Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu - podezření na vir

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
monoera
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 95
Registrován: 26 led 2011 07:52
Bydliště: Zlínský kraj

Re: Prosím o kontrolu logu - podezření na vir

#16 Příspěvek od monoera »

Přeinstalovat jsem je nezkoušela - hned to zkusím. ale tatkéž mi zamrzá občas celé pc (asi 1x za 5 minut) a znovu se rozjede, když přez správce úloh přesunu některou z úloh do popředí. Potom se zase rozjede. Zkusím přeinstalovat mozillu a uvidíme.

Tak mi to u mozilly i seamonkey píše, že je nesprávně odintalován a mám se pokusit o odinstalaci kompatibilní s mou verzí windows. Rozumím tomu jako koza petrželi asi, omlouvám se.

mě se snad vytvořily nějaké nové soubory na D:/ Možná je to práce některého z antivirů a postupů, které jsem v posledních dnech provedla. :arcisit: aplikace musím teď spouštět jako správce. skype se mi někam vypařil, tak ho hledám a seamonky ani mozilla nejdou odinstalovat. :o
Monoera
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prosím o kontrolu logu - podezření na vir

#17 Příspěvek od vyosek »

:arrow: Stahnete Ccleaner (viz muj podpis)
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za 14 dni

:arrow: V CCleaneru na zalozce Nastroje odinstalujte SeaMonkey i Firefox

:arrow: Mate instalacni CD, vypada to, ze system je docela naboren :o
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
monoera
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 95
Registrován: 26 led 2011 07:52
Bydliště: Zlínský kraj

Re: Prosím o kontrolu logu - podezření na vir

#18 Příspěvek od monoera »

ccleaner jsem použila jak píšete (mám ho asi třetí den v pc) ale bohužel seamonkey ani mmozilla nejdou odinstalovat. A instalační CD :cry: nemám. Win 7 mám předinstalované - nouťas je z alza.cz.
Monoera
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prosím o kontrolu logu - podezření na vir

#19 Příspěvek od vyosek »

:arrow: Stahnete tedy Firefox odsud http://www.stahuj.centrum.cz/internet_a_site/firefox/ a zkuste jej nainstalovat
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
monoera
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 95
Registrován: 26 led 2011 07:52
Bydliště: Zlínský kraj

Re: Prosím o kontrolu logu - podezření na vir

#20 Příspěvek od monoera »

:) Úspěšně jsem firefox nainstalovala.... Ovšem problém přetrvává. :roll: :cry: asi vezmu kladívko brzo (sranda)

:) Tak po krátkém testíku prohlížeče to vypadá mnohem lépe. Už asi 10 minut mi neskáče "zpět" - Možná je to tím, že jsem zakázala doplněk skype extension, který tu na mě podněkud vyskočil(odhadem právě od té chvíle mi to nepřeskakuje "zpět").

:) skype jako takový mi včera přestal fungovat, a ikdyž tu mám kopec jeho souborů, tak nejdou použít jako by se někam vypařil ten hlavní spouštěcí soubor. (snad mi rozumíte aspoň trochu)

:) nejnovější zprávy, mozilla vypadá velmi dobře. Zato skype vypadá špatně - nemůžu jej rozchodit. když chci stáhnout nový, tak se mi to přeruší v průběhu stahování vždycky. a starý neumím poskládat do funkční formy.

:D JEŠTĚ NOVĚJŠÍ ZPRÁVY. ČERSTVÝ POKUS O STÁHNUTÍ SKYPE JE ZAMNOU, UŽ JSEM ONLINE. Pravděpodobně tyhle změny k lepšímu nastaly buďto po instalaci firefoxu, nebo až po zakázání doplňku skype extension.

Ještě mi to sem tam zamrzne .. ale je to podstatně méně často. Funguje na to stále přenesení úlohy do popředí, pak to roztaje.

ranní hlášení Prohlížeče jedou, skype včera stáhnutý a nainstalovaný tady opět není... :arcisit:
Monoera
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prosím o kontrolu logu - podezření na vir

#21 Příspěvek od vyosek »

Zdravim, tak na to mrknem - ten doplnek skype pro FF je docela svina, obcas dela bordel

:arrow: Stahnete OTL (viz muj podpis) a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
  • Zaskrtnete okenko Pro vsechny uzivatele
  • Zaskrtnete okenko Kontrola na havet "LOP"
  • Zaskrtnete okenko Kontrola na havet "Purity"
  • Stari souboru zmente z 30 dnu na 7 dnu
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
autochk.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
  • Kliknete na tlacitko Prohledat
  • Po dokonceni skenu (cca 5 az 10 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
monoera
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 95
Registrován: 26 led 2011 07:52
Bydliště: Zlínský kraj

Re: Prosím o kontrolu logu - podezření na vir

#22 Příspěvek od monoera »

:) byla jsem mimo pc, teď jsem chvíli zde. Aplikace již nemusím otevírat jako správce, opět na ně funguje klasický dvojklik.

:)scan trval asi 35 minut, občas proces neodpovídal (nereagoval, neběžel) - Logy po uvedeném procesu:
ten druhý log má asi 68000 znaků a nevejde se do jedné zprávy, tak je zkusím nakouskovat

OTL Extras logfile created on: 28.1.2011 11:05:00 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Erika\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 64,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 188,94 Gb Total Space | 155,64 Gb Free Space | 82,38% Space Free | Partition Type: NTFS
Drive D: | 29,00 Gb Total Space | 23,28 Gb Free Space | 80,30% Space Free | Partition Type: NTFS

