GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-05-15 13:28:44
Windows 5.1.2600 Service Pack 2
Running: gmer.exe; Driver: C:\DOCUME~1\User\LOCALS~1\Temp\kfkyrfod.sys
---- System - GMER 1.0.15 ----
SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwCreateKey [0xF770287E]
SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwSetValueKey [0xF7702BFE]
Code \??\C:\ComboFix\catchme.sys pIofCallDriver
---- Kernel code sections - GMER 1.0.15 ----
init C:\WINDOWS\system32\drivers\tifm21.sys entry point in "init" section [0xF6E7C23F]
? C:\DOCUME~1\User\LOCALS~1\Temp\mbr.sys Systém nemůže nalézt uvedený soubor. !
? C:\ComboFix\catchme.sys Systém nemůže nalézt uvedenou cestu. !
? C:\WINDOWS\system32\Drivers\PROCEXP113.SYS Systém nemůže nalézt uvedený soubor. !
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\Mozilla Firefox\firefox.exe[3908] ntdll.dll!LdrLoadDll 7C9161CA 5 Bytes JMP 004013F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp Lbd.sys (Boot Driver/Lavasoft AB)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp Lbd.sys (Boot Driver/Lavasoft AB)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp Lbd.sys (Boot Driver/Lavasoft AB)
AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu .SVCHOST.EXE proces 99%
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu .SVCHOST.EXE proces 99%
vypadá to,že by to mohlo být v pořádku.
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu .SVCHOST.EXE proces 99%
Odinstalujte ComboFix přes:Start >> Spustit, zkopírujte do okénka:
ComboFix /Uninstall
stiskněte Enter
Stáhněte T-Cleaner http://sweb.cz/Marinus/T-Cleaner.exe
- Spusťte, pro potvrzení volby mačkejte klávesu A, Enter
- Po použití program vymažte. Pozor, antiviry ho mohou falešně označit za vir.
Stáhněte TFC http://oldtimer.geekstogo.com/TFC.exe
- Spusťte.
- Klikněte na "Start". Potvrďte hlášku kliknutím na "Ok" (Bude následovat restart)
Stáhněte OTC http://oldtimer.geekstogo.com/OTC.exe
- Spusťte.
- Klikněte na "CleanUp!". Potvrďte hlášky kliknutím na "Yes" (Bude následovat restart)
Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478
- Nainstalujte a v průběhu instalace odškrtněte, že chcete instalovat yahoo toolbar.
Záložka Čistič - Dejte analyzovat, po dokončení dejte Spustit Ccleaner.
Záložka Registry - Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.
OK Zavřít
Doinstalujte SP3 http://www.viry.cz/forum/viewtopic.php?f=46&t=86100 Dejte nový log z RSIT.
Re: Prosím o kontrolu logu .SVCHOST.EXE proces 99%
Je v pořádku že po spuštění T-Cleaneru a dvojím potvrzení "A" se komp retartoval se scandiskem při náběhu Windows? Naběhnutí trvalo delší dobu a vyskočila hláška o obnově systému po chybě.
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu .SVCHOST.EXE proces 99%
Logfile of random's system information tool 1.07 (written by random/random)
Run by User at 2010-05-15 17:52:44
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 34 GB (62%) free of 55 GB
Total RAM: 1022 MB (36% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:52:57, on 15.5.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\PowerKey.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\Program Files\Arcade\PCMService.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\acer\eRecovery\Monitor.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Documents and Settings\User\Dokumenty\Stažené soubory\RSIT.exe
C:\Documents and Settings\User\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\User.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
--
End of file - 5958 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-12-12 1111320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-11-25 1230080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-11-25 1230080]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"preload"=C:\Windows\RUNXMLPL.exe [2004-04-20 40960]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-10-05 98394]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-10-05 688218]
"Broadcom Wireless Manager UI"=C:\WINDOWS\system32\WLTRAY []
"LaunchAp"=C:\Program Files\Launch Manager\LaunchAp.exe [2005-03-30 32768]
"PowerKey"=C:\Program Files\Launch Manager\PowerKey.exe [2002-08-30 94208]
"LManager"=C:\Program Files\Launch Manager\HotkeyApp.exe [2005-05-19 69632]
"CtrlVol"=C:\Program Files\Launch Manager\CtrlVol.exe [2003-09-16 20480]
"LMgrOSD"=C:\Program Files\Launch Manager\OSDCtrl.exe [2004-10-11 245760]
"Wbutton"=C:\Program Files\Launch Manager\Wbutton.exe [2005-04-18 81920]
"PCMService"=C:\Program Files\Arcade\PCMService.exe [2005-03-09 49152]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-08-17 90112]
"eRecoveryService"=C:\Windows\System32\Check.exe [2005-03-23 245760]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2010-03-19 2046816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-04-05 46080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-08-18 11952]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\WINDOWS\System32\dpvsetup.exe"="C:\WINDOWS\System32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-05-15 17:51:55 ----D---- C:\Program Files\trend micro
2010-05-15 17:51:51 ----D---- C:\rsit
2010-05-15 17:46:14 ----A---- C:\WINDOWS\OEWABLog.txt
2010-05-15 15:59:02 ----D---- C:\WINDOWS\Prefetch
2010-05-15 15:56:34 ----HD---- C:\WINDOWS\$NtUninstallKB956803$
2010-05-15 15:56:01 ----HD---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-05-15 15:55:30 ----HD---- C:\WINDOWS\$NtUninstallKB946648$
2010-05-15 15:54:49 ----HD---- C:\WINDOWS\$NtUninstallKB958215$
2010-05-15 15:54:09 ----HD---- C:\WINDOWS\$NtUninstallKB954211$
2010-05-15 15:53:26 ----HD---- C:\WINDOWS\$NtUninstallKB956841$
