicker)
DRV - [2007.07.31 13:57:29 | 002,301,440 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005.03.15 18:04:00 | 000,161,792 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ov530vid.sys -- (ovt530)
DRV - [2005.01.07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004.08.18 14:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2004.08.04 00:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Ovladač zvukové karty USB (WDM)
DRV - [2004.08.03 23:00:14 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\changer.sys -- (Changer)
DRV - [2004.08.03 22:59:34 | 000,034,688 | ---- | M] (Toshiba Corp.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\lbrtfdc.sys -- (lbrtfdc)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-796845957-1844237615-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-796845957-1844237615-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchT ... f8&oe=utf8
IE - HKU\S-1-5-21-796845957-1844237615-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-796845957-1844237615-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Seznam"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz"
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.1
FF - prefs.js..extensions.enabledItems: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.0.8
FF - prefs.js..keyword.URL: "http://search.seznam.cz/?sourceid=FFlisticka_13&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.03.08 07:04:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.02 08:59:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.02 08:59:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2009.06.16 14:55:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\Mozilla\Extensions
[2010.05.10 06:48:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\Mozilla\Firefox\Profiles\8tljhtsg.default\extensions
[2010.04.27 09:01:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\imac2\Data aplikací\Mozilla\Firefox\Profiles\8tljhtsg.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.04.09 07:25:40 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- C:\Documents and Settings\imac2\Data aplikací\Mozilla\Firefox\Profiles\8tljhtsg.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2010.04.09 07:28:01 | 000,002,052 | ---- | M] () -- C:\Documents and Settings\imac2\Data aplikací\Mozilla\Firefox\Profiles\8tljhtsg.default\searchplugins\firmycz.xml
[2010.04.09 07:28:01 | 000,002,047 | ---- | M] () -- C:\Documents and Settings\imac2\Data aplikací\Mozilla\Firefox\Profiles\8tljhtsg.default\searchplugins\mapycz.xml
[2010.04.09 07:28:02 | 000,002,213 | ---- | M] () -- C:\Documents and Settings\imac2\Data aplikací\Mozilla\Firefox\Profiles\8tljhtsg.default\searchplugins\zbocz.xml
[2009.06.16 14:55:37 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.03.16 07:50:41 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.03.16 07:50:42 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.03.16 07:50:42 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.03.16 07:50:42 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.03.16 07:50:42 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.03.19 13:36:47 | 000,249,174 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.1001-search.info
O1 - Hosts: 127.0.0.1 1001-search.info
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 8710 more lines...
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Ukazatel S-Rank) - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.2.dll ()
O3 - HKLM\..\Toolbar: (&S-Rank) - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Postak\SRank.dll (Seznam.cz a.s.)
O3 - HKU\S-1-5-21-796845957-1844237615-839522115-1004\..\Toolbar\WebBrowser: (&S-Rank) - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Postak\SRank.dll (Seznam.cz a.s.)
O4 - HKLM..\Run: [Apple_KbdMgr] C:\Program Files\Boot Camp\KbdMgr.exe (Apple Inc.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [IRW] C:\WINDOWS\system32\IRW.exe (Apple Inc.)
O4 - HKLM..\Run: [JobHisInit] C:\Program Files\RMClient\JobHisInit.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [MplSetUp] C:\Program Files\RMClient\MplSetUp.exe (RICOH CO.,LTD.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-796845957-1844237615-839522115-1004..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Skype.lnk = C:\WINDOWS\Installer\{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}\Skype.ico File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-796845957-1844237615-839522115-1004\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-796845957-1844237615-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-796845957-1844237615-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-796845957-1844237615-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} http://www.sunnydaysegypt.com/en/Palacio/vo/ipixx.cab (iPIX ActiveX Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\imac2\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\imac2\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2007.10.23 18:18:28 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.ffds - - File not found
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.ptev - C:\WINDOWS\System32\ptevideo.dll ()

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (55745656140070912)

