Odesílání velkeho množství paket

Zpráva

Viny · #1 Příspěvek od **Viny** » 09 lis 2010 01:06

Zdravím a přeji pěkný den

Mám problém který se týká odesílaní velkeho množství paket.Když zapnu pc internet jede v pohodě asi 1 minutu,potom přestane přijimat ,ale stále odesílá 100-300 zhruba každé dvě až tři sekundy.Antivir nic nenašel.Prosím o radu

Logfile of random's system information tool 1.08 (written by random/random)
Run by Pabis at 2010-11-09 01:03:59
Microsoft Windows 7 Ultimate
System drive C: has 54 GB (45%) free of 120 GB
Total RAM: 3067 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:04:04, on 9.11.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ICQ7.1\ICQ.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\Pabis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\20101006200555\ICQToolBar.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\20101006200555\ICQToolBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ7.1\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Přidat do Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O9 - Extra button: &Virtuální klávesnice - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: &Kontrola adres URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~2\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~2\sbhook.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: O2FLASH - Unknown owner - C:\Windows\system32\DRIVERS\o2flash.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9677 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe"
C:\Windows\system32\DRIVERS\o2flash.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\ICQ7.1\ICQ.exe" silent loginmode=4
"C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosA2dp.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHid.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHsp.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtblfs.exe" -Embedding
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3548.7cbfa60.89392518 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 3548 plugin \\.\pipe\gecko-crash-server-pipe.3548
"C:\Users\Pabis\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\ievkbd.dll [2009-07-03 61456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-10-25 398512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll [2010-10-25 317496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll [2009-07-03 341008]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-07-03 68112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-10-25 297648]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll [2010-10-25 843832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-08-05 264720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-10-25 398512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\20101006200555\ICQToolBar.dll [2010-10-04 1049912]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-10-25 297648]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-10-06 39408]
"ICQ"=C:\Program Files (x86)\ICQ7.1\ICQ.exe [2010-10-27 133432]
"SpybotSD TeaTimer"=C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-29 98304]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START []
"AVP"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2010-10-04 311680]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\KASPER~1\KASPER~2\x64\sbhook64.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\Windows\System32\klogon.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-11-09 01:03:59 ----D---- C:\rsit
2010-11-09 01:03:59 ----D---- C:\Program Files\trend micro
2010-11-08 23:30:28 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-11-08 23:30:28 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2010-11-08 22:31:16 ----D---- C:\Users\Pabis\AppData\Roaming\Ethereal
2010-11-08 22:30:21 ----D---- C:\Program Files (x86)\Ethereal
2010-11-07 21:29:45 ----D---- C:\Program Files (x86)\Adobe
2010-11-07 21:29:29 ----SHD---- C:\Config.Msi
2010-10-26 02:17:25 ----D---- C:\Program Files (x86)\Dreamcatcher
2010-10-26 01:05:12 ----A---- C:\Windows\War3Unin.pif
2010-10-26 01:05:12 ----A---- C:\Windows\War3Unin.exe
2010-10-26 00:21:04 ----D---- C:\Program Files\Thief - Deadly Shadows
2010-10-26 00:13:38 ----D---- C:\Program Files (x86)\Thief - Deadly Shadows
2010-10-22 01:45:36 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2010-10-22 01:45:36 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2010-10-22 01:45:07 ----D---- C:\Program Files (x86)\Winamp Detect
2010-10-22 01:44:46 ----D---- C:\Users\Pabis\AppData\Roaming\Winamp
2010-10-22 01:44:46 ----D---- C:\Program Files (x86)\Winamp
2010-10-15 12:26:21 ----D---- C:\ProgramData\Blizzard Entertainment
2010-10-14 20:07:06 ----D---- C:\ProgramData\Blizzard
2010-10-14 17:32:14 ----D---- C:\Program Files (x86)\World of Warcraft

