OTL logfile created on: 18.3.2011 20:21:46 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\ilona\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 022,00 Mb Total Physical Memory | 203,00 Mb Available Physical Memory | 20,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 48,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 67,60 Gb Total Space | 15,65 Gb Free Space | 23,15% Space Free | Partition Type: NTFS
Drive D: | 6,92 Gb Total Space | 2,40 Gb Free Space | 34,60% Space Free | Partition Type: NTFS
Computer Name: ILONA-PC | User Name: ilona | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.03.18 20:11:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\ilona\Desktop\OTL.exe
PRC - [2011.03.12 09:04:06 | 001,004,088 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2010.08.30 23:25:32 | 002,317,128 | ---- | M] (O&O Software GmbH) -- C:\Program Files\OO Software\Defrag\oodag.exe
PRC - [2009.02.05 22:08:40 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.02.05 22:08:26 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.02.05 22:06:04 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.07.03 14:28:29 | 001,251,720 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2007.08.22 09:22:33 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007.04.23 17:11:42 | 000,262,243 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
PRC - [2007.02.07 15:30:00 | 000,065,536 | R--- | M] (Cognizance Corporation) -- c:\Program Files\Bioscrypt\VeriSoft\Bin\asghost.exe
PRC - [2007.01.10 04:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2007.01.05 07:19:28 | 000,047,712 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
PRC - [2006.11.02 10:44:59 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
========== Modules (SafeList) ==========
MOD - [2011.03.18 20:11:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\ilona\Desktop\OTL.exe
MOD - [2006.11.02 10:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2010.08.30 23:25:32 | 002,317,128 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\Program Files\OO Software\Defrag\oodag.exe -- (OODefragAgent)
SRV - [2009.02.05 22:08:40 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.02.05 22:08:26 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.02.05 22:06:04 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2008.07.03 14:28:29 | 001,251,720 | ---- | M] () [On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008.01.29 17:38:32 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2007.08.22 09:22:33 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.04.23 17:11:44 | 000,106,593 | ---- | M] () [Auto | Stopped] -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2007.04.23 17:11:42 | 000,262,243 | ---- | M] () [Auto | Running] -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2007.02.07 15:30:00 | 000,074,240 | R--- | M] (Cognizance Corporation) [Auto | Running] -- c:\Program Files\Bioscrypt\VeriSoft\Bin\ASWLNPkg.dll -- (ASBroker)
SRV - [2007.01.14 06:11:06 | 000,080,504 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Norton Internet Security\isPwdSvc.exe -- (ISPwdSvc)
SRV - [2007.01.13 02:40:58 | 000,049,248 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007.01.10 04:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice Ex)
SRV - [2007.01.10 04:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2007.01.10 04:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2007.01.10 04:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2007.01.09 13:55:34 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)
SRV - [2007.01.05 07:19:28 | 000,047,712 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- (SymAppCore)
SRV - [2006.11.02 10:46:13 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2006.11.02 10:46:12 | 000,167,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2006.06.22 08:14:00 | 000,131,584 | R--- | M] (Cognizance Corporation) [Auto | Running] -- c:\Program Files\Bioscrypt\VeriSoft\Bin\ASChnl.dll -- (ASChannel)
========== Driver Services (SafeList) ==========
DRV - [2009.02.05 22:07:23 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.02.05 22:07:12 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.02.05 22:06:59 | 000,051,792 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2009.02.05 22:06:20 | 000,051,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.02.05 22:06:10 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2008.07.03 14:29:45 | 000,123,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008.05.27 02:07:58 | 000,050,560 | ---- | M] (Generic USB smartcard reader) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MHIKEY10.sys -- (MHIKEY10)
DRV - [2008.04.17 09:00:00 | 000,895,408 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20080512.003\NAVEX15.SYS -- (NAVEX15)
DRV - [2008.04.17 09:00:00 | 000,082,256 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20080512.003\NAVENG.SYS -- (NAVENG)
DRV - [2008.02.14 02:51:52 | 000,261,680 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20080508.002\IDSvix86.sys -- (IDSvix86)
DRV - [2008.02.13 15:37:46 | 000,385,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2008.02.13 15:37:46 | 000,109,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2007.11.30 23:57:12 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007.11.30 23:57:12 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007.11.30 23:57:12 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007.07.09 03:57:00 | 007,140,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007.04.14 02:49:32 | 000,418,104 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2007.04.12 03:30:52 | 000,160,768 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2007.03.28 17:44:22 | 000,140,424 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2007.03.26 07:25:50 | 000,038,784 | ---- | M] (Axesstel) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Axtmvprt.sys -- (Axtmvprt)
DRV - [2007.03.26 07:25:30 | 000,040,064 | ---- | M] (Axesstel) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Axtmvmdm.sys -- (Axtmvmdm)
DRV - [2007.03.22 09:36:38 | 000,003,456 | ---- | M] (Axesstel) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Axtmvflt.sys -- (Axtmvflt)
DRV - [2007.03.07 05:15:58 | 001,059,112 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007.02.24 15:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007.02.17 00:50:32 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007.01.23 18:03:28 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007.01.23 17:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007.01.09 21:32:14 | 000,191,544 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2007.01.09 21:32:14 | 000,145,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2007.01.09 21:32:14 | 000,040,120 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2007.01.09 21:32:14 | 000,038,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV)
DRV - [2007.01.09 21:32:14 | 000,027,576 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2007.01.09 21:32:14 | 000,012,984 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2006.11.30 09:24:58 | 000,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\Windows\System32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2006.11.28 17:44:52 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006.06.28 08:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2004.06.10 09:42:38 | 000,015,429 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Sacm2A.sys -- (USBCM)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2109365885-4067773582-220652460-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-2109365885-4067773582-220652460-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2109365885-4067773582-220652460-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-2109365885-4067773582-220652460-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2011.03.17 20:04:40 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBHO.dll (Symantec Corporation)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (CHelper Class) - {99A7C4DD-B2E6-4CA0-BB6E-737A61364155} - C:\Program Files\Eurotran 2003\e2003i.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (VeriSoft Access Manager) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-2109365885-4067773582-220652460-1000\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O4 - HKLM..\Run: [MSConfig] C:\Windows\System32\msconfig.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2109365885-4067773582-220652460-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2109365885-4067773582-220652460-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O9 - Extra Button: Eurotran - {572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} - C:\Program Files\Eurotran 2003\e2003i.dll ()
O9 - Extra 'Tools' menuitem : Eurotran - {572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} - C:\Program Files\Eurotran 2003\e2003i.dll ()
O9 - Extra Button: Kniha klipů HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Chytrý výběr - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O15 - HKU\S-1-5-21-2109365885-4067773582-220652460-1000\..Trusted Domains: mojebanka.cz ([www] https in Důvěryhodné servery)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.109.138.254 10.109.255.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\Windows\System32\APSHook.dll) - C:\Windows\System32\APSHook.dll (Cognizance Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\ilona\Pictures\2011-01 (I)\P1220501.JPG
O24 - Desktop BackupWallPaper: C:\Users\ilona\Pictures\2011-01 (I)\P1220501.JPG
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.09.11 16:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - C:\Windows\System32\OODBS.exe (O&O Software GmbH)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-2109365885-4067773582-220652460-1000\...com [@ = ComFile] -- Reg Error: Key error. File not found
O37 - HKU\S-1-5-21-2109365885-4067773582-220652460-1000\...exe [@ = exefile] -- Reg Error: Key error. File not found
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - File not found
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\Windows\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2011.03.18 20:11:18 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\ilona\Desktop\OTL.exe
[2011.03.18 19:17:25 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011.03.17 22:52:13 | 000,000,000 | ---D | C] -- C:\Windows\System32\oodag
[2011.03.17 22:45:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
[2011.03.17 22:45:28 | 000,000,000 | ---D | C] -- C:\Program Files\HD Tune
[2011.03.17 22:42:03 | 000,000,000 | ---D | C] -- C:\Users\ilona\AppData\Local\O&O
[2011.03.17 22:41:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software
[2011.03.17 22:41:00 | 000,000,000 | ---D | C] -- C:\Program Files\OO Software
[2011.03.17 22:06:55 | 000,000,000 | ---D | C] -- C:\Users\ilona\AppData\Local\GHISLER
[2011.03.17 22:05:50 | 000,000,000 | ---D | C] -- C:\Users\ilona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
[2011.03.17 22:05:42 | 000,000,000 | ---D | C] -- C:\totalcmd
[2011.03.17 22:05:42 | 000,000,000 | ---D | C] -- C:\Users\ilona\AppData\Roaming\GHISLER
[2011.03.17 20:41:18 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011.03.17 20:17:07 | 000,000,000 | ---D | C] -- C:\Users\ilona\AppData\Local\temp
[2011.03.17 20:00:48 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011.03.17 19:27:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.03.17 19:22:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011.03.17 19:19:00 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011.03.17 19:19:00 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011.03.17 19:19:00 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011.03.17 19:19:00 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011.03.17 19:14:27 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2011.03.10 21:52:02 | 000,000,000 | ---D | C] -- C:\Users\ilona\AppData\Roaming\Malwarebytes
[2011.03.10 21:51:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.03.10 21:51:50 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.03.10 21:51:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.03.10 21:51:42 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.03.10 21:51:42 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.03.10 21:39:03 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011.03.10 15:51:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Axesstel
[2011.03.10 14:49:58 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011.03.10 14:19:36 | 000,015,429 | ---- | C] ( ) -- C:\Windows\System32\drivers\Sacm2A.sys
[2011.03.05 09:12:05 | 000,000,000 | ---D | C] -- C:\Users\ilona\AppData\Local\Apps
[1 C:\Users\ilona\*.tmp files -> C:\Users\ilona\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.03.18 20:32:16 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.03.18 20:11:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\ilona\Desktop\OTL.exe
[2011.03.18 20:08:38 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{F4E98809-E709-4AB6-8E5E-77EBC994876A}.job
[2011.03.18 20:02:58 | 000,610,142 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.03.18 20:02:58 | 000,473,598 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.03.18 20:02:58 | 000,103,924 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.03.18 20:02:58 | 000,081,404 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.03.18 20:01:26 | 000,027,335 | ---- | M] () -- C:\Users\ilona\AppData\Roaming\nvModes.001
[2011.03.18 19:41:58 | 000,016,384 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2011.03.18 19:41:37 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.03.18 19:41:37 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.03.18 19:41:36 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.03.18 19:41:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.03.18 19:40:56 | 1072,676,864 | -HS- | M] () -- C:\hiberfil.sys
[2011.03.18 19:40:54 | 000,003,828 | ---- | M] () -- C:\Windows\System32\oodbs.lor
[2011.03.17 22:45:31 | 000,000,735 | ---- | M] () -- C:\Users\ilona\Desktop\HD Tune.lnk
[2011.03.17 22:41:13 | 000,001,902 | ---- | M] () -- C:\Users\Public\Desktop\O&O Defrag.lnk
[2011.03.17 22:05:52 | 000,000,584 | ---- | M] () -- C:\Users\ilona\Desktop\Total Commander.lnk
[2011.03.17 21:35:56 | 000,027,335 | ---- | M] () -- C:\Users\ilona\AppData\Roaming\nvModes.dat
[2011.03.17 20:37:47 | 000,000,149 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2011.03.17 20:33:03 | 000,379,776 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.03.17 20:04:40 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011.03.17 19:27:09 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.03.17 08:05:29 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011.03.14 21:20:58 | 000,000,576 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Prověřit tento počítač - ilona.job
[2011.03.10 21:51:51 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.03.10 20:53:29 | 000,000,302 | ---- | M] () -- C:\Windows\tasks\WebReg Deskjet F2100 series.job
[2011.03.10 15:51:09 | 000,002,001 | ---- | M] () -- C:\Users\Public\Desktop\Axesstel Manager.lnk
[2011.02.22 18:52:11 | 000,007,592 | ---- | M] () -- C:\Users\ilona\AppData\Local\d3d9caps.dat
[1 C:\Users\ilona\*.tmp files -> C:\Users\ilona\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.03.18 19:15:44 | 000,003,828 | ---- | C] () -- C:\Windows\System32\oodbs.lor
[2011.03.17 22:45:31 | 000,000,735 | ---- | C] () -- C:\Users\ilona\Desktop\HD Tune.lnk
[2011.03.17 22:41:13 | 000,001,902 | ---- | C] () -- C:\Users\Public\Desktop\O&O Defrag.lnk
[2011.03.17 22:05:51 | 000,000,584 | ---- | C] () -- C:\Users\ilona\Desktop\Total Commander.lnk
[2011.03.17 22:05:45 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF
[2011.03.17 22:05:45 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF
[2011.03.17 22:05:45 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF
[2011.03.17 22:05:45 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF
[2011.03.17 22:05:45 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF
[2011.03.17 22:05:45 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF
[2011.03.17 22:05:45 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF
[2011.03.17 20:01:59 | 1072,676,864 | -HS- | C] () -- C:\hiberfil.sys