Computer Name: ERIKA-PC | User Name: Erika | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3675169020-2619476218-164241709-1003\SOFTWARE\Classes\<extension>]
.html [@ = SeaMonkeyHTML] -- c:\program files\SeaMonkey\seamonkey.exe (mozilla.org)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{068B46A0-8858-4CEB-80BC-A4AE787A05FC}" = Windows Live Sync
"{07119BED-86AE-4AE3-97A5-45A118A3F06A}" = Call of Juarez
"{17542DBF-E17C-4562-BC4D-FA3EF3076C45}" = Lenovo ReadyComm 5
"{1755A94E-CA3D-056D-6EBF-F56CBAAA690C}" = CCC Help Portuguese
"{1D097338-B4FA-4F29-9C43-8D7A970A007E}" = Windows Live Fotogalerie
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23E45635-6E09-B210-BA84-F0A8A4330539}" = Catalyst Control Center Localization All
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3A41C53D-EE2B-9347-D41D-A59AEB302C53}" = CCC Help Chinese Standard
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{3E692081-0878-8C80-6AA6-F4B8E5EB9BE3}" = CCC Help Finnish
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4229CF5A-95F2-023E-690F-BB5572544BA4}" = CCC Help Hungarian
"{432282b5-d708-431a-9ada-abbbbac3f205}" = Business Contact Manager pro aplikaci Outlook 2007 SP1
"{45DF6D99-666D-41FA-8D62-0E183B6240F3}" = PC Connectivity Solution
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{479A749B-1684-4881-8266-BF8DD22251E7}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F1E50D8-D105-7A9E-ACF6-A713447975C7}" = CCC Help Thai
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{520F7B12-0792-AD52-29DD-7B9E93FB1A2B}" = CCC Help Chinese Traditional
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{59DF04B0-A502-0031-C829-0A99D7D25502}" = Catalyst Control Center InstallProxy
"{62AFBC6C-70D4-7E8C-3BC4-FDB060A98DFC}" = CCC Help Dutch
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{69291733-6411-C3F7-7B9C-77D75A7AF58B}" = CCC Help Norwegian
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6DD86DE9-1AE7-41B0-9326-1A90E32BAE88}" = Star Stable 2
"{6E257F26-57FA-4BC9-AE3B-D50AF937DA7F}" = Windows Live Toolbar
"{6FCBA778-04AA-23B0-1279-42B85CA24C43}" = CCC Help Swedish
"{7064B255-EC91-7EC1-6640-A84C123508E9}" = Catalyst Control Center Graphics Light
"{71E40B32-5173-4538-8996-5822DD18E8D4}" = Windows Live Messenger
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{749A1EDD-16C2-4C63-B013-D38F0F953973}" = OviMPlatform
"{76C66170-C538-4E77-B54D-48E136B5B533}" = Lenovo ReadyComm 5.0 Service
"{76D68A9E-5939-41F2-D22E-6C0045590A00}" = CCC Help Czech
"{8112C6B3-91E1-4560-8AB9-876DADFA37C5}" = Ovi Desktop Sync Engine
"{856778AD-BA79-45AA-8B06-16E6F9403A3C}" = 602XML Filler rozšíření pro Mozilla Firefox
"{86B2FD80-64BB-E002-ECF3-1C1E6105320C}" = CCC Help Turkish
"{8871F50A-D92D-07BE-6BB8-EB6D6B03ACBB}" = ccc-utility
"{8991E763-21F5-4DEA-A938-5D9D77DCB488}" = Broadcom 802.11 Wireless Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90A40405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{962C911E-70BB-3530-1349-A31BEDD5515C}" = CCC Help Italian
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
"{9A7124E8-7C79-F2CC-0B4C-44859C384DD4}" = CCC Help Greek
"{9BA1808F-4C75-BDFB-E798-755B4F3F22A2}" = CCC Help Japanese
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{9D5740C5-02C8-3C0E-C4BB-A8C2A82C6A52}" = CCC Help Danish
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = Lenovo Bluetooth with Enhanced Data Rate Software
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A5090413-2251-C33A-6359-CEE203950A5F}" = CCC Help Polish
"{A919F9D2-0F0E-C3B3-7ACF-343B46CFF804}" = CCC Help Spanish
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Součásti připojení sady Microsoft Office Small Business
"{ABD43020-578D-26E4-2D96-04E0A7E44526}" = CCC Help German
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.0 - Czech
"{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}" = Energy Management
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B0490CEE-D5ED-431A-88EB-772D9DB70C0C}" = Windows Live Movie Maker
"{B2164CCB-C002-4B80-8550-7535D80DF237}" = Lenovo DirectShare
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B8B4446F-87E1-4423-A47A-16832C24A199}" = Nokia Ovi Suite
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{D31C5DD0-00AD-3643-CFD2-BE37C8840528}" = CCC Help French
"{D642ACC5-F7E9-48F3-A7EE-B49C5447A10E}" = Samsung PC Studio 3
"{DAD1693D-3C1B-5D29-E44F-96D2362738F3}" = ATI Catalyst Install Manager
"{DB01AC75-7AA5-2F83-D72B-3A914321A030}" = ccc-core-static
"{DCBD3FBC-56C8-24E0-C82E-1ECB0AEB172E}" = CCC Help Korean
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E30378BA-E43E-E4F8-0D35-53C9C0B2A96A}" = Catalyst Control Center Graphics Full Existing
"{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}" = Windows Live Essentials
"{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}" = Windows Live Mail
"{E606D21C-225C-D58E-3497-671288A31AF0}" = CCC Help Russian
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E9388FCD-B25B-D45B-EFDB-954DE076A417}" = CCC Help English
"{ECB1C736-4151-6B4D-7CF0-A54B65430461}" = Catalyst Control Center Core Implementation
"{EE5B5B24-EEFC-4C8B-BF8B-256D705BAD89}" = Nokia Ovi Suite Software Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F542E678-739D-FFCC-A8D1-E42AE775BFFE}" = Catalyst Control Center Graphics Previews Common
"{F827DB7E-9F8F-46BA-9F22-46CE2CEE1D7E}" = Barbie(TM) Dobrodružství s koňmi(TM)
"{FAB43061-FEFB-46E8-A159-96710395DB5E}" = OpenOffice.org 3.2
"{FE7AD27A-62B1-44F6-B69C-25D1ECA94F5D}" = Lenovo EasyCamera
"{FFBEBE24-6961-C161-22CD-EFD23F50DF65}" = Catalyst Control Center Graphics Full New
"0AAD16715A341564716CE9901E2911A02B1EB808" = Balíček ovladače systému Windows - AnyDATA Corporated (adusbser) Modem (09/21/2006 2.0.3.2)
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"5C49EB77B7315FA2E925C43BA449BB322C4D9418" = Balíček ovladače systému Windows - AnyDATA Corporation (adusbser) Ports (09/21/2006 2.0.3.2)
"7-Zip" = 7-Zip 9.20
"A6A8668C0A13640CA28FE2A7D9654BE4AE478B13" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"avast5" = avast! Free Antivirus
"B7541EC5F72AA713F557569278EB6273725F5607" = Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000)
"BF20603967CFDCB2BBF91950E8A56DFBC5C833FE" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"BFGC" = Big Fish Games: Game Manager
"Business Contact Manager" = Business Contact Manager pro aplikaci Outlook 2007 SP1
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!
"Flash Player Pro_is1" = Flash Player Pro V4.4
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{07119BED-86AE-4AE3-97A5-45A118A3F06A}" = Call of Juarez
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237}" = Lenovo DirectShare
"Lexmark 2200 Series" = Lexmark 2200 Series
"Lišta Centrum.cz Toolbar_is1" = Lišta Centrum.cz Toolbar 1.203.023.002
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"Nokia Ovi Suite" = Nokia Ovi Suite
"PhotoFiltre" = PhotoFiltre
"PROHYBRIDR" = 2007 Microsoft Office system
"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SeaMonkey (2.0.11)" = SeaMonkey (2.0.11)
"Ufonuv fofr internet" = Ufonuv fofr internet 3.258.47
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 18.11.2010 9:15:48 | Computer Name = Erika-PC | Source = OviSuite | ID = 1
Description =