2010-05-15 15:52:43 ----HD---- C:\WINDOWS\$NtUninstallKB960714$
2010-05-15 15:52:12 ----HD---- C:\WINDOWS\$NtUninstallKB950762$
2010-05-15 15:51:41 ----HD---- C:\WINDOWS\$NtUninstallKB957097$
2010-05-15 15:51:10 ----HD---- C:\WINDOWS\$NtUninstallKB958687$
2010-05-15 15:50:41 ----HD---- C:\WINDOWS\$NtUninstallKB952287$
2010-05-15 15:50:01 ----HD---- C:\WINDOWS\$NtUninstallKB951066$
2010-05-15 15:49:33 ----HD---- C:\WINDOWS\$NtUninstallKB938464$
2010-05-15 15:48:53 ----HD---- C:\WINDOWS\$NtUninstallKB954600$
2010-05-15 15:48:24 ----HD---- C:\WINDOWS\$NtUninstallKB958644$
2010-05-15 15:47:44 ----HD---- C:\WINDOWS\$NtUninstallKB955069$
2010-05-15 15:47:14 ----HD---- C:\WINDOWS\$NtUninstallKB952954$
2010-05-15 15:46:43 ----HD---- C:\WINDOWS\$NtUninstallKB950974$
2010-05-15 15:46:11 ----HD---- C:\WINDOWS\$NtUninstallKB951698$
2010-05-15 15:45:26 ----HD---- C:\WINDOWS\$NtUninstallKB967715$
2010-05-15 15:44:35 ----HD---- C:\WINDOWS\$NtUninstallKB951748$
2010-05-15 15:44:06 ----HD---- C:\WINDOWS\$NtUninstallKB956802$
2010-05-15 15:41:25 ----A---- C:\WINDOWS\setuplog.txt
2010-05-15 15:40:52 ----N---- C:\WINDOWS\system32\msxml6r.dll
2010-05-15 15:40:52 ----N---- C:\WINDOWS\system32\msxml6.dll
2010-05-15 15:40:44 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2010-05-15 15:40:44 ----N---- C:\WINDOWS\system32\azroles.dll
2010-05-15 15:40:44 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2010-05-15 15:40:44 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2010-05-15 15:40:44 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2010-05-15 15:40:44 ----N---- C:\WINDOWS\system32\aaclient.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\eapsvc.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\eapqec.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\eappprxy.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\eapphost.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\eappgnui.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\eappcfg.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\eapolqec.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\dot3ui.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\dot3svc.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\dot3msm.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\dot3api.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\dimsroam.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\credssp.dll
2010-05-15 15:40:42 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2010-05-15 15:40:41 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2010-05-15 15:40:41 ----N---- C:\WINDOWS\system32\kmsvc.dll
2010-05-15 15:40:41 ----N---- C:\WINDOWS\system32\kbdpash.dll
2010-05-15 15:40:41 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2010-05-15 15:40:41 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2010-05-15 15:40:41 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2010-05-15 15:40:40 ----N---- C:\WINDOWS\system32\mmcperf.exe
2010-05-15 15:40:40 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2010-05-15 15:40:40 ----N---- C:\WINDOWS\system32\mmcex.dll
2010-05-15 15:40:40 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2010-05-15 15:40:39 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2010-05-15 15:40:39 ----N---- C:\WINDOWS\system32\napstat.exe
2010-05-15 15:40:39 ----N---- C:\WINDOWS\system32\napmontr.dll
2010-05-15 15:40:39 ----N---- C:\WINDOWS\system32\napipsec.dll
2010-05-15 15:40:39 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2010-05-15 15:40:39 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2010-05-15 15:40:39 ----N---- C:\WINDOWS\system32\mssha.dll
2010-05-15 15:40:38 ----N---- C:\WINDOWS\system32\s3gnb.dll
2010-05-15 15:40:38 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2010-05-15 15:40:38 ----N---- C:\WINDOWS\system32\rasqec.dll
2010-05-15 15:40:38 ----N---- C:\WINDOWS\system32\qutil.dll
2010-05-15 15:40:38 ----N---- C:\WINDOWS\system32\qcliprov.dll
2010-05-15 15:40:38 ----N---- C:\WINDOWS\system32\qagentrt.dll
2010-05-15 15:40:38 ----N---- C:\WINDOWS\system32\qagent.dll
2010-05-15 15:40:38 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2010-05-15 15:40:38 ----N---- C:\WINDOWS\system32\onex.dll
2010-05-15 15:40:37 ----N---- C:\WINDOWS\system32\slserv.exe
2010-05-15 15:40:37 ----N---- C:\WINDOWS\system32\slrundll.exe
2010-05-15 15:40:37 ----N---- C:\WINDOWS\system32\slgen.dll
2010-05-15 15:40:37 ----N---- C:\WINDOWS\system32\slextspk.dll
2010-05-15 15:40:37 ----N---- C:\WINDOWS\system32\slcoinst.dll
2010-05-15 15:40:37 ----N---- C:\WINDOWS\system32\setupn.exe
2010-05-15 15:40:35 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2010-05-15 15:40:35 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2010-05-15 15:40:35 ----N---- C:\WINDOWS\system32\verclsid.exe
2010-05-15 15:40:35 ----N---- C:\WINDOWS\system32\tspkg.dll
2010-05-15 15:40:35 ----N---- C:\WINDOWS\system32\tsgqec.dll
2010-05-15 15:40:34 ----N---- C:\WINDOWS\system32\wmphoto.dll
2010-05-15 15:40:34 ----N---- C:\WINDOWS\system32\wlanapi.dll
2010-05-15 15:40:33 ----N---- C:\WINDOWS\system32\xmllite.dll
2010-05-15 15:40:33 ----N---- C:\WINDOWS\slrundll.exe
2010-05-15 15:40:33 ----D---- C:\WINDOWS\system32\cs-cz
2010-05-15 15:40:32 ----D---- C:\WINDOWS\l2schemas
2010-05-15 15:40:31 ----D---- C:\WINDOWS\system32\cs
2010-05-15 15:40:31 ----D---- C:\WINDOWS\system32\bits
2010-05-15 15:37:31 ----D---- C:\WINDOWS\ServicePackFiles
2010-05-15 15:35:09 ----D---- C:\WINDOWS\network diagnostic
2010-05-15 15:33:20 ----A---- C:\WINDOWS\002535_.tmp
2010-05-15 15:30:04 ----HD---- C:\WINDOWS\$NtServicePackUninstall$