[2011.03.17 19:27:09 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.03.10 21:51:51 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.03.10 20:53:27 | 000,000,302 | ---- | C] () -- C:\Windows\tasks\WebReg Deskjet F2100 series.job
[2011.03.10 15:51:09 | 000,002,001 | ---- | C] () -- C:\Users\Public\Desktop\Axesstel Manager.lnk
[2011.03.10 14:19:36 | 000,053,693 | ---- | C] () -- C:\Windows\UNDPX2A.sys
[2011.03.10 14:19:35 | 000,135,168 | ---- | C] () -- C:\Windows\UNDPX2A.exe
[2010.11.07 21:42:55 | 000,157,535 | ---- | C] () -- C:\Windows\hpoins14.dat
[2010.11.07 21:42:54 | 000,002,000 | ---- | C] () -- C:\Windows\hpomdl14.dat
[2009.02.28 10:37:10 | 000,114,833 | ---- | C] () -- C:\Windows\hpqins11.dat
[2008.11.21 15:06:07 | 000,004,096 | -H-- | C] () -- C:\Users\ilona\AppData\Local\keyfile3.drm
[2008.08.26 14:19:54 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008.06.02 19:58:32 | 000,007,592 | ---- | C] () -- C:\Users\ilona\AppData\Local\d3d9caps.dat
[2008.04.06 11:23:29 | 000,157,449 | ---- | C] () -- C:\Windows\hpoins14.dat.temp
[2008.04.06 11:23:29 | 000,002,000 | ---- | C] () -- C:\Windows\hpomdl14.dat.temp
[2008.03.30 11:47:12 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2008.03.30 11:47:10 | 001,559,040 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008.03.30 11:47:10 | 000,282,624 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008.03.30 11:47:09 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008.03.30 11:47:09 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008.03.30 11:12:52 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2008.03.22 11:37:11 | 000,000,000 | ---- | C] () -- C:\Users\ilona\AppData\Roaming\wklnhst.dat
[2008.03.07 15:57:09 | 000,027,335 | ---- | C] () -- C:\Users\ilona\AppData\Roaming\nvModes.dat
[2008.03.07 15:57:09 | 000,027,335 | ---- | C] () -- C:\Users\ilona\AppData\Roaming\nvModes.001
[2008.03.05 20:28:27 | 000,018,432 | ---- | C] () -- C:\Users\ilona\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.08.22 10:08:40 | 000,110,529 | ---- | C] () -- C:\Windows\hpqins13.dat
[2007.08.22 09:00:55 | 000,001,732 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2007.02.27 21:43:02 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2007.01.08 22:09:29 | 000,473,598 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2007.01.08 22:09:29 | 000,286,912 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2007.01.08 22:09:29 | 000,081,404 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2007.01.08 22:09:29 | 000,034,724 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2006.12.13 22:01:36 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006.12.13 22:01:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,379,776 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,610,142 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,103,924 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.11.02 08:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006.11.02 08:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2006.03.10 01:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005.05.07 13:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2005.04.03 21:30:00 | 000,110,592 | R--- | C] () -- C:\Windows\System32\scardsyn.dll
[2003.04.09 15:38:04 | 000,005,664 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
[1998.05.07 02:10:00 | 000,069,632 | R--- | C] () -- C:\Windows\System32\ODMA32.dll
========== LOP Check ==========
[2011.01.01 13:48:51 | 000,000,000 | ---D | M] -- C:\Users\ilona\AppData\Roaming\Boolat Games
[2011.03.17 22:05:42 | 000,000,000 | ---D | M] -- C:\Users\ilona\AppData\Roaming\GHISLER
[2008.03.12 18:08:18 | 000,000,000 | ---D | M] -- C:\Users\ilona\AppData\Roaming\ICQ
[2009.03.25 16:03:23 | 000,000,000 | ---D | M] -- C:\Users\ilona\AppData\Roaming\ICQ Toolbar
[2008.03.30 14:33:09 | 000,000,000 | ---D | M] -- C:\Users\ilona\AppData\Roaming\InfraRecorder
[2009.12.25 16:39:14 | 000,000,000 | ---D | M] -- C:\Users\ilona\AppData\Roaming\Leadertech
[2008.04.05 08:56:23 | 000,000,000 | ---D | M] -- C:\Users\ilona\AppData\Roaming\Template
[2011.03.18 19:39:46 | 000,032,560 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.03.18 20:08:38 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{F4E98809-E709-4AB6-8E5E-77EBC994876A}.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
< c:\windows\*.* /U >
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2008.03.12 09:23:06 | 000,000,000 | ---D | M] -- C:\Users\ilona\AppData\Roaming\Adobe
[2011.01.01 13:48:51 | 000,000,000 | ---D | M] -- C:\Users\ilona\AppData\Roaming\Boolat Games
[2008.03.05 04:30:02 | 000,000,000 | ---D | M] -- C:\Users\ilona\AppData\Roaming\CyberLink
[2011.03.17 22:05:42 | 000,000,000 | ---D | M] -- C:\Users\ilona\AppData\Roaming\GHISLER
[2008.07.25 13:18:54 | 000,000,000 | ---D | M] -- C:\Users\ilona\AppData\Roaming\Google
[2008.03.05 03:42:56 | 000,000,000 | ---D | M] -- C:\Users\ilona\AppData\Roaming\Hewlett-Packard
[2008.03.07 22:12:48 | 000,000,000 | ---D | M] -- C:\Users\ilona\AppData\Roaming\HP
[2008.03.07 19:55:57 | 000,000,000 | ---D | M] -- C:\Users\ilona\AppData\Roaming\HPAppData
[2011.01.06 18:11:22 | 000,000,000 | ---D | M] -- C:\Users\ilona\AppData\Roaming\HpUpdate
[2008.03.12 18:08:18 | 000,000,000 | ---D | M] -- C:\Users\ilona\AppData\Roaming\ICQ
[2009.03.25 16:03:23 | 000,000,000 | ---D | M] -- C:\Users\ilona\AppData\Roaming\ICQ Toolbar
[2008.03.05 04:25:12 | 000,000,000 | ---D | M] -- C:\Users\ilona\AppData\Roaming\Identities
[2008.03.30 14:33:09 | 000,000,000 | ---D | M] -- C:\Users\ilona\AppData\Roaming\InfraRecorder
[2009.12.25 16:39:14 | 000,000,000 | ---D | M] -- C:\Users\ilona\AppData\Roaming\Leadertech
[2008.03.05 03:44:02 | 000,000,000 | ---D | M] -- C:\Users\ilona\AppData\Roaming\Macromedia
[2011.03.10 21:52:02 | 000,000,000 | ---D | M] -- C:\Users\ilona\AppData\Roaming\Malwarebytes
[2006.11.02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\ilona\AppData\Roaming\Media Center Programs
[2008.03.30 11:55:33 | 000,000,000 | ---D | M] -- C:\Users\ilona\AppData\Roaming\Media Player Classic
[2009.09.20 18:06:02 | 000,000,000 | --SD | M] -- C:\Users\ilona\AppData\Roaming\Microsoft
[2008.03.12 14:22:03 | 000,000,000 | ---D | M] -- C:\Users\ilona\AppData\Roaming\Mozilla
[2008.03.30 11:47:07 | 000,000,000 | ---D | M] -- C:\Users\ilona\AppData\Roaming\Real
[2008.03.30 14:20:30 | 000,000,000 | ---D | M] -- C:\Users\ilona\AppData\Roaming\Roxio
[2009.12.25 16:51:16 | 000,000,000 | RH-D | M] -- C:\Users\ilona\AppData\Roaming\SecuROM
[2011.03.18 19:19:29 | 000,000,000 | ---D | M] -- C:\Users\ilona\AppData\Roaming\Skype
[2011.03.18 19:19:38 | 000,000,000 | ---D | M] -- C:\Users\ilona\AppData\Roaming\skypePM
[2008.04.05 08:56:23 | 000,000,000 | ---D | M] -- C:\Users\ilona\AppData\Roaming\Template
< %APPDATA%\*.exe /s >
< MD5 for: AGP440.SYS >
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\SoftwareDistribution\Download\1c436700711381f954e9ff3f0c4b052b\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\SoftwareDistribution\Download\e903a553101524a190c8d6ab3f6d8dc0\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2007.08.22 10:19:57 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=313FF294978EA6AF715722D708FB249F -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20494_none_b858f78adaed51b3\AGP440.sys
[2007.08.22 10:19:57 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=CE71AFD6738AA025D742CDBCFBDC8B9C -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f2490cb0\AGP440.sys
[2007.08.22 10:19:57 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=CE71AFD6738AA025D742CDBCFBDC8B9C -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16399_none_b7d45c31c1cb309c\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\SoftwareDistribution\Download\1c436700711381f954e9ff3f0c4b052b\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.03.14 18:29:56 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\drivers\atapi.sys
[2008.03.14 18:29:56 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008.03.14 18:29:56 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008.03.14 18:29:55 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
< MD5 for: CDROM.SYS >
[2008.01.19 06:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\SoftwareDistribution\Download\1c436700711381f954e9ff3f0c4b052b\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2008.01.19 06:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\SoftwareDistribution\Download\e903a553101524a190c8d6ab3f6d8dc0\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2006.11.02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\drivers\cdrom.sys
[2006.11.02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2006.11.02 10:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\System32\cryptsvc.dll
[2006.11.02 10:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll
[2008.01.19 08:34:00 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\SoftwareDistribution\Download\1c436700711381f954e9ff3f0c4b052b\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2008.01.19 08:34:00 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\SoftwareDistribution\Download\e903a553101524a190c8d6ab3f6d8dc0\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\explorer.exe
[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008.03.15 08:16:28 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2008.03.15 08:16:28 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 08:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\SoftwareDistribution\Download\1c436700711381f954e9ff3f0c4b052b\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
[2008.01.19 08:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\SoftwareDistribution\Download\e903a553101524a190c8d6ab3f6d8dc0\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: HAL.DLL >
[2007.08.22 09:21:34 | 000,160,872 | ---- | M] (Microsoft Corporation) MD5=779D32272A54384807A4424D90293378 -- C:\Windows\System32\hal.dll
< MD5 for: IASTORV.SYS >
[2008.01.19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\SoftwareDistribution\Download\1c436700711381f954e9ff3f0c4b052b\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2008.01.19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\SoftwareDistribution\Download\e903a553101524a190c8d6ab3f6d8dc0\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2006.11.02 10:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\drivers\isapnp.sys
[2006.11.02 10:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008.01.19 08:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\SoftwareDistribution\Download\1c436700711381f954e9ff3f0c4b052b\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008.01.19 08:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\SoftwareDistribution\Download\e903a553101524a190c8d6ab3f6d8dc0\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2007.08.22 10:19:57 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=B5B664CFE3B8C4E426B164103373DFFD -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20494_none_b858f78adaed51b3\isapnp.sys
[2007.08.22 10:19:58 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=C756DC995A7E81A66E0D59305EE4A25F -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f2490cb0\isapnp.sys
[2007.08.22 10:19:58 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=C756DC995A7E81A66E0D59305EE4A25F -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16399_none_b7d45c31c1cb309c\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.06.15 13:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009.09.10 15:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009.06.15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009.02.13 08:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2006.11.02 10:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=6A0E382E74280E4CC0DF17FE2661D003 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_a413c8c65fe02762\lsass.exe
[2009.06.15 14:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2009.06.15 13:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009.02.13 05:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009.06.15 13:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2009.06.15 14:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\System32\lsass.exe
[2009.06.15 14:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009.09.09 12:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009.09.10 15:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008.01.19 08:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\SoftwareDistribution\Download\1c436700711381f954e9ff3f0c4b052b\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008.01.19 08:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\SoftwareDistribution\Download\e903a553101524a190c8d6ab3f6d8dc0\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008.01.19 08:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2009.02.13 09:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe
< MD5 for: NDIS.SYS >
[2006.11.02 10:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\System32\drivers\ndis.sys
[2006.11.02 10:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
[2008.01.19 08:43:31 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\SoftwareDistribution\Download\1c436700711381f954e9ff3f0c4b052b\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
[2008.01.19 08:43:31 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\SoftwareDistribution\Download\e903a553101524a190c8d6ab3f6d8dc0\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
< MD5 for: NETLOGON.DLL >
[2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\System32\netlogon.dll
[2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2008.01.19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\SoftwareDistribution\Download\1c436700711381f954e9ff3f0c4b052b\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
[2008.01.19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\SoftwareDistribution\Download\e903a553101524a190c8d6ab3f6d8dc0\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVRAID.SYS >
[2008.01.19 08:43:01 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\SoftwareDistribution\Download\1c436700711381f954e9ff3f0c4b052b\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.11.02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\drivers\nvraid.sys
[2006.11.02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\SoftwareDistribution\Download\1c436700711381f954e9ff3f0c4b052b\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\SoftwareDistribution\Download\1c436700711381f954e9ff3f0c4b052b\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2008.01.19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\SoftwareDistribution\Download\e903a553101524a190c8d6ab3f6d8dc0\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\System32\scecli.dll
[2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
< MD5 for: SMSS.EXE >
[2008.01.19 08:33:31 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\SoftwareDistribution\Download\1c436700711381f954e9ff3f0c4b052b\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2008.01.19 08:33:31 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\SoftwareDistribution\Download\e903a553101524a190c8d6ab3f6d8dc0\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2006.11.02 10:45:45 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=CAA75757BB3695478C23CB0624342A61 -- C:\Windows\System32\smss.exe
[2006.11.02 10:45:45 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=CAA75757BB3695478C23CB0624342A61 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.16386_none_aa03e6011c468ee6\smss.exe
< MD5 for: SVCHOST.EXE >
[2006.11.02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\System32\svchost.exe
[2006.11.02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008.01.19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\SoftwareDistribution\Download\1c436700711381f954e9ff3f0c4b052b\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2008.01.19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\SoftwareDistribution\Download\e903a553101524a190c8d6ab3f6d8dc0\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
< MD5 for: TCPIP.SYS >