======List of files/folders modified in the last 1 months======

2010-11-09 01:04:04 ----D---- C:\Windows\Prefetch
2010-11-09 01:04:02 ----D---- C:\Windows\Temp
2010-11-09 01:03:59 ----RD---- C:\Program Files
2010-11-09 00:17:58 ----D---- C:\Windows\System32
2010-11-09 00:17:58 ----D---- C:\Windows\inf
2010-11-09 00:17:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-09 00:15:20 ----D---- C:\Windows\system32\NDF
2010-11-09 00:12:58 ----D---- C:\ProgramData\Kaspersky Lab
2010-11-08 23:30:28 ----RD---- C:\Program Files (x86)
2010-11-08 23:30:28 ----HD---- C:\ProgramData
2010-11-08 23:14:01 ----D---- C:\Users\Pabis\AppData\Roaming\ICQ
2010-11-08 23:09:32 ----SHD---- C:\System Volume Information
2010-11-08 21:51:07 ----D---- C:\Windows\system32\LogFiles
2010-11-07 23:22:55 ----SD---- C:\ProgramData\Microsoft
2010-11-07 23:05:51 ----D---- C:\Windows\system32\config
2010-11-07 21:59:21 ----D---- C:\Windows\system32\drivers\etc
2010-11-07 21:30:21 ----SHD---- C:\Windows\Installer
2010-11-07 21:29:46 ----D---- C:\ProgramData\Adobe
2010-11-07 21:29:45 ----D---- C:\Program Files (x86)\Common Files
2010-11-07 21:29:21 ----D---- C:\Windows\SysWOW64
2010-11-06 10:18:34 ----D---- C:\Users\Pabis\AppData\Roaming\Skype
2010-11-06 09:02:15 ----D---- C:\Users\Pabis\AppData\Roaming\skypePM
2010-11-05 08:03:10 ----D---- C:\Windows\system32\catroot2
2010-11-04 18:55:40 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-11-04 16:19:43 ----D---- C:\Users\Pabis\AppData\Roaming\Adobe
2010-11-03 12:20:32 ----D---- C:\Windows\system32\wdi
2010-11-01 12:40:19 ----D---- C:\Program Files (x86)\ICQ7.1
2010-10-26 02:17:24 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-10-26 01:05:12 ----D---- C:\Windows
2010-10-26 00:09:14 ----D---- C:\Windows\ModemLogs
2010-10-22 01:45:16 ----D---- C:\Windows\Logs
2010-10-17 23:07:16 ----SD---- C:\Users\Pabis\AppData\Roaming\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 KLBG;Kaspersky Lab Boot Guard Driver; C:\Windows\system32\DRIVERS\klbg.sys [2008-12-15 38416]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-06-15 156688]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2009-07-03 330768]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2009-05-15 26640]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-28 81768]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-30 6037504]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2009-05-16 21008]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 O2MDRDR;O2MDRDR; C:\Windows\system32\DRIVERS\o2mdx64.sys [2009-07-13 64160]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 109056]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2009-09-24 212072]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2009-07-13 19824]
R3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 94336]
R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2009-09-14 58744]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-09-26 115328]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 50664]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2009-08-05 63856]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-29 203264]
R2 AVP;Kaspersky Internet Security; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2010-10-04 311680]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
R2 O2FLASH;O2FLASH; C:\Windows\system32\DRIVERS\o2flash.exe [2007-02-12 65536]
R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2009-10-21 193904]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-06 136176]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-10-06 182768]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------

Děkuji

#2 Příspěvek od **motji** » 10 lis 2010 12:26

Hezké odpoledne

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT

-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

Viny · #3 Příspěvek od **Viny** » 10 lis 2010 22:19

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 5091

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

10.11.2010 22:16:57
mbam-log-2010-11-10 (22-16-57).txt

Typ skenu: Rychlý sken
Skenované objekty: 139355
Uplynulý čas: 4 minuta(y), 54 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

#4 Příspěvek od **motji** » 10 lis 2010 22:23

Zkoušel jste obnovu systému?

Viny · #5 Příspěvek od **Viny** » 10 lis 2010 22:29

Zkousel,nejde nějak zjistit kam se odesilají?

#6 Příspěvek od **motji** » 10 lis 2010 22:32

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde

Viny · #7 Příspěvek od **Viny** » 10 lis 2010 22:53

Udělal jsem vše podle návodu, ale ani jeden log se mi neobjevil.

#8 Příspěvek od **motji** » 10 lis 2010 23:07

Nechal jste sken doběhnout? Díval jste se dobře? Na disku C by se Vám měla objevit složka OTL a v ní by měli být.

Viny · #9 Příspěvek od **Viny** » 10 lis 2010 23:20

Asi jsem nenechal sken doběhnout.Každopadně OTL mi právě napsal: Out of memory a nejde ho vypnout

#10 Příspěvek od **motji** » 11 lis 2010 04:15

Nejde ukončit ve správci uloh?

Viny · #11 Příspěvek od **Viny** » 11 lis 2010 17:16

Ve správci uloh ano.Je to tak že program prohledává a jakoby zamrzne a využití procesoru a RAM začne stoupat dokud obě hodnoty nedosáhnou 100%.Pak se mi objevi out of memory.