Error - 18.11.2010 9:15:48 | Computer Name = Erika-PC | Source = OviSuite | ID = 1
Description =

Error - 18.11.2010 9:15:49 | Computer Name = Erika-PC | Source = OviSuite | ID = 1
Description =

Error - 18.11.2010 9:15:49 | Computer Name = Erika-PC | Source = OviSuite | ID = 1
Description =

Error - 18.11.2010 9:15:49 | Computer Name = Erika-PC | Source = OviSuite | ID = 1
Description =

Error - 18.11.2010 9:15:49 | Computer Name = Erika-PC | Source = OviSuite | ID = 1
Description =

Error - 18.11.2010 9:15:50 | Computer Name = Erika-PC | Source = OviSuite | ID = 1
Description =

Error - 18.11.2010 9:15:50 | Computer Name = Erika-PC | Source = OviSuite | ID = 1
Description =

Error - 18.11.2010 9:15:54 | Computer Name = Erika-PC | Source = OviSuite | ID = 1
Description =

Error - 18.11.2010 9:15:54 | Computer Name = Erika-PC | Source = OviSuite | ID = 1
Description =

[ Media Center Events ]
Error - 6.1.2011 1:07:09 | Computer Name = Erika-PC | Source = MCUpdate | ID = 0
Description = 6:07:09 - Chyba při připojování k Internetu 6:07:09 - Nelze kontaktovat
server..

Error - 6.1.2011 1:07:24 | Computer Name = Erika-PC | Source = MCUpdate | ID = 0
Description = 6:07:15 - Chyba při připojování k Internetu 6:07:15 - Nelze kontaktovat
server..

Error - 12.1.2011 1:00:52 | Computer Name = Erika-PC | Source = MCUpdate | ID = 0
Description = 6:00:52 - Načtení položky MCESpotlight se nezdařilo. (Chyba: Požadavek
se nezdařil se stavem HTTP 503: Service Unavailable.)

Error - 14.1.2011 19:22:35 | Computer Name = Erika-PC | Source = MCUpdate | ID = 0
Description = 0:22:35 - Načtení položky MCESpotlight se nezdařilo. (Chyba: Nadřízené
připojení bylo uzavřeno: Došlo k neočekávané chybě při příjmu.)

Error - 18.1.2011 1:16:45 | Computer Name = Erika-PC | Source = MCUpdate | ID = 0
Description = 6:16:38 - Chyba při připojování k Internetu 6:16:38 - Nelze kontaktovat
server..

Error - 20.1.2011 1:09:06 | Computer Name = Erika-PC | Source = MCUpdate | ID = 0
Description = 6:09:06 - Chyba při připojování k Internetu 6:09:06 - Nelze kontaktovat
server..

Error - 20.1.2011 1:09:19 | Computer Name = Erika-PC | Source = MCUpdate | ID = 0
Description = 6:09:11 - Chyba při připojování k Internetu 6:09:11 - Nelze kontaktovat
server..

Error - 21.1.2011 1:04:21 | Computer Name = Erika-PC | Source = MCUpdate | ID = 0
Description = 6:04:21 - Chyba při připojování k Internetu 6:04:21 - Nelze kontaktovat
server..

Error - 21.1.2011 1:04:33 | Computer Name = Erika-PC | Source = MCUpdate | ID = 0
Description = 6:04:27 - Chyba při připojování k Internetu 6:04:27 - Nelze kontaktovat
server..

Error - 28.1.2011 0:55:47 | Computer Name = Erika-PC | Source = MCUpdate | ID = 0
Description = 5:55:40 - Chyba při připojování k Internetu 5:55:40 - Nelze kontaktovat
server..


========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >
Monoera
Nahoru
monoera
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 95
Registrován: 26 led 2011 07:52
Bydliště: Zlínský kraj

Re: Prosím o kontrolu logu - podezření na vir

#23 Příspěvek od monoera »

OTL logfile created on: 28.1.2011 11:05:00 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Erika\Desktop
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 64,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 188,94 Gb Total Space | 155,64 Gb Free Space | 82,38% Space Free | Partition Type: NTFS
Drive D: | 29,00 Gb Total Space | 23,28 Gb Free Space | 80,30% Space Free | Partition Type: NTFS

Computer Name: ERIKA-PC | User Name: Erika | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2011.01.28 11:02:41 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Erika\Desktop\OTL.exe
PRC - [2011.01.13 09:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011.01.13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.07.23 03:08:57 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010.07.23 03:08:55 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.04.20 05:37:18 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.04.14 10:28:44 | 000,073,728 | ---- | M] (Software602 a.s.) -- C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
PRC - [2010.03.10 08:44:56 | 000,496,184 | ---- | M] (Conexant Systems, Inc.) -- C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe
PRC - [2010.03.03 05:12:32 | 000,372,736 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010.03.03 05:11:58 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009.12.22 13:40:58 | 000,167,008 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Lenovo\YouCam\YouCamTray.exe
PRC - [2009.12.17 07:33:56 | 004,114,368 | ---- | M] (Lenovo(beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\utility.exe
PRC - [2009.12.17 07:31:22 | 006,223,808 | ---- | M] (Lenovo (Beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\Energy Management.exe
PRC - [2009.09.04 11:43:38 | 000,595,232 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IgrsSvcs.exe
PRC - [2009.07.14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009.01.26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2009.01.14 16:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008.09.19 03:39:56 | 003,923,968 | ---- | M] () -- C:\Program Files\Ufonuv fofr internet\EasyWirelessNet.exe
PRC - [2008.01.16 11:26:38 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe


========== Modules (SafeList) ==========

MOD - [2011.01.28 11:02:41 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Erika\Desktop\OTL.exe
MOD - [2011.01.13 09:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2009.07.14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009.07.14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009.07.14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009.07.14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009.07.14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009.07.14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009.07.14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009.07.14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009.07.14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009.07.14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011.01.13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.11.02 05:36:16 | 000,801,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2010.07.23 00:33:32 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.06.14 14:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.04.14 10:28:44 | 000,073,728 | ---- | M] (Software602 a.s.) [Auto | Running] -- C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe -- (602XML Updater)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.03 05:11:58 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.11.17 16:00:54 | 000,575,304 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe -- (Lenovo ReadyComm ConnSvc)
SRV - [2009.09.04 11:43:38 | 000,595,232 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009.08.14 15:22:48 | 000,509,192 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo\ReadyComm\AppSvc.exe -- (Lenovo ReadyComm AppSvc)
SRV - [2009.07.15 06:27:26 | 000,038,152 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS)
SRV - [2009.07.14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009.07.14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009.07.14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009.07.14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009.07.14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009.07.14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc) Protokol PNRP (Peer Name Resolution Protocol)
SRV - [2009.07.14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009.07.14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009.07.14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009.07.14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009.07.14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009.07.14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009.07.14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) Instalační program ovládacích prvků ActiveX (AxInstSV)
SRV - [2009.07.14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\windows\System32\IgrsSvcs.exe -- (ReadyComm.DirectRouter)
SRV - [2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\System32\IgrsSvcs.exe -- (PS_MDP)
SRV - [2009.07.14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009.01.26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2009.01.14 16:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008.01.16 11:26:38 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)


========== Driver Services (SafeList) ==========

DRV - [2011.01.13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.01.13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.01.13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.01.13 09:37:19 | 000,051,280 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011.01.13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.03.12 04:23:14 | 000,189,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2010.03.03 05:22:26 | 005,340,160 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag)
DRV - [2010.03.03 04:07:16 | 000,152,064 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010.02.02 16:47:32 | 002,707,448 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2010.01.18 10:45:00 | 000,514,104 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2009.12.22 03:26:36 | 000,030,392 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2009.12.11 08:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009.11.13 10:47:50 | 000,058,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2009.10.16 19:37:30 | 000,171,776 | ---- | M] (SMI) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SMIksdrv.sys -- (usbsmi)
DRV - [2009.09.14 19:04:28 | 000,217,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2009.09.03 11:16:14 | 000,021,256 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV - [2009.08.29 03:15:20 | 000,086,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2009.08.29 03:15:16 | 000,108,072 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2009.08.29 03:15:12 | 000,018,472 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2009.08.23 23:55:32 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV - [2009.07.28 22:09:36 | 000,063,240 | ---- | M] (Lenovo) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdbridge.sys -- (Bridge0)
DRV - [2009.07.21 22:14:58 | 000,081,704 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wsvd.sys -- (wsvd)
DRV - [2009.07.16 13:37:14 | 000,011,792 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WDMirror.sys -- (wdmirror)
DRV - [2009.07.14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009.07.14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009.07.14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009.07.14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009.07.14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009.07.14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009.07.14 02:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009.07.14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009.07.14 02:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009.07.14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009.07.14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009.07.14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009.07.14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009.07.14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009.07.14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009.07.14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009.07.14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009.07.14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009.07.14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009.07.14 02:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009.07.14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009.07.14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009.07.14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009.07.14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009.07.14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009.07.14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009.07.14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009.07.14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009.07.14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009.07.14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009.07.14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009.07.14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009.07.14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009.07.14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009.07.14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009.07.14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\rdpbus.sys -- (rdpbus)
DRV - [2009.07.14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009.07.14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009.07.14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009.07.14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009.07.14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.14 00:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)
DRV - [2009.07.14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009.07.14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV - [2009.07.14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009.07.14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009.07.14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009.07.14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009.07.14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009.07.14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009.07.14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009.07.14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009.07.14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdppm.sys -- (AmdPPM)
DRV - [2009.07.13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009.07.13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009.07.13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009.07.13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009.07.13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009.07.13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R)
DRV - [2009.07.13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x) Broadcom NetLink (TM)
DRV - [2009.07.13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009.07.13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009.07.13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009.06.10 22:19:30 | 004,756,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2009.04.07 23:32:50 | 000,029,472 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwl2cap.sys -- (btwl2cap)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.08.06 13:34:16 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2006.10.23 02:36:38 | 000,093,440 | ---- | M] (AnyDATA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\adusbser.sys -- (adusbser)
DRV - [2006.07.24 15:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2005.08.30 16:59:00 | 000,094,000 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2005.08.30 16:58:56 | 000,008,304 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2005.08.30 16:57:18 | 000,058,320 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
Monoera
Nahoru
monoera
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 95
Registrován: 26 led 2011 07:52
Bydliště: Zlínský kraj

Re: Prosím o kontrolu logu - podezření na vir

#24 Příspěvek od monoera »

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3675169020-2619476218-164241709-1003\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3675169020-2619476218-164241709-1003\..\URLSearchHook: {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-3675169020-2619476218-164241709-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Centrum.cz Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://centrum.cz/firefox"
FF - prefs.js..extensions.enabledItems: xmlfiller@software602.cz:3.16.2
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: Cetrumcz@igeared:1.203.023.002
FF - prefs.js..keyword.URL: "http://search.centrum.cz/index.php?tool ... m-1.0.0&q="
FF - prefs.js..network.proxy.type: 4


FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.10.03 11:29:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\Cetrumcz@igeared: C:\Program Files\CentrumczToolbar\Firefox\Cetrumcz@igeared [2011.01.27 20:43:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.01.27 20:44:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.01.27 20:44:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\SeaMonkey 2.0.11\extensions\\Components: C:\Program Files\SeaMonkey\components [2010.12.14 17:29:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\SeaMonkey 2.0.11\extensions\\Plugins: C:\Program Files\SeaMonkey\plugins [2010.12.17 15:35:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.10.03 11:29:06 | 000,000,000 | ---D | M]