2010-05-15 15:30:01 ----D---- C:\WINDOWS\EHome
2010-05-15 14:29:27 ----D---- C:\Program Files\CCleaner
2010-05-15 14:07:42 ----SHD---- C:\Recycled
2010-05-15 13:57:05 ----D---- C:\WINDOWS\Minidump
2010-05-15 13:56:22 ----SHD---- C:\FOUND.006
2010-05-15 11:34:34 ----D---- C:\WINDOWS\temp
2010-05-15 10:46:17 ----A---- C:\Boot.bak
2010-05-15 10:46:13 ----RASHD---- C:\cmdcons
2010-05-15 10:42:41 ----D---- C:\WINDOWS\ERDNT
2010-05-11 22:32:05 ----D---- C:\Documents and Settings\User\Data aplikací\Malwarebytes
2010-05-11 22:31:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-05-11 22:31:36 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-05-10 19:36:47 ----D---- C:\WINDOWS\system32\DRVSTORE
2010-05-10 19:29:41 ----HD---- C:\Documents and Settings\All Users\Data aplikací\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-05-10 19:26:54 ----D---- C:\Program Files\Lavasoft
2010-05-10 19:26:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2010-05-08 20:22:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-05-08 20:22:55 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-04-28 18:55:05 ----D---- C:\Documents and Settings\User\Data aplikací\Zoner
2010-04-28 18:54:42 ----D---- C:\Program Files\Zoner
2010-04-28 18:54:23 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-04-27 19:43:49 ----D---- C:\Documents and Settings\User\Data aplikací\Jpeg Resampler
2010-04-27 19:43:43 ----D---- C:\Program Files\JPEG Resampler
2010-04-27 18:58:54 ----D---- C:\Program Files\FastStone Photo Resizer
2010-04-20 16:39:54 ----D---- C:\Program Files\uTorrent
2010-04-20 16:38:23 ----D---- C:\Documents and Settings\User\Data aplikací\uTorrent
2010-04-20 16:20:47 ----D---- C:\Documents and Settings\User\Data aplikací\DivX
======List of files/folders modified in the last 1 months======
2010-05-15 17:47:54 ----A---- C:\WINDOWS\system32\eRLog.ini
2010-05-15 17:46:06 ----A---- C:\WINDOWS\ModemLog_SoftV90 Data Fax Modem with SmartCP.txt
2010-05-15 16:01:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-05-15 15:57:46 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-05-15 13:03:38 ----A---- C:\WINDOWS\system.ini
2010-05-15 10:46:18 ----RASH---- C:\BOOT.INI
2010-04-28 22:12:22 ----A---- C:\WINDOWS\NeroDigital.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-08-11 39424]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-08-18 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-08-18 27784]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-05-08 108552]
R1 Hotkey;Hotkey; C:\WINDOWS\system32\drivers\Hotkey.sys [2003-04-28 9867]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2005-04-11 17801]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 osaio;osaio; C:\WINDOWS\system32\drivers\osaio.sys [2005-03-04 8704]
R2 osanbm;osanbm; C:\WINDOWS\system32\drivers\osanbm.sys [2005-01-14 4010]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-08-19 3644800]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-04-05 1035776]
R3 BCM43XX;Broadcom 802.11 ovladač síťového adaptéru; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2004-12-22 369024]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-12-15 1038208]
R3 HSFHWATI;HSFHWATI; C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys [2004-12-15 200192]
R3 int15.sys;int15.sys; \??\C:\Program Files\acer\eRecovery\int15.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-14 28672]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2009-02-27 6144]
R3 POWERKEY;POWERKEY; \??\C:\Program Files\Launch Manager\POWERKEY.sys []
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-12-02 70912]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-10-05 185824]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2004-09-14 146304]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-12-15 703232]
S1 Wbutton;Wbutton; C:\WINDOWS\system32\drivers\Wbutton.sys []
S3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2005-01-10 449888]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SI15CI;SI15CI; \??\c:\elements\1stboot\SI15CI.SYS []
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 anbmService;Notebook Manager Service; C:\Acer\eManager\anbmServ.exe [2004-08-16 1287168]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-04-05 364544]
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-08-18 908056]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-08-18 297752]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-05-10 1285864]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 wltrysvc;Broadcom Wireless LAN Tray Service; C:\WINDOWS\System32\wltrysvc.exe [2004-12-22 65536]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-15 133104]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
-----------------EOF-----------------
Run by User at 2010-05-15 17:52:44
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 34 GB (62%) free of 55 GB
Total RAM: 1022 MB (36% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:52:57, on 15.5.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\PowerKey.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\Program Files\Arcade\PCMService.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\acer\eRecovery\Monitor.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Documents and Settings\User\Dokumenty\Stažené soubory\RSIT.exe
C:\Documents and Settings\User\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\User.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
--