#12 Příspěvek od **motji** » 11 lis 2010 18:11

Zkuste ho bez skriptu - v nouzovém režimu

Viny · #13 Příspěvek od **Viny** » 14 lis 2010 15:23

OTL logfile created on: 14.11.2010 15:17:33 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Pabis\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 117,54 Gb Total Space | 51,90 Gb Free Space | 44,15% Space Free | Partition Type: NTFS
Drive D: | 113,88 Gb Total Space | 80,52 Gb Free Space | 70,70% Space Free | Partition Type: NTFS
Drive E: | 7,85 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: PABIS-PC | User Name: Pabis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found -- C:\Windows\SysWow64\DRIVERS\o2flash.exe
PRC - [2010.11.14 15:16:54 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Pabis\Desktop\OTL.exe
PRC - [2010.11.04 18:55:39 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010.10.27 13:20:45 | 000,133,432 | ---- | M] (ICQ, LLC.) -- C:\Program Files (x86)\ICQ7.1\ICQ.exe
PRC - [2010.01.03 16:07:48 | 000,246,520 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
PRC - [2009.12.08 16:50:26 | 002,717,024 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2009.11.27 10:36:00 | 000,427,416 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
PRC - [2009.11.18 15:10:00 | 000,664,904 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2009.04.03 18:17:00 | 000,447,816 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
PRC - [2009.01.26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008.07.24 11:24:00 | 000,083,272 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe

========== Modules (SafeList) ==========

MOD - [2010.11.14 15:16:54 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Pabis\Desktop\OTL.exe
MOD - [2009.07.14 02:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009.07.29 23:54:22 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2007.02.12 00:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Windows\SysNative\drivers\o2flash.exe -- (O2FLASH)
SRV - [2010.10.04 15:01:46 | 000,311,680 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP)
SRV - [2010.01.03 16:07:48 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009.10.21 10:40:00 | 000,193,904 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Running] -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2009.09.24 17:55:00 | 000,212,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfbd.sys -- (tosrfbd)
DRV:64bit: - [2009.09.14 14:30:00 | 000,058,744 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfusb.sys -- (Tosrfusb)
DRV:64bit: - [2009.08.05 12:56:00 | 000,063,856 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV:64bit: - [2009.07.30 12:07:12 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.07.28 20:02:00 | 000,081,768 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tosrfcom.sys -- (Tosrfcom)
DRV:64bit: - [2009.07.24 11:33:00 | 000,026,472 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfnds.sys -- (tosrfnds)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 00:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009.07.13 22:12:00 | 000,019,824 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfec.sys -- (tosrfec)
DRV:64bit: - [2009.07.13 19:46:50 | 000,064,160 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2mdx64.sys -- (O2MDRDR)
DRV:64bit: - [2009.07.03 13:11:06 | 000,330,768 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2009.06.19 10:00:00 | 000,094,336 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV:64bit: - [2009.06.19 09:59:00 | 000,050,664 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV:64bit: - [2009.06.17 12:01:00 | 000,054,664 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosporte.sys -- (tosporte)
DRV:64bit: - [2009.06.15 14:01:06 | 000,156,688 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:64bit: - [2009.06.10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009.06.10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009.06.10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.06.10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.16 20:59:30 | 000,021,008 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009.05.15 18:50:26 | 000,026,640 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2008.12.15 20:41:52 | 000,038,416 | ---- | M] (Kaspersky Lab) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\klbg.sys -- (KLBG)
DRV:64bit: - [2008.09.26 17:02:36 | 000,115,328 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\20101006200555\ICQToolBar.dll (ICQ)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\20101006200555\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3207058294-1062121894-635718524-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-3207058294-1062121894-635718524-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1B 81 1B 04 D0 B6 CA 01 [binary data]
IE - HKU\S-1-5-21-3207058294-1062121894-635718524-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\20101006200555\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-3207058294-1062121894-635718524-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.463

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.11.04 18:55:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.11.07 21:29:49 | 000,000,000 | ---D | M]