[2010.08.18 20:24:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Erika\AppData\Roaming\Mozilla\Extensions
[2010.08.18 20:24:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Erika\AppData\Roaming\Mozilla\Extensions\{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}
[2011.01.27 20:45:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Erika\AppData\Roaming\Mozilla\Firefox\Profiles\hpjsn837.default\extensions
[2010.12.22 22:29:50 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Erika\AppData\Roaming\Mozilla\Firefox\Profiles\hpjsn837.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.01.27 16:39:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Erika\AppData\Roaming\Mozilla\SeaMonkey\Profiles\vnmi4knq.default\extensions
[2010.08.20 05:23:04 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\Erika\AppData\Roaming\Mozilla\SeaMonkey\Profiles\vnmi4knq.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2010.09.05 20:03:29 | 000,000,000 | ---D | M] (JavaScript Debugger) -- C:\Users\Erika\AppData\Roaming\Mozilla\SeaMonkey\Profiles\vnmi4knq.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}
[2010.09.05 20:03:29 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Users\Erika\AppData\Roaming\Mozilla\SeaMonkey\Profiles\vnmi4knq.default\extensions\inspector@mozilla.org
[2011.01.21 08:40:34 | 000,001,047 | ---- | M] () -- C:\Users\Erika\AppData\Roaming\Mozilla\Firefox\Profiles\hpjsn837.default\searchplugins\icqplugin.xml
[2010.12.04 10:55:10 | 000,001,246 | ---- | M] () -- C:\Users\Erika\AppData\Roaming\Mozilla\Firefox\Profiles\hpjsn837.default\searchplugins\winamp-search.xml
[2011.01.28 06:09:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.09.27 17:40:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011.01.19 03:17:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010.09.16 16:20:45 | 000,000,000 | ---D | M] ("602XML Filler") -- C:\Program Files\Mozilla Firefox\extensions\xmlfiller@software602.cz
[2011.01.27 20:43:07 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:id="Cetrumcz@igeared" em:name="Lišta Centrum.cz Toolbar" em:version="1.203.023.002" em:displayname="Lišta Centrum.cz Toolbar" em:iconURL="chrome://cetrumczp/skin/logo.ico" em:creator="iGeared LLC" em:description="Lišta Centrum.cz Toolbar" em:homepageURL="http://www.igeared.com" >) -- C:\PROGRAM FILES\CENTRUMCZTOOLBAR\FIREFOX\CETRUMCZ@IGEARED
[2010.10.03 11:29:05 | 000,000,000 | ---D | M] (Firefox Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION
[2010.09.27 17:40:19 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.03.29 12:04:14 | 000,081,920 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npfiller.dll
[2010.03.26 07:34:16 | 000,001,425 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\Cetrumcz_igeared.xml
[2010.07.23 01:28:35 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.07.23 01:28:35 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.07.23 01:28:35 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.07.23 01:28:35 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.07.23 01:28:35 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2011.01.27 08:22:28 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (CentrumczToolbar BHO) - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Lišta Centrum.cz Toolbar) - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files\CentrumczToolbar\IEToolbar.dll ()
O3 - HKU\S-1-5-21-3675169020-2619476218-164241709-1003\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe (Conexant Systems, Inc.)
O4 - HKLM..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4 - HKLM..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4 - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [YouCam Mirror Tray icon] C:\Program Files\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKU\.DEFAULT..\RunOnce: [WLStart] C:\Program Files\Windows Live\Installer\wlstart.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [WLStart] C:\Program Files\Windows Live\Installer\wlstart.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3675169020-2619476218-164241709-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3675169020-2619476218-164241709-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O18 - Protocol\Handler\centrumcztoolbar {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files\CentrumczToolbar\IEToolbar.dll ()
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O30 - LSA: Security Packages - (pku2u) - C:\windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)
NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)

Drivers32: msacm.clmp3enc - C:\Program Files\Lenovo\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)


========== Files/Folders - Created Within 7 Days ==========

[2011.01.28 11:00:38 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Erika\Desktop\OTL.exe
[2011.01.28 00:20:55 | 000,000,000 | ---D | C] -- C:\Program Files\Skype
[2011.01.27 20:45:15 | 000,000,000 | ---D | C] -- C:\Users\Erika\AppData\Local\Lišta Centrum.cz Toolbar
[2011.01.27 20:43:07 | 000,000,000 | ---D | C] -- C:\ProgramData\CentrumczToolbar
[2011.01.27 20:43:04 | 000,000,000 | ---D | C] -- C:\Program Files\CentrumczToolbar
[2011.01.27 08:26:23 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011.01.27 08:04:28 | 000,212,480 | ---- | C] (SteelWerX) -- C:\windows\SWXCACLS.exe
[2011.01.26 22:28:43 | 000,000,000 | ---D | C] -- C:\windows\temp
[2011.01.26 12:41:09 | 000,161,792 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2011.01.26 12:41:09 | 000,136,704 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2011.01.26 12:41:09 | 000,031,232 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2011.01.26 12:40:57 | 000,000,000 | ---D | C] -- C:\windows\ERDNT
[2011.01.26 12:38:32 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.01.26 08:05:42 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.01.26 08:05:41 | 000,000,000 | ---D | C] -- C:\rsit
[2011.01.26 00:19:26 | 000,000,000 | ---D | C] -- C:\Users\Erika\AppData\Roaming\Malwarebytes
[2011.01.26 00:19:19 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2011.01.26 00:19:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.01.26 00:19:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.01.26 00:19:14 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2011.01.26 00:19:14 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.01.25 23:30:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.01.25 23:30:51 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

========== Files - Modified Within 7 Days ==========

[2011.01.28 11:12:18 | 000,000,385 | ---- | M] () -- C:\windows\red_dialer.ini
[2011.01.28 11:02:41 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Erika\Desktop\OTL.exe
[2011.01.28 11:00:53 | 000,009,920 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.01.28 11:00:53 | 000,009,920 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.01.28 10:53:42 | 000,065,536 | ---- | M] () -- C:\windows\System32\Ikeext.etl
[2011.01.28 10:53:26 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011.01.28 10:53:17 | 1406,300,160 | -HS- | M] () -- C:\hiberfil.sys
[2011.01.27 20:44:55 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.01.27 18:49:17 | 000,000,172 | ---- | M] () -- C:\Users\Erika\Documents\cc_20110127_184910.reg
[2011.01.27 18:48:43 | 000,000,720 | ---- | M] () -- C:\Users\Erika\Documents\cc_20110127_184836.reg
[2011.01.27 18:48:11 | 000,049,842 | ---- | M] () -- C:\Users\Erika\Documents\cc_20110127_184732.reg
[2011.01.27 08:22:28 | 000,000,027 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts
[2011.01.27 07:58:36 | 000,000,733 | ---- | M] () -- C:\Users\Erika\Desktop\ComboFix – zástupce.lnk
[2011.01.26 22:03:57 | 000,001,893 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011.01.26 22:03:55 | 000,002,577 | ---- | M] () -- C:\windows\System32\config.nt
[2011.01.26 00:19:19 | 000,001,027 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.01.25 23:30:52 | 000,000,925 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.01.25 19:26:33 | 000,001,080 | ---- | M] () -- C:\Users\Erika\Desktop\Cyberlink Power2Go.lnk