========== Files/Folders - Created Within 30 Days ==========

[2010.05.10 11:22:31 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\imac2\Recent
[2010.05.10 09:52:24 | 000,000,000 | ---D | C] -- C:\rsit
[2010.04.13 06:00:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Data aplikací\Macromedia
[2010.04.13 05:59:05 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.05.10 13:00:49 | 000,838,144 | ---- | M] () -- C:\WINDOWS\System32\drivers\iwqurl.sys
[2010.05.10 13:00:49 | 000,574,464 | ---- | M] () -- C:\WINDOWS\System32\drivers\knvdquy.sys
[2010.05.10 12:53:57 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010.05.10 12:50:37 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.05.10 12:49:41 | 017,301,504 | -H-- | M] () -- C:\Documents and Settings\imac2\NTUSER.DAT
[2010.05.10 12:49:19 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\imac2\ntuser.ini
[2010.05.10 12:48:47 | 000,173,056 | ---- | M] () -- C:\Documents and Settings\imac2\Plocha\i-vstup.fp5
[2010.05.10 12:02:52 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.05.10 09:29:15 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-796845957-1844237615-839522115-1004.job
[2010.05.10 09:29:15 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-796845957-1844237615-839522115-1004.job
[2010.05.10 08:36:02 | 000,053,760 | ---- | M] () -- C:\Documents and Settings\imac2\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.10 05:59:39 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.05.07 08:57:06 | 000,017,476 | ---- | M] () -- C:\WINDOWS\System32\OPC5250N.cah
[2010.05.06 08:57:09 | 000,002,563 | ---- | M] () -- C:\Documents and Settings\imac2\Plocha\Microsoft Office Word 2007.lnk
[2010.05.06 07:51:26 | 000,069,957 | ---- | M] () -- C:\Documents and Settings\imac2\Dokumenty\U-Bows DIN 3570.pdf
[2010.05.06 07:51:25 | 000,000,060 | ---- | M] () -- C:\WINDOWS\wpd99.drv
[2010.05.04 11:09:52 | 000,002,521 | ---- | M] () -- C:\Documents and Settings\imac2\Plocha\Microsoft Office Outlook 2007.lnk
[2010.04.29 11:14:12 | 000,017,367 | ---- | M] () -- C:\Documents and Settings\imac2\Plocha\DAS KONSULT vykresy.pdf
[2010.04.27 14:47:19 | 000,000,186 | ---- | M] () -- C:\Documents and Settings\imac2\Plocha\Zástupce - CORSAIR (F).lnk
[2010.04.25 20:45:30 | 004,313,238 | -H-- | M] () -- C:\Documents and Settings\imac2\Local Settings\Data aplikací\IconCache.db
[2010.04.22 10:09:14 | 000,023,040 | ---- | M] () -- C:\Documents and Settings\imac2\Plocha\izolace hermanova hut.xls
[2010.04.22 10:02:15 | 000,023,040 | ---- | M] () -- C:\Documents and Settings\imac2\Plocha\izolace St. prex.xls
[2010.04.19 11:11:50 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Earth.lnk
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.05.06 07:51:24 | 000,069,957 | ---- | C] () -- C:\Documents and Settings\imac2\Dokumenty\U-Bows DIN 3570.pdf
[2010.04.27 14:47:19 | 000,000,186 | ---- | C] () -- C:\Documents and Settings\imac2\Plocha\Zástupce - CORSAIR (F).lnk
[2010.04.23 10:24:32 | 000,017,367 | ---- | C] () -- C:\Documents and Settings\imac2\Plocha\DAS KONSULT vykresy.pdf
[2010.04.23 05:53:38 | 000,574,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\knvdquy.sys
[2010.04.22 10:05:45 | 000,023,040 | ---- | C] () -- C:\Documents and Settings\imac2\Plocha\izolace hermanova hut.xls
[2010.04.22 10:01:16 | 000,023,040 | ---- | C] () -- C:\Documents and Settings\imac2\Plocha\izolace St. prex.xls
[2010.04.19 11:11:50 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Google Earth.lnk
[2010.04.09 06:12:03 | 000,594,432 | ---- | C] () -- C:\WINDOWS\System32\drivers\dxzeji.sys
[2010.04.09 05:59:16 | 000,594,432 | ---- | C] () -- C:\WINDOWS\System32\drivers\fmwwk.sys
[2010.03.22 07:00:06 | 000,838,144 | ---- | C] () -- C:\WINDOWS\System32\drivers\iwqurl.sys
[2010.03.19 15:09:22 | 000,003,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\NTHANDLE.SYS
[2009.11.02 15:56:31 | 000,000,029 | ---- | C] () -- C:\WINDOWS\pslabeler3.ini
[2009.08.27 11:50:27 | 000,000,092 | ---- | C] () -- C:\WINDOWS\mp3spt.ini
[2009.06.11 14:13:22 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2009.06.08 08:47:58 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2008.10.22 11:03:21 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2008.10.22 11:03:20 | 000,839,680 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2008.04.02 13:10:51 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2008.03.31 08:51:27 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008.03.06 16:26:05 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\ptevideo.dll
[2008.02.28 13:19:34 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2008.02.28 13:19:33 | 000,152,064 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008.02.28 13:19:32 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008.02.15 14:25:50 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.12.07 15:22:13 | 000,258,560 | ---- | C] () -- C:\WINDOWS\System32\MusicTagsAX.dll
[2007.12.07 15:22:13 | 000,182,784 | ---- | C] () -- C:\WINDOWS\System32\DGVorbis.dll
[2007.12.07 11:37:44 | 000,000,174 | ---- | C] () -- C:\WINDOWS\OPHC.INI
[2007.11.30 13:43:02 | 000,003,082 | ---- | C] () -- C:\WINDOWS\System32\affv208325p1now.sys
[2007.11.02 10:00:12 | 000,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2007.11.02 09:57:51 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\pdfmona.dll
[2007.11.02 09:57:51 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2007.11.02 09:57:51 | 000,000,060 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2007.11.01 14:29:38 | 000,000,327 | ---- | C] () -- C:\WINDOWS\SWWATER.INI
[2007.11.01 14:23:34 | 000,018,484 | ---- | C] () -- C:\WINDOWS\RicDB.ini
[2007.11.01 14:23:21 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\PMObservps.dll
[2007.11.01 14:23:20 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RLPR.dll
[2007.11.01 14:23:20 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\rtcpf.dll
[2007.11.01 14:23:20 | 000,000,226 | ---- | C] () -- C:\WINDOWS\PMJobCli.ini
[2007.11.01 14:23:18 | 000,028,672 | ---- | C] () -- C:\WINDOWS\PMApisv.dll
[2007.11.01 14:23:18 | 000,028,672 | ---- | C] () -- C:\WINDOWS\PMApipt.dll
[2007.11.01 14:23:18 | 000,028,672 | ---- | C] () -- C:\WINDOWS\PMApipl.dll
[2007.11.01 14:23:18 | 000,028,672 | ---- | C] () -- C:\WINDOWS\PMApino.dll
[2007.11.01 14:23:18 | 000,028,672 | ---- | C] () -- C:\WINDOWS\PMApinl.dll
[2007.11.01 14:23:18 | 000,028,672 | ---- | C] () -- C:\WINDOWS\PMApiit.dll
[2007.11.01 14:23:18 | 000,028,672 | ---- | C] () -- C:\WINDOWS\PMApihu.dll
[2007.11.01 14:23:18 | 000,028,672 | ---- | C] () -- C:\WINDOWS\PMApifr.dll
[2007.11.01 14:23:18 | 000,028,672 | ---- | C] () -- C:\WINDOWS\PMApifi.dll
[2007.11.01 14:23:18 | 000,028,672 | ---- | C] () -- C:\WINDOWS\PMApies.dll
[2007.11.01 14:23:18 | 000,028,672 | ---- | C] () -- C:\WINDOWS\PMApide.dll
[2007.11.01 14:23:18 | 000,028,672 | ---- | C] () -- C:\WINDOWS\PMApida.dll
[2007.11.01 14:23:18 | 000,028,672 | ---- | C] () -- C:\WINDOWS\PMApics.dll
[2007.11.01 14:23:18 | 000,009,268 | ---- | C] () -- C:\WINDOWS\PMRicMb.ini
[2007.11.01 14:23:18 | 000,006,702 | ---- | C] () -- C:\WINDOWS\PMRicPMb.ini
[2007.11.01 14:23:18 | 000,005,254 | ---- | C] () -- C:\WINDOWS\PMPrtMb.ini
[2007.11.01 14:23:18 | 000,002,907 | ---- | C] () -- C:\WINDOWS\PMDvPrn.ini
[2007.11.01 14:23:18 | 000,002,047 | ---- | C] () -- C:\WINDOWS\PMDIOMb.ini
[2007.11.01 14:23:18 | 000,002,036 | ---- | C] () -- C:\WINDOWS\PMHostMb.ini
[2007.11.01 14:23:18 | 000,001,924 | ---- | C] () -- C:\WINDOWS\PMRicFMb.ini
[2007.11.01 14:23:18 | 000,001,885 | ---- | C] () -- C:\WINDOWS\PMPSIOMb.ini
[2007.11.01 14:23:18 | 000,001,776 | ---- | C] () -- C:\WINDOWS\PMDvDev.ini
[2007.11.01 14:23:18 | 000,001,727 | ---- | C] () -- C:\WINDOWS\PMRicSMb.ini
[2007.11.01 14:23:18 | 000,001,706 | ---- | C] () -- C:\WINDOWS\PMRicCMb.ini
[2007.11.01 14:23:18 | 000,001,494 | ---- | C] () -- C:\WINDOWS\PMMib2Mb.ini
[2007.11.01 14:23:18 | 000,001,143 | ---- | C] () -- C:\WINDOWS\PMDPIMb.ini
[2007.11.01 14:23:18 | 000,001,094 | ---- | C] () -- C:\WINDOWS\PMAxsMb.ini
[2007.11.01 14:23:18 | 000,000,842 | ---- | C] () -- C:\WINDOWS\PMDvScan.ini
[2007.11.01 14:23:18 | 000,000,841 | ---- | C] () -- C:\WINDOWS\PMDvFax.ini
[2007.11.01 14:23:18 | 000,000,423 | ---- | C] () -- C:\WINDOWS\PMDvCopy.ini
[2007.11.01 14:23:18 | 000,000,332 | ---- | C] () -- C:\WINDOWS\PMSnmpMb.ini
[2007.11.01 12:59:25 | 000,003,568 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004.07.29 01:19:46 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll

========== LOP Check ==========

[2008.02.22 09:17:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\1Click DVD Copy Pro
[2007.11.01 13:41:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk
[2010.02.04 10:41:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BVRP Software
[2009.11.30 13:03:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DobeSoftCZ
[2008.01.02 07:47:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2009.10.15 13:02:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\HappyFoto
[2010.05.06 07:51:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\pdf995
[2008.03.07 10:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PicturesToExe
[2008.03.06 15:14:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sarah Small
[2007.12.07 15:27:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2007.11.01 13:57:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\Autodesk
[2008.03.31 08:51:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\DAEMON Tools
[2007.11.01 14:07:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\FileMaker
[2010.01.28 11:02:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\GetRightToGo
[2009.02.26 13:09:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\gtk-2.0
[2007.11.15 14:45:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\MoyeaFLV2Video
[2007.11.02 10:00:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\pdf995
[2008.03.10 09:57:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\Sports Interactive
[2008.01.18 14:05:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\vghd
[2008.02.22 09:17:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\Vso
[2007.11.26 11:12:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\VSO_HWE
[2009.05.13 07:32:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\Weather Pulse
[2009.10.16 10:09:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\WeatherWatcher
[2010.01.21 09:02:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\XnView
[2010.05.10 12:53:57 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2004.08.18 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2004.10.13 18:24:37 | 001,694,208 | ---- | M] (Microsoft Corporation)
"Skype" = "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized -- [2010.04.06 02:27:46 | 026,102,056 | R--- | M] (Skype Technologies S.A.)
"SpybotSD TeaTimer" = C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe -- [2009.01.26 16:31:16 | 002,144,088 | ---- | M] (Safer Networking Limited)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2008.07.02 08:44:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\Adobe
[2007.11.07 08:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\AdobeUM
[2008.01.31 10:27:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\Ahead
[2007.11.26 14:32:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\Apple Computer
[2007.11.01 13:57:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\Autodesk
[2007.11.26 11:15:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\CyberLink
[2008.03.31 08:51:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\DAEMON Tools
[2008.02.22 15:01:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\DVD Flick
[2010.04.23 09:35:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\dvdcss
[2007.11.01 14:07:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\FileMaker
[2010.01.28 11:02:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\GetRightToGo
[2008.06.19 14:01:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\Google
[2009.02.26 13:09:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\gtk-2.0
[2007.11.23 15:39:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\Help
[2007.10.23 18:23:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\Identities
[2010.01.28 11:06:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\InstallShield
[2008.02.21 09:03:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\Macromedia
[2009.06.22 07:16:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\Malwarebytes
[2008.02.19 16:27:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\Media Player Classic
[2009.02.05 09:52:32 | 000,000,000 | --SD | M] -- C:\Documents and Settings\imac2\Data aplikací\Microsoft
[2007.11.15 14:45:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\MoyeaFLV2Video
[2009.06.16 14:55:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\Mozilla
[2007.11.02 10:00:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\pdf995
[2010.03.08 07:05:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\Real
[2010.05.10 12:54:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\Skype
[2010.05.10 08:04:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\skypePM
[2008.03.10 09:57:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\Sports Interactive
[2009.03.20 07:46:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\Sun
[2007.11.01 14:05:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\Symantec
[2008.01.18 14:05:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\vghd
[2009.03.09 12:59:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\vlc
[2008.02.22 09:17:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\Vso
[2007.11.26 11:12:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\VSO_HWE
[2009.05.13 07:32:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\Weather Pulse
[2009.10.16 10:09:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\WeatherWatcher
[2009.03.20 07:49:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\WinRAR
[2010.01.21 09:02:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\imac2\Data aplikací\XnView

< %APPDATA%\*.exe /s >
[2008.02.22 09:17:18 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\imac2\Data aplikací\inst.exe
[2007.11.01 13:10:17 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\imac2\Data aplikací\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2008.02.05 10:00:54 | 010,409,280 | ---- | M] (Totem Entertainment) -- C:\Documents and Settings\imac2\Data aplikací\vghd\Data\update\vghd.exe
[2008.02.05 10:00:56 | 000,140,632 | ---- | M] (Totem Entertainment) -- C:\Documents and Settings\imac2\Data aplikací\vghd\Data\update\VirtuaGirl_Downloader.exe
[2008.02.05 10:00:56 | 000,050,512 | ---- | M] (Totem Entertainment) -- C:\Documents and Settings\imac2\Data aplikací\vghd\Data\update\virtuagirl_updater.exe

