Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Asus Smart Doctor podezřele dlouho startuje...

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Serifus
Návštěvník
Návštěvník
Příspěvky: 172
Registrován: 19 dub 2008 21:20

Re: Asus Smart Doctor podezřele dlouho startuje...

#16 Příspěvek od Serifus »

Sekne se při této fázi: Obrázek

Pak nejde s PC nic dělat. Kurzor bliká, ale nevypadá to, že by se něco dělo. Odstřihne to všechny programy připojený k netu, shodí prohlížeč. Počítač se musí resetovat natvrdo, jinak by to takhle bylo věčně. Teď jsem testoval 20 minut a nic :evil: Ukončil jsem resetem. Je teda pravda, že jsem zapomněl Combofix přejmenovat. Ale když jej lze sputit, tak to není nutné, nebo se pletu? :shock:
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Asus Smart Doctor podezřele dlouho startuje...

#17 Příspěvek od motji »

NO, ne tak uplně :) . Někdy ho blokuje nějaké malware. ten Rkill jste použil?


:arrow: Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Serifus
Návštěvník
Návštěvník
Příspěvky: 172
Registrován: 19 dub 2008 21:20

Re: Asus Smart Doctor podezřele dlouho startuje...

#18 Příspěvek od Serifus »

Zkoušel jsem to i po přejmenování. Výsledek stejný. Přes Google jsem našel páro podobných případů, ale všechny podle všeho končily reinstalací systému :roll:

Tady to je: Odhaluju svůj počítač... jako bych byl nahej :D

Není to ZIP soubor! Je to jen přejmenovaná přípona z txt :)
Přílohy
OTL.zip
(126.76 KiB) Staženo 92 x
Extras.zip
(41.86 KiB) Staženo 83 x
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Asus Smart Doctor podezřele dlouho startuje...

#19 Příspěvek od motji »

Prosím Vás, můžete log.txt sem vložit, at je to pro mě přehlednější? :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Serifus
Návštěvník
Návštěvník
Příspěvky: 172
Registrován: 19 dub 2008 21:20

Re: Asus Smart Doctor podezřele dlouho startuje...

#20 Příspěvek od Serifus »

Bohužel mi to nedovolí forum, neboť je tam moc znaků :roll:
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Asus Smart Doctor podezřele dlouho startuje...

#21 Příspěvek od motji »

Rozdělte to do více příspěvků :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Serifus
Návštěvník
Návštěvník
Příspěvky: 172
Registrován: 19 dub 2008 21:20

Re: Asus Smart Doctor podezřele dlouho startuje...

#22 Příspěvek od Serifus »

To bude guláš :D
Nahoru
Serifus
Návštěvník
Návštěvník
Příspěvky: 172
Registrován: 19 dub 2008 21:20

Re: Asus Smart Doctor podezřele dlouho startuje...

#23 Příspěvek od Serifus »

OTL logfile created on: 06.01.2011 20:34:13 - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\Administrator\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 75,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 20,28 Gb Free Space | 20,77% Space Free | Partition Type: NTFS
Drive J: | 195,31 Gb Total Space | 4,50 Gb Free Space | 2,31% Space Free | Partition Type: NTFS
Drive K: | 122,07 Gb Total Space | 74,39 Gb Free Space | 60,94% Space Free | Partition Type: NTFS
Drive M: | 516,48 Gb Total Space | 176,99 Gb Free Space | 34,27% Space Free | Partition Type: NTFS
Drive P: | 149,05 Gb Total Space | 11,47 Gb Free Space | 7,70% Space Free | Partition Type: NTFS

Computer Name: SERIFUS | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.01.06 20:33:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
PRC - [2010.12.31 21:06:35 | 003,395,600 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.12.31 21:06:34 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.09.22 17:11:26 | 000,640,440 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2010.04.06 14:39:26 | 000,264,704 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe
PRC - [2010.04.02 11:10:58 | 001,212,416 | ---- | M] (ASUSTeK Inc.) -- C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe
PRC - [2010.03.25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2010.03.25 02:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009.09.22 20:09:02 | 000,156,672 | ---- | M] (Applian Technologies, Inc.) -- C:\Program Files\Replay Media Catcher\FLVSrvc.exe
PRC - [2009.07.30 17:10:04 | 000,380,928 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
PRC - [2009.03.15 11:15:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.04.06 10:06:58 | 000,057,344 | ---- | M] (ZSMCSNAP) -- C:\WINDOWS\ZSSnp211.exe
PRC - [2007.02.20 11:07:40 | 000,199,752 | ---- | M] (Pinnacle Systems GmbH) -- C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
PRC - [2006.08.18 15:58:14 | 000,049,152 | ---- | M] () -- C:\WINDOWS\Domino.exe


========== Modules (SafeList) ==========

MOD - [2011.01.06 20:33:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
MOD - [2011.01.06 20:23:00 | 000,012,800 | ---- | M] (Applian Technologies, Inc.) -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\FLVService\lib\FLVSrvLib.dll
MOD - [2010.12.31 21:06:33 | 000,187,144 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010.08.23 17:12:33 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - File not found [Auto | Stopped] -- C:\ttt\PEV.cfx -- (PEVSystemStart)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2010.12.31 21:06:34 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.12.01 20:49:34 | 000,077,944 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2010.10.02 20:26:55 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.04.06 14:39:26 | 000,264,704 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService)
SRV - [2010.03.25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2002.12.17 17:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
SRV - [2002.12.17 17:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\gflmouhid.sys -- (genmcmnUSB)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010.12.31 21:00:18 | 000,293,968 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.12.31 20:59:23 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.12.31 20:59:11 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.12.31 20:56:49 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.12.31 20:56:29 | 000,029,264 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010.12.31 20:56:27 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.11.08 20:05:26 | 000,436,792 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.10.10 20:03:31 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2010.10.05 21:45:07 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2010.10.02 13:02:34 | 000,330,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2010.10.02 13:02:31 | 000,234,392 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2010.09.03 15:20:18 | 006,139,496 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010.07.09 23:38:00 | 010,604,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009.11.18 06:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 06:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009.07.30 10:15:54 | 000,014,336 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\EIO_XP.sys -- (EIO_XP)
DRV - [2009.03.15 11:25:46 | 000,056,268 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009.02.17 17:22:56 | 000,012,416 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asusgsb.sys -- (asusgsb)
DRV - [2009.02.17 17:22:54 | 000,010,752 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Video3D32.sys -- (Video3D)
DRV - [2009.02.17 17:22:52 | 000,011,136 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt)
DRV - [2008.04.13 21:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007.12.10 17:15:34 | 000,480,128 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vvftav211.sys -- (vvftav211)
DRV - [2007.12.05 10:00:08 | 001,537,024 | ---- | M] (ZSMC.Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZS211.sys -- (ZSMC30x)
DRV - [2007.07.12 09:03:38 | 000,012,288 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO)
DRV - [2007.03.15 23:42:09 | 000,077,000 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2007.02.28 21:56:07 | 000,015,440 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2006.11.22 06:20:00 | 000,072,704 | ---- | M] (WIBU-SYSTEMS AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\WibuKey.sys -- (WIBUKEY)
DRV - [2006.08.17 11:30:36 | 000,091,136 | ---- | M] (BenQ Siemens) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\susbser.sys -- (susbser)
DRV - [2005.09.23 22:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1614895754-1644491937-1417001333-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1614895754-1644491937-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2010.11.21 20:16:17 | 000,000,776 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 applian.securesites.com
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1614895754-1644491937-1417001333-500\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ask and Record FLV Service] C:\Program Files\Replay Media Catcher\FLVSrvc.exe (Applian Technologies, Inc.)
O4 - HKLM..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [Domino] C:\WINDOWS\Domino.exe ()
O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [USBToolTip] C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH)
O4 - HKLM..\Run: [ZSSnp211] C:\WINDOWS\ZSSnp211.exe (ZSMCSNAP)
O4 - HKU\S-1-5-21-1614895754-1644491937-1417001333-500..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe (ASUSTeK Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe (Autodesk, Inc)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1614895754-1644491937-1417001333-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1614895754-1644491937-1417001333-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést do Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit k existujícímu PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll ()
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.10.02 15:11:54 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{7374ae5a-d7bf-11df-a5cf-001a4d5d8325}\Shell\AutoRun\command - "" = Q:\Launcher.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\WINDOWS\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: VIDC.ACDV - ACDV.dll File not found
Drivers32: VIDC.CFHD - C:\WINDOWS\System32\cfhd.dll (CineForm Inc.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax ()
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll ()
Drivers32: vidc.mjpg - pvmjpg30.dll File not found
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (60249199932866560)