========== Files Created - No Company Name ==========

[2011.01.27 20:44:55 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.01.27 18:49:15 | 000,000,172 | ---- | C] () -- C:\Users\Erika\Documents\cc_20110127_184910.reg
[2011.01.27 18:48:42 | 000,000,720 | ---- | C] () -- C:\Users\Erika\Documents\cc_20110127_184836.reg
[2011.01.27 18:47:58 | 000,049,842 | ---- | C] () -- C:\Users\Erika\Documents\cc_20110127_184732.reg
[2011.01.27 07:58:36 | 000,000,733 | ---- | C] () -- C:\Users\Erika\Desktop\ComboFix – zástupce.lnk
[2011.01.26 12:41:09 | 000,256,512 | ---- | C] () -- C:\windows\PEV.exe
[2011.01.26 12:41:09 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2011.01.26 12:41:09 | 000,089,088 | ---- | C] () -- C:\windows\MBR.exe
[2011.01.26 12:41:09 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2011.01.26 12:41:09 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2011.01.26 00:19:19 | 000,001,027 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.01.25 23:30:52 | 000,000,925 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.01.19 17:34:31 | 000,000,098 | ---- | C] () -- C:\windows\ka.ini
[2010.12.16 09:23:31 | 000,000,092 | ---- | C] () -- C:\windows\lexstat.ini
[2010.10.03 13:38:01 | 000,001,234 | ---- | C] () -- C:\Users\Erika\AppData\Roaming\filterclsid.dat
[2010.10.03 11:59:16 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2010.10.03 11:57:27 | 000,005,632 | ---- | C] () -- C:\windows\System32\drivers\StarOpen.sys
[2010.08.03 18:18:24 | 000,000,385 | ---- | C] () -- C:\windows\red_dialer.ini
[2010.07.22 22:09:38 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.04.20 14:31:37 | 000,016,648 | R--- | C] () -- C:\windows\System32\LogAPI.dll
[2010.04.20 14:20:03 | 001,410,400 | ---- | C] () -- C:\windows\System32\IcnOvrly.dll
[2010.04.20 14:20:03 | 000,660,832 | ---- | C] () -- C:\windows\System32\EncIcons.dll
[2010.04.20 14:20:03 | 000,513,376 | ---- | C] () -- C:\windows\System32\SimpleExt.dll
[2010.04.20 14:20:02 | 002,110,816 | ---- | C] () -- C:\windows\System32\Apblend.dll
[2010.04.20 14:20:02 | 001,171,456 | ---- | C] () -- C:\windows\System32\PicNotify.dll
[2010.04.20 14:19:50 | 001,044,480 | ---- | C] () -- C:\windows\System32\3DImageRenderer.dll
[2010.04.20 14:00:31 | 000,163,840 | ---- | C] () -- C:\windows\System32\SM37XCoInst.dll
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll
[2003.10.30 12:29:00 | 000,000,187 | ---- | C] () -- C:\windows\System32\lxbvcoin.ini
[2002.11.13 10:40:00 | 000,040,960 | ---- | C] () -- C:\windows\System32\lxbvvs.dll

========== LOP Check ==========

[2011.01.26 12:14:45 | 000,000,000 | ---D | M] -- C:\Users\Erika\AppData\Roaming\602XML
[2010.07.21 17:47:19 | 000,000,000 | ---D | M] -- C:\Users\Erika\AppData\Roaming\ArcSyncConfig
[2010.08.15 16:53:26 | 000,000,000 | ---D | M] -- C:\Users\Erika\AppData\Roaming\Farm Mania 2
[2010.08.28 20:44:34 | 000,000,000 | ---D | M] -- C:\Users\Erika\AppData\Roaming\GetRightToGo
[2010.10.04 05:15:36 | 000,000,000 | ---D | M] -- C:\Users\Erika\AppData\Roaming\Nokia
[2010.07.25 15:07:22 | 000,000,000 | ---D | M] -- C:\Users\Erika\AppData\Roaming\OpenOffice.org
[2010.10.03 11:30:37 | 000,000,000 | ---D | M] -- C:\Users\Erika\AppData\Roaming\PC Suite
[2010.10.03 13:24:42 | 000,000,000 | ---D | M] -- C:\Users\Erika\AppData\Roaming\Samsung
[2010.12.21 06:32:43 | 000,032,610 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.01.26 12:14:45 | 000,000,000 | ---D | M] -- C:\Users\Erika\AppData\Roaming\602XML
[2010.08.12 16:38:12 | 000,000,000 | ---D | M] -- C:\Users\Erika\AppData\Roaming\Adobe
[2010.07.21 17:47:19 | 000,000,000 | ---D | M] -- C:\Users\Erika\AppData\Roaming\ArcSyncConfig
[2010.07.21 17:42:54 | 000,000,000 | ---D | M] -- C:\Users\Erika\AppData\Roaming\ATI
[2010.09.18 16:33:03 | 000,000,000 | ---D | M] -- C:\Users\Erika\AppData\Roaming\CyberLink
[2010.08.15 16:53:26 | 000,000,000 | ---D | M] -- C:\Users\Erika\AppData\Roaming\Farm Mania 2
[2010.08.28 20:44:34 | 000,000,000 | ---D | M] -- C:\Users\Erika\AppData\Roaming\GetRightToGo
[2010.07.21 17:42:13 | 000,000,000 | ---D | M] -- C:\Users\Erika\AppData\Roaming\Identities
[2011.01.18 13:49:06 | 000,000,000 | ---D | M] -- C:\Users\Erika\AppData\Roaming\InstallShield
[2010.07.23 05:37:29 | 000,000,000 | ---D | M] -- C:\Users\Erika\AppData\Roaming\Macromedia
[2011.01.26 00:19:27 | 000,000,000 | ---D | M] -- C:\Users\Erika\AppData\Roaming\Malwarebytes
[2009.07.29 11:50:54 | 000,000,000 | ---D | M] -- C:\Users\Erika\AppData\Roaming\Media Center Programs
[2010.11.24 16:34:23 | 000,000,000 | --SD | M] -- C:\Users\Erika\AppData\Roaming\Microsoft
[2010.08.18 20:24:07 | 000,000,000 | ---D | M] -- C:\Users\Erika\AppData\Roaming\Mozilla
[2010.10.04 05:15:36 | 000,000,000 | ---D | M] -- C:\Users\Erika\AppData\Roaming\Nokia
[2010.07.25 15:07:22 | 000,000,000 | ---D | M] -- C:\Users\Erika\AppData\Roaming\OpenOffice.org
[2010.10.03 11:30:37 | 000,000,000 | ---D | M] -- C:\Users\Erika\AppData\Roaming\PC Suite
[2010.10.03 13:24:42 | 000,000,000 | ---D | M] -- C:\Users\Erika\AppData\Roaming\Samsung
[2011.01.28 00:59:21 | 000,000,000 | ---D | M] -- C:\Users\Erika\AppData\Roaming\Skype
[2011.01.02 19:52:29 | 000,000,000 | ---D | M] -- C:\Users\Erika\AppData\Roaming\skypePM
[2011.01.25 23:32:35 | 000,000,000 | ---D | M] -- C:\Users\Erika\AppData\Roaming\Winamp