[2010.10.07 22:04:15 | 000,000,000 | ---D | M] -- C:\Users\Pabis\AppData\Roaming\mozilla\Extensions
[2010.10.07 22:04:15 | 000,000,000 | ---D | M] -- C:\Users\Pabis\AppData\Roaming\mozilla\Firefox\Profiles\apzzfz6a.default\extensions
[2010.10.08 18:44:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.10.08 18:44:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2010.06.28 22:40:10 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
[2010.09.14 22:10:37 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.09.14 22:10:37 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.09.14 22:10:37 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.09.14 22:10:37 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.09.14 22:10:37 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\ievkbd.dll (Kaspersky Lab)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\20101006200555\ICQToolBar.dll (ICQ)
O3:64bit: - HKU\S-1-5-21-3207058294-1062121894-635718524-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-3207058294-1062121894-635718524-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3207058294-1062121894-635718524-1000..\Run: [ICQ] C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-3207058294-1062121894-635718524-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-21-3207058294-1062121894-635718524-1000..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Přidat do Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm ()
O8:64bit: - Extra context menu item: WikiKomentáře Google... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O8 - Extra context menu item: Přidat do Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm ()
O8 - Extra context menu item: WikiKomentáře Google... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O9:64bit: - Extra Button: &Virtuální klávesnice - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll (Kaspersky Lab)
O9:64bit: - Extra Button: &Kontrola adres URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: &Virtuální klávesnice - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: &Kontrola adres URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.16.18.161 88.146.158.2
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~2\x64\sbhook64.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\sbhook64.dll (Kaspersky Lab)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~2\x64\kloehk.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\kloehk.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~2\mzvkbd3.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~2\sbhook.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\sbhook.dll (Kaspersky Lab)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006.11.08 17:34:08 | 000,000,115 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{324c5cf3-21fd-11df-8694-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{324c5cf3-21fd-11df-8694-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -- [2006.11.09 06:20:46 | 000,119,016 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{324c5cf3-21fd-11df-8694-806e6f6e6963}\Shell\install\command - "" = E:\setup.exe -- [2006.11.09 06:20:46 | 000,119,016 | R--- | M] (Macrovision Corporation)
O33 - MountPoints2\{6e428dcb-3a7b-11df-a3b7-00238b4c4549}\Shell - "" = AutoRun
O33 - MountPoints2\{6e428dcb-3a7b-11df-a3b7-00238b4c4549}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{6e428dd3-3a7b-11df-a3b7-00238b4c4549}\Shell - "" = AutoRun
O33 - MountPoints2\{6e428dd3-3a7b-11df-a3b7-00238b4c4549}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{6e428def-3a7b-11df-a3b7-00238b4c4549}\Shell - "" = AutoRun
O33 - MountPoints2\{6e428def-3a7b-11df-a3b7-00238b4c4549}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{6e428df1-3a7b-11df-a3b7-00238b4c4549}\Shell - "" = AutoRun
O33 - MountPoints2\{6e428df1-3a7b-11df-a3b7-00238b4c4549}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{6e428df5-3a7b-11df-a3b7-00238b4c4549}\Shell - "" = AutoRun
O33 - MountPoints2\{6e428df5-3a7b-11df-a3b7-00238b4c4549}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.11.14 15:16:50 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Pabis\Desktop\OTL.exe
[2010.11.14 15:10:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.11.10 22:11:15 | 000,000,000 | ---D | C] -- C:\Users\Pabis\AppData\Roaming\Malwarebytes
[2010.11.10 22:11:01 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.11.10 22:11:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.11.09 01:03:59 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.11.09 01:03:59 | 000,000,000 | ---D | C] -- C:\rsit
[2010.11.09 00:10:03 | 006,000,608 | ---- | C] (Sunbelt Software ) -- C:\Users\Pabis\Desktop\sunbelt-personal-firewall.exe
[2010.11.09 00:08:27 | 004,444,380 | ---- | C] (Sunbelt Software ) -- C:\Users\Pabis\Desktop\sunbelt-personal-firewall.exe.part
[2010.11.08 23:30:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010.11.08 23:30:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2010.11.08 23:27:31 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Users\Pabis\Desktop\spybotsd162.exe
[2010.11.08 22:31:16 | 000,000,000 | ---D | C] -- C:\Users\Pabis\AppData\Roaming\Ethereal
[2010.11.08 22:20:51 | 000,000,000 | ---D | C] -- C:\Users\Pabis\Desktop\backups
[2010.11.07 23:35:41 | 000,396,288 | ---- | C] (Trend Micro Inc.) -- C:\Users\Pabis\Desktop\hijackthis.exe
[2010.11.07 21:29:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010.11.07 21:29:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2010.11.07 21:29:29 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.11.04 16:19:43 | 000,000,000 | ---D | C] -- C:\Users\Pabis\AppData\Local\Adobe
[2010.10.26 02:17:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dreamcatcher
[2010.10.26 01:05:12 | 000,139,264 | ---- | C] (Blizzard Entertainment) -- C:\Windows\War3Unin.exe
[2010.10.26 00:26:28 | 000,000,000 | ---D | C] -- C:\Users\Pabis\Documents\Thief - Deadly Shadows
[2010.10.26 00:21:04 | 000,000,000 | ---D | C] -- C:\Program Files\Thief - Deadly Shadows
[2010.10.26 00:19:34 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Thief - Deadly Shadows
[2010.10.26 00:13:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Thief - Deadly Shadows
[2010.10.26 00:13:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2010.10.22 01:45:36 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2010.10.22 01:45:36 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2010.10.22 01:45:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp Detect
[2010.10.22 01:44:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2010.10.22 01:44:46 | 000,000,000 | ---D | C] -- C:\Users\Pabis\AppData\Roaming\Winamp
[2010.10.22 01:44:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp

========== Files - Modified Within 30 Days ==========

[2010.11.14 15:19:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.11.14 15:16:54 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Pabis\Desktop\OTL.exe
[2010.11.14 15:14:15 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.11.14 15:13:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.14 15:13:28 | 2411,872,256 | -HS- | M] () -- C:\hiberfil.sys
[2010.11.14 13:32:04 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.14 13:32:04 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.11 12:39:48 | 001,445,734 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.11.11 12:39:48 | 000,622,660 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.11.11 12:39:48 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.11.11 12:39:48 | 000,118,810 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.11.11 12:39:48 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.11.09 00:47:47 | 000,832,273 | ---- | M] () -- C:\Users\Pabis\Desktop\RSITx64.exe
[2010.11.09 00:17:54 | 006,000,608 | ---- | M] (Sunbelt Software ) -- C:\Users\Pabis\Desktop\sunbelt-personal-firewall.exe
[2010.11.09 00:09:16 | 004,444,380 | ---- | M] (Sunbelt Software ) -- C:\Users\Pabis\Desktop\sunbelt-personal-firewall.exe.part
[2010.11.08 23:30:32 | 000,001,263 | ---- | M] () -- C:\Users\Pabis\Desktop\Spybot - Search & Destroy.lnk
[2010.11.08 23:28:08 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Users\Pabis\Desktop\spybotsd162.exe
[2010.11.08 22:52:22 | 000,000,375 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2010.11.08 22:29:47 | 013,053,058 | ---- | M] () -- C:\Users\Pabis\Desktop\ethereal-setup-0.99.0.exe
[2010.11.07 23:35:44 | 000,396,288 | ---- | M] (Trend Micro Inc.) -- C:\Users\Pabis\Desktop\hijackthis.exe
[2010.11.07 22:48:59 | 000,000,017 | ---- | M] () -- C:\Users\Pabis\AppData\Local\resmon.resmoncfg
[2010.11.07 21:29:49 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.11.03 22:07:52 | 000,025,088 | ---- | M] () -- C:\Users\Pabis\Desktop\Nový Dokument aplikace Microsoft Word.doc
[2010.11.01 23:41:22 | 000,021,504 | ---- | M] () -- C:\Users\Pabis\Desktop\sms.doc
[2010.10.26 21:25:21 | 000,090,112 | ---- | M] () -- C:\Users\Pabis\Desktop\Psychologická příprava kompletní.doc
[2010.10.26 01:18:00 | 000,042,573 | ---- | M] () -- C:\Windows\War3Unin.dat
[2010.10.26 01:18:00 | 000,000,651 | ---- | M] () -- C:\Users\Pabis\Desktop\Frozen Throne.lnk
[2010.10.26 01:17:22 | 000,002,829 | ---- | M] () -- C:\Windows\War3Unin.pif
[2010.10.26 01:17:21 | 000,139,264 | ---- | M] (Blizzard Entertainment) -- C:\Windows\War3Unin.exe
[2010.10.26 01:11:36 | 000,000,646 | ---- | M] () -- C:\Users\Pabis\Desktop\Warcraft III.lnk
[2010.10.26 00:17:58 | 000,002,097 | ---- | M] () -- C:\Users\Public\Desktop\Play Thief - Deadly Shadows.lnk
[2010.10.22 01:45:37 | 000,000,984 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2010.10.16 13:01:09 | 000,000,675 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk

========== Files Created - No Company Name ==========

[2010.11.09 00:47:47 | 000,832,273 | ---- | C] () -- C:\Users\Pabis\Desktop\RSITx64.exe
[2010.11.08 23:30:32 | 000,001,263 | ---- | C] () -- C:\Users\Pabis\Desktop\Spybot - Search & Destroy.lnk
[2010.11.08 22:29:11 | 013,053,058 | ---- | C] () -- C:\Users\Pabis\Desktop\ethereal-setup-0.99.0.exe
[2010.11.07 22:48:59 | 000,000,017 | ---- | C] () -- C:\Users\Pabis\AppData\Local\resmon.resmoncfg
[2010.11.07 21:29:49 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.11.03 22:07:22 | 000,025,088 | ---- | C] () -- C:\Users\Pabis\Desktop\Nový Dokument aplikace Microsoft Word.doc
[2010.11.01 22:50:52 | 000,021,504 | ---- | C] () -- C:\Users\Pabis\Desktop\sms.doc
[2010.10.26 21:25:21 | 000,090,112 | ---- | C] () -- C:\Users\Pabis\Desktop\Psychologická příprava kompletní.doc
[2010.10.26 01:18:00 | 000,000,651 | ---- | C] () -- C:\Users\Pabis\Desktop\Frozen Throne.lnk
[2010.10.26 01:11:36 | 000,000,646 | ---- | C] () -- C:\Users\Pabis\Desktop\Warcraft III.lnk
[2010.10.26 01:05:12 | 000,042,573 | ---- | C] () -- C:\Windows\War3Unin.dat
[2010.10.26 01:05:12 | 000,002,829 | ---- | C] () -- C:\Windows\War3Unin.pif
[2010.10.26 00:17:58 | 000,002,097 | ---- | C] () -- C:\Users\Public\Desktop\Play Thief - Deadly Shadows.lnk
[2010.10.22 01:45:37 | 000,000,984 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2010.03.29 13:55:36 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.02.26 10:58:53 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== LOP Check ==========

[2010.11.08 22:31:16 | 000,000,000 | ---D | M] -- C:\Users\Pabis\AppData\Roaming\Ethereal
[2010.02.26 11:44:21 | 000,000,000 | ---D | M] -- C:\Users\Pabis\AppData\Roaming\GHISLER
[2010.11.14 15:04:47 | 000,000,000 | ---D | M] -- C:\Users\Pabis\AppData\Roaming\ICQ
[2010.02.25 13:56:10 | 000,000,000 | ---D | M] -- C:\Users\Pabis\AppData\Roaming\WinBatch
[2010.11.14 15:08:12 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

Viny · #14 Příspěvek od **Viny** » 14 lis 2010 15:24

OTL Extras logfile created on: 14.11.2010 15:17:33 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Pabis\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 117,54 Gb Total Space | 51,90 Gb Free Space | 44,15% Space Free | Partition Type: NTFS
Drive D: | 113,88 Gb Total Space | 80,52 Gb Free Space | 70,70% Space Free | Partition Type: NTFS
Drive E: | 7,85 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: PABIS-PC | User Name: Pabis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3207058294-1062121894-635718524-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0FB2E75A-1024-331F-77EF-D45F71505D58}" = ATI Catalyst Install Manager
"{729F014A-9E91-49A6-B5F2-E8AA941452AE}" = O2Micro Flash Memory Card Reader Driver
"{9EE58CAC-21D5-1412-F0F2-CB9CD8834B59}" = ccc-utility64
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"WinRAR archiver" = WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0163E195-D5EF-BF70-CBEE-73AA7CBBBEEE}" = CCC Help Thai
"{03883959-80DA-6151-CEAE-46A058CF774F}" = CCC Help Danish
"{096D1CCF-0F1E-08FB-094F-C40A633D5AEB}" = ccc-core-static
"{13D0EB07-FCA0-C005-A6C5-B1A4B7E5BB48}" = Catalyst Control Center Core Implementation
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1D4A3E7D-A580-5BB7-DED3-48508A53D2B2}" = CCC Help Chinese Standard
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22354A21-BE84-0D40-191D-6E530B715CCF}" = CCC Help Polish
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2F36BA32-7986-9E40-B3F6-908B214EC898}" = CCC Help Japanese
"{2F4A39B2-5A2D-3E9F-E8EA-6F891A097ACF}" = CCC Help English
"{3DBE8669-1F7D-E1C9-2BC8-CC4BAE0A5136}" = CCC Help Turkish
"{3FF5FF03-DB97-2ACE-BAE7-61D6D4A39F9B}" = Catalyst Control Center Graphics Full Existing
"{4CEE0E9F-2116-BE92-CD54-8D1834935B54}" = Catalyst Control Center Localization All
"{5DD59391-FED6-576D-B6BD-71111EF96522}" = CCC Help Russian
"{6168260A-6D56-50BB-193C-BF6F471394AA}" = CCC Help Greek
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A150790-FC79-D323-92D4-E773E3A03789}" = CCC Help Portuguese
"{6CB88B54-4C1C-E6AB-49C6-476DE56327BC}" = CCC Help Spanish
"{6D8CDEF0-1BB9-400C-A337-BF69488DB331}" = Painkiller
"{6DE880FE-F0C9-BC57-B7C5-2ABEAE1E501E}" = CCC Help German
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{79660B73-3DD0-9C3D-3F29-0E266F3AE5EA}" = CCC Help Norwegian
"{81E5E076-F2C1-AE09-A360-0CAC2967FD5F}" = CCC Help Swedish
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{986CAA52-3249-B34F-DC64-07347926CF57}" = CCC Help Korean
"{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.0 - Czech
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5B8BA5D-55CA-9351-984B-048FEF97A544}" = Catalyst Control Center Graphics Previews Vista
"{B6DECBD2-EC09-17C3-35AE-8C72B08062C9}" = CCC Help Czech
"{BF3AB290-563B-2F6F-9AF0-189B5CCF2C01}" = Catalyst Control Center Graphics Light
"{C644BA4B-07D6-A67E-9EB4-157F6DEB68BE}" = CCC Help Chinese Traditional
"{D0831990-FF97-1F08-668D-4743CC32EFBC}" = CCC Help Finnish
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D9835CE0-E294-83FE-AF9F-BC113A0D2EA9}" = CCC Help Hungarian
"{E25FA4E1-678F-414F-9777-1E3FDBBDA4D1}" = Catalyst Control Center InstallProxy
"{E3D63B95-4B21-414A-A2C7-D6D6A6AC6D79}" = Catalyst Control Center - Branding
"{E8B28EF5-2A73-03A7-4F02-2DFF1D182940}" = Catalyst Control Center Graphics Full New
"{E94F833D-6435-40A2-112C-4BC18100B91D}" = CCC Help Italian
"{EEA02668-D5D9-AEFF-6FFB-1EB5BC765A52}" = CCC Help French
"{FC123EEA-330A-4685-911C-95B8F5E9DE68}" = Thief - Deadly Shadows
"{FCD674E3-F281-46D6-7717-6EAFDD16D8FC}" = CCC Help Dutch
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ICQToolbar" = ICQ Toolbar
"InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"O2 Mobilni internet" = O2 Mobilni internet
"Totalcmd" = Total Commander (Remove or Repair)
"Warcraft III" = Warcraft III
"Winamp" = Winamp
"World of Warcraft" = World of Warcraft