========== Files/Folders - Created Within 30 Days ==========

[2011.01.06 20:32:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
[2011.01.06 03:55:47 | 000,000,000 | --SD | C] -- C:\ttt
[2011.01.05 18:13:27 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2011.01.05 18:12:27 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.01.03 23:18:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dokumenty\Nero
[2011.01.03 20:25:37 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011.01.03 20:23:49 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011.01.03 20:23:49 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011.01.03 20:23:49 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011.01.03 20:23:49 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011.01.03 20:23:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011.01.03 20:22:54 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.01.03 19:00:33 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.01.03 19:00:29 | 000,000,000 | ---D | C] -- C:\rsit
[2011.01.03 18:48:03 | 000,014,336 | ---- | C] (ASUSTeK Computer Inc.) -- C:\WINDOWS\System32\drivers\EIO64_xp.sys
[2011.01.03 18:48:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Nabídka Start\Programy\ASUS
[2011.01.03 08:27:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\GHISLER
[2011.01.02 22:33:39 | 000,000,000 | ---D | C] -- C:\Program Files\PIXELA
[2011.01.02 22:33:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\PIXELA
[2011.01.02 19:54:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dokumenty\Sony Media Libraries
[2011.01.02 19:54:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\Publish Providers
[2011.01.02 19:53:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Sony
[2011.01.02 19:53:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dokumenty\Moje Videa
[2011.01.02 19:49:48 | 000,033,340 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbmsqlgc.dll
[2011.01.02 19:49:48 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbmsgnet.dll
[2011.01.02 19:49:44 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe
[2011.01.02 19:49:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2011.01.02 19:49:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\Sony
[2011.01.02 19:48:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Sony
[2011.01.02 19:48:08 | 000,000,000 | ---D | C] -- C:\Program Files\Vstplugins
[2011.01.02 19:48:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Sony
[2011.01.02 19:48:03 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2011.01.02 19:46:24 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Setup
[2010.12.28 06:15:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dokumenty\The KMPlayer
[2010.12.27 22:43:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Nero
[2010.12.27 22:06:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010.12.27 22:04:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010.12.27 22:04:05 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2010.12.27 22:04:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2010.12.27 22:04:00 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2010.12.27 21:10:11 | 000,000,000 | ---D | C] -- C:\Program Files\LooksBuilderSE
[2010.12.27 21:08:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Pinnacle
[2010.12.27 21:08:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Pinnacle
[2010.12.27 21:08:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio Ultimate Collection
[2010.12.27 21:07:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Pinnacle Studio 14
[2010.12.27 21:06:31 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Administrator\Data aplikací\pcouffin.sys
[2010.12.27 21:06:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\Vso
[2010.12.27 21:06:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dokumenty\PcSetup
[2010.12.27 21:06:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\VSO
[2010.12.27 21:06:24 | 000,102,439 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\sipr3260.dll
[2010.12.27 21:06:23 | 000,217,127 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\drv43260.dll
[2010.12.27 21:06:23 | 000,208,935 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\drv33260.dll
[2010.12.27 21:06:23 | 000,176,165 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\drv23260.dll
[2010.12.27 21:06:23 | 000,065,602 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\cook3260.dll
[2010.12.27 21:06:20 | 000,626,688 | ---- | C] (On2.com) -- C:\WINDOWS\System32\vp7vfw.dll
[2010.12.27 21:06:18 | 001,184,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wvc1dmod.dll
[2010.12.27 21:06:16 | 000,000,000 | ---D | C] -- C:\Program Files\VSO
[2010.12.27 21:04:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Pegasus Imaging
[2010.12.27 21:04:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Yahoo!
[2010.12.27 21:04:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Studio 14
[2010.12.27 21:04:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio Plus
[2010.12.27 21:04:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Pinnacle
[2010.12.27 21:01:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\PCHealth
[2010.12.27 20:48:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Nabídka Start\Programy\The KMPlayer
[2010.12.27 20:48:01 | 000,000,000 | ---D | C] -- C:\Program Files\The KMPlayer
[2010.12.27 20:17:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dokumenty\NeroVision
[2010.12.27 18:52:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dokumenty\Pinnacle Studio
[2010.12.27 00:18:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Nabídka Start\Programy\Collectorz.com
[2010.12.27 00:17:56 | 000,000,000 | ---D | C] -- C:\Program Files\Collectorz.com
[2010.12.26 21:43:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Nabídka Start\Programy\Winamp Detector Plug-in
[2010.12.26 21:43:16 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2010.12.26 21:43:10 | 001,858,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll
[2010.12.26 21:43:10 | 000,670,192 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll
[2010.12.26 21:43:10 | 000,551,408 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll
[2010.12.26 21:43:10 | 000,436,720 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll
[2010.12.26 21:43:10 | 000,219,632 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll
[2010.12.26 21:43:10 | 000,129,520 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxafs.dll
[2010.12.26 21:43:10 | 000,096,752 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll
[2010.12.26 21:43:10 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe
[2010.12.26 21:43:10 | 000,066,544 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe
[2010.12.26 21:43:10 | 000,066,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe
[2010.12.26 21:43:10 | 000,009,200 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdralw2k.sys
[2010.12.26 21:43:10 | 000,009,072 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys
[2010.12.26 21:43:09 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2010.12.26 21:43:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\Winamp
[2010.12.21 18:51:08 | 000,000,000 | ---D | C] -- C:\Program Files\proDAD