< %APPDATA%\*.exe /s >


< MD5 for: AGP440.SYS >
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\ERDNT\cache\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\ERDNT\cache\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\System32\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\ERDNT\cache\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\ERDNT\cache\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\System32\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2010.04.20 05:37:18 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\ERDNT\cache\explorer.exe
[2010.04.20 05:37:18 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\explorer.exe
[2010.04.20 05:37:18 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2010.04.20 05:34:54 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2010.04.20 05:34:54 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2010.04.20 05:37:18 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\System32\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: IASTORV.SYS >
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\ERDNT\cache\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\System32\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\ERDNT\cache\ndis.sys
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\ERDNT\cache\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\System32\drivers\nvraid.sys
[2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\ERDNT\cache\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\System32\smss.exe
[2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010.06.14 07:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\ERDNT\cache\tcpip.sys
[2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\System32\drivers\tcpip.sys
[2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\ERDNT\cache\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.04.20 05:37:18 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\ERDNT\cache\winlogon.exe
[2010.04.20 05:37:18 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2010.04.20 05:37:18 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2010.04.20 05:37:18 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< MD5 for: WS2_32.DLL >
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\ERDNT\cache\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\System32\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2010.03.03 05:13:04 | 000,446,464 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\System32\ATIDEMGX.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2010.03.03 05:13:04 | 000,446,464 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\System32\ATIDEMGX.dll

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.01.28 11:00:53 | 000,009,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.01.28 11:00:53 | 000,009,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.01.26 22:03:55 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011.01.28 10:53:42 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl

========== Alternate Data Streams ==========

@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:DA18D4E3
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:70DFA5B7

< End of report >


:o Nevím, jestli to je přesně to, co jsme chtěli, ale tohle všechno mi to po výše udeveném postupu s OTL vyplivlo jako logy.
Monoera
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prosím o kontrolu logu - podezření na vir

#25 Příspěvek od vyosek »

:arrow: Nejak se to OTL se skenovanim protahlo, no melo toho dost :o Ale povedlo se a mame oba logy tak jak maji byt

:arrow: Spustte znovu OTL
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    :otl
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3675169020-2619476218-164241709-1003\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3675169020-2619476218-164241709-1003\..\URLSearchHook: {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll ()
FF - prefs.js..browser.search.defaultenginename: "Centrum.cz Search"
FF - prefs.js..browser.startup.homepage: "http://centrum.cz/firefox"
FF - prefs.js..keyword.URL: "http://search.centrum.cz/index.php?toolbar=centrum-1.0.0&q="
[2010.12.22 22:29:50 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Erika\AppData\Roaming\Mozilla\Firefox\Profiles\hpjsn837.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.01.21 08:40:34 | 000,001,047 | ---- | M] () -- C:\Users\Erika\AppData\Roaming\Mozilla\Firefox\Profiles\hpjsn837.default\searchplugins\icqplugin.xml
[2010.12.04 10:55:10 | 000,001,246 | ---- | M] () -- C:\Users\Erika\AppData\Roaming\Mozilla\Firefox\Profiles\hpjsn837.default\searchplugins\winamp-search.xml
O2 - BHO: (CentrumczToolbar BHO) - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll ()
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Lišta Centrum.cz Toolbar) - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files\CentrumczToolbar\IEToolbar.dll ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:DA18D4E3
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:70DFA5B7
 
:files
C:\Program Files\CentrumczToolbar
C:\Program Files\Skype\Toolbars
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
  • Nasledne kliknete na Opravit
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
monoera
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 95
Registrován: 26 led 2011 07:52
Bydliště: Zlínský kraj

Re: Prosím o kontrolu logu - podezření na vir

#26 Příspěvek od monoera »

Změnila se vzhled mozilly (což mi nevadí, jen to zmiňuji) - chybí lištička s kravinama, která se zde objevila včera, při instalaci nového Firefoxu. Aplikace jdou otevírat dvojklikem.