End of file - 5958 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-12-12 1111320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-11-25 1230080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-11-25 1230080]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"preload"=C:\Windows\RUNXMLPL.exe [2004-04-20 40960]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-10-05 98394]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-10-05 688218]
"Broadcom Wireless Manager UI"=C:\WINDOWS\system32\WLTRAY []
"LaunchAp"=C:\Program Files\Launch Manager\LaunchAp.exe [2005-03-30 32768]
"PowerKey"=C:\Program Files\Launch Manager\PowerKey.exe [2002-08-30 94208]
"LManager"=C:\Program Files\Launch Manager\HotkeyApp.exe [2005-05-19 69632]
"CtrlVol"=C:\Program Files\Launch Manager\CtrlVol.exe [2003-09-16 20480]
"LMgrOSD"=C:\Program Files\Launch Manager\OSDCtrl.exe [2004-10-11 245760]
"Wbutton"=C:\Program Files\Launch Manager\Wbutton.exe [2005-04-18 81920]
"PCMService"=C:\Program Files\Arcade\PCMService.exe [2005-03-09 49152]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-08-17 90112]
"eRecoveryService"=C:\Windows\System32\Check.exe [2005-03-23 245760]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2010-03-19 2046816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-04-05 46080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-08-18 11952]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\WINDOWS\System32\dpvsetup.exe"="C:\WINDOWS\System32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-05-15 17:51:55 ----D---- C:\Program Files\trend micro
2010-05-15 17:51:51 ----D---- C:\rsit
2010-05-15 17:46:14 ----A---- C:\WINDOWS\OEWABLog.txt
2010-05-15 15:59:02 ----D---- C:\WINDOWS\Prefetch
2010-05-15 15:56:34 ----HD---- C:\WINDOWS\$NtUninstallKB956803$
2010-05-15 15:56:01 ----HD---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-05-15 15:55:30 ----HD---- C:\WINDOWS\$NtUninstallKB946648$
2010-05-15 15:54:49 ----HD---- C:\WINDOWS\$NtUninstallKB958215$
2010-05-15 15:54:09 ----HD---- C:\WINDOWS\$NtUninstallKB954211$
2010-05-15 15:53:26 ----HD---- C:\WINDOWS\$NtUninstallKB956841$
2010-05-15 15:52:43 ----HD---- C:\WINDOWS\$NtUninstallKB960714$
2010-05-15 15:52:12 ----HD---- C:\WINDOWS\$NtUninstallKB950762$
2010-05-15 15:51:41 ----HD---- C:\WINDOWS\$NtUninstallKB957097$
2010-05-15 15:51:10 ----HD---- C:\WINDOWS\$NtUninstallKB958687$
2010-05-15 15:50:41 ----HD---- C:\WINDOWS\$NtUninstallKB952287$
2010-05-15 15:50:01 ----HD---- C:\WINDOWS\$NtUninstallKB951066$
2010-05-15 15:49:33 ----HD---- C:\WINDOWS\$NtUninstallKB938464$
2010-05-15 15:48:53 ----HD---- C:\WINDOWS\$NtUninstallKB954600$
2010-05-15 15:48:24 ----HD---- C:\WINDOWS\$NtUninstallKB958644$
2010-05-15 15:47:44 ----HD---- C:\WINDOWS\$NtUninstallKB955069$
2010-05-15 15:47:14 ----HD---- C:\WINDOWS\$NtUninstallKB952954$
2010-05-15 15:46:43 ----HD---- C:\WINDOWS\$NtUninstallKB950974$
2010-05-15 15:46:11 ----HD---- C:\WINDOWS\$NtUninstallKB951698$
2010-05-15 15:45:26 ----HD---- C:\WINDOWS\$NtUninstallKB967715$
2010-05-15 15:44:35 ----HD---- C:\WINDOWS\$NtUninstallKB951748$
2010-05-15 15:44:06 ----HD---- C:\WINDOWS\$NtUninstallKB956802$
2010-05-15 15:41:25 ----A---- C:\WINDOWS\setuplog.txt
2010-05-15 15:40:52 ----N---- C:\WINDOWS\system32\msxml6r.dll
2010-05-15 15:40:52 ----N---- C:\WINDOWS\system32\msxml6.dll
2010-05-15 15:40:44 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2010-05-15 15:40:44 ----N---- C:\WINDOWS\system32\azroles.dll
2010-05-15 15:40:44 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2010-05-15 15:40:44 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2010-05-15 15:40:44 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2010-05-15 15:40:44 ----N---- C:\WINDOWS\system32\aaclient.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\eapsvc.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\eapqec.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\eappprxy.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\eapphost.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\eappgnui.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\eappcfg.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\eapolqec.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\dot3ui.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\dot3svc.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\dot3msm.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\dot3api.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\dimsroam.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2010-05-15 15:40:43 ----N---- C:\WINDOWS\system32\credssp.dll
2010-05-15 15:40:42 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2010-05-15 15:40:41 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2010-05-15 15:40:41 ----N---- C:\WINDOWS\system32\kmsvc.dll
2010-05-15 15:40:41 ----N---- C:\WINDOWS\system32\kbdpash.dll
2010-05-15 15:40:41 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2010-05-15 15:40:41 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2010-05-15 15:40:41 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2010-05-15 15:40:40 ----N---- C:\WINDOWS\system32\mmcperf.exe
2010-05-15 15:40:40 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2010-05-15 15:40:40 ----N---- C:\WINDOWS\system32\mmcex.dll
2010-05-15 15:40:40 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2010-05-15 15:40:39 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2010-05-15 15:40:39 ----N---- C:\WINDOWS\system32\napstat.exe
2010-05-15 15:40:39 ----N---- C:\WINDOWS\system32\napmontr.dll
2010-05-15 15:40:39 ----N---- C:\WINDOWS\system32\napipsec.dll
2010-05-15 15:40:39 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2010-05-15 15:40:39 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2010-05-15 15:40:39 ----N---- C:\WINDOWS\system32\mssha.dll