[2010.12.21 18:51:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\proDAD
[2010.12.21 18:50:50 | 000,069,632 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\MtxPreview.dll
[2010.12.21 18:50:50 | 000,049,152 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\MtxParhBFXPreview.dll
[2010.12.21 18:50:50 | 000,049,152 | ---- | C] (Canopus Co., Ltd.) -- C:\WINDOWS\System32\CvoAPI.dll
[2010.12.21 18:50:18 | 000,000,000 | ---D | C] -- C:\Program Files\Boris FX, Inc
[2010.12.21 18:48:04 | 000,171,520 | ---- | C] (Pinnacle Systems GmbH) -- C:\WINDOWS\System32\drivers\MarvinBus.sys
[2010.12.21 18:47:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio Ultimate
[2010.12.21 18:47:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikac
[2010.12.21 18:44:17 | 000,000,000 | ---D | C] -- C:\Program Files\Pinnacle
[2010.12.21 18:44:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\My Projects
[2010.12.21 18:39:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Pinnacle
[2010.12.21 18:39:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
[2010.12.19 21:56:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\InstallShield Installation Information
[2010.12.19 21:56:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\D56B0E274A3E46C9B5C1D93D580C099C.TMP
[2010.12.19 21:56:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010.12.19 21:51:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Team17
[2010.12.19 00:57:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\THQ
[2010.12.17 23:45:41 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010.12.17 23:45:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\DAEMON Tools Lite
[2010.12.17 23:45:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.12.12 22:09:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010.12.12 22:09:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Skype
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.01.06 20:33:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
[2011.01.06 20:22:52 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.01.06 20:22:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.01.06 03:57:30 | 000,458,566 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.01.06 03:57:30 | 000,455,082 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.01.06 03:57:30 | 000,090,708 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.01.06 03:57:30 | 000,079,200 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.01.06 03:24:32 | 004,148,657 | R--- | M] () -- C:\Documents and Settings\Administrator\Plocha\ttt.com
[2011.01.06 03:20:05 | 000,196,608 | ---- | M] () -- C:\WINDOWS\System32\drivers\nStandard.bin
[2011.01.06 02:40:00 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.01.06 00:09:48 | 000,719,873 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\rkill.exe
[2011.01.05 08:20:40 | 000,191,488 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.03 22:16:21 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011.01.03 20:25:39 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011.01.03 20:18:26 | 000,037,570 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\error.JPG
[2011.01.03 18:45:31 | 000,014,336 | ---- | M] (ASUSTeK Computer Inc.) -- C:\WINDOWS\System32\drivers\EIO64_xp.sys
[2011.01.03 00:41:25 | 000,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI
[2011.01.02 22:33:50 | 000,000,805 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Music Transfer Utility Ver.1.5.lnk
[2011.01.02 22:33:40 | 000,000,246 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\PIXELA Product Registration.url
[2011.01.02 22:33:40 | 000,000,246 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\ImageMixer 3 SE Homepage.url
[2011.01.02 22:33:39 | 000,000,871 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\ImageMixer 3 SE Ver.4.5.lnk
[2011.01.02 19:48:09 | 000,001,635 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Vegas 7.0.lnk
[2011.01.02 18:05:56 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.01.01 21:36:01 | 000,004,444 | ---- | M] () -- C:\WINDOWS\WTRAN32.INI
[2011.01.01 21:36:01 | 000,000,000 | ---- | M] () -- C:\WINDOWS\XXLGSC
[2010.12.31 21:06:36 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010.12.31 21:06:33 | 000,188,216 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.12.31 21:00:18 | 000,293,968 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.12.31 20:59:23 | 000,047,440 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.12.31 20:59:11 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.12.31 20:59:07 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.12.31 20:56:49 | 000,023,632 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.12.31 20:56:29 | 000,029,264 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010.12.31 20:56:27 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.12.27 23:09:20 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.12.27 22:08:41 | 000,308,400 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.12.27 21:10:42 | 000,001,057 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\vso_ts_preview.xml
[2010.12.27 21:06:31 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\inst.exe
[2010.12.27 21:06:31 | 000,047,360 | ---- | M] (VSO Software) -- C:\Documents and Settings\Administrator\Data aplikací\pcouffin.sys
[2010.12.27 21:06:31 | 000,007,887 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\pcouffin.cat
[2010.12.27 21:06:31 | 000,001,144 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\pcouffin.inf
[2010.12.27 21:06:29 | 000,000,865 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\ConvertXtoDVD 4.lnk
[2010.12.27 20:48:17 | 000,000,716 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\KMPlayer.lnk
[2010.12.27 00:38:02 | 000,060,928 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\Kryl2.xls
[2010.12.27 00:18:09 | 000,000,902 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\MP3 Collector.lnk
[2010.12.20 22:48:09 | 000,590,488 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\Vizitka2.tif
[2010.12.20 22:47:05 | 056,557,302 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\Vizitka2.psd
[2010.12.20 22:30:47 | 000,585,432 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\Vizitka1.tif
[2010.12.20 22:26:43 | 056,547,180 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\Vizitka1.psd
[2010.12.19 21:51:18 | 000,000,673 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Alien Breed Impact.lnk
[2010.12.19 18:14:15 | 056,522,831 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\Vizitka2.pdf
[2010.12.19 18:10:23 | 056,508,684 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\Vizitka1.pdf
[2010.12.19 00:57:12 | 000,000,639 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Company of Heroes - Opposing Fronts.lnk
[2010.12.18 20:42:31 | 000,039,936 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\Kryl.xls
[2010.12.17 07:56:10 | 000,000,545 | ---- | M] () -- C:\WINDOWS\UC.PIF
[2010.12.17 07:56:10 | 000,000,545 | ---- | M] () -- C:\WINDOWS\RAR.PIF
[2010.12.17 07:56:10 | 000,000,545 | ---- | M] () -- C:\WINDOWS\PKZIP.PIF
[2010.12.17 07:56:10 | 000,000,545 | ---- | M] () -- C:\WINDOWS\PKUNZIP.PIF
Nahoru
Serifus
Návštěvník
Návštěvník
Příspěvky: 172
Registrován: 19 dub 2008 21:20

Re: Asus Smart Doctor podezřele dlouho startuje...