[2009.12.08 21:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009.08.15 22:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 18:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2010.02.18 12:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 15:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 15:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2009.12.08 21:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010.02.18 15:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 13:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\System32\drivers\tcpip.sys
[2010.02.18 13:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2008.03.14 18:27:19 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[2009.12.08 21:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2008.03.14 18:27:20 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[2009.08.14 17:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2009.12.08 18:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009.08.14 18:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 18:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2009.12.08 18:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2006.11.02 09:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2010.02.18 15:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009.12.08 21:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2008.01.19 08:43:39 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\SoftwareDistribution\Download\1c436700711381f954e9ff3f0c4b052b\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 17:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SoftwareDistribution\Download\1c436700711381f954e9ff3f0c4b052b\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\System32\userinit.exe
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
< MD5 for: WINLOGON.EXE >
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\System32\winlogon.exe
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\SoftwareDistribution\Download\1c436700711381f954e9ff3f0c4b052b\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2_32.DLL >
[2008.01.19 08:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\SoftwareDistribution\Download\1c436700711381f954e9ff3f0c4b052b\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
[2006.11.02 10:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll
[2006.11.02 10:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 11:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
Prosím o kontrolu OTL logu. Dostal se mi do ruky ntb, který je neskutečně zpomalený, jak načítání windows tak práce s aplikacemi. Provedl jsem pročištění CCleanrem defragmentace v pořádku, vypnutí aplikací pospuštění PC. Předem děkuji
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\system32\*.dll /lockedfiles >
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2011.03.18 21:41:11 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.03.18 21:41:11 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.03.17 20:33:03 | 000,379,776 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.03.18 19:41:58 | 000,032,768 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2011.03.17 19:18:49 | 000,006,521 | ---- | M] () -- C:\Windows\System32\jupdate-1.6.0_24-b07.log
[2011.03.18 19:40:54 | 000,003,828 | ---- | M] () -- C:\Windows\System32\oodbs.lor
[2011.03.18 20:02:58 | 000,081,404 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.03.18 20:02:58 | 000,103,924 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.03.18 20:02:58 | 000,473,598 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.03.18 20:02:58 | 000,610,142 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.03.18 20:02:57 | 001,259,320 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
< End of report >
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu OTL logu - zpomalený ntb
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu OTL logu - zpomalený ntb
OTL Extras logfile created on: 18.3.2011 20:21:46 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\ilona\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 022,00 Mb Total Physical Memory | 203,00 Mb Available Physical Memory | 20,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 48,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 67,60 Gb Total Space | 15,65 Gb Free Space | 23,15% Space Free | Partition Type: NTFS
Drive D: | 6,92 Gb Total Space | 2,40 Gb Free Space | 34,60% Space Free | Partition Type: NTFS
Computer Name: ILONA-PC | User Name: ilona | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-2109365885-4067773582-220652460-1000\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.cmd [@ = cmdfile] -- Reg Error: Key error. File not found
.com [@ = ComFile] -- Reg Error: Key error. File not found
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.pif [@ = piffile] -- Reg Error: Key error. File not found
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A98D5C3-45A1-4B8A-AB11-0EFCF3356216}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6165D4E6-8B2A-401D-835D-F0479BAD3727}" = lport=139 | protocol=6 | dir=in | app=system |
"{78B74043-3102-497E-821B-6700983527F5}" = rport=139 | protocol=6 | dir=out | app=system |
"{8696E7F9-318A-4CA3-8302-34439C0A8A6F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{97620FE7-C6D1-45B4-A204-D67CC81D25D4}" = rport=137 | protocol=17 | dir=out | app=system |
"{99D1F6A9-CA04-4ACB-A19E-A8E3D57AC31F}" = lport=137 | protocol=17 | dir=in | app=system |
"{ACEFF603-CF9E-4F6C-8B35-BA7BA3970EA6}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{AE785040-AA56-4D5A-A9E3-C8B1E6717BD9}" = lport=445 | protocol=6 | dir=in | app=system |
"{C9C90F40-86E3-4E85-B6C5-28610097EC58}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{D87771CD-C845-4CF0-B81C-3C763095D70D}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{DDE38A0A-554D-45DE-89FB-CC96834E968F}" = rport=138 | protocol=17 | dir=out | app=system |
"{E33CEB51-BDEF-434F-ABDD-39120011B5DF}" = rport=445 | protocol=6 | dir=out | app=system |
"{F271E71E-1997-4C63-BC3F-175EBCE8BADB}" = lport=138 | protocol=17 | dir=in | app=system |
"{FB01ED87-00DF-4926-9028-75BD149D0D10}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06481273-6192-4B2F-9CDB-61697769B275}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2387EEE6-9B22-4EF7-89D6-423F79760BB9}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{3EB36591-309D-4C8F-8661-8182D49DE38F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4ECBB00F-75F7-4A1D-94C9-DAE06B5AC637}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A200C5EF-3DFE-4590-82E6-B8D22063F1CC}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
"{CC45348A-535F-4979-B194-283CB9A5C548}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{D9398C51-932A-4BE9-AE3D-0AD3EC50E163}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E4EC8C17-9C43-4B65-BF0A-1BD495A9D35A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{EF154C33-3BFA-4E28-8583-55EA32FC1B3D}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0ABA40AF-288D-41F1-B735-C5155692CD7D}" = VeriSoft Access Manager
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{22466889-7642-488d-AA0E-F619704CF7AB}" = DeviceDiscovery
"{2315B23D-3E21-4920-837D-AE6460934ECB}" = FIFA 09
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 24
"{290B83AA-093A-45BF-A917-D1C4A1E8D917}" = HP Active Support Library
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}" = SymNet
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{32F63023-1440-4946-9CD8-B365090C8410}" = ESU for Microsoft Vista
"{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}" = Roxio MyDVD Basic v9
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.20 B1
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module
"{3672B097-EA69-4bfe-B92F-29AE6D9D2B34}" = Norton Internet Security
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}" = ccCommon
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{415CDA53-9100-476F-A7B2-476691E117C7}" = HP Smart Web Printing
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.2
"{48185814-A224-447A-81DA-71BD20580E1B}" = Norton Internet Security
"{4843B611-8FCB-4428-8C23-31D0A5EAE164}" = Norton Confidential Browser Component
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D3EC3E0-B111-42F7-879F-420E078FE616}" = Symantec Real Time Storage Protection Component
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{571700F0-DB9D-4B3A-B03D-35A14BB5939F}" = Windows Live Messenger
"{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{623446F8-D2D4-4942-9CA2-9D71ED8B24E9}" = Football Generation
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{7BC6B815-D9F1-4C43-82B4-7CB25458DD31}" = O&O Defrag Professional
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{830D8CBD-C668-49e2-A969-C2C2106332E0}" = Norton AntiVirus
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9061CEF2-51F5-42C9-8A70-9ED351C6597A}" = HP Help and Support
"{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}" = Norton Protection Center
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B4F35A00-24FD-4fb3-BF5E-413D5423434D}" = DJ_AIO_Software_min
"{B61B6668-A674-4A06-8405-51944D5CCDDD}" = AuthenTec Fingerprint Sensor Minimum Install
"{B7C61755-DB48-4003-948F-3D34DB8EAF69}" = MSRedist
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{C1920D73-7374-49d9-8C37-58A6E49078A5}" = F2100_Help
"{C5EF81AC-FE4C-4157-97E3-2E08B000742A}" = F2100_doccd
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{CA50045C-5119-48e7-9BA7-6B317379857A}" = DJ_AIO_Software
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D32067CD-7409-4792-BFA0-1469BCD8F0C8}" = HP Wireless Assistant
"{D353CC51-430D-4C6F-9B7E-52003DA1E05A}" = Norton Confidential Web Protection Component
"{D9B4D7EE-481C-4C36-86AB-A8F7417725FF}" = LightScribe 1.6.43.1
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DDFD9BA2-8E26-4E49-92AE-882424DAB1BC}" = HP User Guides 0057
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E2B8BC2B-DA7A-423C-9E3E-DC68835099E6}" = Axesstel Manager
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton Internet Security
"{E548726E-F4E8-459f-BAB8-45551BC071E9}" = DJ_AIO_ProductContext
"{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton Internet Security
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F1C409F0-8322-4c87-BD08-2F62777D490D}" = F2100
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F2620FDC-8D31-4BA3-B003-89B8FFE9EDCF}" = MSCU for Microsoft Vista
"{F4DB525F-A986-4249-B98B-42A8066251CA}" = AV
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}" = HP Deskjet All-In-One Software 9.0
"{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}" = HP Active Support Library 32 bit components
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"avast!" = avast! Antivirus
"CCleaner" = CCleaner
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5045&SUBSYS_103C30B7" = HDAUDIO Soft Data Fax Modem with SmartCP
"Eurotran 2003" = Eurotran 2003
"Google Chrome" = Google Chrome
"HD Tune_is1" = HD Tune 2.55
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"InfraRecorder" = InfraRecorder
"InstallShield_{E2B8BC2B-DA7A-423C-9E3E-DC68835099E6}" = Axesstel Manager
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 3.5.7
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MotoGP_is1" = MotoGP
"NVIDIA Drivers" = NVIDIA Drivers
"Pet Soccer" = Pet Soccer
"Shockwave" = Shockwave
"SmartAudio" = SmartAudio
"SymSetup.{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security (Symantec Corporation)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"WebSTAR DPC2100 Uninstall" = Scientific-Atlanta WebSTAR 2000 series Cable Modem
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar
"YInstHelper" = Yahoo! Install Manager
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 14.6.2010 13:22:38 | Computer Name = ilona-PC | Source = avast! | ID = 33554522
Description = ?
Error - 22.6.2010 13:35:26 | Computer Name = ilona-PC | Source = avast! | ID = 33554522
Description = ?
Error - 12.7.2010 11:07:53 | Computer Name = ilona-PC | Source = avast! | ID = 33554522
Description = ?
Error - 10.8.2010 10:36:25 | Computer Name = ilona-PC | Source = avast! | ID = 33554522
Description = ?
Error - 9.10.2010 10:45:03 | Computer Name = ilona-PC | Source = avast! | ID = 33554522
Description = ?
Error - 12.10.2010 11:27:34 | Computer Name = ilona-PC | Source = avast! | ID = 33554522
Description = ?
Error - 19.11.2010 7:40:43 | Computer Name = ilona-PC | Source = avast! | ID = 33554522
Description = ?
Error - 4.1.2011 14:24:50 | Computer Name = ilona-PC | Source = avast! | ID = 33554522
Description = ?
Error - 27.1.2011 17:10:55 | Computer Name = ilona-PC | Source = avast! | ID = 33554522
Description = ?
Error - 15.3.2011 7:43:47 | Computer Name = ilona-PC | Source = avast! | ID = 33554522
Description = ?
[ Application Events ]
Error - 25.8.2009 9:40:24 | Computer Name = ilona-PC | Source = WerSvc | ID = 5007
Description =
Error - 26.8.2009 8:28:35 | Computer Name = ilona-PC | Source = WerSvc | ID = 5007
Description =
Error - 27.8.2009 9:22:40 | Computer Name = ilona-PC | Source = WerSvc | ID = 5007
Description =
Error - 28.8.2009 7:25:34 | Computer Name = ilona-PC | Source = WerSvc | ID = 5007
Description =
Error - 29.8.2009 3:48:49 | Computer Name = ilona-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 7.0.6000.16890, časové razítko
0x4a619d6d, chybující modul Flash10b.ocx, verze 10.0.22.87, časové razítko 0x4987a6c3,
kód výjimky 0xc0000005, posun chyby 0x001ea5c0, ID procesu 0x115c, čas spuštění
aplikace 0x01ca27d285aa7a26.
Error - 30.8.2009 4:40:17 | Computer Name = ilona-PC | Source = WerSvc | ID = 5007
Description =
Error - 31.8.2009 8:57:37 | Computer Name = ilona-PC | Source = WerSvc | ID = 5007
Description =
Error - 1.9.2009 8:07:24 | Computer Name = ilona-PC | Source = WerSvc | ID = 5007
Description =
Error - 3.9.2009 13:15:02 | Computer Name = ilona-PC | Source = WerSvc | ID = 5007
Description =
Error - 4.9.2009 11:31:51 | Computer Name = ilona-PC | Source = WerSvc | ID = 5007
Description =
[ System Events ]
Error - 18.3.2011 14:15:24 | Computer Name = ilona-PC | Source = ACPI | ID = 327686
Description = IRQARB: Systém ACPI BIOS neobsahuje přerušení IRQ pro zařízení v patici
PCI 11 s funkcí 0. Obraťte se na prodejce systému s žádostí o odbornou pomoc.
Error - 18.3.2011 14:17:24 | Computer Name = ilona-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 18.3.2011 14:29:27 | Computer Name = ilona-PC | Source = ACPI | ID = 327686
Description = IRQARB: Systém ACPI BIOS neobsahuje přerušení IRQ pro zařízení v patici
PCI 12 s funkcí 0. Obraťte se na prodejce systému s žádostí o odbornou pomoc.
Error - 18.3.2011 14:29:27 | Computer Name = ilona-PC | Source = ACPI | ID = 327686
Description = IRQARB: Systém ACPI BIOS neobsahuje přerušení IRQ pro zařízení v patici
PCI 13 s funkcí 0. Obraťte se na prodejce systému s žádostí o odbornou pomoc.
Error - 18.3.2011 14:29:27 | Computer Name = ilona-PC | Source = ACPI | ID = 327686
Description = IRQARB: Systém ACPI BIOS neobsahuje přerušení IRQ pro zařízení v patici
PCI 14 s funkcí 0. Obraťte se na prodejce systému s žádostí o odbornou pomoc.
Error - 18.3.2011 14:29:28 | Computer Name = ilona-PC | Source = ACPI | ID = 327686
Description = IRQARB: Systém ACPI BIOS neobsahuje přerušení IRQ pro zařízení v patici
PCI 11 s funkcí 0. Obraťte se na prodejce systému s žádostí o odbornou pomoc.
Error - 18.3.2011 14:40:36 | Computer Name = ilona-PC | Source = ACPI | ID = 327686
Description = IRQARB: Systém ACPI BIOS neobsahuje přerušení IRQ pro zařízení v patici
PCI 12 s funkcí 0. Obraťte se na prodejce systému s žádostí o odbornou pomoc.
Error - 18.3.2011 14:40:36 | Computer Name = ilona-PC | Source = ACPI | ID = 327686
Description = IRQARB: Systém ACPI BIOS neobsahuje přerušení IRQ pro zařízení v patici
PCI 13 s funkcí 0. Obraťte se na prodejce systému s žádostí o odbornou pomoc.
Error - 18.3.2011 14:40:36 | Computer Name = ilona-PC | Source = ACPI | ID = 327686
Description = IRQARB: Systém ACPI BIOS neobsahuje přerušení IRQ pro zařízení v patici
PCI 14 s funkcí 0. Obraťte se na prodejce systému s žádostí o odbornou pomoc.
Error - 18.3.2011 14:40:37 | Computer Name = ilona-PC | Source = ACPI | ID = 327686
Description = IRQARB: Systém ACPI BIOS neobsahuje přerušení IRQ pro zařízení v patici
PCI 11 s funkcí 0. Obraťte se na prodejce systému s žádostí o odbornou pomoc.