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3207058294-1062121894-635718524-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Warcraft III" = Warcraft III: All Products
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8.11.2010 17:31:16 | Computer Name = Pabis-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: ethereal.exe, verze: 0.99.0.0, časové razítko:
0x444d275e Název chybujícího modulu: libgtk-win32-2.0-0.dll, verze: 2.6.9.0, časové
razítko: 0x42ef4765 Kód výjimky: 0xc0000005 Posun chyby: 0x001c8927 ID chybujícího
procesu: 0x1250 Čas spuštění chybující aplikace: 0x01cb7f8c40255c87 Cesta k chybující
aplikaci: C:\Program Files (x86)\Ethereal\ethereal.exe Cesta k chybujícímu modulu:
C:\Program Files (x86)\Ethereal\libgtk-win32-2.0-0.dll ID zprávy: 841d62a8-eb7f-11df-bcf2-00238b4c4549

Error - 8.11.2010 17:31:33 | Computer Name = Pabis-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: ethereal.exe, verze: 0.99.0.0, časové razítko:
0x444d275e Název chybujícího modulu: libgtk-win32-2.0-0.dll, verze: 2.6.9.0, časové
razítko: 0x42ef4765 Kód výjimky: 0xc0000005 Posun chyby: 0x001c8927 ID chybujícího
procesu: 0x1090 Čas spuštění chybující aplikace: 0x01cb7f8c4de28f97 Cesta k chybující
aplikaci: C:\Program Files (x86)\Ethereal\ethereal.exe Cesta k chybujícímu modulu:
C:\Program Files (x86)\Ethereal\libgtk-win32-2.0-0.dll ID zprávy: 8e17651e-eb7f-11df-bcf2-00238b4c4549

Error - 8.11.2010 17:35:16 | Computer Name = Pabis-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: ethereal.exe, verze: 0.99.0.0, časové razítko:
0x444d275e Název chybujícího modulu: libgtk-win32-2.0-0.dll, verze: 2.6.9.0, časové
razítko: 0x42ef4765 Kód výjimky: 0xc0000005 Posun chyby: 0x001c8927 ID chybujícího
procesu: 0x42c Čas spuštění chybující aplikace: 0x01cb7f8ccb229ec5 Cesta k chybující
aplikaci: C:\Program Files (x86)\Ethereal\ethereal.exe Cesta k chybujícímu modulu:
C:\Program Files (x86)\Ethereal\libgtk-win32-2.0-0.dll ID zprávy: 1321210d-eb80-11df-bcf2-00238b4c4549

Error - 8.11.2010 20:26:30 | Computer Name = Pabis-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\program files (x86)\spybot - search
& destroy\DelZip179.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program
files (x86)\spybot - search & destroy\DelZip179.dll na řádku 8. Hodnota * atributu
language v prvku assemblyIdentity je neplatná.