#24 Příspěvek od Serifus »

[2010.12.17 07:56:10 | 000,000,545 | ---- | M] () -- C:\WINDOWS\NOCLOSE.PIF
[2010.12.17 07:56:10 | 000,000,545 | ---- | M] () -- C:\WINDOWS\LHA.PIF
[2010.12.17 07:56:10 | 000,000,545 | ---- | M] () -- C:\WINDOWS\ARJ.PIF
[2010.12.14 23:37:42 | 002,802,744 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\Škůdka.psd
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.01.06 03:24:19 | 004,148,657 | R--- | C] () -- C:\Documents and Settings\Administrator\Plocha\ttt.com
[2011.01.06 00:09:42 | 000,719,873 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\rkill.exe
[2011.01.03 20:25:39 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011.01.03 20:25:38 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2011.01.03 20:23:49 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.01.03 20:23:49 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.01.03 20:23:49 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.01.03 20:23:49 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.01.03 20:23:49 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.01.03 19:39:24 | 000,037,570 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\error.JPG
[2011.01.03 08:27:49 | 000,000,545 | ---- | C] () -- C:\WINDOWS\UC.PIF
[2011.01.03 08:27:49 | 000,000,545 | ---- | C] () -- C:\WINDOWS\RAR.PIF
[2011.01.03 08:27:49 | 000,000,545 | ---- | C] () -- C:\WINDOWS\PKZIP.PIF
[2011.01.03 08:27:49 | 000,000,545 | ---- | C] () -- C:\WINDOWS\PKUNZIP.PIF
[2011.01.03 08:27:49 | 000,000,545 | ---- | C] () -- C:\WINDOWS\NOCLOSE.PIF
[2011.01.03 08:27:49 | 000,000,545 | ---- | C] () -- C:\WINDOWS\LHA.PIF
[2011.01.03 08:27:49 | 000,000,545 | ---- | C] () -- C:\WINDOWS\ARJ.PIF
[2011.01.03 02:53:50 | 000,220,832 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2011.01.02 22:33:50 | 000,000,805 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Music Transfer Utility Ver.1.5.lnk
[2011.01.02 22:33:40 | 000,000,246 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\PIXELA Product Registration.url
[2011.01.02 22:33:40 | 000,000,246 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\ImageMixer 3 SE Homepage.url
[2011.01.02 22:33:39 | 000,000,871 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\ImageMixer 3 SE Ver.4.5.lnk
[2011.01.02 19:48:09 | 000,001,635 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Vegas 7.0.lnk
[2010.12.27 21:06:51 | 000,001,057 | ---- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\vso_ts_preview.xml
[2010.12.27 21:06:35 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\pcouffin.log
[2010.12.27 21:06:31 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\inst.exe
[2010.12.27 21:06:31 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\pcouffin.cat
[2010.12.27 21:06:31 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\pcouffin.inf
[2010.12.27 21:06:29 | 000,000,865 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\ConvertXtoDVD 4.lnk
[2010.12.27 20:48:17 | 000,000,716 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\KMPlayer.lnk
[2010.12.27 20:18:32 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.12.27 00:38:01 | 000,060,928 | ---- | C] () -- C:\Documents and Settings\Administrator\Dokumenty\Kryl2.xls
[2010.12.27 00:18:09 | 000,000,902 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\MP3 Collector.lnk
[2010.12.21 18:50:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Graffiti5.2Pin.ini
[2010.12.21 18:50:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\qtmlClient.dll
[2010.12.21 18:50:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\BFXSrcFilter.ax
[2010.12.21 18:42:07 | 000,000,349 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI
[2010.12.19 21:51:18 | 000,000,673 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Alien Breed Impact.lnk
[2010.12.19 18:17:36 | 000,585,432 | ---- | C] () -- C:\Documents and Settings\Administrator\Dokumenty\Vizitka1.tif
[2010.12.19 18:17:15 | 000,590,488 | ---- | C] () -- C:\Documents and Settings\Administrator\Dokumenty\Vizitka2.tif
[2010.12.19 18:14:07 | 056,522,831 | ---- | C] () -- C:\Documents and Settings\Administrator\Dokumenty\Vizitka2.pdf
[2010.12.19 18:13:51 | 056,557,302 | ---- | C] () -- C:\Documents and Settings\Administrator\Dokumenty\Vizitka2.psd
[2010.12.19 17:57:12 | 056,508,684 | ---- | C] () -- C:\Documents and Settings\Administrator\Dokumenty\Vizitka1.pdf
[2010.12.19 17:56:22 | 056,547,180 | ---- | C] () -- C:\Documents and Settings\Administrator\Dokumenty\Vizitka1.psd
[2010.12.19 00:57:12 | 000,000,639 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Company of Heroes - Opposing Fronts.lnk
[2010.12.14 23:37:41 | 002,802,744 | ---- | C] () -- C:\Documents and Settings\Administrator\Dokumenty\Škůdka.psd
[2010.12.12 05:19:03 | 000,039,936 | ---- | C] () -- C:\Documents and Settings\Administrator\Dokumenty\Kryl.xls
[2010.12.01 20:50:11 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\fusioncache.dat
[2010.11.21 20:17:33 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\rmc_rtspdl.dll
[2010.11.19 02:54:17 | 000,000,168 | ---- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\default.rss
[2010.11.17 18:38:53 | 000,004,444 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2010.11.09 21:40:41 | 000,138,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.11.08 20:05:26 | 000,436,792 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.10.10 20:39:31 | 000,000,063 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010.10.04 16:43:48 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.10.04 16:43:48 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.10.04 16:43:48 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\asrussian.dll
[2010.10.04 16:43:48 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\askorean.dll
[2010.10.04 16:43:48 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\asjapan.dll
[2010.10.04 16:43:48 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\ASCHT.dll
[2010.10.04 16:43:48 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\aschs.dll
[2010.10.04 16:43:48 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\asgerman.dll
[2010.10.04 16:43:48 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\asfrench.dll
[2010.10.04 16:43:48 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\aseng.dll
[2010.10.04 16:43:48 | 000,000,018 | ---- | C] () -- C:\WINDOWS\System32\atkid.ini
[2010.10.02 20:06:36 | 000,191,488 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.02 18:41:26 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.10.02 18:24:51 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.10.02 18:24:51 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.10.02 18:24:45 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.10.02 17:03:01 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.10.02 15:28:55 | 000,190,976 | ---- | C] () -- C:\WINDOWS\System32\WgaLogon.dll
[2010.10.02 13:02:31 | 000,080,416 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2008.04.14 07:51:46 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2008.04.14 07:51:46 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2008.04.14 07:51:46 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2008.04.14 07:51:46 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2008.04.14 07:51:46 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
[2002.03.21 14:39:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\UNACEV2.DLL
[2002.03.20 21:01:06 | 000,006,688 | ---- | C] () -- C:\WINDOWS\System32\Digita.sys
[2002.03.20 21:00:20 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TransportUSB.dll
[2002.03.20 21:00:20 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TransportSerial.dll
[2002.03.20 21:00:20 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TransportIrDA.dll
[2002.03.20 21:00:20 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TransportIrCOMM.dll

========== LOP Check ==========

[2010.10.10 20:42:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ACD Systems
[2010.12.01 20:51:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Autodesk
[2010.11.08 22:59:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Avanquest
[2010.11.23 17:27:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Canon
[2010.10.02 18:54:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Convivea
[2010.12.17 23:51:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DAEMON Tools Lite
[2011.01.03 08:29:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\GHISLER
[2010.11.19 23:01:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Graphisoft
[2010.10.31 17:58:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Miranda
[2010.12.27 21:00:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\proDAD
[2011.01.02 19:54:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Publish Providers
[2011.01.03 00:45:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sony
[2011.01.01 04:37:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\uTorrent
[2010.12.27 21:10:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Vso
[2010.10.10 21:06:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ACD Systems
[2010.10.02 15:36:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.12.01 20:47:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk
[2010.11.23 17:14:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2010.12.17 23:45:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.12.27 21:07:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
[2010.12.27 21:04:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio Plus
[2010.12.21 18:47:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio Ultimate
[2010.12.27 21:08:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio Ultimate Collection
[2010.10.02 19:45:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SlySoft
[2011.01.02 19:49:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sony
[2010.12.27 21:04:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Studio 14

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 07:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"ASUS SmartDoctor" = C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe /start -- [2010.04.02 11:10:58 | 001,212,416 | ---- | M] (ASUSTeK Inc.)