< End of report >
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\ilona\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 022,00 Mb Total Physical Memory | 203,00 Mb Available Physical Memory | 20,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 48,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 67,60 Gb Total Space | 15,65 Gb Free Space | 23,15% Space Free | Partition Type: NTFS
Drive D: | 6,92 Gb Total Space | 2,40 Gb Free Space | 34,60% Space Free | Partition Type: NTFS
Computer Name: ILONA-PC | User Name: ilona | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-2109365885-4067773582-220652460-1000\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.cmd [@ = cmdfile] -- Reg Error: Key error. File not found
.com [@ = ComFile] -- Reg Error: Key error. File not found
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.pif [@ = piffile] -- Reg Error: Key error. File not found
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A98D5C3-45A1-4B8A-AB11-0EFCF3356216}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6165D4E6-8B2A-401D-835D-F0479BAD3727}" = lport=139 | protocol=6 | dir=in | app=system |
"{78B74043-3102-497E-821B-6700983527F5}" = rport=139 | protocol=6 | dir=out | app=system |
"{8696E7F9-318A-4CA3-8302-34439C0A8A6F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{97620FE7-C6D1-45B4-A204-D67CC81D25D4}" = rport=137 | protocol=17 | dir=out | app=system |
"{99D1F6A9-CA04-4ACB-A19E-A8E3D57AC31F}" = lport=137 | protocol=17 | dir=in | app=system |
"{ACEFF603-CF9E-4F6C-8B35-BA7BA3970EA6}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{AE785040-AA56-4D5A-A9E3-C8B1E6717BD9}" = lport=445 | protocol=6 | dir=in | app=system |
"{C9C90F40-86E3-4E85-B6C5-28610097EC58}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{D87771CD-C845-4CF0-B81C-3C763095D70D}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{DDE38A0A-554D-45DE-89FB-CC96834E968F}" = rport=138 | protocol=17 | dir=out | app=system |
"{E33CEB51-BDEF-434F-ABDD-39120011B5DF}" = rport=445 | protocol=6 | dir=out | app=system |
"{F271E71E-1997-4C63-BC3F-175EBCE8BADB}" = lport=138 | protocol=17 | dir=in | app=system |
"{FB01ED87-00DF-4926-9028-75BD149D0D10}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06481273-6192-4B2F-9CDB-61697769B275}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2387EEE6-9B22-4EF7-89D6-423F79760BB9}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{3EB36591-309D-4C8F-8661-8182D49DE38F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4ECBB00F-75F7-4A1D-94C9-DAE06B5AC637}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A200C5EF-3DFE-4590-82E6-B8D22063F1CC}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
"{CC45348A-535F-4979-B194-283CB9A5C548}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{D9398C51-932A-4BE9-AE3D-0AD3EC50E163}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E4EC8C17-9C43-4B65-BF0A-1BD495A9D35A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{EF154C33-3BFA-4E28-8583-55EA32FC1B3D}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0ABA40AF-288D-41F1-B735-C5155692CD7D}" = VeriSoft Access Manager
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{22466889-7642-488d-AA0E-F619704CF7AB}" = DeviceDiscovery
"{2315B23D-3E21-4920-837D-AE6460934ECB}" = FIFA 09
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 24
"{290B83AA-093A-45BF-A917-D1C4A1E8D917}" = HP Active Support Library
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}" = SymNet
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{32F63023-1440-4946-9CD8-B365090C8410}" = ESU for Microsoft Vista
"{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}" = Roxio MyDVD Basic v9
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.20 B1
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module
"{3672B097-EA69-4bfe-B92F-29AE6D9D2B34}" = Norton Internet Security
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}" = ccCommon
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{415CDA53-9100-476F-A7B2-476691E117C7}" = HP Smart Web Printing
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.2
"{48185814-A224-447A-81DA-71BD20580E1B}" = Norton Internet Security
"{4843B611-8FCB-4428-8C23-31D0A5EAE164}" = Norton Confidential Browser Component
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D3EC3E0-B111-42F7-879F-420E078FE616}" = Symantec Real Time Storage Protection Component
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{571700F0-DB9D-4B3A-B03D-35A14BB5939F}" = Windows Live Messenger
"{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{623446F8-D2D4-4942-9CA2-9D71ED8B24E9}" = Football Generation
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{7BC6B815-D9F1-4C43-82B4-7CB25458DD31}" = O&O Defrag Professional
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{830D8CBD-C668-49e2-A969-C2C2106332E0}" = Norton AntiVirus
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9061CEF2-51F5-42C9-8A70-9ED351C6597A}" = HP Help and Support
"{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}" = Norton Protection Center
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B4F35A00-24FD-4fb3-BF5E-413D5423434D}" = DJ_AIO_Software_min
"{B61B6668-A674-4A06-8405-51944D5CCDDD}" = AuthenTec Fingerprint Sensor Minimum Install
"{B7C61755-DB48-4003-948F-3D34DB8EAF69}" = MSRedist
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{C1920D73-7374-49d9-8C37-58A6E49078A5}" = F2100_Help
"{C5EF81AC-FE4C-4157-97E3-2E08B000742A}" = F2100_doccd
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{CA50045C-5119-48e7-9BA7-6B317379857A}" = DJ_AIO_Software
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D32067CD-7409-4792-BFA0-1469BCD8F0C8}" = HP Wireless Assistant
"{D353CC51-430D-4C6F-9B7E-52003DA1E05A}" = Norton Confidential Web Protection Component
"{D9B4D7EE-481C-4C36-86AB-A8F7417725FF}" = LightScribe 1.6.43.1
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DDFD9BA2-8E26-4E49-92AE-882424DAB1BC}" = HP User Guides 0057
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E2B8BC2B-DA7A-423C-9E3E-DC68835099E6}" = Axesstel Manager
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton Internet Security
"{E548726E-F4E8-459f-BAB8-45551BC071E9}" = DJ_AIO_ProductContext
"{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton Internet Security
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F1C409F0-8322-4c87-BD08-2F62777D490D}" = F2100
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F2620FDC-8D31-4BA3-B003-89B8FFE9EDCF}" = MSCU for Microsoft Vista
"{F4DB525F-A986-4249-B98B-42A8066251CA}" = AV
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}" = HP Deskjet All-In-One Software 9.0
"{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}" = HP Active Support Library 32 bit components
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"avast!" = avast! Antivirus
"CCleaner" = CCleaner
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5045&SUBSYS_103C30B7" = HDAUDIO Soft Data Fax Modem with SmartCP
"Eurotran 2003" = Eurotran 2003
"Google Chrome" = Google Chrome
"HD Tune_is1" = HD Tune 2.55
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"InfraRecorder" = InfraRecorder
"InstallShield_{E2B8BC2B-DA7A-423C-9E3E-DC68835099E6}" = Axesstel Manager
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 3.5.7
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MotoGP_is1" = MotoGP
"NVIDIA Drivers" = NVIDIA Drivers
"Pet Soccer" = Pet Soccer
"Shockwave" = Shockwave
"SmartAudio" = SmartAudio
"SymSetup.{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security (Symantec Corporation)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"WebSTAR DPC2100 Uninstall" = Scientific-Atlanta WebSTAR 2000 series Cable Modem
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar
"YInstHelper" = Yahoo! Install Manager
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 14.6.2010 13:22:38 | Computer Name = ilona-PC | Source = avast! | ID = 33554522
Description = ?
Error - 22.6.2010 13:35:26 | Computer Name = ilona-PC | Source = avast! | ID = 33554522
Description = ?
Error - 12.7.2010 11:07:53 | Computer Name = ilona-PC | Source = avast! | ID = 33554522
Description = ?
Error - 10.8.2010 10:36:25 | Computer Name = ilona-PC | Source = avast! | ID = 33554522
Description = ?
Error - 9.10.2010 10:45:03 | Computer Name = ilona-PC | Source = avast! | ID = 33554522
Description = ?
Error - 12.10.2010 11:27:34 | Computer Name = ilona-PC | Source = avast! | ID = 33554522
Description = ?
Error - 19.11.2010 7:40:43 | Computer Name = ilona-PC | Source = avast! | ID = 33554522
Description = ?
Error - 4.1.2011 14:24:50 | Computer Name = ilona-PC | Source = avast! | ID = 33554522
Description = ?
Error - 27.1.2011 17:10:55 | Computer Name = ilona-PC | Source = avast! | ID = 33554522
Description = ?
Error - 15.3.2011 7:43:47 | Computer Name = ilona-PC | Source = avast! | ID = 33554522
Description = ?
[ Application Events ]
Error - 25.8.2009 9:40:24 | Computer Name = ilona-PC | Source = WerSvc | ID = 5007
Description =
Error - 26.8.2009 8:28:35 | Computer Name = ilona-PC | Source = WerSvc | ID = 5007
Description =
Error - 27.8.2009 9:22:40 | Computer Name = ilona-PC | Source = WerSvc | ID = 5007
Description =
Error - 28.8.2009 7:25:34 | Computer Name = ilona-PC | Source = WerSvc | ID = 5007
Description =
Error - 29.8.2009 3:48:49 | Computer Name = ilona-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 7.0.6000.16890, časové razítko
0x4a619d6d, chybující modul Flash10b.ocx, verze 10.0.22.87, časové razítko 0x4987a6c3,
kód výjimky 0xc0000005, posun chyby 0x001ea5c0, ID procesu 0x115c, čas spuštění
aplikace 0x01ca27d285aa7a26.
Error - 30.8.2009 4:40:17 | Computer Name = ilona-PC | Source = WerSvc | ID = 5007
Description =
Error - 31.8.2009 8:57:37 | Computer Name = ilona-PC | Source = WerSvc | ID = 5007
Description =
Error - 1.9.2009 8:07:24 | Computer Name = ilona-PC | Source = WerSvc | ID = 5007
Description =
Error - 3.9.2009 13:15:02 | Computer Name = ilona-PC | Source = WerSvc | ID = 5007
Description =
Error - 4.9.2009 11:31:51 | Computer Name = ilona-PC | Source = WerSvc | ID = 5007
Description =
[ System Events ]
Error - 18.3.2011 14:15:24 | Computer Name = ilona-PC | Source = ACPI | ID = 327686
Description = IRQARB: Systém ACPI BIOS neobsahuje přerušení IRQ pro zařízení v patici
PCI 11 s funkcí 0. Obraťte se na prodejce systému s žádostí o odbornou pomoc.
Error - 18.3.2011 14:17:24 | Computer Name = ilona-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 18.3.2011 14:29:27 | Computer Name = ilona-PC | Source = ACPI | ID = 327686
Description = IRQARB: Systém ACPI BIOS neobsahuje přerušení IRQ pro zařízení v patici
PCI 12 s funkcí 0. Obraťte se na prodejce systému s žádostí o odbornou pomoc.
Error - 18.3.2011 14:29:27 | Computer Name = ilona-PC | Source = ACPI | ID = 327686
Description = IRQARB: Systém ACPI BIOS neobsahuje přerušení IRQ pro zařízení v patici
PCI 13 s funkcí 0. Obraťte se na prodejce systému s žádostí o odbornou pomoc.
Error - 18.3.2011 14:29:27 | Computer Name = ilona-PC | Source = ACPI | ID = 327686
Description = IRQARB: Systém ACPI BIOS neobsahuje přerušení IRQ pro zařízení v patici
PCI 14 s funkcí 0. Obraťte se na prodejce systému s žádostí o odbornou pomoc.
Error - 18.3.2011 14:29:28 | Computer Name = ilona-PC | Source = ACPI | ID = 327686
Description = IRQARB: Systém ACPI BIOS neobsahuje přerušení IRQ pro zařízení v patici
PCI 11 s funkcí 0. Obraťte se na prodejce systému s žádostí o odbornou pomoc.
Error - 18.3.2011 14:40:36 | Computer Name = ilona-PC | Source = ACPI | ID = 327686
Description = IRQARB: Systém ACPI BIOS neobsahuje přerušení IRQ pro zařízení v patici
PCI 12 s funkcí 0. Obraťte se na prodejce systému s žádostí o odbornou pomoc.
Error - 18.3.2011 14:40:36 | Computer Name = ilona-PC | Source = ACPI | ID = 327686
Description = IRQARB: Systém ACPI BIOS neobsahuje přerušení IRQ pro zařízení v patici
PCI 13 s funkcí 0. Obraťte se na prodejce systému s žádostí o odbornou pomoc.
Error - 18.3.2011 14:40:36 | Computer Name = ilona-PC | Source = ACPI | ID = 327686
Description = IRQARB: Systém ACPI BIOS neobsahuje přerušení IRQ pro zařízení v patici
PCI 14 s funkcí 0. Obraťte se na prodejce systému s žádostí o odbornou pomoc.
Error - 18.3.2011 14:40:37 | Computer Name = ilona-PC | Source = ACPI | ID = 327686
Description = IRQARB: Systém ACPI BIOS neobsahuje přerušení IRQ pro zařízení v patici
PCI 11 s funkcí 0. Obraťte se na prodejce systému s žádostí o odbornou pomoc.
< End of report >
Re: Prosím o kontrolu OTL logu - zpomalený ntb
Dobrý večer 
Co máte za problémy s počítačem?
Co máte za problémy s počítačem?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Prosím o kontrolu OTL logu - zpomalený ntb
Dobrý večer,
nějaký šotek mi ze začátku logu vymazal můj popis závady. Takže ještě jednou, dostal se mi do ruky notebook od kamarádky, že je nějaký zpomalený. Zpomalení se projevuje jak při načítání windows tak při práci s aplikacemi. Zkusil jsem pročistit PC CCleanrem, defragmentaci, vypnutí zbytečných aplikaci spouštěných při startu PC. Lehce to pomohlo, ale stále je odezva ntb pomalá.
nějaký šotek mi ze začátku logu vymazal můj popis závady. Takže ještě jednou, dostal se mi do ruky notebook od kamarádky, že je nějaký zpomalený. Zpomalení se projevuje jak při načítání windows tak při práci s aplikacemi. Zkusil jsem pročistit PC CCleanrem, defragmentaci, vypnutí zbytečných aplikaci spouštěných při startu PC. Lehce to pomohlo, ale stále je odezva ntb pomalá.
Re: Prosím o kontrolu OTL logu - zpomalený ntb
Stahněte MBAM z mého podpisu-Nainstalujte,dejte úplný sken
NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Prosím o kontrolu OTL logu - zpomalený ntb
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Verze databáze: 6100
Windows 6.0.6000
Internet Explorer 7.0.6000.17037
19.3.2011 9:54:28
mbam-log-2011-03-19 (09-54-28).txt
Typ kontroly: Úplný test (C:\|D:\|)
Testované objekty: 292888
Uplynulý čas: 2 hodin, 2 minut, 22 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
www.malwarebytes.org
Verze databáze: 6100
Windows 6.0.6000
Internet Explorer 7.0.6000.17037
19.3.2011 9:54:28
mbam-log-2011-03-19 (09-54-28).txt
Typ kontroly: Úplný test (C:\|D:\|)
Testované objekty: 292888
Uplynulý čas: 2 hodin, 2 minut, 22 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
Re: Prosím o kontrolu OTL logu - zpomalený ntb
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Prosím o kontrolu OTL logu - zpomalený ntb
ComboFix 11-03-18.03 - ilona 19.03.2011 10:34:37.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1250.420.1029.18.1022.255 [GMT 1:00]
Spuštěný z: c:\users\ilona\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-19 do 2011-03-19 )))))))))))))))))))))))))))))))
.
.