2010-05-15 15:40:38 ----N---- C:\WINDOWS\system32\s3gnb.dll
2010-05-15 15:40:38 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2010-05-15 15:40:38 ----N---- C:\WINDOWS\system32\rasqec.dll
2010-05-15 15:40:38 ----N---- C:\WINDOWS\system32\qutil.dll
2010-05-15 15:40:38 ----N---- C:\WINDOWS\system32\qcliprov.dll
2010-05-15 15:40:38 ----N---- C:\WINDOWS\system32\qagentrt.dll
2010-05-15 15:40:38 ----N---- C:\WINDOWS\system32\qagent.dll
2010-05-15 15:40:38 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2010-05-15 15:40:38 ----N---- C:\WINDOWS\system32\onex.dll
2010-05-15 15:40:37 ----N---- C:\WINDOWS\system32\slserv.exe
2010-05-15 15:40:37 ----N---- C:\WINDOWS\system32\slrundll.exe
2010-05-15 15:40:37 ----N---- C:\WINDOWS\system32\slgen.dll
2010-05-15 15:40:37 ----N---- C:\WINDOWS\system32\slextspk.dll
2010-05-15 15:40:37 ----N---- C:\WINDOWS\system32\slcoinst.dll
2010-05-15 15:40:37 ----N---- C:\WINDOWS\system32\setupn.exe
2010-05-15 15:40:35 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2010-05-15 15:40:35 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2010-05-15 15:40:35 ----N---- C:\WINDOWS\system32\verclsid.exe
2010-05-15 15:40:35 ----N---- C:\WINDOWS\system32\tspkg.dll
2010-05-15 15:40:35 ----N---- C:\WINDOWS\system32\tsgqec.dll
2010-05-15 15:40:34 ----N---- C:\WINDOWS\system32\wmphoto.dll
2010-05-15 15:40:34 ----N---- C:\WINDOWS\system32\wlanapi.dll
2010-05-15 15:40:33 ----N---- C:\WINDOWS\system32\xmllite.dll
2010-05-15 15:40:33 ----N---- C:\WINDOWS\slrundll.exe
2010-05-15 15:40:33 ----D---- C:\WINDOWS\system32\cs-cz
2010-05-15 15:40:32 ----D---- C:\WINDOWS\l2schemas
2010-05-15 15:40:31 ----D---- C:\WINDOWS\system32\cs
2010-05-15 15:40:31 ----D---- C:\WINDOWS\system32\bits
2010-05-15 15:37:31 ----D---- C:\WINDOWS\ServicePackFiles
2010-05-15 15:35:09 ----D---- C:\WINDOWS\network diagnostic
2010-05-15 15:33:20 ----A---- C:\WINDOWS\002535_.tmp
2010-05-15 15:30:04 ----HD---- C:\WINDOWS\$NtServicePackUninstall$
2010-05-15 15:30:01 ----D---- C:\WINDOWS\EHome
2010-05-15 14:29:27 ----D---- C:\Program Files\CCleaner
2010-05-15 14:07:42 ----SHD---- C:\Recycled
2010-05-15 13:57:05 ----D---- C:\WINDOWS\Minidump
2010-05-15 13:56:22 ----SHD---- C:\FOUND.006
2010-05-15 11:34:34 ----D---- C:\WINDOWS\temp
2010-05-15 10:46:17 ----A---- C:\Boot.bak
2010-05-15 10:46:13 ----RASHD---- C:\cmdcons
2010-05-15 10:42:41 ----D---- C:\WINDOWS\ERDNT
2010-05-11 22:32:05 ----D---- C:\Documents and Settings\User\Data aplikací\Malwarebytes
2010-05-11 22:31:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-05-11 22:31:36 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-05-10 19:36:47 ----D---- C:\WINDOWS\system32\DRVSTORE
2010-05-10 19:29:41 ----HD---- C:\Documents and Settings\All Users\Data aplikací\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-05-10 19:26:54 ----D---- C:\Program Files\Lavasoft
2010-05-10 19:26:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2010-05-08 20:22:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-05-08 20:22:55 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-04-28 18:55:05 ----D---- C:\Documents and Settings\User\Data aplikací\Zoner
2010-04-28 18:54:42 ----D---- C:\Program Files\Zoner
2010-04-28 18:54:23 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-04-27 19:43:49 ----D---- C:\Documents and Settings\User\Data aplikací\Jpeg Resampler
2010-04-27 19:43:43 ----D---- C:\Program Files\JPEG Resampler
2010-04-27 18:58:54 ----D---- C:\Program Files\FastStone Photo Resizer
2010-04-20 16:39:54 ----D---- C:\Program Files\uTorrent
2010-04-20 16:38:23 ----D---- C:\Documents and Settings\User\Data aplikací\uTorrent
2010-04-20 16:20:47 ----D---- C:\Documents and Settings\User\Data aplikací\DivX
======List of files/folders modified in the last 1 months======
2010-05-15 17:47:54 ----A---- C:\WINDOWS\system32\eRLog.ini
2010-05-15 17:46:06 ----A---- C:\WINDOWS\ModemLog_SoftV90 Data Fax Modem with SmartCP.txt
2010-05-15 16:01:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-05-15 15:57:46 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-05-15 13:03:38 ----A---- C:\WINDOWS\system.ini
2010-05-15 10:46:18 ----RASH---- C:\BOOT.INI
2010-04-28 22:12:22 ----A---- C:\WINDOWS\NeroDigital.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-08-11 39424]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-08-18 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-08-18 27784]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-05-08 108552]
R1 Hotkey;Hotkey; C:\WINDOWS\system32\drivers\Hotkey.sys [2003-04-28 9867]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2005-04-11 17801]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 osaio;osaio; C:\WINDOWS\system32\drivers\osaio.sys [2005-03-04 8704]
R2 osanbm;osanbm; C:\WINDOWS\system32\drivers\osanbm.sys [2005-01-14 4010]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-08-19 3644800]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-04-05 1035776]
R3 BCM43XX;Broadcom 802.11 ovladač síťového adaptéru; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2004-12-22 369024]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-12-15 1038208]
R3 HSFHWATI;HSFHWATI; C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys [2004-12-15 200192]
R3 int15.sys;int15.sys; \??\C:\Program Files\acer\eRecovery\int15.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-14 28672]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2009-02-27 6144]
R3 POWERKEY;POWERKEY; \??\C:\Program Files\Launch Manager\POWERKEY.sys []