< c:\windows\*.* /U >
[4 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.10.10 20:42:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ACD Systems
[2011.01.01 21:52:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Adobe
[2010.12.01 20:51:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Autodesk
[2010.11.08 22:59:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Avanquest
[2010.11.23 17:27:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Canon
[2010.10.02 18:54:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Convivea
[2010.12.17 23:51:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DAEMON Tools Lite
[2011.01.03 08:29:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\GHISLER
[2010.11.19 19:36:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Google
[2010.11.19 23:01:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Graphisoft
[2010.10.10 21:19:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Hamachi
[2010.10.03 20:16:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Help
[2010.10.02 15:26:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Identities
[2010.10.02 20:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\InstallShield
[2010.12.19 21:56:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\InstallShield Installation Information
[2010.10.02 15:34:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Macromedia
[2011.01.05 18:13:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Media Player Classic
[2010.12.27 21:09:02 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
[2010.10.31 17:58:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Miranda
[2010.12.27 22:26:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Nero
[2010.11.15 23:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\NVIDIA
[2010.12.27 21:00:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\proDAD
[2011.01.02 19:54:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Publish Providers
[2010.10.11 17:40:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Real
[2010.10.29 22:12:34 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Administrator\Data aplikací\SecuROM
[2011.01.05 01:50:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Skype
[2011.01.05 00:07:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\skypePM
[2011.01.03 00:45:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sony
[2010.11.19 01:37:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sun
[2011.01.01 04:37:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\uTorrent
[2010.12.27 21:10:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Vso
[2011.01.03 22:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Winamp
[2010.10.30 22:47:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\WinRAR

< %APPDATA%\*.exe /s >
[2010.12.27 21:06:31 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\inst.exe
[2008.03.28 09:07:22 | 000,020,992 | ---- | M] (Convivea Inc (c) 2006) -- C:\Documents and Settings\Administrator\Data aplikací\Convivea\Bit_Che\languages\compare.exe
[2007.07.11 18:43:04 | 000,024,557 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Convivea\Bit_Che\scripts\special.exe
[2008.03.28 09:02:12 | 000,060,928 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Convivea\Bit_Che\scripts\update.exe
[2009.04.10 17:40:40 | 000,118,784 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Convivea\Bit_Che\scripts\x.exe
[2010.12.19 21:51:27 | 000,331,776 | ---- | M] (Epic Games ) -- C:\Documents and Settings\Administrator\Data aplikací\InstallShield Installation Information\{6530FDAA-5B1F-4830-95BB-650E9804D239}\setup.exe
[2010.10.02 15:34:15 | 002,826,192 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\Administrator\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
[2010.12.27 21:09:02 | 000,029,926 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{6DE721A5-5E89-4D74-994C-652BB3C0672E}\ARPPRODUCTICON.exe


< MD5 for: AGP440.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: CDROM.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 07:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 07:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 07:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 07:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.13 23:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

< MD5 for: IASTOR.SYS >
[2010.10.02 13:02:34 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\WINDOWS\NLDRV\004\iastor.sys
[2010.10.02 13:02:34 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\WINDOWS\system32\drivers\iaStor.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 08:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 07:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 07:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 07:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 07:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 07:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 07:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.13 23:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 07:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 07:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009.03.08 03:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
[2009.03.08 03:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll
[2010.11.06 01:23:36 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iepeers.dll
[10 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.11.08 20:05:26 | 000,436,792 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2010.10.02 16:59:07 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010.10.02 16:59:07 | 001,093,632 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010.10.02 16:59:07 | 000,495,616 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[2009.03.08 03:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
[2009.03.08 03:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll
[2010.11.06 01:23:36 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iepeers.dll
[10 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.01.03 22:16:21 | 000,002,553 | ---- | M] () -- C:\WINDOWS\system32\CONFIG.NT
[2011.01.06 03:57:30 | 000,090,708 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2011.01.06 03:57:30 | 000,079,200 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2011.01.06 03:57:30 | 000,455,082 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2011.01.06 03:57:30 | 000,458,566 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2011.01.03 21:42:24 | 001,098,572 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[10 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< End of report >
Nahoru
Serifus
Návštěvník
Návštěvník
Příspěvky: 172
Registrován: 19 dub 2008 21:20

Re: Asus Smart Doctor podezřele dlouho startuje...

#25 Příspěvek od Serifus »

OTL Extras logfile created on: 06.01.2011 20:34:13 - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\Administrator\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 75,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 20,28 Gb Free Space | 20,77% Space Free | Partition Type: NTFS
Drive J: | 195,31 Gb Total Space | 4,50 Gb Free Space | 2,31% Space Free | Partition Type: NTFS
Drive K: | 122,07 Gb Total Space | 74,39 Gb Free Space | 60,94% Space Free | Partition Type: NTFS
Drive M: | 516,48 Gb Total Space | 176,99 Gb Free Space | 34,27% Space Free | Partition Type: NTFS
Drive P: | 149,05 Gb Total Space | 11,47 Gb Free Space | 7,70% Space Free | Partition Type: NTFS