2011-03-19 09:52 . 2011-03-19 09:53 -------- d-----w- c:\users\ilona\AppData\Local\temp
2011-03-19 09:52 . 2011-03-19 09:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-19 09:16 . 2011-03-19 09:16 -------- d-----w- c:\users\ilona\AppData\Roaming\IObit
2011-03-19 09:16 . 2011-03-19 09:16 -------- d-----w- c:\program files\IObit
2011-03-18 21:58 . 2011-02-11 06:54 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{24EDC3DA-9F8F-470D-BD74-85CBE025E551}\mpengine.dll
2011-03-17 21:52 . 2011-03-17 21:57 -------- d-----w- c:\windows\system32\oodag
2011-03-17 21:45 . 2011-03-17 21:45 -------- d-----w- c:\program files\HD Tune
2011-03-17 21:42 . 2011-03-17 21:42 -------- d-----w- c:\users\ilona\AppData\Local\O&O
2011-03-17 21:41 . 2011-03-17 21:41 -------- d-----w- c:\program files\OO Software
2011-03-17 21:06 . 2011-03-17 21:06 -------- d-----w- c:\users\ilona\AppData\Local\GHISLER
2011-03-17 21:05 . 2008-08-08 06:04 545 ----a-w- c:\windows\UC.PIF
2011-03-17 21:05 . 2008-08-08 06:04 545 ----a-w- c:\windows\RAR.PIF
2011-03-17 21:05 . 2008-08-08 06:04 545 ----a-w- c:\windows\PKZIP.PIF
2011-03-17 21:05 . 2008-08-08 06:04 545 ----a-w- c:\windows\PKUNZIP.PIF
2011-03-17 21:05 . 2008-08-08 06:04 545 ----a-w- c:\windows\NOCLOSE.PIF
2011-03-17 21:05 . 2008-08-08 06:04 545 ----a-w- c:\windows\LHA.PIF
2011-03-17 21:05 . 2008-08-08 06:04 545 ----a-w- c:\windows\ARJ.PIF
2011-03-17 21:05 . 2011-03-17 21:06 -------- d-----w- C:\totalcmd
2011-03-17 21:05 . 2011-03-17 21:05 -------- d-----w- c:\users\ilona\AppData\Roaming\GHISLER
2011-03-17 18:19 . 2011-02-02 20:40 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-03-17 18:14 . 2011-03-17 18:14 -------- d-----w- c:\programdata\McAfee
2011-03-10 20:52 . 2011-03-10 20:52 -------- d-----w- c:\users\ilona\AppData\Roaming\Malwarebytes
2011-03-10 20:51 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-03-10 20:51 . 2011-03-10 20:51 -------- d-----w- c:\programdata\Malwarebytes
2011-03-10 20:51 . 2011-03-10 20:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-03-10 20:51 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-10 20:39 . 2011-03-10 20:40 -------- d-----w- c:\programdata\MFAData
2011-03-10 13:49 . 2011-03-10 13:49 -------- d-----w- c:\programdata\AVAST Software
2011-03-10 13:19 . 2004-06-10 23:34 53693 ----a-w- c:\windows\UNDPX2A.sys
2011-03-10 13:19 . 2004-06-10 08:42 15429 ----a-w- c:\windows\system32\drivers\Sacm2A.sys
2011-03-10 13:19 . 2004-06-10 23:31 135168 ----a-w- c:\windows\UNDPX2A.exe
2011-03-05 08:12 . 2011-03-05 08:12 -------- d-----w- c:\users\ilona\AppData\Local\Apps
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-02 16:11 . 2009-10-03 09:32 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-01-15 09:33 . 2011-01-15 09:33 515848 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-07 44128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\APSHook.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 21:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
2007-01-10 03:59 115816 ----a-w- c:\program files\Common Files\Symantec Shared\ccApp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CognizanceTS]
2003-12-22 18:12 17920 ----a-r- c:\progra~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2006-11-02 12:35 125440 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
2007-03-12 09:54 50696 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-03-11 20:34 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2007-04-19 11:26 484904 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2007-01-19 10:54 5674352 ----a-w- c:\program files\MSN Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2007-07-09 02:57 8433664 ----a-w- c:\windows\System32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2007-07-09 02:57 81920 ----a-w- c:\windows\System32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
2007-07-09 02:57 86016 ----a-w- c:\windows\System32\nvsvc.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
2010-08-30 22:25 2770760 ----a-w- c:\program files\OO Software\Defrag\oodtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
2007-04-23 16:11 176128 ----a-w- c:\program files\HP\QuickPlay\QPService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2008-03-13 19:08 1232896 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2008-09-23 13:17 21755688 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-10-29 13:49 249064 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-01-11 17:36 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng]
2008-01-29 16:38 583048 ----a-w- c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2007-01-13 03:36 827392 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
2006-11-02 09:45 215552 ----a-w- c:\windows\WindowsMobile\wmdSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2006-11-02 12:36 201728 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 135664]
R3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\DRIVERS\Axtmvflt.sys [2007-03-22 3456]
R3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 40064]
R3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\Drivers\Axtmvprt.sys [2007-03-26 38784]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-12-20 38224]
R3 MHIKEY10;MHIKEY10;c:\windows\system32\Drivers\MHIKEY10.sys [2008-05-27 50560]
S1 aswSP;avast! Self Protection; [x]
S1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\idsdefs\20080508.002\IDSvix86.sys [2008-02-14 261680]
S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe [2006-11-02 22016]
S2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe [2006-11-02 22016]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-02-05 51792]
S2 OODefragAgent;O&O Defrag Agent;c:\program files\OO Software\Defrag\oodag.exe [2010-08-30 2317128]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2008-02-13 109616]
S3 SYMNDISV;SYMNDISV;c:\windows\System32\Drivers\SYMNDISV.SYS [2007-01-09 38200]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - COMHOST
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Cognizance REG_MULTI_SZ ASBroker ASChannel
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-04-19 11:23 452136 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-19 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2011-03-19 11:11]
.
2011-03-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 10:59]
.
2011-03-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 10:59]
.
2011-03-14 c:\windows\Tasks\Norton Internet Security - Prověřit tento počítač - ilona.job
- c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2007-01-14 07:09]
.
2011-03-18 c:\windows\Tasks\User_Feed_Synchronization-{F4E98809-E709-4AB6-8E5E-77EBC994876A}.job
- c:\windows\system32\msfeedssync.exe [2006-11-02 09:45]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {{572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} - {DB7FBFE3-82CB-49E0-9C41-39C2A80B4966} - c:\progra~1\EUROTR~1\e2003i.dll
Trusted Zone: mojebanka.cz\www
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-19 10:53
Windows 6.0.6000 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2109365885-4067773582-220652460-1000\Software\SecuROM\License information*]
"datasecu"=hex:5e,5d,43,08,d0,f4,1b,01,7e,e1,ec,d6,ab,d0,f7,58,43,37,5c,3b,0f,
f1,69,fc,0e,99,5f,54,14,8c,ab,68,b4,75,ef,76,d3,d9,d2,f0,5c,46,41,7c,d0,5a,\
"rkeysecu"=hex:f8,63,f1,46,f7,c9,d6,91,6a,b3,8e,4d,cf,f8,a0,b2
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(684)
c:\windows\system32\APSHook.dll
c:\program files\Bioscrypt\VeriSoft\Bin\ItClient.dll
.
Celkový čas: 2011-03-19 10:59:33
ComboFix-quarantined-files.txt 2011-03-19 09:59
.
Před spuštěním: Volných bajtů: 19 047 792 640
Po spuštění: Volných bajtů: 18 048 294 912
.
- - End Of File - - 684BD93A0DC1B912DBB7AA0456348E1F
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1250.420.1029.18.1022.255 [GMT 1:00]
Spuštěný z: c:\users\ilona\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-19 do 2011-03-19 )))))))))))))))))))))))))))))))
.
.
2011-03-19 09:52 . 2011-03-19 09:53 -------- d-----w- c:\users\ilona\AppData\Local\temp
2011-03-19 09:52 . 2011-03-19 09:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-19 09:16 . 2011-03-19 09:16 -------- d-----w- c:\users\ilona\AppData\Roaming\IObit
2011-03-19 09:16 . 2011-03-19 09:16 -------- d-----w- c:\program files\IObit
2011-03-18 21:58 . 2011-02-11 06:54 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{24EDC3DA-9F8F-470D-BD74-85CBE025E551}\mpengine.dll
2011-03-17 21:52 . 2011-03-17 21:57 -------- d-----w- c:\windows\system32\oodag
2011-03-17 21:45 . 2011-03-17 21:45 -------- d-----w- c:\program files\HD Tune
2011-03-17 21:42 . 2011-03-17 21:42 -------- d-----w- c:\users\ilona\AppData\Local\O&O
2011-03-17 21:41 . 2011-03-17 21:41 -------- d-----w- c:\program files\OO Software
2011-03-17 21:06 . 2011-03-17 21:06 -------- d-----w- c:\users\ilona\AppData\Local\GHISLER
2011-03-17 21:05 . 2008-08-08 06:04 545 ----a-w- c:\windows\UC.PIF
2011-03-17 21:05 . 2008-08-08 06:04 545 ----a-w- c:\windows\RAR.PIF
2011-03-17 21:05 . 2008-08-08 06:04 545 ----a-w- c:\windows\PKZIP.PIF
2011-03-17 21:05 . 2008-08-08 06:04 545 ----a-w- c:\windows\PKUNZIP.PIF
2011-03-17 21:05 . 2008-08-08 06:04 545 ----a-w- c:\windows\NOCLOSE.PIF
2011-03-17 21:05 . 2008-08-08 06:04 545 ----a-w- c:\windows\LHA.PIF
2011-03-17 21:05 . 2008-08-08 06:04 545 ----a-w- c:\windows\ARJ.PIF
2011-03-17 21:05 . 2011-03-17 21:06 -------- d-----w- C:\totalcmd
2011-03-17 21:05 . 2011-03-17 21:05 -------- d-----w- c:\users\ilona\AppData\Roaming\GHISLER
2011-03-17 18:19 . 2011-02-02 20:40 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-03-17 18:14 . 2011-03-17 18:14 -------- d-----w- c:\programdata\McAfee
2011-03-10 20:52 . 2011-03-10 20:52 -------- d-----w- c:\users\ilona\AppData\Roaming\Malwarebytes
2011-03-10 20:51 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-03-10 20:51 . 2011-03-10 20:51 -------- d-----w- c:\programdata\Malwarebytes
2011-03-10 20:51 . 2011-03-10 20:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-03-10 20:51 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-10 20:39 . 2011-03-10 20:40 -------- d-----w- c:\programdata\MFAData
2011-03-10 13:49 . 2011-03-10 13:49 -------- d-----w- c:\programdata\AVAST Software
2011-03-10 13:19 . 2004-06-10 23:34 53693 ----a-w- c:\windows\UNDPX2A.sys
2011-03-10 13:19 . 2004-06-10 08:42 15429 ----a-w- c:\windows\system32\drivers\Sacm2A.sys
2011-03-10 13:19 . 2004-06-10 23:31 135168 ----a-w- c:\windows\UNDPX2A.exe
2011-03-05 08:12 . 2011-03-05 08:12 -------- d-----w- c:\users\ilona\AppData\Local\Apps
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-02 16:11 . 2009-10-03 09:32 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-01-15 09:33 . 2011-01-15 09:33 515848 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-07 44128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\APSHook.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 21:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
2007-01-10 03:59 115816 ----a-w- c:\program files\Common Files\Symantec Shared\ccApp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CognizanceTS]
2003-12-22 18:12 17920 ----a-r- c:\progra~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2006-11-02 12:35 125440 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
2007-03-12 09:54 50696 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-03-11 20:34 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2007-04-19 11:26 484904 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2007-01-19 10:54 5674352 ----a-w- c:\program files\MSN Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2007-07-09 02:57 8433664 ----a-w- c:\windows\System32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2007-07-09 02:57 81920 ----a-w- c:\windows\System32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
2007-07-09 02:57 86016 ----a-w- c:\windows\System32\nvsvc.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
2010-08-30 22:25 2770760 ----a-w- c:\program files\OO Software\Defrag\oodtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
2007-04-23 16:11 176128 ----a-w- c:\program files\HP\QuickPlay\QPService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2008-03-13 19:08 1232896 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2008-09-23 13:17 21755688 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-10-29 13:49 249064 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-01-11 17:36 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng]
2008-01-29 16:38 583048 ----a-w- c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2007-01-13 03:36 827392 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
2006-11-02 09:45 215552 ----a-w- c:\windows\WindowsMobile\wmdSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2006-11-02 12:36 201728 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 135664]
R3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\DRIVERS\Axtmvflt.sys [2007-03-22 3456]
R3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 40064]
R3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\Drivers\Axtmvprt.sys [2007-03-26 38784]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-12-20 38224]
R3 MHIKEY10;MHIKEY10;c:\windows\system32\Drivers\MHIKEY10.sys [2008-05-27 50560]
S1 aswSP;avast! Self Protection; [x]
S1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\idsdefs\20080508.002\IDSvix86.sys [2008-02-14 261680]
S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe [2006-11-02 22016]
S2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe [2006-11-02 22016]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-02-05 51792]
S2 OODefragAgent;O&O Defrag Agent;c:\program files\OO Software\Defrag\oodag.exe [2010-08-30 2317128]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2008-02-13 109616]
S3 SYMNDISV;SYMNDISV;c:\windows\System32\Drivers\SYMNDISV.SYS [2007-01-09 38200]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - COMHOST
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Cognizance REG_MULTI_SZ ASBroker ASChannel
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-04-19 11:23 452136 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-19 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2011-03-19 11:11]
.
2011-03-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 10:59]
.
2011-03-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 10:59]
.
2011-03-14 c:\windows\Tasks\Norton Internet Security - Prověřit tento počítač - ilona.job
- c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2007-01-14 07:09]
.
2011-03-18 c:\windows\Tasks\User_Feed_Synchronization-{F4E98809-E709-4AB6-8E5E-77EBC994876A}.job
- c:\windows\system32\msfeedssync.exe [2006-11-02 09:45]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {{572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} - {DB7FBFE3-82CB-49E0-9C41-39C2A80B4966} - c:\progra~1\EUROTR~1\e2003i.dll
Trusted Zone: mojebanka.cz\www
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-19 10:53
Windows 6.0.6000 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2109365885-4067773582-220652460-1000\Software\SecuROM\License information*]
"datasecu"=hex:5e,5d,43,08,d0,f4,1b,01,7e,e1,ec,d6,ab,d0,f7,58,43,37,5c,3b,0f,
f1,69,fc,0e,99,5f,54,14,8c,ab,68,b4,75,ef,76,d3,d9,d2,f0,5c,46,41,7c,d0,5a,\
"rkeysecu"=hex:f8,63,f1,46,f7,c9,d6,91,6a,b3,8e,4d,cf,f8,a0,b2
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(684)
c:\windows\system32\APSHook.dll
c:\program files\Bioscrypt\VeriSoft\Bin\ItClient.dll
.