< MD5 for: AGP440.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\atapi.sys
[2004.08.18 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: CDROM.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\cdrom.sys
[2004.08.18 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.18 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\cryptsvc.dll
[2004.08.18 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\dllcache\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\eventlog.dll
[2004.08.18 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004.08.18 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\explorer.exe
[2004.08.18 14:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 15:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2009.01.22 16:49:53 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\explorer.exe
[2009.01.22 16:49:53 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\system32\dllcache\cache\explorer.exe
[2009.01.22 16:49:53 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\hal.dll
[2004.08.18 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\changer.sys
[2004.08.03 23:00:14 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\WINDOWS\system32\dllcache\changer.sys
[2004.08.03 23:00:14 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\WINDOWS\system32\drivers\changer.sys

< MD5 for: ISAPNP.SYS >
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2004.08.18 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.18 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\dllcache\cache\lsass.exe
[2004.08.18 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2004.08.18 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\ndis.sys
[2004.08.18 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\cache\ndis.sys
[2004.08.18 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004.08.18 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004.08.18 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004.08.18 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.18 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.18 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.18 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\dllcache\smss.exe
[2004.08.18 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\svchost.exe
[2004.08.18 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\dllcache\cache\svchost.exe
[2004.08.18 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004.08.18 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=1CC09561E21A48A7F649A40F18235860 -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=1CC09561E21A48A7F649A40F18235860 -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2007.10.30 18:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2007.10.30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2004.08.18 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 14:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\userinit.exe
[2004.08.18 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\dllcache\cache\userinit.exe
[2004.08.18 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004.08.18 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.18 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\dllcache\cache\winlogon.exe
[2004.08.18 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004.08.18 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.18 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\dllcache\cache\ws2_32.dll
[2004.08.18 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2004.08.18 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.05.10 13:05:33 | 000,838,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\iwqurl.sys
[2010.05.10 13:05:30 | 000,574,464 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\knvdquy.sys
[2008.03.31 08:51:28 | 000,717,296 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
[1 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %systemroot%\System32\config\*.sav >
[2007.10.23 18:25:00 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2007.10.23 18:25:00 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2007.10.23 18:24:59 | 000,495,616 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >
[2010.05.10 13:05:43 | 000,838,144 | ---- | M] () -- C:\WINDOWS\system32\drivers\iwqurl.sys
[2010.05.10 13:05:45 | 000,574,464 | ---- | M] () -- C:\WINDOWS\system32\drivers\knvdquy.sys
[1 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %systemroot%\system32\*.* /3 >
[2010.05.10 05:59:39 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

========== Alternate Data Streams ==========

@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:F2177179
< End of report >

bellian · #4 Příspěvek od **bellian** » 10 kvě 2010 12:24

OTL Extras logfile created on: 10.5.2010 12:59:16 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = I:\1
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 70,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): C:\pagefile.sys 1512 3024 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 197,77 Gb Total Space | 160,56 Gb Free Space | 81,18% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 74,21 Gb Total Space | 18,59 Gb Free Space | 25,06% Space Free | Partition Type: NTFS

Computer Name: IMAC4
Current User Name: imac2
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-796845957-1844237615-839522115-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"15665:TCP" = 15665:TCP:*:Enabled:BitComet 15665 TCP
"15665:UDP" = 15665:UDP:*:Enabled:BitComet 15665 UDP

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\FileMaker\FileMaker Pro 5.5\FileMaker Pro.exe" = C:\Program Files\FileMaker\FileMaker Pro 5.5\FileMaker Pro.exe:*:Enabled:FileMaker Pro -- (FileMaker, Inc.)
"%windir%\explorer.exe" = %windir%\explorer.exe:*:Enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Java\jre6\launch4j-tmp\JDownloader.exe" = C:\Program Files\Java\jre6\launch4j-tmp\JDownloader.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\WINDOWS\system32\java.exe" = C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Disabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Program Files\TmNationsForever\TmForever.exe" = C:\Program Files\TmNationsForever\TmForever.exe:*:Disabled:TmForever -- File not found