Error - 9.11.2010 22:28:31 | Computer Name = Pabis-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: explorer.exe, verze: 6.1.7600.16385, časové
razítko: 0x4a5bc9bb Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko:
0x00000000 Kód výjimky: 0xc000041d Posun chyby: 0x0000000080005530 ID chybujícího
procesu: 0x1124 Čas spuštění chybující aplikace: 0x01cb807ee6a08426 Cesta k chybující
aplikaci: C:\Windows\explorer.exe Cesta k chybujícímu modulu: unknown ID zprávy:
35213a43-ec72-11df-bbf3-00238b4c4549

Error - 10.11.2010 18:32:18 | Computer Name = Pabis-PC | Source = Application Hang | ID = 1002
Description = Program OTL.exe verze 3.2.17.3 přestal spolupracovat se systémem Windows
a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému,
vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu: 11d0 Čas
spuštění: 01cb811ff1cffd37 Čas ukončení: 7 Cesta k aplikaci: C:\Users\Pabis\Desktop\OTL.exe

ID
hlášení:

Error - 10.11.2010 22:10:24 | Computer Name = Pabis-PC | Source = VSS | ID = 13
Description =

Error - 10.11.2010 22:10:24 | Computer Name = Pabis-PC | Source = VSS | ID = 8193
Description =

Error - 11.11.2010 2:03:30 | Computer Name = Pabis-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\program files (x86)\spybot - search
& destroy\DelZip179.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program
files (x86)\spybot - search & destroy\DelZip179.dll na řádku 8. Hodnota * atributu
language v prvku assemblyIdentity je neplatná.

Error - 13.11.2010 13:22:37 | Computer Name = Pabis-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\program files (x86)\spybot - search
& destroy\DelZip179.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program
files (x86)\spybot - search & destroy\DelZip179.dll na řádku 8. Hodnota * atributu
language v prvku assemblyIdentity je neplatná.

[ System Events ]
Error - 13.11.2010 15:48:23 | Computer Name = Pabis-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 13.11.2010 16:07:26 | Computer Name = Pabis-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 13.11.2010 19:37:54 | Computer Name = Pabis-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 14.11.2010 8:24:50 | Computer Name = Pabis-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 14.11.2010 8:24:50 | Computer Name = Pabis-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 14.11.2010 10:08:10 | Computer Name = Pabis-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 14.11.2010 10:08:10 | Computer Name = Pabis-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 14.11.2010 10:13:43 | Computer Name = Pabis-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (15:11:55, ?14.?11.?2010) bylo neočekávané.

Error - 14.11.2010 10:13:43 | Computer Name = Pabis-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 14.11.2010 10:13:43 | Computer Name = Pabis-PC | Source = atikmdag | ID = 43029
Description = Display is not active

< End of report >

#15 Příspěvek od **motji** » 14 lis 2010 18:56

Log projdu večer ještě jednou, ale zkuste zatím přeinstalovat síťovku, vypadá to na nějaký problém s ní.

Error - 8.11.2010 17:35:16 | Computer Name = Pabis-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: ethereal.exe, verze: 0.99.0.0, časové razítko:
0x444d275e Název chybujícího modulu: libgtk-win32-2.0-0.dll, verze: 2.6.9.0, časové
razítko: 0x42ef4765 Kód výjimky: 0xc0000005 Posun chyby: 0x001c8927 ID chybujícího
procesu: 0x42c Čas spuštění chybující aplikace: 0x01cb7f8ccb229ec5 Cesta k chybující
aplikaci: C:\Program Files (x86)\Ethereal\ethereal.exe Cesta k chybujícímu modulu:
C:\Program Files (x86)\Ethereal\libgtk-win32-2.0-0.dll ID zprávy: 1321210d-eb80-11df-bcf2-00238b4c4549

VIRY.CZ

Odesílání velkeho množství paket

Odesílání velkeho množství paket

Re: Odesílání velkeho množství paket

Re: Odesílání velkeho množství paket

Re: Odesílání velkeho množství paket

Re: Odesílání velkeho množství paket

Re: Odesílání velkeho množství paket

Re: Odesílání velkeho množství paket

Re: Odesílání velkeho množství paket

Re: Odesílání velkeho množství paket

Re: Odesílání velkeho množství paket

Re: Odesílání velkeho množství paket

Re: Odesílání velkeho množství paket

Re: Odesílání velkeho množství paket

Re: Odesílání velkeho množství paket

Re: Odesílání velkeho množství paket