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-12-02 70912]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-10-05 185824]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2004-09-14 146304]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-12-15 703232]
S1 Wbutton;Wbutton; C:\WINDOWS\system32\drivers\Wbutton.sys []
S3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2005-01-10 449888]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SI15CI;SI15CI; \??\c:\elements\1stboot\SI15CI.SYS []
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 anbmService;Notebook Manager Service; C:\Acer\eManager\anbmServ.exe [2004-08-16 1287168]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-04-05 364544]
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-08-18 908056]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-08-18 297752]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-05-10 1285864]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 wltrysvc;Broadcom Wireless LAN Tray Service; C:\WINDOWS\System32\wltrysvc.exe [2004-12-22 65536]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-15 133104]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
-----------------EOF-----------------
Re: Prosím o kontrolu logu .SVCHOST.EXE proces 99%
info.txt logfile of random's system information tool 1.06 2010-05-15 17:53:03
======Uninstall list======
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Acer Inc.\Acer English Online Help Creator\Uninst.isu"
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Acer eManager for Notebook-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{827289F5-B44F-4E49-9993-840741585A62}
Ad-Aware Email Scanner for Outlook-->MsiExec.exe /I{338F08AB-C262-42C7-B000-34DE1A475273}
Ad-Aware-->"C:\Documents and Settings\All Users\Data aplikací\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\Documents and Settings\All Users\Data aplikací\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0.5 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A70500000002}
Aktualizace systému Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Arcade 3.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.exe" -uninstall
Athlon 64 Processor Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x5
ATI Control Panel-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
AVG Free 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Barbie(TM) 12 tančících princezen-->C:\Program Files\InstallShield Installation Information\{60EC8EF5-BD58-4675-A4E2-95CA18D8392E}\setup.exe -runfromtemp -l0x0005 -removeonly
Broadcom 802.11 Network Adapter-->C:\WINDOWS\system32\BCMWLU00.exe verbose
BSPlayer-->"C:\Program Files\Webteh\BSplayer\uninstall.exe"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Codec Pack - All In 1 6.0.3.0-->C:\WINDOWS\iun6002.exe "C:\Program Files\Codec Pack - All In 1\irunin.ini"
Crazy Birds-->"C:\Program Files\GameTop.com\Crazy Birds\unins000.exe"
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Plus Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
FastStone Photo Resizer 2.4-->C:\Program Files\FastStone Photo Resizer\uninst.exe
Google Earth-->MsiExec.exe /X{08C0729E-3E50-11DF-9D81-005056806466}
Google Chrome-->"C:\Program Files\Google\Chrome\Application\4.1.249.1064\Installer\setup.exe" --uninstall --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HijackThis 2.0.2-->"C:\Documents and Settings\User\Dokumenty\Stažené soubory\HijackThis.exe" /uninstall
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
JPEG Resampler Vs 4.7-->"C:\Program Files\JPEG Resampler\unins000.exe"
Lark AntiSpyware 3.0-->"C:\Program Files\Lark Anti-Spyware\unins000.exe"
Lark AntiSpyware 4.0-->"C:\Program Files\Lark Anti-Spyware\unins001.exe"
Launch Manager V1.0.8.3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D0846526-66DD-4DC9-A02C-98F9A2806812}\SETUP.EXE" -l0x9
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110405-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Zoo Tycoon-->"C:\Program Files\Microsoft Games\Zoo Tycoon\UNINSTAL.EXE" /runtemp /addremove
Mozilla Firefox (3.6.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero 6 Ultra Edition-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NTI Backup NOW! 4-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{B06B842F-2450-494F-BBDE-217CDC151A37} /l1033 BUN4
NTI CD & DVD-Maker Gold-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{E98412A2-8AB2-4BCE-AB3F-384B0239557E} /l1033 CDM7
Oprava Hotfix systému Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
PowerProducer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\Setup.exe" -l0x5 -removeonly
REALTEK Gigabit and Fast Ethernet NIC Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\setup.exe" -l0x5 REMOVE
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Softarová utilita ATI - Odinstalovat-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
SoftV90 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_1002&DEV_4378&SUBSYS_00801025\HXFSETUP.EXE -U -IVEN_1002&DEV_4378&SUBSYS_00801025
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Texas Instruments PCIxx21/x515 drivers.-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{E7A744FD-E1B8-4FF6-ADC1-EA4C32181457} /l1033
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Essentials Media Codec Pack 2.3d-->C:\Program Files\Essentials Codec Pack\uninst.exe
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Zoner Media Explorer 5-->MsiExec.exe /X{B48F9C44-C904-4FA3-984D-F65AE4C49745}
======Security center information======
AV: AVG Anti-Virus Free
======System event log======
Computer Name: ACER-1F5ADAF30F
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 2 Uniprocessor Free.