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001b4fd-9ea3-4d90-a79e-fd14ba3ab01d}" = PDFCreator
"{08C0729E-3E50-11DF-9D81-005056806466}" = Google Earth
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 12
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (AUTODESKVAULT)
"{2CD6BBA0-17C8-4789-9B9B-B36F7E815F6A}" = DWG TrueView 2007
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{44734179-8A79-4DEE-BB08-73037F065543}" = Apple Mobile Device Support
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{4A425F14-0561-11D4-9027-0060089CDAE1}" = FileMaker Pro 5.5
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{56298F72-C2CC-4FE5-ACEA-30C7A866BF4C}" = Hercules Deluxe Optical Glass
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{5783F2D7-6003-0405-0002-0060B0CE6BBA}" = Autodesk Mechanical Desktop 2008
"{5E8ED61B-9027-4EA3-8E5B-BC2A9EE6B020}" = Autodesk Data Management Server 2008
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6F411DB4-EC41-482B-AD46-384957928F69}" = AOEMView 2008
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7F4DD591-1200-0409-0000-7107D70F3DB4}" = Autodesk Inventor Suite 2008
"{7F947BFE-C2DF-4779-9909-5BEE746BD0C4}" = Microsoft .NET Framework 2.0 Language Pack - CSY
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROHYBRIDR_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROHYBRIDR_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_PROHYBRIDR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A250D351-A07F-4D5D-AB6C-693C69B9BFAF}" = Hercules Webcam
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{a92dab39-4e2c-4304-9ab6-bc44e68b55e2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A70000000000}" = Adobe Reader 7.0 - Czech
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E55B00B0-9DBF-4EE1-AC1D-5DEBE12BD097}" = Autodesk Vault 2008
"{E56CCF4E-16D3-499E-9911-CB9A380665F3}" = Boot Camp Services
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F7818E74-3D89-4478-9577-A8FD4E78D417}" = RW-240 PLOTCLIENT HDI/ADI
"{FACF203E-0F4D-489A-B80C-D185253C8FCB}" = Autodesk Design Review 2008
"{FFFF6D5C-E2F1-4B40-BC89-8923312E89EB}}_is1" = ACE Mega CoDecS Pack
"059BF941BA77F24DED9444B45BB0DAA5353F86EB" = Windows Driver Package - Apple Inc. System (06/21/2007 2.0.0.0)
"0EEF0136F93FA6C5AB723AADEA61FF550D8C60FB" = Windows Driver Package - Broadcom (BCM43XX) Net (01/08/2007 4.80.75.0)
"18BB9B0552BA675902E31409A34F929D9C9AD56C" = Windows Driver Package - Intel (e1express) Net (04/03/2006 9.3.39.0)
"5D5FAC15E9954C7F600E51E3590586168AA03196" = Windows Driver Package - Apple Inc. Apple Keyboard (07/18/2007 2.0.0.7)
"5F8BE32FAE3D6BC77B512F7B0624D7B6C8A26EFB" = Windows Driver Package - Apple Inc. Apple Bluetooth Enabler (06/27/2007 2.0.0.1)
"6784A318842714811EC3F8409C3C0F7983B90972" = Windows Driver Package - Apple Inc. Apple Built-in iSight (04/09/2007 1.3.0.0)
"6AB59209597E0F6B986EC8E976521FDF0A696C9D" = Windows Driver Package - Marvell (yukonwxp) Net (03/23/2007 10.12.7.3)
"80087CDF19A4CE2FBB535E7DC99A0E50FFA25589" = Windows Driver Package - Intel (E1000) Net (01/06/2006 8.6.17.0)
"850625E38080EAF5C2644C07A2510A394019973D" = Windows Driver Package - Apple Inc. (applebt) Bluetooth (06/27/2007 2.0.0.1)
"91D233945AC579799497E31FDBCE2ADE532DFF57" = Windows Driver Package - Apple Inc. Apple Trackpad Enabler (04/19/2007 1.3.0.2)
"9B19F92D5E3730EA8D0788B248741F6CC2633DBE" = Windows Driver Package - Apple Inc. Apple IR Receiver (07/16/2007 2.0.0.1)
"adobe flash player activex" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AFAB78AF95690158BFA2E1AF801302F4B19957D7" = Windows Driver Package - Apple Inc. Apple Trackpad (04/19/2007 1.3.0.2)
"AOEMView 2008" = AOEMView 2008
"ATI Display Driver" = ATI Display Driver
"Autodesk Data Management Server 2008" = Autodesk Data Management Server 2008
"Autodesk Mechanical Desktop 2008" = Autodesk Mechanical Desktop 2008
"Autodesk Vault 2008" = Autodesk Vault 2008
"AviSynth" = AviSynth 2.5
"belarc advisor" = Belarc Advisor 7.2
"bsplayerv2_is1" = BSplayer Pro 2.12.941
"CCleaner" = CCleaner (remove only)
"CE031DF97C704035E8B6E570362ABD337ACA4BA5" = Windows Driver Package - Atheros (AR5211) Net (04/05/2007 5.3.0.35)
"D66D0ACEFE4E32CCDF30362ACBB3EAEFB97E9FDE" = Windows Driver Package - Atheros (AR5416) Net (06/26/2007 6.0.3.94)
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0 Language Pack - CSY" = Microsoft .NET Framework 2.0 Language Pack - CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Pdf995" = Pdf995
"PMClient" = SmartNetMonitor for Client
"PROHYBRIDR" = 2007 Microsoft Office system
"RealPlayer 12.0" = RealPlayer
"szn-software-postak" = Seznam Pošťák 2 (Všichni uživatelé tohoto počítače.)
"VLC media player" = VLC media player 0.9.8a
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XnView_is1" = XnView 1.96

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-796845957-1844237615-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10.5.2010 2:04:15 | Computer Name = IMAC4 | Source = Autodesk Data Management Job Dispatch | ID = 0
Description = JobService.GetAllJobs() failure Platnost operace vypršela.

Error - 10.5.2010 3:39:31 | Computer Name = IMAC4 | Source = Application Error | ID = 1000
Description = Chybující aplikace teatimer.exe, verze 1.6.4.26, chybující modul teatimer.exe,
verze 1.6.4.26, adresa chyby 0x0006e60e.

Error - 10.5.2010 3:51:19 | Computer Name = IMAC4 | Source = Autodesk Data Management Job Dispatch | ID = 0
Description = JobService.ExecuteJob() failure. JobTimer Id: d313d634-da61-4d7e-b750-cb07e20998e9
Ke
vzdálenému serveru se nelze připojit.

Error - 10.5.2010 4:21:46 | Computer Name = IMAC4 | Source = Autodesk Data Management Job Dispatch | ID = 0
Description = JobService.ExecuteJob() failure. JobTimer Id: d313d634-da61-4d7e-b750-cb07e20998e9
Server
potvrdil narušení protokolu.. Section=ResponseStatusLine

Error - 10.5.2010 6:02:49 | Computer Name = IMAC4 | Source = Autodesk Data Management Job Dispatch | ID = 0
Description = JobService.ExecuteJob() failure. JobTimer Id: d313d634-da61-4d7e-b750-cb07e20998e9
Ke
vzdálenému serveru se nelze připojit.

Error - 10.5.2010 6:03:49 | Computer Name = IMAC4 | Source = Autodesk Data Management Job Dispatch | ID = 0
Description = JobService.ExecuteJob() failure. JobTimer Id: d313d634-da61-4d7e-b750-cb07e20998e9
Server
potvrdil narušení protokolu.. Section=ResponseStatusLine

Error - 10.5.2010 6:19:51 | Computer Name = IMAC4 | Source = Autodesk Data Management Job Dispatch | ID = 0
Description = JobService.ExecuteJob() failure. JobTimer Id: d313d634-da61-4d7e-b750-cb07e20998e9
Ke
vzdálenému serveru se nelze připojit.

Error - 10.5.2010 6:39:35 | Computer Name = IMAC4 | Source = Google Update | ID = 20
Description =

Error - 10.5.2010 6:53:25 | Computer Name = IMAC4 | Source = Google Update | ID = 20
Description =

Error - 10.5.2010 7:01:51 | Computer Name = IMAC4 | Source = Google Update | ID = 20
Description =

[ Application Events ]
Error - 10.5.2010 2:04:15 | Computer Name = IMAC4 | Source = Autodesk Data Management Job Dispatch | ID = 0
Description = JobService.GetAllJobs() failure Platnost operace vypršela.