Computer Name: SERIFUS | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Photo Manager 12.Manage] -- "C:\Program Files\ACD Systems\ACDSee\12.0\ACDSeeQV12.exe" "%1" (ACD Systems International Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Miranda\miranda32.exe" = C:\Miranda\miranda32.exe:*:Enabled:Miranda IM -- ( )
"M:\STRONG\StrongDC.exe" = M:\STRONG\StrongDC.exe:*:Enabled:StrongDC++ -- ()
"C:\Program Files\Hamachi\hamachi.exe" = C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi Client -- (LogMeIn Inc.)
"I:\Hry\LEFT 4 DEAD\Valve\Left 4 Dead\left4dead.exe" = I:\Hry\LEFT 4 DEAD\Valve\Left 4 Dead\left4dead.exe:*:Enabled:left4dead -- File not found
"P:\ZORÍKA\miranda32.exe" = P:\ZORÍKA\miranda32.exe:*:Enabled:Miranda IM -- File not found
"K:\Hry\Team Fortress 2\Team Fortress 2\Team Fortress 2\hl2.exe" = K:\Hry\Team Fortress 2\Team Fortress 2\Team Fortress 2\hl2.exe:*:Disabled:hl2 -- File not found
"C:\Program Files\Graphisoft\ArchiCAD 13\ArchiCAD.exe" = C:\Program Files\Graphisoft\ArchiCAD 13\ArchiCAD.exe:*:Disabled:ArchiCAD 13.0.0 Component -- (Graphisoft R&D)
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Documents and Settings\Administrator\Local Settings\Temp\bccad7febc29458fb6981eefccf81e73\RelicDownloader.exe" = C:\Documents and Settings\Administrator\Local Settings\Temp\bccad7febc29458fb6981eefccf81e73\RelicDownloader.exe:*:Disabled:Relic Patch Download Manager -- File not found
"K:\Hry\oh\RelicCOH.exe" = K:\Hry\oh\RelicCOH.exe:*:Disabled:RelicCOH -- File not found
"K:\Hry\oh\RelicDownloader\RelicDownloader.exe" = K:\Hry\oh\RelicDownloader\RelicDownloader.exe:*:Disabled:Relic Patch Download Manager -- File not found
"K:\Hry\CoH OF\RelicCOH.exe" = K:\Hry\CoH OF\RelicCOH.exe:*:Disabled:RelicCOH -- (THQ Canada Inc.)
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- File not found
"C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe" = C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe:*:Enabled:Render Manager -- File not found
"C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe" = C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe:*:Enabled:Studio -- File not found
"C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe" = C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe:*:Enabled:umi -- File not found
"C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Disabled:Winamp -- (Nullsoft, Inc.)
"C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe" = C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe:*:Enabled:Render Manager -- (Pinnacle Systems)
"C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe" = C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe:*:Enabled:Studio -- (Pinnacle Systems)
"C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe" = C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe:*:Enabled:umi -- (Pinnacle Systems)
"P:\ZORÍKA\totalcmd\TOTALCMD.EXE" = P:\ZORÍKA\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit -- File not found


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00060000-0000-1004-8002-0000C06B5161}" = WIBU-KEY Setup (WIBU-KEY Remove)
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP160" = Canon MP160
"{14574B7F-75D1-4718-B7F2-EBF6E2862A35}" = Company of Heroes - FAKEMSI
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{171E6C1E-B5FC-11DF-B115-005056C00008}" = Google Earth Plug-in
"{199E6632-EB28-4F73-AECB-3E192EB92D18}" = Company of Heroes - FAKEMSI
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{25724802-CC14-4B90-9F3B-3D6955EE27B1}" = Company of Heroes - FAKEMSI
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 23
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{28C7E8E5-F0E4-4CF3-A823-AD49BFF4DE9A}" = ImageMixer 3 SE Ver.4.5 Video Tools
"{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}" = ASUS Gamer OSD
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}" = Company of Heroes - FAKEMSI
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3AB65E95-37D6-4DD7-8862-29AED3AFD54B}" = Google SketchUp Pro 8
"{4028A420-8CB5-4F9C-B698-6EBA5491256D}" = ImageMixer 3 SE Ver.4.5 Transfer Utility
"{44D02D8B-FFB3-4245-8D26-68D10B4C4023}" = Canyon USB PC Camera
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50193078-F553-4EBA-AA77-64C9FAA12F98}" = Company of Heroes - FAKEMSI
"{51D718D1-DA81-4FAD-919F-5C1CE3C33379}" = Company of Heroes - FAKEMSI
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5783F2D7-4001-0405-0002-0060B0CE6BBA}" = AutoCAD 2006 - Český
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{6530FDAA-5B1F-4830-95BB-650E9804D239}" = UE3Redist
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{66F78C51-D108-4F0C-A93C-1CBE74CE338F}" = Company of Heroes - FAKEMSI
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Ovladače videa společnosti Pinnacle
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}" = Company of Heroes - FAKEMSI
"{809D7E6D-915D-4EAD-821F-E13D93F37161}" = ASUS Smart Doctor
"{80D03817-7943-4839-8E96-B9F924C5E67D}" = Company of Heroes - FAKEMSI
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{878D2EB2-2D55-42A9-955E-1E08F28529FD}" = Sony Media Manager 2.2
"{87E6A443-536D-4047-AAC9-40947FC3333A}" = Music Transfer Utility Ver.1.5
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90280405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional s aplikací FrontPage
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{97E5205F-EA4F-438F-B211-F1846419F1C1}" = Company of Heroes - FAKEMSI
"{99A7722D-9ACB-43F3-A222-ABC7133F159E}" = Company of Heroes - FAKEMSI
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5CBD7C5-CF16-443F-A4F2-3503C9DE311B}" = ACDSee Photo Manager 12
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADD1C8F-D59F-4D55-A726-768C71A205A8}" = Pinnacle Studio 14
"{AC76BA86-1029-4770-7760-000000000004}" = Adobe Acrobat 9 Pro - Czech, Hungarian, Polish, Slovak
"{AC76BA86-1029-4770-7760-000000000004}_941" = Adobe Acrobat 9.4.1 - CPSID_83708
"{AC76BA86-1029-4770-7760-000000000004}{AC76BA86-1029-4770-7760-000000000004}" = Adobe Acrobat 9 Pro - Czech, Hungarian, Polish, Slovak
"{BA801B94-C28D-46EE-B806-E1E021A3D519}" = Company of Heroes - FAKEMSI
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
Nahoru
Serifus
Návštěvník
Návštěvník
Příspěvky: 172
Registrován: 19 dub 2008 21:20

Re: Asus Smart Doctor podezřele dlouho startuje...

#26 Příspěvek od Serifus »

"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D4D244D1-05E0-4D24-86A2-B2433C435671}" = Company of Heroes - FAKEMSI
"{D9DA5C41-964F-455F-B5E7-3664519440E8}_is1" = Bit Che
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.12.327
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DFB951D6-4270-42D8-B4B7-AA4B01911DC3}" = Sony Vegas 7.0
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{EAF636A9-F664-4703-A659-85A894DA264F}" = Company of Heroes - FAKEMSI
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5C372A1-40F3-49DA-A049-F75CDE9177DC}" = Pinnacle Studio Ultimate Collection Plugins
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"001FFF1FFF13FF00FF0701F00F02F000-R1" = ArchiCAD 13 INT
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Alien Breed: Impact_is1" = Alien Breed: Impact
"AnyDVD" = AnyDVD
"Autodesk DWF Viewer" = Autodesk DWF Viewer
"avast5" = avast! Free Antivirus
"CanonMyPrinter" = Canon My Printer
"CCleaner" = CCleaner
"Collectorz.com MP3 Collector" = Collectorz.com MP3 Collector
"Company of Heroes" = Company of Heroes
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Hamachi" = Hamachi 1.0.2.5
"ie8" = Windows Internet Explorer 8
"InstallShield_{809D7E6D-915D-4EAD-821F-E13D93F37161}" = ASUS Smart Doctor
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.4.0
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MP Navigator 3.0" = Canon MP Navigator 3.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PowerISO" = PowerISO
"QuicktimeAlt_is1" = QuickTime Alternative 3.2.2
"RealAlt_is1" = Real Alternative 2.0.2
"Replay Media Catcher 3.11" = Replay Media Catcher 3.11
"The KMPlayer" = The KMPlayer (remove only)
"uTorrent" = µTorrent
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"xvid" = XviD MPEG-4 Video Codec

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1614895754-1644491937-1417001333-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"InstallShield_{6530FDAA-5B1F-4830-95BB-650E9804D239}" = UE3Redist
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 27.12.2010 15:42:31 | Computer Name = SERIFUS | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 3.0-kb967328,
P2 1029, P3 1601, P4 msi, P5 f, P6 9.0.31211.0, P7 install, P8 x86, P9 xp, P10
0.