Celkový čas: 2011-03-19 10:59:33
ComboFix-quarantined-files.txt 2011-03-19 09:59
.
Před spuštěním: Volných bajtů: 19 047 792 640
Po spuštění: Volných bajtů: 18 048 294 912
.
- - End Of File - - 684BD93A0DC1B912DBB7AA0456348E1F
Re: Prosím o kontrolu OTL logu - zpomalený ntb
Co používáte za antivir? Avast?
Jak to ted vypadá s počítačem?
Otestujte na www.virustotal.com
c:\windows\UNDPX2A.sys
c:\windows\system32\drivers\Sacm2A.sys
c:\windows\UNDPX2A.exe
Jak to ted vypadá s počítačem?
Otestujte na www.virustotal.com
c:\windows\UNDPX2A.sys
c:\windows\system32\drivers\Sacm2A.sys
c:\windows\UNDPX2A.exe
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Prosím o kontrolu OTL logu - zpomalený ntb
Ano je používán avast.
Soubory jsem otestoval a jsou čisté.
Asi jsem objevil proč ntb byl zpomalený, byl totiž přepnutý v řízení spotřeby na úsporný režim, takže běžel celou dobu podtaktovaný. Pokud jsou tedy logy čisté, děkuji moc za pomoc.
Soubory jsem otestoval a jsou čisté.
Asi jsem objevil proč ntb byl zpomalený, byl totiž přepnutý v řízení spotřeby na úsporný režim, takže běžel celou dobu podtaktovaný. Pokud jsou tedy logy čisté, děkuji moc za pomoc.
Re: Prosím o kontrolu OTL logu - zpomalený ntb
Já Vám jen domažu zbytky po symantecu
Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka
-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:
-po aplikaci na Vás vypadne další log,vložte ho sem
Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci
Pokud nemáte, přesuňte Combofix na plochu-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka
Kód: Vybrat vše
Driver::
SYMNDISV
File::
c:\windows\System32\Drivers\SYMNDISV.SYS
Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
Folder::
c:\programdata\McAfee
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:
-po aplikaci na Vás vypadne další log,vložte ho sem
Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Prosím o kontrolu OTL logu - zpomalený ntb
Při prvním spuštění došlo k nějakému nedopatření a musel jsem combofix pustit znova, toto je druhý log.
ComboFix 11-03-21.01 - ilona 21.03.2011 20:30:17.4.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1250.420.1029.18.1022.303 [GMT 1:00]
Spuštěný z: c:\users\ilona\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\ilona\Desktop\CFScript.txt
.
FILE ::
"c:\windows\System32\Drivers\SYMNDISV.SYS"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
F:\Autorun.inf
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-21 do 2011-03-21 )))))))))))))))))))))))))))))))
.
.
2011-03-21 16:51 . 2011-03-21 19:41 -------- d-----w- c:\users\ilona\AppData\Local\temp
2011-03-20 20:01 . 2011-02-23 14:54 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-03-20 20:01 . 2011-02-23 14:56 301528 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-03-20 20:01 . 2011-02-23 14:55 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-03-20 20:01 . 2011-02-23 14:55 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-03-20 20:01 . 2011-02-23 14:56 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-03-20 20:01 . 2011-02-23 14:55 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-03-20 19:59 . 2011-02-23 15:04 40648 ----a-w- c:\windows\avastSS.scr
2011-03-20 19:59 . 2011-02-23 15:04 190016 ----a-w- c:\windows\system32\aswBoot.exe
2011-03-20 19:58 . 2011-03-20 19:58 -------- d-----w- c:\program files\AVAST Software
2011-03-19 14:22 . 2011-03-19 14:22 -------- d-----w- c:\program files\Lavalys
2011-03-19 11:30 . 2011-03-19 13:50 -------- d-----w- C:\7b2f2fc54290857764526739
2011-03-19 09:16 . 2011-03-19 16:23 -------- d-----w- c:\users\ilona\AppData\Roaming\IObit
2011-03-19 09:16 . 2011-03-19 09:16 -------- d-----w- c:\program files\IObit
2011-03-18 21:58 . 2011-02-11 06:54 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{24EDC3DA-9F8F-470D-BD74-85CBE025E551}\mpengine.dll
2011-03-17 21:42 . 2011-03-17 21:42 -------- d-----w- c:\users\ilona\AppData\Local\O&O
2011-03-17 21:06 . 2011-03-17 21:06 -------- d-----w- c:\users\ilona\AppData\Local\GHISLER
2011-03-17 21:05 . 2008-08-08 06:04 545 ----a-w- c:\windows\UC.PIF
2011-03-17 21:05 . 2008-08-08 06:04 545 ----a-w- c:\windows\RAR.PIF
2011-03-17 21:05 . 2008-08-08 06:04 545 ----a-w- c:\windows\PKZIP.PIF
2011-03-17 21:05 . 2008-08-08 06:04 545 ----a-w- c:\windows\PKUNZIP.PIF
2011-03-17 21:05 . 2008-08-08 06:04 545 ----a-w- c:\windows\NOCLOSE.PIF
2011-03-17 21:05 . 2008-08-08 06:04 545 ----a-w- c:\windows\LHA.PIF
2011-03-17 21:05 . 2008-08-08 06:04 545 ----a-w- c:\windows\ARJ.PIF
2011-03-17 21:05 . 2011-03-19 13:50 -------- d-----w- c:\users\ilona\AppData\Roaming\GHISLER
2011-03-17 21:05 . 2011-03-17 21:06 -------- d-----w- C:\totalcmd
2011-03-17 18:19 . 2011-02-02 20:40 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-03-10 20:52 . 2011-03-10 20:52 -------- d-----w- c:\users\ilona\AppData\Roaming\Malwarebytes
2011-03-10 20:51 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-03-10 20:51 . 2011-03-10 20:51 -------- d-----w- c:\programdata\Malwarebytes
2011-03-10 20:51 . 2011-03-10 20:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-03-10 20:51 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-10 20:39 . 2011-03-10 20:40 -------- d-----w- c:\programdata\MFAData
2011-03-10 13:49 . 2011-03-10 13:49 -------- d-----w- c:\programdata\AVAST Software
2011-03-10 13:19 . 2004-06-10 23:34 53693 ----a-w- c:\windows\UNDPX2A.sys
2011-03-10 13:19 . 2004-06-10 08:42 15429 ----a-w- c:\windows\system32\drivers\Sacm2A.sys
2011-03-10 13:19 . 2004-06-10 23:31 135168 ----a-w- c:\windows\UNDPX2A.exe
2011-03-05 08:12 . 2011-03-05 08:12 -------- d-----w- c:\users\ilona\AppData\Local\Apps
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-02 16:11 . 2009-10-03 09:32 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-01-15 09:33 . 2011-01-15 09:33 515848 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 15:04 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-13 827392]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-07 44128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\APSHook.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 21:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CognizanceTS]
2003-12-22 18:12 17920 ----a-r- c:\progra~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2006-11-02 12:35 125440 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
2007-03-12 09:54 50696 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-03-11 20:34 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2007-04-19 11:26 484904 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware (reboot)]
2010-12-20 17:08 963976 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2007-01-19 10:54 5674352 ----a-w- c:\program files\MSN Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2007-07-09 02:57 8433664 ----a-w- c:\windows\System32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2007-07-09 02:57 81920 ----a-w- c:\windows\System32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
2007-07-09 02:57 86016 ----a-w- c:\windows\System32\nvsvc.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
2007-04-23 16:11 176128 ----a-w- c:\program files\HP\QuickPlay\QPService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2008-03-13 19:08 1232896 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2008-09-23 13:17 21755688 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-10-29 13:49 249064 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-01-11 17:36 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng]
2008-01-29 16:38 583048 ----a-w- c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
2006-11-02 09:45 215552 ----a-w- c:\windows\WindowsMobile\wmdSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2006-11-02 12:36 201728 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2109365885-4067773582-220652460-1000]
"EnableNotificationsRef"=dword:00000001
.
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 135664]
R3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\DRIVERS\Axtmvflt.sys [2007-03-22 3456]
R3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 40064]
R3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\Drivers\Axtmvprt.sys [2007-03-26 38784]
R3 CFcatchme;CFcatchme;c:\users\ilona\AppData\Local\Temp\CFcatchme.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-12-20 38224]
R3 MHIKEY10;MHIKEY10;c:\windows\system32\Drivers\MHIKEY10.sys [2008-05-27 50560]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe [2006-11-02 22016]
S2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe [2006-11-02 22016]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-02-23 53592]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Cognizance REG_MULTI_SZ ASBroker ASChannel
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-04-19 11:23 452136 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 10:59]
.
2011-03-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 10:59]
.
2011-03-21 c:\windows\Tasks\User_Feed_Synchronization-{F4E98809-E709-4AB6-8E5E-77EBC994876A}.job
- c:\windows\system32\msfeedssync.exe [2006-11-02 09:45]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {{572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} - {DB7FBFE3-82CB-49E0-9C41-39C2A80B4966} - c:\progra~1\EUROTR~1\e2003i.dll
Trusted Zone: mojebanka.cz\www
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-ccApp - c:\program files\Common Files\Symantec Shared\ccApp.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-21 20:41
Windows 6.0.6000 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2109365885-4067773582-220652460-1000\Software\SecuROM\License information*]
"datasecu"=hex:64,f7,fc,31,67,25,f0,26,cb,f4,36,65,39,49,b5,91,7d,5e,50,3c,4e,
f5,02,e4,f0,f8,bb,1f,9b,44,38,5f,40,15,b9,cc,82,f7,75,1e,8b,9f,e0,a9,30,36,\
"rkeysecu"=hex:60,d1,7b,ba,b9,38,3a,e4,45,b6,93,9d,0b,cd,52,93
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2011-03-21 20:45:20
ComboFix-quarantined-files.txt 2011-03-21 19:45
.
Před spuštěním: Volných bajtů: 26 122 768 384
Po spuštění: Volných bajtů: 25 967 583 232
.
- - End Of File - - 08DF6288EBC523130CB07AA23D5ACA71
ComboFix 11-03-21.01 - ilona 21.03.2011 20:30:17.4.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1250.420.1029.18.1022.303 [GMT 1:00]
Spuštěný z: c:\users\ilona\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\ilona\Desktop\CFScript.txt
.
FILE ::
"c:\windows\System32\Drivers\SYMNDISV.SYS"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
F:\Autorun.inf
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-21 do 2011-03-21 )))))))))))))))))))))))))))))))
.
.
2011-03-21 16:51 . 2011-03-21 19:41 -------- d-----w- c:\users\ilona\AppData\Local\temp
2011-03-20 20:01 . 2011-02-23 14:54 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-03-20 20:01 . 2011-02-23 14:56 301528 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-03-20 20:01 . 2011-02-23 14:55 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-03-20 20:01 . 2011-02-23 14:55 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-03-20 20:01 . 2011-02-23 14:56 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-03-20 20:01 . 2011-02-23 14:55 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-03-20 19:59 . 2011-02-23 15:04 40648 ----a-w- c:\windows\avastSS.scr
2011-03-20 19:59 . 2011-02-23 15:04 190016 ----a-w- c:\windows\system32\aswBoot.exe
2011-03-20 19:58 . 2011-03-20 19:58 -------- d-----w- c:\program files\AVAST Software
2011-03-19 14:22 . 2011-03-19 14:22 -------- d-----w- c:\program files\Lavalys
2011-03-19 11:30 . 2011-03-19 13:50 -------- d-----w- C:\7b2f2fc54290857764526739
2011-03-19 09:16 . 2011-03-19 16:23 -------- d-----w- c:\users\ilona\AppData\Roaming\IObit
2011-03-19 09:16 . 2011-03-19 09:16 -------- d-----w- c:\program files\IObit
2011-03-18 21:58 . 2011-02-11 06:54 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{24EDC3DA-9F8F-470D-BD74-85CBE025E551}\mpengine.dll
2011-03-17 21:42 . 2011-03-17 21:42 -------- d-----w- c:\users\ilona\AppData\Local\O&O
2011-03-17 21:06 . 2011-03-17 21:06 -------- d-----w- c:\users\ilona\AppData\Local\GHISLER
2011-03-17 21:05 . 2008-08-08 06:04 545 ----a-w- c:\windows\UC.PIF
2011-03-17 21:05 . 2008-08-08 06:04 545 ----a-w- c:\windows\RAR.PIF
2011-03-17 21:05 . 2008-08-08 06:04 545 ----a-w- c:\windows\PKZIP.PIF
2011-03-17 21:05 . 2008-08-08 06:04 545 ----a-w- c:\windows\PKUNZIP.PIF
2011-03-17 21:05 . 2008-08-08 06:04 545 ----a-w- c:\windows\NOCLOSE.PIF
2011-03-17 21:05 . 2008-08-08 06:04 545 ----a-w- c:\windows\LHA.PIF
2011-03-17 21:05 . 2008-08-08 06:04 545 ----a-w- c:\windows\ARJ.PIF
2011-03-17 21:05 . 2011-03-19 13:50 -------- d-----w- c:\users\ilona\AppData\Roaming\GHISLER
2011-03-17 21:05 . 2011-03-17 21:06 -------- d-----w- C:\totalcmd
2011-03-17 18:19 . 2011-02-02 20:40 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-03-10 20:52 . 2011-03-10 20:52 -------- d-----w- c:\users\ilona\AppData\Roaming\Malwarebytes
2011-03-10 20:51 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-03-10 20:51 . 2011-03-10 20:51 -------- d-----w- c:\programdata\Malwarebytes
2011-03-10 20:51 . 2011-03-10 20:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-03-10 20:51 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-10 20:39 . 2011-03-10 20:40 -------- d-----w- c:\programdata\MFAData
2011-03-10 13:49 . 2011-03-10 13:49 -------- d-----w- c:\programdata\AVAST Software
2011-03-10 13:19 . 2004-06-10 23:34 53693 ----a-w- c:\windows\UNDPX2A.sys
2011-03-10 13:19 . 2004-06-10 08:42 15429 ----a-w- c:\windows\system32\drivers\Sacm2A.sys
2011-03-10 13:19 . 2004-06-10 23:31 135168 ----a-w- c:\windows\UNDPX2A.exe
2011-03-05 08:12 . 2011-03-05 08:12 -------- d-----w- c:\users\ilona\AppData\Local\Apps
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-02 16:11 . 2009-10-03 09:32 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-01-15 09:33 . 2011-01-15 09:33 515848 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 15:04 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-13 827392]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-07 44128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\APSHook.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 21:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CognizanceTS]
2003-12-22 18:12 17920 ----a-r- c:\progra~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2006-11-02 12:35 125440 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
2007-03-12 09:54 50696 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-03-11 20:34 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2007-04-19 11:26 484904 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware (reboot)]
2010-12-20 17:08 963976 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2007-01-19 10:54 5674352 ----a-w- c:\program files\MSN Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2007-07-09 02:57 8433664 ----a-w- c:\windows\System32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2007-07-09 02:57 81920 ----a-w- c:\windows\System32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
2007-07-09 02:57 86016 ----a-w- c:\windows\System32\nvsvc.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
2007-04-23 16:11 176128 ----a-w- c:\program files\HP\QuickPlay\QPService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2008-03-13 19:08 1232896 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2008-09-23 13:17 21755688 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-10-29 13:49 249064 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-01-11 17:36 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng]
2008-01-29 16:38 583048 ----a-w- c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
2006-11-02 09:45 215552 ----a-w- c:\windows\WindowsMobile\wmdSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2006-11-02 12:36 201728 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2109365885-4067773582-220652460-1000]
"EnableNotificationsRef"=dword:00000001
.