Error - 10.5.2010 3:39:31 | Computer Name = IMAC4 | Source = Application Error | ID = 1000
Description = Chybující aplikace teatimer.exe, verze 1.6.4.26, chybující modul teatimer.exe,
verze 1.6.4.26, adresa chyby 0x0006e60e.

Error - 10.5.2010 3:51:19 | Computer Name = IMAC4 | Source = Autodesk Data Management Job Dispatch | ID = 0
Description = JobService.ExecuteJob() failure. JobTimer Id: d313d634-da61-4d7e-b750-cb07e20998e9
Ke
vzdálenému serveru se nelze připojit.

Error - 10.5.2010 4:21:46 | Computer Name = IMAC4 | Source = Autodesk Data Management Job Dispatch | ID = 0
Description = JobService.ExecuteJob() failure. JobTimer Id: d313d634-da61-4d7e-b750-cb07e20998e9
Server
potvrdil narušení protokolu.. Section=ResponseStatusLine

Error - 10.5.2010 6:02:49 | Computer Name = IMAC4 | Source = Autodesk Data Management Job Dispatch | ID = 0
Description = JobService.ExecuteJob() failure. JobTimer Id: d313d634-da61-4d7e-b750-cb07e20998e9
Ke
vzdálenému serveru se nelze připojit.

Error - 10.5.2010 6:03:49 | Computer Name = IMAC4 | Source = Autodesk Data Management Job Dispatch | ID = 0
Description = JobService.ExecuteJob() failure. JobTimer Id: d313d634-da61-4d7e-b750-cb07e20998e9
Server
potvrdil narušení protokolu.. Section=ResponseStatusLine

Error - 10.5.2010 6:19:51 | Computer Name = IMAC4 | Source = Autodesk Data Management Job Dispatch | ID = 0
Description = JobService.ExecuteJob() failure. JobTimer Id: d313d634-da61-4d7e-b750-cb07e20998e9
Ke
vzdálenému serveru se nelze připojit.

Error - 10.5.2010 6:39:35 | Computer Name = IMAC4 | Source = Google Update | ID = 20
Description =

Error - 10.5.2010 6:53:25 | Computer Name = IMAC4 | Source = Google Update | ID = 20
Description =

Error - 10.5.2010 7:01:51 | Computer Name = IMAC4 | Source = Google Update | ID = 20
Description =

[ OSession Events ]
Error - 16.4.2010 8:16:42 | Computer Name = IMAC4 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6524.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1936
seconds with 360 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 10.5.2010 6:58:23 | Computer Name = IMAC4 | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126

Error - 10.5.2010 6:58:23 | Computer Name = IMAC4 | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126

Error - 10.5.2010 6:58:23 | Computer Name = IMAC4 | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126

Error - 10.5.2010 6:58:23 | Computer Name = IMAC4 | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126

Error - 10.5.2010 6:58:23 | Computer Name = IMAC4 | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126

Error - 10.5.2010 6:58:23 | Computer Name = IMAC4 | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126

Error - 10.5.2010 6:58:24 | Computer Name = IMAC4 | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126

Error - 10.5.2010 6:58:24 | Computer Name = IMAC4 | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126

Error - 10.5.2010 6:58:24 | Computer Name = IMAC4 | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126

Error - 10.5.2010 6:58:24 | Computer Name = IMAC4 | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126

< End of report >

#5 Příspěvek od **Caroprd111** » 10 kvě 2010 12:50

Spusťte OTL a do spodního okna vložte následující skript.

Kód: Vybrat vše

:OTL
SRV - File not found [Disabled | Stopped] -- -- (NMIndexingService)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2010.05.10 13:00:49 | 000,838,144 | ---- | M] () -- C:\WINDOWS\System32\drivers\iwqurl.sys
[2010.05.10 13:00:49 | 000,574,464 | ---- | M] () -- C:\WINDOWS\System32\drivers\knvdquy.sys
[2010.04.09 06:12:03 | 000,594,432 | ---- | C] () -- C:\WINDOWS\System32\drivers\dxzeji.sys
[2010.04.09 05:59:16 | 000,594,432 | ---- | C] () -- C:\WINDOWS\System32\drivers\fmwwk.sys
[2008.04.02 13:10:51 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2008.02.22 09:17:18 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\imac2\Data aplikací\inst.exe
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:F2177179

:Commands
[EMPTYTEMP] 
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[RESETHOSTS] 
[CREATERESTOREPOINT]

Poté klikněte na Opravit, PC se restartuje, log vložte sem.

Obrázek

Doporučuji odinstalovat Spybot - Search & Destroy.

bellian · #6 Příspěvek od **bellian** » 10 kvě 2010 13:08

Spybot - Search & Destroy - jsem bohuzel nenasel v pridat odebrat programy. Takze nevim jak ho mam uspesne odinstalovat

.

All processes killed
========== OTL ==========
Service NMIndexingService stopped successfully!
Service NMIndexingService deleted successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Starting removal of ActiveX control {166B1BCA-3F9C-11CF-8075-444553540000}
C:\WINDOWS\Downloaded Program Files\swdir.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{166B1BCA-3F9C-11CF-8075-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000}\ not found.
File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
C:\WINDOWS\System32\drivers\OLD1C.tmp deleted successfully.
C:\WINDOWS\System32\videoul.tmp deleted successfully.
File move failed. C:\WINDOWS\system32\drivers\iwqurl.sys scheduled to be moved on reboot.
File move failed. C:\WINDOWS\system32\drivers\knvdquy.sys scheduled to be moved on reboot.
C:\WINDOWS\system32\drivers\dxzeji.sys moved successfully.
C:\WINDOWS\system32\drivers\fmwwk.sys moved successfully.
C:\WINDOWS\system32\drivers\PciBus.sys moved successfully.
C:\Documents and Settings\imac2\Data aplikací\inst.exe moved successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:F2177179 deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41 bytes

User: imac2
->Temp folder emptied: 1132349318 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 14075153 bytes
->Flash cache emptied: 3459 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 2844386 bytes
->Flash cache emptied: 405 bytes

User: NetworkService
->Temp folder emptied: 260116 bytes
->Temporary Internet Files folder emptied: 34052 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1189777 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 23953346 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1 120,00 mb

[EMPTYFLASH]

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: imac2
->Flash cache emptied: 0 bytes

User: LocalService
->Flash cache emptied: 0 bytes

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

OTL by OldTimer - Version 3.2.4.1 log created on 05102010_135935

#7 Příspěvek od **Caroprd111** » 10 kvě 2010 13:48

Použijte Revo Uninstaller http://www.stahuj.centrum.cz/utility_a_ ... installer/

bellian · #8 Příspěvek od **bellian** » 10 kvě 2010 14:08

V sekci Odinstalator jsem ho nenasel a v sekci Nastroje byl a tak jsem ho smazal.