Log zde:

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry key HKEY_USERS\S-1-5-21-3675169020-2619476218-164241709-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3675169020-2619476218-164241709-1003\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}\ deleted successfully.
C:\Program Files\CentrumczToolbar\IEToolbar.dll moved successfully.
Prefs.js: "Centrum.cz Search" removed from browser.search.defaultenginename
Prefs.js: "http://centrum.cz/firefox" removed from browser.startup.homepage
Prefs.js: "http://search.centrum.cz/index.php?tool ... m-1.0.0&q=" removed from keyword.URL
C:\Users\Erika\AppData\Roaming\Mozilla\Firefox\Profiles\hpjsn837.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Users\Erika\AppData\Roaming\Mozilla\Firefox\Profiles\hpjsn837.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Users\Erika\AppData\Roaming\Mozilla\Firefox\Profiles\hpjsn837.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Users\Erika\AppData\Roaming\Mozilla\Firefox\Profiles\hpjsn837.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Users\Erika\AppData\Roaming\Mozilla\Firefox\Profiles\hpjsn837.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Users\Erika\AppData\Roaming\Mozilla\Firefox\Profiles\hpjsn837.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
Folder move failed. C:\Users\Erika\AppData\Roaming\Mozilla\Firefox\Profiles\hpjsn837.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} scheduled to be moved on reboot.
C:\Users\Erika\AppData\Roaming\Mozilla\Firefox\Profiles\hpjsn837.default\searchplugins\icqplugin.xml moved successfully.
C:\Users\Erika\AppData\Roaming\Mozilla\Firefox\Profiles\hpjsn837.default\searchplugins\winamp-search.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}\ not found.
File C:\Program Files\CentrumczToolbar\IEToolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D5D47440-0750-463D-BAEF-A47D02414806} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D5D47440-0750-463D-BAEF-A47D02414806}\ deleted successfully.
File C:\Program Files\CentrumczToolbar\IEToolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
ADS C:\ProgramData\Temp:DA18D4E3 deleted successfully.
ADS C:\ProgramData\Temp:70DFA5B7 deleted successfully.
========== FILES ==========
C:\Program Files\CentrumczToolbar\Firefox\Cetrumcz@igeared\components folder moved successfully.
C:\Program Files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\skin folder moved successfully.
C:\Program Files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\icons\default folder moved successfully.
C:\Program Files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\icons folder moved successfully.
C:\Program Files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libsex folder moved successfully.
C:\Program Files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs folder moved successfully.
C:\Program Files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\Languages folder moved successfully.
C:\Program Files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\html folder moved successfully.
C:\Program Files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\ex folder moved successfully.
C:\Program Files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content folder moved successfully.
C:\Program Files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome folder moved successfully.
C:\Program Files\CentrumczToolbar\Firefox\Cetrumcz@igeared folder moved successfully.
C:\Program Files\CentrumczToolbar\Firefox folder moved successfully.
C:\Program Files\CentrumczToolbar folder moved successfully.
C:\Program Files\Skype\Toolbars\Shared folder moved successfully.
C:\Program Files\Skype\Toolbars\Internet Explorer folder moved successfully.
C:\Program Files\Skype\Toolbars folder moved successfully.
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2CE.tmp folder moved successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder moved successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder moved successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB173.tmp folder moved successfully.
========== COMMANDS ==========
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Erika
->Temp folder emptied: 3657096 bytes
->Temporary Internet Files folder emptied: 1122211 bytes
->Java cache emptied: 211734 bytes
->FireFox cache emptied: 54794290 bytes
->Flash cache emptied: 1169 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5308 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 57,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Erika
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.20.6 log created on 01282011_121841

Files\Folders moved on Reboot...
C:\Users\Erika\AppData\Roaming\Mozilla\Firefox\Profiles\hpjsn837.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
File move failed. C:\windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...
Monoera
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prosím o kontrolu logu - podezření na vir

#27 Příspěvek od vyosek »

Jo ta listicka tu jsem odebral, je to zbytecna blbina, jen to brzdi PC a samotny FF, vzhled OTL vyresetovalo do puvodniho neni problem zmenit zde http://www.getpersonas.com/cs/

:arrow: PC se chova tedy v poradku :???:
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
monoera
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 95
Registrován: 26 led 2011 07:52
Bydliště: Zlínský kraj

Re: Prosím o kontrolu logu - podezření na vir

#28 Příspěvek od monoera »

:) Pc v pořádku bohužel není. Mám tady časový výčet drobných chybiček - zamrznutí, nebo "přeskočení zpět"

Dnes
07.28 zamrzlo
14.12 - 2x přeskočilo zět
14.25 zamrzlo
17.38 skákalo to
17.42 zamrzlo
17.52 skočilo 1x
18.01 skočilo 1x
18.06, 18.08 skočilo.

:) Je to info od potomstva - používají ale seamonkey a koukala jsem tam doplněk skype extension není a asi tam ani nebyl. Seamonkey nejde odinstalovat pomocí ccleaneru.

:) Jinak včera stáhnutý a nainstalovaný skype jsem zahlédla v ccleaneru. je tu, a můžu dát odinstalovat, ale v pc ho nikde nevidím ani ho nemůžu najít, jenom instalační soubor (na stáhnutí ) nic víc.

:) Na mozille problémy zatím neeviduji žádné, ale to, že občas zamrzne pc to můžu potvrdit

RANNÍ hlášení - mozilla výjimečně, občas přeskočí zpět. Jako by se to pomalu vracelo do starého problémového stavu. zamrzání je častější (krapet, ale předce). našla jsem skype - asi tam i byl v programData, ale jak říkám, koza&petržel. skype extension jsem v žádném prohlížeči nenašla a ani nepovolovala nikde.
Monoera
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Prosím o kontrolu logu - podezření na vir

#29 Příspěvek od vyosek »

:arrow: Otestujte HD pomoci HD Tune http://www.stahuj.centrum.cz/utility_a_ ... g/hd-tune/
  • Udelejte testy Benchmark a Error Scan - dejte screeny
  • Dejte screen ze zalozky Health
  • Scree udelate kdyz klilknete na tu modrou disketku a pak jej sem dejte dle tohoto navdou http://www.viry.cz/forum/viewtopic.php?f=15&t=14114 - zajima Vas jen cast "zaslani na forum" samozrejme :)
:arrow: Poptejte se znamym, zda-li nemaji instalacku Windows 7 Home Edition - zkusili bychom opravnou instalaci
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
monoera
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 95
Registrován: 26 led 2011 07:52
Bydliště: Zlínský kraj

Re: Prosím o kontrolu logu - podezření na vir

#30 Příspěvek od monoera »

Instalační CD bude chvíli trvat, ale seženu jej. Jinak mi to (HD screen) občas přehřátí pc - 55 stupňů. Nouťík je nový, ještě v záruce kdyby náhodou bylo něco s HW. Chování stále stejné, až na to zamrznutí. teď se občas stane, že zamrzne třeba jen lišta spodní. Prostě nejde použít. Rozjede se přenesením některé z úloh pomocí správce do popředí.

screeny z HD (tamtoho) příkládám

http://img3.imageshack.us/img3/534/hdtu ... sumja2.png
http://img842.imageshack.us/img842/534/ ... sumja2.png
Monoera
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“