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 135664]
R3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\DRIVERS\Axtmvflt.sys [2007-03-22 3456]
R3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 40064]
R3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\Drivers\Axtmvprt.sys [2007-03-26 38784]
R3 CFcatchme;CFcatchme;c:\users\ilona\AppData\Local\Temp\CFcatchme.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-12-20 38224]
R3 MHIKEY10;MHIKEY10;c:\windows\system32\Drivers\MHIKEY10.sys [2008-05-27 50560]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe [2006-11-02 22016]
S2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe [2006-11-02 22016]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-02-23 53592]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Cognizance REG_MULTI_SZ ASBroker ASChannel
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-04-19 11:23 452136 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 10:59]
.
2011-03-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 10:59]
.
2011-03-21 c:\windows\Tasks\User_Feed_Synchronization-{F4E98809-E709-4AB6-8E5E-77EBC994876A}.job
- c:\windows\system32\msfeedssync.exe [2006-11-02 09:45]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {{572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} - {DB7FBFE3-82CB-49E0-9C41-39C2A80B4966} - c:\progra~1\EUROTR~1\e2003i.dll
Trusted Zone: mojebanka.cz\www
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-ccApp - c:\program files\Common Files\Symantec Shared\ccApp.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-21 20:41
Windows 6.0.6000 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2109365885-4067773582-220652460-1000\Software\SecuROM\License information*]
"datasecu"=hex:64,f7,fc,31,67,25,f0,26,cb,f4,36,65,39,49,b5,91,7d,5e,50,3c,4e,
f5,02,e4,f0,f8,bb,1f,9b,44,38,5f,40,15,b9,cc,82,f7,75,1e,8b,9f,e0,a9,30,36,\
"rkeysecu"=hex:60,d1,7b,ba,b9,38,3a,e4,45,b6,93,9d,0b,cd,52,93
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2011-03-21 20:45:20
ComboFix-quarantined-files.txt 2011-03-21 19:45
.
Před spuštěním: Volných bajtů: 26 122 768 384
Po spuštění: Volných bajtů: 25 967 583 232
.
- - End Of File - - 08DF6288EBC523130CB07AA23D5ACA71
Re: Prosím o kontrolu OTL logu - zpomalený ntb
Co je jednotka F?
Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:
ComboFix /Uninstall
-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.
***********
Stáhněte T-Cleaner
http://tharifas.sweb.cz/T-Cleaner.exe
-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir
***********
Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru
záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner
záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít
Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.
Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.
***********
Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech
***********
Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?
Odinstalujte combofix přes Start - Spustit- zkopírujte do okénka:
ComboFix /Uninstall
-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.
***********
Stáhněte T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe
-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir
***********
Z mého podpisu stahněte Ccleaner- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru
záložka čistič- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner
záložka Registry- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy
ok zavřít Záložka Nástroje- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.
Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.
***********
Stahněte OTC a použijtehttp://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech
***********
Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Prosím o kontrolu OTL logu - zpomalený ntb
Práce s aplikacemi je o hodně svižnější než na začátku. Náběh windows se zlepšil jen o malinko, ale to bude asi problém hardware. Velice děkuji za pomoc
Logfile of random's system information tool 1.08 (written by random/random)
Run by ilona at 2011-03-21 21:34:12
Microsoft® Windows Vista™ Home Premium
System drive C: has 24 GB (34%) free of 69 GB
Total RAM: 1022 MB (25% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:34:36, on 21.3.2011
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.17037)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
c:\Program Files\Bioscrypt\VeriSoft\Bin\AsGHost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\ilona\Downloads\RSIT.exe
C:\Program Files\trend micro\ilona.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: CHelper Class - {99A7C4DD-B2E6-4CA0-BB6E-737A61364155} - C:\PROGRA~1\EUROTR~1\e2003i.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: VeriSoft Access Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O9 - Extra button: Eurotran - {572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} - C:\PROGRA~1\EUROTR~1\e2003i.dll
O9 - Extra 'Tools' menuitem: Eurotran - {572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} - C:\PROGRA~1\EUROTR~1\e2003i.dll
O9 - Extra button: Kniha klipů HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Chytrý výběr - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\System32\APSHook.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 7177 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{F4E98809-E709-4AB6-8E5E-77EBC994876A}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-09-23 1088296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-02-23 814160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99A7C4DD-B2E6-4CA0-BB6E-737A61364155}]
CHelper Class - C:\PROGRA~1\EUROTR~1\e2003i.dll [2008-03-08 98304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-02-26 298160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll [2011-02-26 848952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
VeriSoft Access Manager - c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll [2006-11-21 71192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-02-26 298160]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-02-23 814160]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-01-13 827392]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-02-23 3451496]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-12-03 13556256]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-12-03 92704]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"=C:\Windows\SMINST\launcher.exe [2006-11-07 44128]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CognizanceTS]
c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll [2003-12-22 17920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
C:\Windows\ehome\ehTray.exe [2006-11-02 125440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-03-12 50696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-04-19 484904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware (reboot)]
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-12-20 963976]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\MSN Messenger\msnmsgr.exe [2007-01-19 5674352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\Windows\system32\NvCpl.dll [2008-12-03 13556256]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\Windows\system32\NvMcTray.dll [2008-12-03 92704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
C:\Windows\system32\nvsvc.dll [2008-12-03 711200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
C:\Program Files\HP\QuickPlay\QPService.exe [2007-04-23 176128]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2008-03-13 1232896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2008-09-23 21755688]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-11 39408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng]
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
C:\Windows\WindowsMobile\wmdSync.exe [2006-11-02 215552]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-02 201728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-03-11 210520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\APSHook.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======List of files/folders created in the last 1 months======
2011-03-21 21:34:12 ----D---- C:\rsit
2011-03-21 21:34:12 ----D---- C:\Program Files\trend micro
2011-03-21 21:28:40 ----D---- C:\ProgramData\NVIDIA
2011-03-21 21:20:10 ----A---- C:\Windows\system32\nvusmu.exe
2011-03-21 21:20:05 ----A---- C:\Windows\system32\nvusmb.exe
2011-03-21 21:19:47 ----D---- C:\Users\ilona\AppData\Roaming\InstallShield
2011-03-21 20:45:28 ----SHD---- C:\$RECYCLE.BIN
2011-03-21 20:45:23 ----D---- C:\Windows\temp
2011-03-21 20:01:55 ----D---- C:\Config.Msi
2011-03-20 21:01:32 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2011-03-20 21:01:30 ----A---- C:\Windows\system32\drivers\aswSP.sys
2011-03-20 21:01:28 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2011-03-20 21:01:27 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2011-03-20 21:01:26 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2011-03-20 21:01:25 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2011-03-20 20:59:44 ----A---- C:\Windows\system32\aswBoot.exe
2011-03-20 20:58:20 ----D---- C:\Program Files\AVAST Software
2011-03-19 15:22:19 ----D---- C:\Program Files\Lavalys
2011-03-19 12:30:41 ----D---- C:\7b2f2fc54290857764526739
2011-03-19 10:28:15 ----AD---- C:\Qoobox
2011-03-19 10:16:09 ----D---- C:\Users\ilona\AppData\Roaming\IObit
2011-03-19 10:16:05 ----D---- C:\Program Files\IObit
2011-03-17 22:05:45 ----A---- C:\Windows\UC.PIF
2011-03-17 22:05:45 ----A---- C:\Windows\RAR.PIF
2011-03-17 22:05:45 ----A---- C:\Windows\PKZIP.PIF
2011-03-17 22:05:45 ----A---- C:\Windows\PKUNZIP.PIF
2011-03-17 22:05:45 ----A---- C:\Windows\NOCLOSE.PIF
2011-03-17 22:05:45 ----A---- C:\Windows\LHA.PIF
2011-03-17 22:05:45 ----A---- C:\Windows\ARJ.PIF
2011-03-17 22:05:42 ----D---- C:\Users\ilona\AppData\Roaming\GHISLER
2011-03-17 22:05:42 ----D---- C:\totalcmd
2011-03-17 20:41:18 ----D---- C:\Windows\pss
2011-03-17 20:01:59 ----ASH---- C:\hiberfil.sys
2011-03-17 19:22:48 ----D---- C:\ProgramData\Sun
2011-03-17 19:19:00 ----A---- C:\Windows\system32\javaws.exe
2011-03-17 19:19:00 ----A---- C:\Windows\system32\javaw.exe
2011-03-17 19:19:00 ----A---- C:\Windows\system32\java.exe
2011-03-17 19:19:00 ----A---- C:\Windows\system32\deployJava1.dll
2011-03-10 21:52:02 ----D---- C:\Users\ilona\AppData\Roaming\Malwarebytes
2011-03-10 21:51:50 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2011-03-10 21:51:47 ----D---- C:\ProgramData\Malwarebytes
2011-03-10 21:51:42 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-03-10 21:51:42 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-03-10 21:39:03 ----D---- C:\ProgramData\MFAData
2011-03-10 14:49:58 ----D---- C:\ProgramData\AVAST Software
2011-03-10 14:19:36 ----A---- C:\Windows\UNDPX2A.sys
2011-03-10 14:19:36 ----A---- C:\Windows\system32\drivers\Sacm2A.sys
2011-03-10 14:19:35 ----A---- C:\Windows\UNDPX2A.exe
======List of files/folders modified in the last 1 months======
2011-03-21 21:34:24 ----D---- C:\Windows\Prefetch
2011-03-21 21:34:12 ----RD---- C:\Program Files
2011-03-21 21:32:01 ----D---- C:\Windows
2011-03-21 21:28:40 ----D---- C:\ProgramData
2011-03-21 21:27:56 ----D---- C:\Windows\SMINST
2011-03-21 21:26:27 ----D---- C:\Windows\System32
2011-03-21 21:20:15 ----D---- C:\Windows\system32\drivers
2011-03-21 21:19:32 ----D---- C:\SwSetup
2011-03-21 21:11:11 ----D---- C:\Windows\system32\catroot
2011-03-21 21:10:31 ----D---- C:\Windows\inf
2011-03-21 21:10:17 ----SHD---- C:\System Volume Information
2011-03-21 20:41:49 ----A---- C:\Windows\system.ini
2011-03-21 20:41:36 ----D---- C:\Windows\system32\drivers\etc
2011-03-21 20:37:07 ----D---- C:\Windows\AppPatch
2011-03-21 20:37:06 ----D---- C:\Program Files\Common Files
2011-03-21 20:23:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-03-21 20:16:52 ----D---- C:\ProgramData\Symantec
2011-03-21 20:16:52 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-03-21 20:14:50 ----D---- C:\Windows\tracing
2011-03-21 20:10:05 ----SHD---- C:\Windows\Installer
2011-03-21 20:06:28 ----RSD---- C:\Windows\assembly
2011-03-21 20:02:50 ----D---- C:\Windows\Tasks
2011-03-21 17:31:17 ----D---- C:\Windows\system32\config
2011-03-20 21:00:54 ----D---- C:\Windows\winsxs
2011-03-20 12:10:24 ----D---- C:\Windows\system32\catroot2
2011-03-19 14:50:47 ----D---- C:\Windows\WindowsMobile
2011-03-19 14:50:47 ----D---- C:\Windows\system32\spool
2011-03-19 14:50:47 ----D---- C:\Windows\system32\drivers\UMDF
2011-03-19 14:50:43 ----D---- C:\Windows\system32\wbem
2011-03-19 14:50:43 ----D---- C:\Windows\registration
2011-03-19 12:20:23 ----D---- C:\Windows\system32\Tasks
2011-03-19 12:19:48 ----D---- C:\Program Files\Yahoo!