#9 Příspěvek od **Caroprd111** » 10 kvě 2010 14:12

Jak to vypadá s PC

bellian · #10 Příspěvek od **bellian** » 10 kvě 2010 14:28

Porad to same

.

Tady prikladam ping, ktery mam spusten na jenom PC a odkazuji se na router. Jakmile pripojim druhy (problemovy pc) tak mi zacne naskakovat vysoka odezva a internet se x krat zpomali. Jakmile pc odpojim, tak zhruba minutu problem pretrvava a pak se zase vse rozbehne normalni rychlosti.

Kód: Vybrat vše

http://www.pixhost.org/show/901/2465998_gsdgsdfg.jpg

#11 Příspěvek od **Caroprd111** » 10 kvě 2010 14:35

Stáhněte a uložte, nejlépe na plochu http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypněte všechny rezidentní bezpečnostní programy - firewally, antiviry, antispywary
Spusťte aplikaci pod účtem s oprávněním Administrátora (Správce), ihned po startu se zobrazí stránka s licenčními podmínkami, pokračujte stisknutím tlačítka "Ano"
Dále postupujte dle pokynů, během scanu nespouštějte jiné aplikace a neklikejte do zobrazujícího se okna
Scan by měl trvat okolo 5 - 10 minut, po dokončení Combofix zobrazí log C:\ComboFix.txt , který sem vložte.
Během skenování může být počítač restartován.

bellian · #12 Příspěvek od **bellian** » 11 kvě 2010 05:27

Tu je log, ale bylo to bez pripojeni k netu. Mam ho odpojeny. Pokud to vadi, tak to zkusim udela znovu s netem. Snad to pujde.

ComboFix 10-05-10.02 - imac2 11.05.2010 6:07.6.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.420.1029.18.2030.1512 [GMT 2:00]
Spuštěný z: c:\documents and settings\imac2\Plocha\ComboFix.exe

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\Downloaded Program Files\IDropPTB.dll
c:\windows\system32\1354235745.dat
c:\windows\system32\driVERs\knvdquy.sys

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_knvdquy
-------\Service_knvdquy

((((((((((((((((((((((((( Soubory vytvořené od 2010-04-11 do 2010-05-11 )))))))))))))))))))))))))))))))
.

2010-05-10 13:01 . 2010-05-10 13:01 -------- d-----w- c:\program files\VS Revo Group
2010-05-10 07:52 . 2010-05-10 07:52 -------- d-----w- C:\rsit
2010-04-19 09:54 . 2010-04-19 09:54 -------- d-----r- c:\documents and settings\NetworkService\Oblíbené položky
2010-04-13 03:59 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-11 04:19 . 2010-03-22 05:00 838144 ----a-w- c:\windows\system32\drivers\iwqurl.sys
2010-05-10 13:09 . 2008-02-22 07:18 -------- d-----w- c:\program files\AviSynth 2.5
2010-05-10 11:59 . 2004-08-18 12:00 97900 ----a-w- c:\windows\system32\perfc005.dat
2010-05-10 11:59 . 2004-08-18 12:00 480306 ----a-w- c:\windows\system32\perfh005.dat
2010-05-10 10:50 . 2007-11-01 10:26 -------- d-----w- c:\program files\ESET
2010-05-10 09:03 . 2007-11-02 05:49 -------- d-----w- c:\program files\Google
2010-05-10 07:40 . 2010-03-03 09:34 -------- d-----w- c:\program files\RocketDock
2010-05-06 05:51 . 2007-11-02 07:57 60 ----a-w- c:\windows\wpd99.drv
2010-04-09 05:25 . 2009-09-04 05:23 -------- d-----w- c:\program files\Seznam.cz
2010-04-07 10:31 . 2009-11-18 09:39 -------- d-----w- c:\program files\JDownloader
2010-03-31 08:01 . 2010-03-31 08:01 -------- d-----w- c:\program files\Common Files\Skype
2010-03-19 13:09 . 2010-03-19 13:09 3888 ----a-w- c:\windows\system32\drivers\NTHANDLE.SYS
2010-03-19 11:37 . 2010-03-19 11:31 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-03-10 06:17 . 2004-08-18 12:00 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-03-08 05:02 . 2003-03-18 19:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-03-08 05:02 . 2003-02-21 03:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-02-25 06:18 . 2004-08-18 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-24 12:31 . 2004-08-18 12:00 454016 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-24 08:16 . 2009-10-05 04:12 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-16 19:34 . 2004-08-18 12:00 2139136 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-16 19:34 . 2004-08-17 15:45 2018816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-12 04:47 . 2004-08-18 12:00 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:01 . 2004-08-18 12:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
.

------- Sigcheck -------

[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[-] 2008-06-20 . 1CC09561E21A48A7F649A40F18235860 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 1CC09561E21A48A7F649A40F18235860 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\tcpip.sys
[7] 2007-10-30 . 90CAFF4B094573449A0872A0F919B178 . 360064 . . [5.1.2600.3244] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[7] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[7] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[7] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\$NtUninstallKB941644$\tcpip.sys
[7] 2004-08-18 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917953$\tcpip.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\\Phone\Skype.exe" [2010-04-06 26102056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-18 110592]
"Apple_KbdMgr"="c:\program files\Boot Camp\KbdMgr.exe" [2007-07-31 398640]
"MplSetUp"="c:\program files\RMClient\MplSetUp.exe" [2000-11-04 40960]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-20 148888]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-31 16380416]
"IRW"="c:\windows\system32\IRW.exe" [2007-07-31 147456]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-08 202256]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-18 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\FileMaker\\FileMaker Pro 5.5\\FileMaker Pro.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\explorer.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\JDownloader.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"15665:TCP"= 15665:TCP:BitComet 15665 TCP
"15665:UDP"= 15665:UDP:BitComet 15665 UDP