Record Number: 17040
Source Name: EventLog
Time Written: 20100413161333.000000+120
Event Type: Informace
User:
Computer Name: ACER-1F5ADAF30F
Event Code: 6006
Message: Služba Event Log byla zastavena.
Record Number: 17039
Source Name: EventLog
Time Written: 20100413111911.000000+120
Event Type: Informace
User:
Computer Name: ACER-1F5ADAF30F
Event Code: 7036
Message: Stav služby Ati HotKey Poller byl změněn na: Zastaveno
Record Number: 17038
Source Name: Service Control Manager
Time Written: 20100413111900.000000+120
Event Type: Informace
User:
Computer Name: ACER-1F5ADAF30F
Event Code: 16384
Message: Správce NT AUTHORITY\SYSTEM zrušil úlohu C:\WINDOWS\TEMP\GUR1.exe za uživatele ACER-1F5ADAF30F\User. Identifikátor úlohy byl {8F5CD339-1C39-45F4-A017-115AF771FA9A}.
Record Number: 17037
Source Name: BITS
Time Written: 20100413084627.000000+120
Event Type: Informace
User:
Computer Name: ACER-1F5ADAF30F
Event Code: 16384
Message: Správce NT AUTHORITY\SYSTEM zrušil úlohu C:\WINDOWS\TEMP\GUR2.exe za uživatele ACER-1F5ADAF30F\User. Identifikátor úlohy byl {D33714AB-4959-4FA7-A53E-281FB4526631}.
Record Number: 17036
Source Name: BITS
Time Written: 20100413084627.000000+120
Event Type: Informace
User:
=====Application event log=====
Computer Name: ACER-1F5ADAF30F
Event Code: 1800
Message: Služba Centrum zabezpečení systému Windows byla spuštěna.
Record Number: 2987
Source Name: SecurityCenter
Time Written: 20100417190758.000000+120
Event Type: Informace
User:
Computer Name: ACER-1F5ADAF30F
Event Code: 0
Message:
Record Number: 2986
Source Name: gupdate
Time Written: 20100417190756.000000+120
Event Type: Informace
User:
Computer Name: ACER-1F5ADAF30F
Event Code: 1517
Message: Systém Windows uložil registr uživatele ACER-1F5ADAF30F\User, ale některá z aplikací nebo služeb během odhlášení registr nadále používala. Paměť používaná registrem uživatele nebyla uvolněna. Registr bude uvolněn, jakmile již nebude používán.
To je často způsobeno tím, že jsou služby spuštěny pomocí uživatelského účtu. Zkuste služby konfigurovat pro spuštění pomocí účtu místní nebo síťové služby.
Record Number: 2985
Source Name: Userenv
Time Written: 20100417175227.000000+120
Event Type: Upozornění
User: NT AUTHORITY\SYSTEM
Computer Name: ACER-1F5ADAF30F
Event Code: 20
Message:
Record Number: 2984
Source Name: Google Update
Time Written: 20100417170838.000000+120
Event Type: Chyba
User: NT AUTHORITY\SYSTEM
Computer Name: ACER-1F5ADAF30F
Event Code: 20
Message:
Record Number: 2983
Source Name: Google Update
Time Written: 20100417160837.000000+120
Event Type: Chyba
User: NT AUTHORITY\SYSTEM
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\QuickTime\QTSystem;C:\Program Files\Common Files\DivX Shared
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 44 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2c02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
-----------------EOF-----------------
======Uninstall list======
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Acer Inc.\Acer English Online Help Creator\Uninst.isu"
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Acer eManager for Notebook-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{827289F5-B44F-4E49-9993-840741585A62}
Ad-Aware Email Scanner for Outlook-->MsiExec.exe /I{338F08AB-C262-42C7-B000-34DE1A475273}
Ad-Aware-->"C:\Documents and Settings\All Users\Data aplikací\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\Documents and Settings\All Users\Data aplikací\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0.5 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A70500000002}
Aktualizace systému Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Arcade 3.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.exe" -uninstall
Athlon 64 Processor Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x5
ATI Control Panel-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
AVG Free 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Barbie(TM) 12 tančících princezen-->C:\Program Files\InstallShield Installation Information\{60EC8EF5-BD58-4675-A4E2-95CA18D8392E}\setup.exe -runfromtemp -l0x0005 -removeonly
Broadcom 802.11 Network Adapter-->C:\WINDOWS\system32\BCMWLU00.exe verbose
BSPlayer-->"C:\Program Files\Webteh\BSplayer\uninstall.exe"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Codec Pack - All In 1 6.0.3.0-->C:\WINDOWS\iun6002.exe "C:\Program Files\Codec Pack - All In 1\irunin.ini"
Crazy Birds-->"C:\Program Files\GameTop.com\Crazy Birds\unins000.exe"
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Plus Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
FastStone Photo Resizer 2.4-->C:\Program Files\FastStone Photo Resizer\uninst.exe
Google Earth-->MsiExec.exe /X{08C0729E-3E50-11DF-9D81-005056806466}
Google Chrome-->"C:\Program Files\Google\Chrome\Application\4.1.249.1064\Installer\setup.exe" --uninstall --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HijackThis 2.0.2-->"C:\Documents and Settings\User\Dokumenty\Stažené soubory\HijackThis.exe" /uninstall
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
JPEG Resampler Vs 4.7-->"C:\Program Files\JPEG Resampler\unins000.exe"
Lark AntiSpyware 3.0-->"C:\Program Files\Lark Anti-Spyware\unins000.exe"
Lark AntiSpyware 4.0-->"C:\Program Files\Lark Anti-Spyware\unins001.exe"