2011-03-18 19:19:38 ----D---- C:\Users\ilona\AppData\Roaming\skypePM
2011-03-18 19:19:29 ----D---- C:\Users\ilona\AppData\Roaming\Skype
2011-03-17 22:30:44 ----SD---- C:\ProgramData\Microsoft
2011-03-17 22:24:18 ----D---- C:\Windows\system32\LogFiles
2011-03-17 19:36:54 ----D---- C:\Windows\Minidump
2011-03-17 19:36:54 ----D---- C:\Windows\Debug
2011-03-17 19:27:07 ----D---- C:\Program Files\CCleaner
2011-03-17 19:22:45 ----D---- C:\Program Files\Common Files\Java
2011-03-17 19:18:49 ----D---- C:\Program Files\Java
2011-03-10 22:11:10 ----A---- C:\Windows\system32\mrt.exe
2011-03-10 21:16:32 ----D---- C:\Program Files\ICQToolbar
2011-03-10 20:59:24 ----D---- C:\Program Files\Hry.cz
2011-03-10 20:56:22 ----D---- C:\ProgramData\AlawarWrapper
2011-03-10 20:15:05 ----HD---- C:\Program Files\InstallShield Installation Information
2011-03-10 15:50:51 ----D---- C:\Program Files\Axesstel
2011-03-05 08:11:04 ----D---- C:\Windows\ModemLogs
2011-02-26 16:32:58 ----D---- C:\Program Files\Microsoft Silverlight
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2007-02-02 43528]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-02-23 25432]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-02-23 371544]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-02-23 301528]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-02-23 49240]
R1 eabfiltr;eabfiltr; C:\Windows\system32\DRIVERS\eabfiltr.sys [2006-11-30 8192]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-02-23 19544]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-02-23 53592]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-01-23 37376]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-11-28 8192]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2007-03-28 140424]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-01-03 534016]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-04-12 160768]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-12-07 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-12-07 207360]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-03-07 1059112]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-12-03 7606688]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-02-17 12032]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-03-14 82432]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-01-13 181432]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-12-07 659968]
S3 Axtmvflt;Axesstel USB Filter Service; C:\Windows\system32\DRIVERS\Axtmvflt.sys [2007-03-22 3456]
S3 Axtmvmdm;Axesstel USB Modem; C:\Windows\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 40064]
S3 Axtmvprt;Axesstel Diagnostic Port; C:\Windows\System32\Drivers\Axtmvprt.sys [2007-03-26 38784]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-01-03 534016]
S3 catchme;catchme; \??\C:\Users\ilona\AppData\Local\Temp\catchme.sys []
S3 CFcatchme;CFcatchme; \??\C:\Users\ilona\AppData\Local\Temp\CFcatchme.sys []
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2006-11-02 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2006-11-02 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2006-11-02 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 E100B;Intel(R) PRO Adapter Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2010-12-20 38224]
S3 MHIKEY10;MHIKEY10; C:\Windows\System32\Drivers\MHIKEY10.sys [2008-05-27 50560]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2006-11-02 14848]
S3 USBCM;Scientific-Atlanta USB Cable Modem Driver; C:\Windows\system32\DRIVERS\Sacm2A.sys [2004-06-10 15429]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2006-11-02 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2006-11-02 22016]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2006-11-02 22016]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-02-23 42184]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe [2007-04-23 262243]
R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe [2007-04-23 106593]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-03-14 62984]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-04-19 75304]
R2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2006-11-02 22016]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-12-03 203296]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2006-11-02 22016]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-11-28 386560]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2006-11-02 22016]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-29 135664]
S2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-01-09 110592]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-29 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-02-12 880640]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-02-17 74656]
-----------------EOF-----------------
Logfile of random's system information tool 1.08 (written by random/random)
Run by ilona at 2011-03-21 21:34:12
Microsoft® Windows Vista™ Home Premium
System drive C: has 24 GB (34%) free of 69 GB
Total RAM: 1022 MB (25% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:34:36, on 21.3.2011
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.17037)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
c:\Program Files\Bioscrypt\VeriSoft\Bin\AsGHost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\ilona\Downloads\RSIT.exe
C:\Program Files\trend micro\ilona.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: CHelper Class - {99A7C4DD-B2E6-4CA0-BB6E-737A61364155} - C:\PROGRA~1\EUROTR~1\e2003i.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: VeriSoft Access Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O9 - Extra button: Eurotran - {572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} - C:\PROGRA~1\EUROTR~1\e2003i.dll
O9 - Extra 'Tools' menuitem: Eurotran - {572BF76C-9EFF-4e1e-93DE-72EF1E91B3DF} - C:\PROGRA~1\EUROTR~1\e2003i.dll
O9 - Extra button: Kniha klipů HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Chytrý výběr - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\System32\APSHook.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 7177 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{F4E98809-E709-4AB6-8E5E-77EBC994876A}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-09-23 1088296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-02-23 814160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99A7C4DD-B2E6-4CA0-BB6E-737A61364155}]
CHelper Class - C:\PROGRA~1\EUROTR~1\e2003i.dll [2008-03-08 98304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-02-26 298160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll [2011-02-26 848952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
VeriSoft Access Manager - c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll [2006-11-21 71192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-02-26 298160]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-02-23 814160]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-01-13 827392]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-02-23 3451496]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-12-03 13556256]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-12-03 92704]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"=C:\Windows\SMINST\launcher.exe [2006-11-07 44128]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CognizanceTS]
c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll [2003-12-22 17920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
C:\Windows\ehome\ehTray.exe [2006-11-02 125440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-03-12 50696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-04-19 484904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware (reboot)]
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-12-20 963976]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\MSN Messenger\msnmsgr.exe [2007-01-19 5674352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\Windows\system32\NvCpl.dll [2008-12-03 13556256]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\Windows\system32\NvMcTray.dll [2008-12-03 92704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
C:\Windows\system32\nvsvc.dll [2008-12-03 711200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
C:\Program Files\HP\QuickPlay\QPService.exe [2007-04-23 176128]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2008-03-13 1232896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2008-09-23 21755688]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-11 39408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng]
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
C:\Windows\WindowsMobile\wmdSync.exe [2006-11-02 215552]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-02 201728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-03-11 210520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\APSHook.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======List of files/folders created in the last 1 months======
2011-03-21 21:34:12 ----D---- C:\rsit
2011-03-21 21:34:12 ----D---- C:\Program Files\trend micro
2011-03-21 21:28:40 ----D---- C:\ProgramData\NVIDIA
2011-03-21 21:20:10 ----A---- C:\Windows\system32\nvusmu.exe
2011-03-21 21:20:05 ----A---- C:\Windows\system32\nvusmb.exe
2011-03-21 21:19:47 ----D---- C:\Users\ilona\AppData\Roaming\InstallShield
2011-03-21 20:45:28 ----SHD---- C:\$RECYCLE.BIN
2011-03-21 20:45:23 ----D---- C:\Windows\temp
2011-03-21 20:01:55 ----D---- C:\Config.Msi
2011-03-20 21:01:32 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2011-03-20 21:01:30 ----A---- C:\Windows\system32\drivers\aswSP.sys
2011-03-20 21:01:28 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2011-03-20 21:01:27 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2011-03-20 21:01:26 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2011-03-20 21:01:25 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2011-03-20 20:59:44 ----A---- C:\Windows\system32\aswBoot.exe
2011-03-20 20:58:20 ----D---- C:\Program Files\AVAST Software
2011-03-19 15:22:19 ----D---- C:\Program Files\Lavalys
2011-03-19 12:30:41 ----D---- C:\7b2f2fc54290857764526739
2011-03-19 10:28:15 ----AD---- C:\Qoobox
2011-03-19 10:16:09 ----D---- C:\Users\ilona\AppData\Roaming\IObit
2011-03-19 10:16:05 ----D---- C:\Program Files\IObit
2011-03-17 22:05:45 ----A---- C:\Windows\UC.PIF
2011-03-17 22:05:45 ----A---- C:\Windows\RAR.PIF
2011-03-17 22:05:45 ----A---- C:\Windows\PKZIP.PIF
2011-03-17 22:05:45 ----A---- C:\Windows\PKUNZIP.PIF
2011-03-17 22:05:45 ----A---- C:\Windows\NOCLOSE.PIF
2011-03-17 22:05:45 ----A---- C:\Windows\LHA.PIF
2011-03-17 22:05:45 ----A---- C:\Windows\ARJ.PIF
2011-03-17 22:05:42 ----D---- C:\Users\ilona\AppData\Roaming\GHISLER
2011-03-17 22:05:42 ----D---- C:\totalcmd
2011-03-17 20:41:18 ----D---- C:\Windows\pss
2011-03-17 20:01:59 ----ASH---- C:\hiberfil.sys
2011-03-17 19:22:48 ----D---- C:\ProgramData\Sun
2011-03-17 19:19:00 ----A---- C:\Windows\system32\javaws.exe
2011-03-17 19:19:00 ----A---- C:\Windows\system32\javaw.exe
2011-03-17 19:19:00 ----A---- C:\Windows\system32\java.exe
2011-03-17 19:19:00 ----A---- C:\Windows\system32\deployJava1.dll
2011-03-10 21:52:02 ----D---- C:\Users\ilona\AppData\Roaming\Malwarebytes
2011-03-10 21:51:50 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2011-03-10 21:51:47 ----D---- C:\ProgramData\Malwarebytes
2011-03-10 21:51:42 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-03-10 21:51:42 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-03-10 21:39:03 ----D---- C:\ProgramData\MFAData
2011-03-10 14:49:58 ----D---- C:\ProgramData\AVAST Software
2011-03-10 14:19:36 ----A---- C:\Windows\UNDPX2A.sys
2011-03-10 14:19:36 ----A---- C:\Windows\system32\drivers\Sacm2A.sys
2011-03-10 14:19:35 ----A---- C:\Windows\UNDPX2A.exe
======List of files/folders modified in the last 1 months======
2011-03-21 21:34:24 ----D---- C:\Windows\Prefetch
2011-03-21 21:34:12 ----RD---- C:\Program Files
2011-03-21 21:32:01 ----D---- C:\Windows
2011-03-21 21:28:40 ----D---- C:\ProgramData
2011-03-21 21:27:56 ----D---- C:\Windows\SMINST
2011-03-21 21:26:27 ----D---- C:\Windows\System32
2011-03-21 21:20:15 ----D---- C:\Windows\system32\drivers
2011-03-21 21:19:32 ----D---- C:\SwSetup
2011-03-21 21:11:11 ----D---- C:\Windows\system32\catroot
2011-03-21 21:10:31 ----D---- C:\Windows\inf
2011-03-21 21:10:17 ----SHD---- C:\System Volume Information
2011-03-21 20:41:49 ----A---- C:\Windows\system.ini
2011-03-21 20:41:36 ----D---- C:\Windows\system32\drivers\etc
2011-03-21 20:37:07 ----D---- C:\Windows\AppPatch
2011-03-21 20:37:06 ----D---- C:\Program Files\Common Files
2011-03-21 20:23:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-03-21 20:16:52 ----D---- C:\ProgramData\Symantec
2011-03-21 20:16:52 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-03-21 20:14:50 ----D---- C:\Windows\tracing
2011-03-21 20:10:05 ----SHD---- C:\Windows\Installer
2011-03-21 20:06:28 ----RSD---- C:\Windows\assembly
2011-03-21 20:02:50 ----D---- C:\Windows\Tasks
2011-03-21 17:31:17 ----D---- C:\Windows\system32\config
2011-03-20 21:00:54 ----D---- C:\Windows\winsxs
2011-03-20 12:10:24 ----D---- C:\Windows\system32\catroot2
2011-03-19 14:50:47 ----D---- C:\Windows\WindowsMobile
2011-03-19 14:50:47 ----D---- C:\Windows\system32\spool
2011-03-19 14:50:47 ----D---- C:\Windows\system32\drivers\UMDF
2011-03-19 14:50:43 ----D---- C:\Windows\system32\wbem
2011-03-19 14:50:43 ----D---- C:\Windows\registration
2011-03-19 12:20:23 ----D---- C:\Windows\system32\Tasks
2011-03-19 12:19:48 ----D---- C:\Program Files\Yahoo!
2011-03-18 19:19:38 ----D---- C:\Users\ilona\AppData\Roaming\skypePM
2011-03-18 19:19:29 ----D---- C:\Users\ilona\AppData\Roaming\Skype
2011-03-17 22:30:44 ----SD---- C:\ProgramData\Microsoft
2011-03-17 22:24:18 ----D---- C:\Windows\system32\LogFiles
2011-03-17 19:36:54 ----D---- C:\Windows\Minidump
2011-03-17 19:36:54 ----D---- C:\Windows\Debug
2011-03-17 19:27:07 ----D---- C:\Program Files\CCleaner
2011-03-17 19:22:45 ----D---- C:\Program Files\Common Files\Java
2011-03-17 19:18:49 ----D---- C:\Program Files\Java
2011-03-10 22:11:10 ----A---- C:\Windows\system32\mrt.exe
2011-03-10 21:16:32 ----D---- C:\Program Files\ICQToolbar
2011-03-10 20:59:24 ----D---- C:\Program Files\Hry.cz
2011-03-10 20:56:22 ----D---- C:\ProgramData\AlawarWrapper
2011-03-10 20:15:05 ----HD---- C:\Program Files\InstallShield Installation Information
2011-03-10 15:50:51 ----D---- C:\Program Files\Axesstel
2011-03-05 08:11:04 ----D---- C:\Windows\ModemLogs
2011-02-26 16:32:58 ----D---- C:\Program Files\Microsoft Silverlight
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2007-02-02 43528]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-02-23 25432]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-02-23 371544]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-02-23 301528]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-02-23 49240]
R1 eabfiltr;eabfiltr; C:\Windows\system32\DRIVERS\eabfiltr.sys [2006-11-30 8192]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-02-23 19544]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-02-23 53592]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-01-23 37376]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-11-28 8192]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2007-03-28 140424]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-01-03 534016]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-04-12 160768]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-12-07 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-12-07 207360]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-03-07 1059112]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-12-03 7606688]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-02-17 12032]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-03-14 82432]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-01-13 181432]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-12-07 659968]
S3 Axtmvflt;Axesstel USB Filter Service; C:\Windows\system32\DRIVERS\Axtmvflt.sys [2007-03-22 3456]
S3 Axtmvmdm;Axesstel USB Modem; C:\Windows\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 40064]
S3 Axtmvprt;Axesstel Diagnostic Port; C:\Windows\System32\Drivers\Axtmvprt.sys [2007-03-26 38784]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-01-03 534016]
S3 catchme;catchme; \??\C:\Users\ilona\AppData\Local\Temp\catchme.sys []
S3 CFcatchme;CFcatchme; \??\C:\Users\ilona\AppData\Local\Temp\CFcatchme.sys []
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2006-11-02 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2006-11-02 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2006-11-02 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 E100B;Intel(R) PRO Adapter Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2010-12-20 38224]
S3 MHIKEY10;MHIKEY10; C:\Windows\System32\Drivers\MHIKEY10.sys [2008-05-27 50560]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2006-11-02 14848]
S3 USBCM;Scientific-Atlanta USB Cable Modem Driver; C:\Windows\system32\DRIVERS\Sacm2A.sys [2004-06-10 15429]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2006-11-02 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2006-11-02 22016]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2006-11-02 22016]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-02-23 42184]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe [2007-04-23 262243]
R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe [2007-04-23 106593]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-03-14 62984]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-04-19 75304]
R2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2006-11-02 22016]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-12-03 203296]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2006-11-02 22016]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-11-28 386560]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2006-11-02 22016]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-29 135664]
S2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-01-09 110592]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-29 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-02-12 880640]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-02-17 74656]
-----------------EOF-----------------
Re: Prosím o kontrolu OTL logu - zpomalený ntb
stáhnětehttp://www.slunecnice.cz/sw/crystaldiskinfo/
- spusťte ho a v nabídce zvolte Kopírovat.
-Data ze schránky sem pak vložte pomocí Ctrl+V
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Přispějete na provoz fóra?