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [31.3.2008 8:51 717296]
R2 AppleOSSMgr;Apple OS Switch Manager;c:\windows\system32\AppleOSSMgr.exe [31.7.2007 14:04 116016]
R2 AppleTimeSrv;Apple Time Service;c:\windows\system32\AppleTimeSrv.exe [31.7.2007 14:04 99632]
R2 KeyAgent;KeyAgent;c:\windows\system32\drivers\KeyAgent.sys [31.7.2007 13:57 4864]
R2 MacHALDriver;Mac HAL;c:\windows\system32\drivers\MacHALDriver.sys [31.7.2007 13:57 6528]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 20:19 13592]
R3 applebt;Apple Built-in Bluetooth;c:\windows\system32\drivers\applebt.sys [23.10.2007 18:25 8064]
R3 IRRemoteFlt;IR Receiver Filter Driver;c:\windows\system32\drivers\IRFilter.sys [23.10.2007 18:28 16512]
R3 KeyMagic;USB Keyboard HID Filter;c:\windows\system32\drivers\KeyMagic.sys [23.10.2007 18:28 13824]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [4.2.2010 10:08 27632]
S2 gupdate1c9efec3094599e;Služba Google Update (gupdate1c9efec3094599e);c:\program files\Google\Update\GoogleUpdate.exe [18.6.2009 10:10 133104]
S3 BthKicker;Apple Bluetooth Device Driver;c:\windows\system32\drivers\bthkicker.sys [23.10.2007 18:27 7424]
S3 OKI OPHC DCS Loader;OKI OPHC DCS Loader;c:\windows\system32\spool\drivers\w32x86\3\OPHCLDCS.EXE [11.9.2005 12:54 24576]
S3 ovt530;Webcam Deluxe;c:\windows\system32\drivers\ov530vid.sys [28.1.2010 11:41 161792]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [4.2.2010 10:35 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [4.2.2010 10:35 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [4.2.2010 10:35 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [4.2.2010 10:35 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [4.2.2010 10:35 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [4.2.2010 10:35 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [4.2.2010 10:35 115752]

--- Ostatní služby/ovladače v paměti ---

*Deregistered* - iwqurl
.
Obsah adresáře 'Naplánované úlohy'

2008-10-10 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2010-03-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cac657f069c65e.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-18 08:10]

2010-05-11 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]

2010-05-10 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-796845957-1844237615-839522115-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]

2010-05-10 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-796845957-1844237615-839522115-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {F06C0864-52F5-4A68-B97A-60D919941FA8} = 192.168.32.49
FF - ProfilePath - c:\documents and settings\imac2\Data aplikací\Mozilla\Firefox\Profiles\8tljhtsg.default\
FF - prefs.js: browser.search.selectedEngine - Seznam
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.seznam.cz/?sourceid=FFlisticka_13&q=
FF - component: c:\documents and settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-11 06:16
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8AAD71F8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xba90cfc3
\Driver\ACPI -> ACPI.sys @ 0xba667cb8
\Driver\atapi -> 0x8aad71f8
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x80582414
ParseProcedure -> ntkrnlpa.exe @ 0x80581554
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x80582414
ParseProcedure -> ntkrnlpa.exe @ 0x80581554
NDIS: Marvell Yukon 88E8058 PCI-E Gigabit Ethernet Controller -> SendCompleteHandler -> NDIS.sys @ 0xba2f2ba0
PacketIndicateHandler -> NDIS.sys @ 0xba2ffb21
SendHandler -> NDIS.sys @ 0xba2dd87b
Warning: possible MBR rootkit infection !
user & kernel MBR OK

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\iwqurl]

.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(836)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(1204)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Autodesk\Data Management Server 2008\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe
c:\program files\Autodesk\Data Management Server 2008\Server\Webserver\Connectivity.EDMWS.Server.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\windows\System32\snmp.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\rundll32.exe
c:\windows\RTHDCPL.EXE
c:\program files\Skype\Phone\Skype.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
.
**************************************************************************
.
Celkový čas: 2010-05-11 06:24:46 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-05-11 04:24

Před spuštěním: Volných bajtů: 182 791 237 632
Po spuštění: Volných bajtů: 182 668 705 792

Current=3 Default=3 Failed=2 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 472842346D6E8A7363C66B8E6DC255C3

#13 Příspěvek od **Caroprd111** » 11 kvě 2010 05:47

Odinstalujte všechny emulátory virtuálních mechanik.

Obrázek

Stáhněte SPTD http://www.duplexsecure.com/en/downloads

Vyberte verzi podle svého operačního systému (64 & 32b). Uložte na plochu a spusťte.
zvolte možnost Uninstall a restartujte PC.

Stáhněte a spusťte http://www.jpshortstuff.247fixes.com/Defogger.exe

Klikněte na "Disable" a restartujte PC.

Stáhněte MBR na plochu http://www2.gmer.net/mbr/mbr.exe

Obrázek

Start > Spustit (Win + R)

Vyskočí okénko, zkopírujte do něj:

Kód: Vybrat vše

"%userprofile%\plocha\mbr" -t

Klikněte na OK

Vytvoří se log s názvem mbr.log, vložte ho sem.

Dejte log z Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878

bellian · #14 Příspěvek od **bellian** » 11 kvě 2010 06:13

Nenasel jsem zadny program na virtualnu mechaniky

. Kdysi tam neco bylo, ale ted uz nemuzu nic najit.

Mam pokracovat v tech testech co jste mi poradil?

#15 Příspěvek od **Caroprd111** » 11 kvě 2010 12:24

Pokračujte dalšími kroky.

VIRY.CZ

PC zpusobuje zpomalovani internetu

PC zpusobuje zpomalovani internetu

Re: PC zpusobuje zpomalovani internetu

Re: PC zpusobuje zpomalovani internetu

Re: PC zpusobuje zpomalovani internetu

Re: PC zpusobuje zpomalovani internetu

Re: PC zpusobuje zpomalovani internetu

Re: PC zpusobuje zpomalovani internetu

Re: PC zpusobuje zpomalovani internetu

Re: PC zpusobuje zpomalovani internetu

Re: PC zpusobuje zpomalovani internetu

Re: PC zpusobuje zpomalovani internetu

Re: PC zpusobuje zpomalovani internetu

Re: PC zpusobuje zpomalovani internetu

Re: PC zpusobuje zpomalovani internetu

Re: PC zpusobuje zpomalovani internetu