Error - 27.12.2010 15:46:39 | Computer Name = SERIFUS | Source = MsiInstaller | ID = 1014
Description = Informace o serveru proxy pro Instalační službu systému Windows nejsou
správně zaregistrovány.

Error - 27.12.2010 15:46:48 | Computer Name = SERIFUS | Source = MsiInstaller | ID = 1014
Description = Informace o serveru proxy pro Instalační službu systému Windows nejsou
správně zaregistrovány.

Error - 27.12.2010 16:43:00 | Computer Name = SERIFUS | Source = MsiInstaller | ID = 1013
Description = Produkt: Microsoft .NET Framework 3.0 Service Pack 2 - Microsoft .NET
Framework 3.0 Service Pack 2 cannot be uninstalled because it will affect other
applications that are installed. For more information, see http://go.microsoft.com/fwlink/?LinkId=91126.

Error - 27.12.2010 16:43:36 | Computer Name = SERIFUS | Source = MsiInstaller | ID = 1013
Description = Produkt: Microsoft .NET Framework 3.0 Service Pack 2 - Microsoft .NET
Framework 3.0 Service Pack 2 cannot be uninstalled because it will affect other
applications that are installed. For more information, see http://go.microsoft.com/fwlink/?LinkId=91126.

Error - 27.12.2010 17:44:27 | Computer Name = SERIFUS | Source = Application Error | ID = 1000
Description = Chybující aplikace gnetmous.exe, verze 1.0.1.0, chybující modul unknown,
verze 0.0.0.0, adresa chyby 0x64643664.

Error - 27.12.2010 18:41:20 | Computer Name = SERIFUS | Source = .NET Runtime Optimization Service | ID = 1101
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Failed to compile: PresentationUI, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35
. Error code = 0x80070002

Error - 27.12.2010 18:41:29 | Computer Name = SERIFUS | Source = Application Error | ID = 1000
Description = Chybující aplikace studio.exe, verze 14.0.0.7255, chybující modul
msvcr90.dll, verze 9.0.30729.4148, adresa chyby 0x0006ccb5.

Error - 27.12.2010 18:47:16 | Computer Name = SERIFUS | Source = Application Error | ID = 1001
Description = Chybný blok 1480991611

Error - 28.12.2010 1:15:55 | Computer Name = SERIFUS | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace mpc-hc.exe, verze 1.4.2543.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 19.12.2010 14:48:31 | Computer Name = SERIFUS | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 5.207.98.77 pro síťovou kartu se síťovou
adresou 7A7905CF624D byla ukončena.

Error - 19.12.2010 14:49:30 | Computer Name = SERIFUS | Source = Dhcp | ID = 1001
Description = Počítači nebyla přiřazena síťová adresa (serverem DHCP) pro síťovou
kartu se síťovou adresou 7A7905CF624D. Došlo k následující chybě: %%121. Počítač
se bude pokoušet získat síťovou adresu samostatně ze serveru DHCP.


< End of report >
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Asus Smart Doctor podezřele dlouho startuje...

#27 Příspěvek od motji »

Nevidiím nic :o

:arrow: Otestujte na www.virustotal.com
C:\WINDOWS\System32\rmc_rtspdl.dll


:arrow: Stáhněte Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878
- rozbalte a spusťte
-proběhne sken, po skončení se otevře okno s výsledky, klikněte na Save a tím si uložíte log,který sem vložíte

-Podle návodu v odkazu provedete druhý sken a log sem také vložíte.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Serifus
Návštěvník
Návštěvník
Příspěvky: 172
Registrován: 19 dub 2008 21:20

Re: Asus Smart Doctor podezřele dlouho startuje...

#28 Příspěvek od Serifus »

motji píše:Nevidiím nic :o

:arrow: Otestujte na http://www.virustotal.com
C:\WINDOWS\System32\rmc_rtspdl.dll
File name: rmc_rtspdl.dll
Submission date: 2011-01-06 20:58:16 (UTC)
Current status: queued queued (#7) analysing finished


Result: 0/ 43 (0.0%)




:arrow: Stáhněte Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878
- rozbalte a spusťte
-proběhne sken, po skončení se otevře okno s výsledky, klikněte na Save a tím si uložíte log,který sem vložíte
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit quick scan 2011-01-06 22:01:03
Windows 5.1.2600 Service Pack 3 Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-0 Intel___ rev.1.0.
Running: gmer.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\kxrdypod.sys


---- System - GMER 1.0.15 ----

SSDT sptd.sys ZwEnumerateKey [0xB7F03FFE]
SSDT sptd.sys ZwEnumerateValueKey [0xB7F0438C]

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xB44CE75E]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0xB44CE582]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0xB44CE6BC]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Devices - GMER 1.0.15 ----

Device \Driver\iaStor \Device\Ide\iaStor0 [B7D50360] iaStor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 [B7DE9B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 [B7DE9B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [B7DE9B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c [B7DE9B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\iaStor \Device\Ide\IAAStorageDevice-0 [B7D50360] iaStor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)
Device \FileSystem\Ntfs \Ntfs 8A6471F8

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

---- EOF - GMER 1.0.15 ----
Nahoru
Serifus
Návštěvník
Návštěvník
Příspěvky: 172
Registrován: 19 dub 2008 21:20

Re: Asus Smart Doctor podezřele dlouho startuje...