Launch Manager V1.0.8.3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D0846526-66DD-4DC9-A02C-98F9A2806812}\SETUP.EXE" -l0x9
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110405-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Zoo Tycoon-->"C:\Program Files\Microsoft Games\Zoo Tycoon\UNINSTAL.EXE" /runtemp /addremove
Mozilla Firefox (3.6.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero 6 Ultra Edition-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NTI Backup NOW! 4-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{B06B842F-2450-494F-BBDE-217CDC151A37} /l1033 BUN4
NTI CD & DVD-Maker Gold-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{E98412A2-8AB2-4BCE-AB3F-384B0239557E} /l1033 CDM7
Oprava Hotfix systému Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
PowerProducer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\Setup.exe" -l0x5 -removeonly
REALTEK Gigabit and Fast Ethernet NIC Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\setup.exe" -l0x5 REMOVE
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Softarová utilita ATI - Odinstalovat-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
SoftV90 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_1002&DEV_4378&SUBSYS_00801025\HXFSETUP.EXE -U -IVEN_1002&DEV_4378&SUBSYS_00801025
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Texas Instruments PCIxx21/x515 drivers.-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{E7A744FD-E1B8-4FF6-ADC1-EA4C32181457} /l1033
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Essentials Media Codec Pack 2.3d-->C:\Program Files\Essentials Codec Pack\uninst.exe
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Zoner Media Explorer 5-->MsiExec.exe /X{B48F9C44-C904-4FA3-984D-F65AE4C49745}
======Security center information======
AV: AVG Anti-Virus Free
======System event log======
Computer Name: ACER-1F5ADAF30F
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 2 Uniprocessor Free.
Record Number: 17040
Source Name: EventLog
Time Written: 20100413161333.000000+120
Event Type: Informace
User:
Computer Name: ACER-1F5ADAF30F
Event Code: 6006
Message: Služba Event Log byla zastavena.
Record Number: 17039
Source Name: EventLog
Time Written: 20100413111911.000000+120
Event Type: Informace
User:
Computer Name: ACER-1F5ADAF30F
Event Code: 7036
Message: Stav služby Ati HotKey Poller byl změněn na: Zastaveno
Record Number: 17038
Source Name: Service Control Manager
Time Written: 20100413111900.000000+120
Event Type: Informace
User:
Computer Name: ACER-1F5ADAF30F
Event Code: 16384
Message: Správce NT AUTHORITY\SYSTEM zrušil úlohu C:\WINDOWS\TEMP\GUR1.exe za uživatele ACER-1F5ADAF30F\User. Identifikátor úlohy byl {8F5CD339-1C39-45F4-A017-115AF771FA9A}.
Record Number: 17037
Source Name: BITS
Time Written: 20100413084627.000000+120
Event Type: Informace
User:
Computer Name: ACER-1F5ADAF30F
Event Code: 16384
Message: Správce NT AUTHORITY\SYSTEM zrušil úlohu C:\WINDOWS\TEMP\GUR2.exe za uživatele ACER-1F5ADAF30F\User. Identifikátor úlohy byl {D33714AB-4959-4FA7-A53E-281FB4526631}.
Record Number: 17036
Source Name: BITS
Time Written: 20100413084627.000000+120
Event Type: Informace
User:
=====Application event log=====
Computer Name: ACER-1F5ADAF30F
Event Code: 1800
Message: Služba Centrum zabezpečení systému Windows byla spuštěna.
Record Number: 2987
Source Name: SecurityCenter
Time Written: 20100417190758.000000+120
Event Type: Informace
User:
Computer Name: ACER-1F5ADAF30F
Event Code: 0
Message:
Record Number: 2986
Source Name: gupdate
Time Written: 20100417190756.000000+120
Event Type: Informace
User:
Computer Name: ACER-1F5ADAF30F
Event Code: 1517
Message: Systém Windows uložil registr uživatele ACER-1F5ADAF30F\User, ale některá z aplikací nebo služeb během odhlášení registr nadále používala. Paměť používaná registrem uživatele nebyla uvolněna. Registr bude uvolněn, jakmile již nebude používán.
To je často způsobeno tím, že jsou služby spuštěny pomocí uživatelského účtu. Zkuste služby konfigurovat pro spuštění pomocí účtu místní nebo síťové služby.
Record Number: 2985
Source Name: Userenv
Time Written: 20100417175227.000000+120
Event Type: Upozornění
User: NT AUTHORITY\SYSTEM
Computer Name: ACER-1F5ADAF30F
Event Code: 20
Message:
Record Number: 2984
Source Name: Google Update
Time Written: 20100417170838.000000+120
Event Type: Chyba
User: NT AUTHORITY\SYSTEM
Computer Name: ACER-1F5ADAF30F
Event Code: 20
Message:
Record Number: 2983
Source Name: Google Update
Time Written: 20100417160837.000000+120
Event Type: Chyba
User: NT AUTHORITY\SYSTEM
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\QuickTime\QTSystem;C:\Program Files\Common Files\DivX Shared
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 44 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2c02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
-----------------EOF-----------------
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu .SVCHOST.EXE proces 99%
Doporučuji odinstalovat Ad-Aware a Lark AntiSpyware. V logu nevidím firewall, doinstalujte 
Přehled: http://www.viry.cz/forum/viewtopic.php?f=41&t=6523 Jinak je log v pořádku. 
Re: Prosím o kontrolu logu .SVCHOST.EXE proces 99%
dík, provedu 
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Přispějete na provoz fóra?