#29 Příspěvek od Serifus »

-Podle návodu v odkazu provedete druhý sken a log sem také vložíte.
GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-01-06 22:57:54
Windows 5.1.2600 Service Pack 3 Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-0 Intel___ rev.1.0.
Running: gmer.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\kxrdypod.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwAllocateVirtualMemory [0xB44BA7D4]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwClose [0xB44C171E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateKey [0xB44C15D6]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDeleteKey [0xB44C1BDC]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDeleteValueKey [0xB44C1AF2]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwDuplicateObject [0xB44C11AA]
SSDT sptd.sys ZwEnumerateKey [0xB7F03FFE]
SSDT sptd.sys ZwEnumerateValueKey [0xB7F0438C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwFreeVirtualMemory [0xB44BA884]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenKey [0xB44C16B2]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenProcess [0xB44C10E6]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwOpenThread [0xB44C114C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwProtectVirtualMemory [0xB44BA91C]
SSDT sptd.sys ZwQueryKey [0xB7F04464]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwQueryValueKey [0xB44C17F6]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRenameKey [0xB44C1CAA]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRestoreKey [0xB44C17B4]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwSetValueKey [0xB44C1938]

INT 0x63 ? 8A648CC8
INT 0x73 ? 8A619CC8
INT 0x73 ? 8A619CC8
INT 0x73 ? 89B9BDE8
INT 0x73 ? 8A619CC8
INT 0x94 ? 89B9BDE8
INT 0x94 ? 89B9BDE8
INT 0x94 ? 89B9BDE8
INT 0x94 ? 89B9BDE8
INT 0xA4 ? 89B9BDE8
INT 0xB4 ? 89B9BDE8

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xB44CE75E]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0xB44CE582]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0xB44CE6BC]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Kernel code sections - GMER 1.0.15 ----

PAGE ntkrnlpa.exe!ZwLoadDriver 8058413A 7 Bytes JMP B44CE6C0 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!NtCreateSection 805AB38E 7 Bytes JMP B44CE586 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObMakeTemporaryObject 805BC502 5 Bytes JMP B44CA11E \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ObInsertObject 805C2F86 5 Bytes JMP B44CBBB8 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
PAGE ntkrnlpa.exe!ZwCreateProcessEx 805D1134 7 Bytes JMP B44CE762 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)
.sptd2 C:\WINDOWS\system32\drivers\sptd.sys entry point in ".sptd2" section [0xB7F8CD38]
? C:\WINDOWS\system32\drivers\sptd.sys Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
.text USBPORT.SYS!DllUnload B7B6D8AC 5 Bytes JMP 89B9B2F8
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB71103A0, 0x59FFE5, 0xE8000020]
init C:\WINDOWS\System32\atkosdmini.dll entry point in "init" section [0xBD042480]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Replay Media Catcher\FLVSrvc.exe[248] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Replay Media Catcher\FLVSrvc.exe[248] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Replay Media Catcher\FLVSrvc.exe[248] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Replay Media Catcher\FLVSrvc.exe[248] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Replay Media Catcher\FLVSrvc.exe[248] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Replay Media Catcher\FLVSrvc.exe[248] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Replay Media Catcher\FLVSrvc.exe[248] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Replay Media Catcher\FLVSrvc.exe[248] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Replay Media Catcher\FLVSrvc.exe[248] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Replay Media Catcher\FLVSrvc.exe[248] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Replay Media Catcher\FLVSrvc.exe[248] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Replay Media Catcher\FLVSrvc.exe[248] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Replay Media Catcher\FLVSrvc.exe[248] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Replay Media Catcher\FLVSrvc.exe[248] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Replay Media Catcher\FLVSrvc.exe[248] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Canon\MyPrinter\BJMyPrt.exe[256] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Canon\MyPrinter\BJMyPrt.exe[256] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Canon\MyPrinter\BJMyPrt.exe[256] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Canon\MyPrinter\BJMyPrt.exe[256] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Canon\MyPrinter\BJMyPrt.exe[256] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Canon\MyPrinter\BJMyPrt.exe[256] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Canon\MyPrinter\BJMyPrt.exe[256] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Canon\MyPrinter\BJMyPrt.exe[256] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Canon\MyPrinter\BJMyPrt.exe[256] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Canon\MyPrinter\BJMyPrt.exe[256] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Canon\MyPrinter\BJMyPrt.exe[256] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Canon\MyPrinter\BJMyPrt.exe[256] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Canon\MyPrinter\BJMyPrt.exe[256] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Canon\MyPrinter\BJMyPrt.exe[256] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\Canon\MyPrinter\BJMyPrt.exe[256] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe[296] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe[296] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe[296] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe[296] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe[296] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe[296] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe[296] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe[296] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe[296] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe[296] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe[296] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe[296] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe[296] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe[296] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe[296] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[448] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[448] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[448] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[448] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[448] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
Nahoru
Serifus
Návštěvník
Návštěvník
Příspěvky: 172
Registrován: 19 dub 2008 21:20

Re: Asus Smart Doctor podezřele dlouho startuje...

#30 Příspěvek od Serifus »

.text C:\WINDOWS\system32\spoolsv.exe[448] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[448] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[448] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[448] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[448] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[448] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[448] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[448] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[448] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\spoolsv.exe[448] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[532] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[532] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[532] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[532] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[532] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[532] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[532] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[532] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[532] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[532] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[532] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[532] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[532] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[532] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\ctfmon.exe[532] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe[604] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe[604] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe[604] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe[604] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe[604] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe[604] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe[604] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe[604] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe[604] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe[604] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe[604] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe[604] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe[604] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe[604] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe[604] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[900] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[900] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[900] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[900] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[900] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[900] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[900] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[900] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[900] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[900] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[900] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[900] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[900] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[900] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\Explorer.EXE[900] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[960] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[960] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[960] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[960] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[960] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[960] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[960] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[960] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[960] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[960] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[960] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[960] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[960] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[960] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\winlogon.exe[960] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[1004] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[1004] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[1004] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[1004] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[1004] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[1004] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[1004] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[1004] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[1004] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[1004] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[1004] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[1004] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[1004] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[1004] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\services.exe[1004] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[1016] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[1016] ntdll.dll!LdrUnloadDll 7C91738B 5 Bytes JMP 64D065B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[1016] ADVAPI32.dll!SetServiceObjectSecurity 77E26D81 5 Bytes JMP 64D09940 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[1016] ADVAPI32.dll!ChangeServiceConfigA 77E26E69 5 Bytes JMP 64D076E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[1016] ADVAPI32.dll!ChangeServiceConfigW 77E27001 5 Bytes JMP 64D07AD0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[1016] ADVAPI32.dll!ChangeServiceConfig2A 77E27101 5 Bytes JMP 64D07E90 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[1016] ADVAPI32.dll!ChangeServiceConfig2W 77E27189 5 Bytes JMP 64D07FC0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[1016] ADVAPI32.dll!CreateServiceA 77E27211 5 Bytes JMP 64D06A40 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[1016] ADVAPI32.dll!CreateServiceW 77E273A9 5 Bytes JMP 64D06EB0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[1016] ADVAPI32.dll!DeleteService 77E274B1 5 Bytes JMP 64D074E0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[1016] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 64D0B5C0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[1016] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 64D0B740 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[1016] USER32.dll!SetWindowsHookExA 7E381211 5 Bytes JMP 64D0B440 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[1016] USER32.dll!SetWinEventHook 7E3817F7 5 Bytes JMP 64D0B1B0 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\lsass.exe[1016] USER32.dll!UnhookWinEvent 7E3818AC 5 Bytes JMP 64D0B330 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
.text C:\WINDOWS\system32\nvsvc32.exe[1172] ntdll.dll!LdrLoadDll 7C9163C3 5 Bytes JMP 64D06550 C:\Program Files\Alwil Software\Avast5\snxhk.dll (avast! snxhk/AVAST Software)
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“